From 2aa6600a49304d0f1bee9e58ef995907880b9361 Mon Sep 17 00:00:00 2001 From: Venelin Date: Fri, 31 Jan 2025 15:41:17 +0200 Subject: [PATCH 1/6] add api_hub module --- provider/resources.go | 2 ++ 1 file changed, 2 insertions(+) diff --git a/provider/resources.go b/provider/resources.go index 8031d592e8..4d7652950a 100644 --- a/provider/resources.go +++ b/provider/resources.go @@ -47,6 +47,7 @@ const ( gcpAlloydb = "Alloydb" // Alloydb resources // nolint:revive gcpApiGateway = "ApiGateway" // ApiGateway resources + gcpApiHub = "ApiHub" // ApiHub resources gcpApigee = "Apigee" // Apigee resources gcpAppEngine = "AppEngine" // AppEngine resources gcpApplicationIntegration = "ApplicationIntegration" // Application Integration @@ -173,6 +174,7 @@ var moduleMapping = map[string]string{ "active_directory": gcpActiveDirectory, "alloydb": gcpAlloydb, "api_gateway": gcpApiGateway, + "apihub": gcpApiHub, "apigee": gcpApigee, "app_engine": gcpAppEngine, "apphub": "Apphub", From 808a81f09d4ce7cfd3960678f3a073300896bbe3 Mon Sep 17 00:00:00 2001 From: Venelin Date: Fri, 31 Jan 2025 15:46:25 +0200 Subject: [PATCH 2/6] make tfgen --- .pulumi-java-gen.version | 2 +- ...001-Allow-disabling-the-partner-name.patch | 4 +- patches/0005-docs-patching.patch | 2 +- ...07-Remove-duplicative-resource-token.patch | 4 +- ...rovisioning-label-to-goog-pulumi-pro.patch | 4 +- .../pulumi-resource-gcp/bridge-metadata.json | 240 ++ provider/cmd/pulumi-resource-gcp/schema.json | 2807 ++++++++++++++++- provider/go.mod | 4 - upstream | 2 +- 9 files changed, 2976 insertions(+), 93 deletions(-) diff --git a/.pulumi-java-gen.version b/.pulumi-java-gen.version index afaf360d37..1cc5f657e0 100644 --- a/.pulumi-java-gen.version +++ b/.pulumi-java-gen.version @@ -1 +1 @@ -1.0.0 \ No newline at end of file +1.1.0 \ No newline at end of file diff --git a/patches/0001-Allow-disabling-the-partner-name.patch b/patches/0001-Allow-disabling-the-partner-name.patch index bbcb337697..f4d63d3d67 100644 --- a/patches/0001-Allow-disabling-the-partner-name.patch +++ b/patches/0001-Allow-disabling-the-partner-name.patch @@ -6,7 +6,7 @@ Subject: [PATCH] Allow disabling the partner name Add options to set or disable partner name. diff --git a/google-beta/provider/provider.go b/google-beta/provider/provider.go -index aca7ba22c..79e0bbcff 100644 +index b1bcc4ce4..3b58a6b32 100644 --- a/google-beta/provider/provider.go +++ b/google-beta/provider/provider.go @@ -125,6 +125,19 @@ func Provider() *schema.Provider { @@ -29,7 +29,7 @@ index aca7ba22c..79e0bbcff 100644 "request_reason": { Type: schema.TypeString, Optional: true, -@@ -963,6 +976,21 @@ func ProviderConfigure(ctx context.Context, d *schema.ResourceData, p *schema.Pr +@@ -968,6 +981,21 @@ func ProviderConfigure(ctx context.Context, d *schema.ResourceData, p *schema.Pr UserAgent: p.UserAgent("terraform-provider-google-beta", version.ProviderVersion), } diff --git a/patches/0005-docs-patching.patch b/patches/0005-docs-patching.patch index 062ba02eff..9bec02320f 100644 --- a/patches/0005-docs-patching.patch +++ b/patches/0005-docs-patching.patch @@ -1077,7 +1077,7 @@ index 2c406e0c7..8b2d102b8 100644 version { diff --git a/website/docs/r/compute_project_metadata_item.html.markdown b/website/docs/r/compute_project_metadata_item.html.markdown -index 3c624d8fc..a7a982c18 100644 +index ff0556f26..42a358a8a 100644 --- a/website/docs/r/compute_project_metadata_item.html.markdown +++ b/website/docs/r/compute_project_metadata_item.html.markdown @@ -8,7 +8,7 @@ description: |- diff --git a/patches/0007-Remove-duplicative-resource-token.patch b/patches/0007-Remove-duplicative-resource-token.patch index 12466bfa23..da0311682c 100644 --- a/patches/0007-Remove-duplicative-resource-token.patch +++ b/patches/0007-Remove-duplicative-resource-token.patch @@ -5,10 +5,10 @@ Subject: [PATCH] Remove duplicative resource token diff --git a/google-beta/provider/provider.go b/google-beta/provider/provider.go -index 79e0bbcff..578b8360b 100644 +index 3b58a6b32..7a9c9b4f9 100644 --- a/google-beta/provider/provider.go +++ b/google-beta/provider/provider.go -@@ -936,6 +936,15 @@ func Provider() *schema.Provider { +@@ -941,6 +941,15 @@ func Provider() *schema.Provider { func DatasourceMap() map[string]*schema.Resource { datasourceMap, _ := DatasourceMapWithErrors() diff --git a/patches/0010-Rename-default-provisioning-label-to-goog-pulumi-pro.patch b/patches/0010-Rename-default-provisioning-label-to-goog-pulumi-pro.patch index 0ac0c78832..3adbddb931 100644 --- a/patches/0010-Rename-default-provisioning-label-to-goog-pulumi-pro.patch +++ b/patches/0010-Rename-default-provisioning-label-to-goog-pulumi-pro.patch @@ -5,10 +5,10 @@ Subject: [PATCH] Rename default provisioning label to goog-pulumi-provisioned diff --git a/google-beta/transport/config.go b/google-beta/transport/config.go -index 87d27968d..2ae7e8f5f 100644 +index 2fb91eded..da5df499f 100644 --- a/google-beta/transport/config.go +++ b/google-beta/transport/config.go -@@ -680,7 +680,7 @@ var DefaultClientScopes = []string{ +@@ -683,7 +683,7 @@ var DefaultClientScopes = []string{ "https://www.googleapis.com/auth/userinfo.email", } diff --git a/provider/cmd/pulumi-resource-gcp/bridge-metadata.json b/provider/cmd/pulumi-resource-gcp/bridge-metadata.json index 7e98c9844e..50452446f9 100644 --- a/provider/cmd/pulumi-resource-gcp/bridge-metadata.json +++ b/provider/cmd/pulumi-resource-gcp/bridge-metadata.json @@ -1342,6 +1342,16 @@ "fields": { "node_config": { "maxItemsOne": true + }, + "properties": { + "maxItemsOne": true, + "elem": { + "fields": { + "property": { + "maxItemsOne": false + } + } + } } } }, @@ -1541,6 +1551,15 @@ } } }, + "google_apihub_api_hub_instance": { + "current": "gcp:apihub/apiHubInstance:ApiHubInstance", + "majorVersion": 8, + "fields": { + "config": { + "maxItemsOne": true + } + } + }, "google_apikeys_key": { "current": "gcp:projects/apiKey:ApiKey", "majorVersion": 8, @@ -3467,6 +3486,18 @@ } } }, + "google_chronicle_retrohunt": { + "current": "gcp:chronicle/retrohunt:Retrohunt", + "majorVersion": 8, + "fields": { + "execution_interval": { + "maxItemsOne": false + }, + "process_interval": { + "maxItemsOne": true + } + } + }, "google_chronicle_rule": { "current": "gcp:chronicle/rule:Rule", "majorVersion": 8, @@ -4050,6 +4081,9 @@ "binary_authorization": { "maxItemsOne": true }, + "build_config": { + "maxItemsOne": true + }, "conditions": { "maxItemsOne": false }, @@ -5369,6 +5403,15 @@ "current": "gcp:cloudfunctions/functionIamPolicy:FunctionIamPolicy", "majorVersion": 8 }, + "google_colab_runtime": { + "current": "gcp:colab/runtime:Runtime", + "majorVersion": 8, + "fields": { + "notebook_runtime_template_ref": { + "maxItemsOne": true + } + } + }, "google_colab_runtime_template": { "current": "gcp:colab/runtimeTemplate:RuntimeTemplate", "majorVersion": 8, @@ -5399,6 +5442,31 @@ } } }, + "google_colab_runtime_template_iam_binding": { + "current": "gcp:colab/runtimeTemplateIamBinding:RuntimeTemplateIamBinding", + "majorVersion": 8, + "fields": { + "condition": { + "maxItemsOne": true + }, + "members": { + "maxItemsOne": false + } + } + }, + "google_colab_runtime_template_iam_member": { + "current": "gcp:colab/runtimeTemplateIamMember:RuntimeTemplateIamMember", + "majorVersion": 8, + "fields": { + "condition": { + "maxItemsOne": true + } + } + }, + "google_colab_runtime_template_iam_policy": { + "current": "gcp:colab/runtimeTemplateIamPolicy:RuntimeTemplateIamPolicy", + "majorVersion": 8 + }, "google_composer_environment": { "current": "gcp:composer/environment:Environment", "majorVersion": 8, @@ -5993,6 +6061,9 @@ "src_ip_ranges": { "maxItemsOne": false }, + "src_networks": { + "maxItemsOne": false + }, "src_region_codes": { "maxItemsOne": false }, @@ -6116,6 +6187,9 @@ "src_ip_ranges": { "maxItemsOne": false }, + "src_networks": { + "maxItemsOne": false + }, "src_region_codes": { "maxItemsOne": false }, @@ -6885,6 +6959,31 @@ } } }, + "google_compute_instance_template_iam_binding": { + "current": "gcp:compute/instanceTemplateIamBinding:InstanceTemplateIamBinding", + "majorVersion": 8, + "fields": { + "condition": { + "maxItemsOne": true + }, + "members": { + "maxItemsOne": false + } + } + }, + "google_compute_instance_template_iam_member": { + "current": "gcp:compute/instanceTemplateIamMember:InstanceTemplateIamMember", + "majorVersion": 8, + "fields": { + "condition": { + "maxItemsOne": true + } + } + }, + "google_compute_instance_template_iam_policy": { + "current": "gcp:compute/instanceTemplateIamPolicy:InstanceTemplateIamPolicy", + "majorVersion": 8 + }, "google_compute_interconnect": { "current": "gcp:compute/interconnect:Interconnect", "majorVersion": 8, @@ -7106,6 +7205,9 @@ "src_ip_ranges": { "maxItemsOne": false }, + "src_networks": { + "maxItemsOne": false + }, "src_region_codes": { "maxItemsOne": false }, @@ -7235,6 +7337,9 @@ "src_ip_ranges": { "maxItemsOne": false }, + "src_networks": { + "maxItemsOne": false + }, "src_region_codes": { "maxItemsOne": false }, @@ -8007,6 +8112,9 @@ "src_ip_ranges": { "maxItemsOne": false }, + "src_networks": { + "maxItemsOne": false + }, "src_region_codes": { "maxItemsOne": false }, @@ -8136,6 +8244,9 @@ "src_ip_ranges": { "maxItemsOne": false }, + "src_networks": { + "maxItemsOne": false + }, "src_region_codes": { "maxItemsOne": false }, @@ -23424,6 +23535,12 @@ "current": "gcp:networksecurity/securityProfile:SecurityProfile", "majorVersion": 8, "fields": { + "custom_intercept_profile": { + "maxItemsOne": true + }, + "custom_mirroring_profile": { + "maxItemsOne": true + }, "threat_prevention_profile": { "maxItemsOne": true, "elem": { @@ -25276,6 +25393,10 @@ } } }, + "google_parameter_manager_parameter_version": { + "current": "gcp:parametermanager/parameterVersion:ParameterVersion", + "majorVersion": 8 + }, "google_parameter_manager_regional_parameter": { "current": "gcp:parametermanager/regionalParameter:RegionalParameter", "majorVersion": 8, @@ -26422,6 +26543,9 @@ "aws_kinesis": { "maxItemsOne": true }, + "azure_event_hubs": { + "maxItemsOne": true + }, "cloud_storage": { "maxItemsOne": true, "elem": { @@ -26605,6 +26729,9 @@ "psc_connections": { "maxItemsOne": false }, + "psc_service_attachments": { + "maxItemsOne": false + }, "state_info": { "maxItemsOne": false, "elem": { @@ -26620,6 +26747,29 @@ } } }, + "google_redis_cluster_user_created_connections": { + "current": "gcp:redis/clusterUserCreatedConnections:ClusterUserCreatedConnections", + "majorVersion": 8, + "fields": { + "cluster_endpoints": { + "maxItemsOne": false, + "elem": { + "fields": { + "connections": { + "maxItemsOne": false, + "elem": { + "fields": { + "psc_connection": { + "maxItemsOne": true + } + } + } + } + } + } + } + } + }, "google_redis_instance": { "current": "gcp:redis/instance:Instance", "majorVersion": 8, @@ -30878,6 +31028,9 @@ "binary_authorization": { "maxItemsOne": false }, + "build_config": { + "maxItemsOne": false + }, "conditions": { "maxItemsOne": false }, @@ -31385,6 +31538,10 @@ "current": "gcp:cloudfunctions/getFunctionIamPolicy:getFunctionIamPolicy", "majorVersion": 8 }, + "google_colab_runtime_template_iam_policy": { + "current": "gcp:colab/getRuntimeTemplateIamPolicy:getRuntimeTemplateIamPolicy", + "majorVersion": 8 + }, "google_composer_environment": { "current": "gcp:composer/getEnvironment:getEnvironment", "majorVersion": 8, @@ -32210,6 +32367,10 @@ } } }, + "google_compute_instance_template_iam_policy": { + "current": "gcp:compute/getInstanceTemplateIamPolicy:getInstanceTemplateIamPolicy", + "majorVersion": 8 + }, "google_compute_lb_ip_ranges": { "current": "gcp:compute/getLBIPRanges:getLBIPRanges", "majorVersion": 8, @@ -34747,6 +34908,15 @@ "current": "gcp:kms/getKeyHandle:getKeyHandle", "majorVersion": 8 }, + "google_kms_key_handles": { + "current": "gcp:kms/getKeyHandles:getKeyHandles", + "majorVersion": 8, + "fields": { + "key_handles": { + "maxItemsOne": false + } + } + }, "google_kms_key_ring": { "current": "gcp:kms/getKMSKeyRing:getKMSKeyRing", "majorVersion": 8 @@ -35199,6 +35369,24 @@ "current": "gcp:organizations/getOrganization:getOrganization", "majorVersion": 8 }, + "google_organizations": { + "current": "gcp:organizations/getS:getS", + "majorVersion": 8, + "fields": { + "organizations": { + "maxItemsOne": false + } + } + }, + "google_parameter_manager_parameter": { + "current": "gcp:parametermanager/getParameter:getParameter", + "majorVersion": 8, + "fields": { + "policy_member": { + "maxItemsOne": false + } + } + }, "google_parameter_manager_regional_parameter": { "current": "gcp:parametermanager/getRegionalParameter:getRegionalParameter", "majorVersion": 8, @@ -35208,6 +35396,22 @@ } } }, + "google_parameter_manager_regional_parameters": { + "current": "gcp:parametermanager/getRegionalParameters:getRegionalParameters", + "majorVersion": 8, + "fields": { + "parameters": { + "maxItemsOne": false, + "elem": { + "fields": { + "policy_member": { + "maxItemsOne": false + } + } + } + } + } + }, "google_privateca_ca_pool_iam_policy": { "current": "gcp:certificateauthority/getCaPoolIamPolicy:getCaPoolIamPolicy", "majorVersion": 8 @@ -35601,6 +35805,9 @@ "aws_kinesis": { "maxItemsOne": false }, + "azure_event_hubs": { + "maxItemsOne": false + }, "cloud_storage": { "maxItemsOne": false, "elem": { @@ -36791,6 +36998,10 @@ "effective_labels", "terraform_labels" ], + "google_apihub_api_hub_instance": [ + "effective_labels", + "terraform_labels" + ], "google_artifact_registry_repository": [ "effective_labels", "terraform_labels" @@ -36959,6 +37170,10 @@ "effective_labels", "terraform_labels" ], + "google_compute_interconnect_attachment": [ + "effective_labels", + "terraform_labels" + ], "google_compute_region_disk": [ "effective_labels", "terraform_labels" @@ -37773,10 +37988,18 @@ "cloud_vm_clusters.$.effective_labels", "cloud_vm_clusters.$.terraform_labels" ], + "google_parameter_manager_parameter": [ + "effective_labels", + "terraform_labels" + ], "google_parameter_manager_regional_parameter": [ "effective_labels", "terraform_labels" ], + "google_parameter_manager_regional_parameters": [ + "parameters.$.effective_labels", + "parameters.$.terraform_labels" + ], "google_privateca_certificate_authority": [ "effective_labels", "terraform_labels" @@ -37910,6 +38133,7 @@ "gcp:apigee/sharedflowDeployment:SharedflowDeployment": 0, "gcp:apigee/syncAuthorization:SyncAuthorization": 0, "gcp:apigee/targetServer:TargetServer": 0, + "gcp:apihub/apiHubInstance:ApiHubInstance": 0, "gcp:appengine/application:Application": 0, "gcp:appengine/applicationUrlDispatchRules:ApplicationUrlDispatchRules": 0, "gcp:appengine/domainMapping:DomainMapping": 0, @@ -38015,6 +38239,7 @@ "gcp:chronicle/dataAccessLabel:DataAccessLabel": 0, "gcp:chronicle/dataAccessScope:DataAccessScope": 0, "gcp:chronicle/referenceList:ReferenceList": 0, + "gcp:chronicle/retrohunt:Retrohunt": 0, "gcp:chronicle/rule:Rule": 0, "gcp:chronicle/ruleDeployment:RuleDeployment": 0, "gcp:chronicle/watchlist:Watchlist": 0, @@ -38074,7 +38299,11 @@ "gcp:cloudtasks/queueIamBinding:QueueIamBinding": 0, "gcp:cloudtasks/queueIamMember:QueueIamMember": 0, "gcp:cloudtasks/queueIamPolicy:QueueIamPolicy": 0, + "gcp:colab/runtime:Runtime": 0, "gcp:colab/runtimeTemplate:RuntimeTemplate": 0, + "gcp:colab/runtimeTemplateIamBinding:RuntimeTemplateIamBinding": 0, + "gcp:colab/runtimeTemplateIamMember:RuntimeTemplateIamMember": 0, + "gcp:colab/runtimeTemplateIamPolicy:RuntimeTemplateIamPolicy": 0, "gcp:composer/environment:Environment": 0, "gcp:composer/userWorkloadsConfigMap:UserWorkloadsConfigMap": 0, "gcp:composer/userWorkloadsSecret:UserWorkloadsSecret": 0, @@ -38129,6 +38358,9 @@ "gcp:compute/instanceIAMPolicy:InstanceIAMPolicy": 0, "gcp:compute/instanceSettings:InstanceSettings": 0, "gcp:compute/instanceTemplate:InstanceTemplate": 0, + "gcp:compute/instanceTemplateIamBinding:InstanceTemplateIamBinding": 0, + "gcp:compute/instanceTemplateIamMember:InstanceTemplateIamMember": 0, + "gcp:compute/instanceTemplateIamPolicy:InstanceTemplateIamPolicy": 0, "gcp:compute/interconnect:Interconnect": 0, "gcp:compute/interconnectAttachment:InterconnectAttachment": 0, "gcp:compute/machineImage:MachineImage": 0, @@ -38681,6 +38913,7 @@ "gcp:oslogin/sshPublicKey:SshPublicKey": 0, "gcp:parallelstore/instance:Instance": 0, "gcp:parametermanager/parameter:Parameter": 0, + "gcp:parametermanager/parameterVersion:ParameterVersion": 0, "gcp:parametermanager/regionalParameter:RegionalParameter": 0, "gcp:parametermanager/regionalParameterVersion:RegionalParameterVersion": 0, "gcp:privilegedaccessmanager/entitlement:entitlement": 0, @@ -38714,6 +38947,7 @@ "gcp:pubsub/topicIAMPolicy:TopicIAMPolicy": 0, "gcp:recaptcha/enterpriseKey:EnterpriseKey": 0, "gcp:redis/cluster:Cluster": 0, + "gcp:redis/clusterUserCreatedConnections:ClusterUserCreatedConnections": 0, "gcp:redis/instance:Instance": 0, "gcp:resourcemanager/lien:Lien": 0, "gcp:runtimeconfig/config:Config": 0, @@ -38973,6 +39207,7 @@ "gcp:cloudrunv2/getService:getService": 0, "gcp:cloudrunv2/getServiceIamPolicy:getServiceIamPolicy": 0, "gcp:cloudtasks/getQueueIamPolicy:getQueueIamPolicy": 0, + "gcp:colab/getRuntimeTemplateIamPolicy:getRuntimeTemplateIamPolicy": 0, "gcp:composer/getEnvironment:getEnvironment": 0, "gcp:composer/getImageVersions:getImageVersions": 0, "gcp:composer/getUserWorkloadsConfigMap:getUserWorkloadsConfigMap": 0, @@ -39002,6 +39237,7 @@ "gcp:compute/getInstanceIamPolicy:getInstanceIamPolicy": 0, "gcp:compute/getInstanceSerialPort:getInstanceSerialPort": 0, "gcp:compute/getInstanceTemplate:getInstanceTemplate": 0, + "gcp:compute/getInstanceTemplateIamPolicy:getInstanceTemplateIamPolicy": 0, "gcp:compute/getLBIPRanges:getLBIPRanges": 0, "gcp:compute/getMachineImageIamPolicy:getMachineImageIamPolicy": 0, "gcp:compute/getMachineTypes:getMachineTypes": 0, @@ -39123,6 +39359,7 @@ "gcp:kms/getKMSSecretAsymmetric:getKMSSecretAsymmetric": 0, "gcp:kms/getKMSSecretCiphertext:getKMSSecretCiphertext": 0, "gcp:kms/getKeyHandle:getKeyHandle": 0, + "gcp:kms/getKeyHandles:getKeyHandles": 0, "gcp:kms/getKeyRingIamPolicy:getKeyRingIamPolicy": 0, "gcp:kms/getKeyRings:getKeyRings": 0, "gcp:logging/getFolderSettings:getFolderSettings": 0, @@ -39158,7 +39395,10 @@ "gcp:organizations/getIAMPolicy:getIAMPolicy": 0, "gcp:organizations/getOrganization:getOrganization": 0, "gcp:organizations/getProject:getProject": 0, + "gcp:organizations/getS:getS": 0, + "gcp:parametermanager/getParameter:getParameter": 0, "gcp:parametermanager/getRegionalParameter:getRegionalParameter": 0, + "gcp:parametermanager/getRegionalParameters:getRegionalParameters": 0, "gcp:privilegedaccessmanager/getEntitlement:getEntitlement": 0, "gcp:projects/getIamPolicy:getIamPolicy": 0, "gcp:projects/getOrganizationPolicy:getOrganizationPolicy": 0, diff --git a/provider/cmd/pulumi-resource-gcp/schema.json b/provider/cmd/pulumi-resource-gcp/schema.json index f315c3f814..2689aa8b46 100644 --- a/provider/cmd/pulumi-resource-gcp/schema.json +++ b/provider/cmd/pulumi-resource-gcp/schema.json @@ -25,6 +25,7 @@ "alloydb": "Alloydb", "apigateway": "ApiGateway", "apigee": "Apigee", + "apihub": "ApiHub", "appengine": "AppEngine", "apphub": "Apphub", "applicationintegration": "ApplicationIntegration", @@ -211,6 +212,9 @@ "apigeeCustomEndpoint": { "type": "string" }, + "apihubCustomEndpoint": { + "type": "string" + }, "apikeysCustomEndpoint": { "type": "string" }, @@ -4098,6 +4102,31 @@ } } }, + "gcp:apigee/EnvironmentProperties:EnvironmentProperties": { + "properties": { + "properties": { + "type": "array", + "items": { + "$ref": "#/types/gcp:apigee/EnvironmentPropertiesProperty:EnvironmentPropertiesProperty" + }, + "description": "List of all properties in the object.\nStructure is documented below.\n" + } + }, + "type": "object" + }, + "gcp:apigee/EnvironmentPropertiesProperty:EnvironmentPropertiesProperty": { + "properties": { + "name": { + "type": "string", + "description": "The property key.\n" + }, + "value": { + "type": "string", + "description": "The property value.\n" + } + }, + "type": "object" + }, "gcp:apigee/KeystoresAliasesKeyCertFileCertsInfo:KeystoresAliasesKeyCertFileCertsInfo": { "properties": { "certInfos": { @@ -4526,6 +4555,38 @@ }, "type": "object" }, + "gcp:apihub/ApiHubInstanceConfig:ApiHubInstanceConfig": { + "properties": { + "cmekKeyName": { + "type": "string", + "description": "Optional. The Customer Managed Encryption Key (CMEK) used for data encryption.\nThe CMEK name should follow the format of\n`projects/([^/]+)/locations/([^/]+)/keyRings/([^/]+)/cryptoKeys/([^/]+)`,\nwhere the location must match the instance location.\nIf the CMEK is not provided, a GMEK will be created for the instance.\n", + "willReplaceOnChanges": true + }, + "disableSearch": { + "type": "boolean", + "description": "Optional. If true, the search will be disabled for the instance. The default value\nis false.\n", + "willReplaceOnChanges": true + }, + "encryptionType": { + "type": "string", + "description": "Optional. Encryption type for the region. If the encryption type is CMEK, the\ncmek_key_name must be provided. If no encryption type is provided,\nGMEK will be used.\nPossible values:\nENCRYPTION_TYPE_UNSPECIFIED\nGMEK\nCMEK\n", + "willReplaceOnChanges": true + }, + "vertexLocation": { + "type": "string", + "description": "Optional. The name of the Vertex AI location where the data store is stored.\n\n- - -\n", + "willReplaceOnChanges": true + } + }, + "type": "object", + "language": { + "nodejs": { + "requiredOutputs": [ + "encryptionType" + ] + } + } + }, "gcp:appengine/ApplicationFeatureSettings:ApplicationFeatureSettings": { "properties": { "splitHealthChecks": { @@ -16334,6 +16395,38 @@ }, "type": "object" }, + "gcp:chronicle/RetrohuntExecutionInterval:RetrohuntExecutionInterval": { + "properties": { + "endTime": { + "type": "string", + "description": "Optional. Exclusive end of the interval.\nIf specified, a Timestamp matching this interval will have to be before the\nend.\n" + }, + "startTime": { + "type": "string", + "description": "Optional. Inclusive start of the interval.\nIf specified, a Timestamp matching this interval will have to be the same\nor after the start.\n" + } + }, + "type": "object" + }, + "gcp:chronicle/RetrohuntProcessInterval:RetrohuntProcessInterval": { + "properties": { + "endTime": { + "type": "string", + "description": "Exclusive end of the interval.\n\n- - -\n", + "willReplaceOnChanges": true + }, + "startTime": { + "type": "string", + "description": "Inclusive start of the interval.\n", + "willReplaceOnChanges": true + } + }, + "type": "object", + "required": [ + "endTime", + "startTime" + ] + }, "gcp:chronicle/RuleCompilationDiagnostic:RuleCompilationDiagnostic": { "properties": { "message": { @@ -25841,6 +25934,57 @@ }, "type": "object" }, + "gcp:cloudrunv2/ServiceBuildConfig:ServiceBuildConfig": { + "properties": { + "baseImage": { + "type": "string", + "description": "The base image used to build the function.\n" + }, + "enableAutomaticUpdates": { + "type": "boolean", + "description": "Sets whether the function will receive automatic base image updates.\n" + }, + "environmentVariables": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "User-provided build-time environment variables for the function.\n" + }, + "functionTarget": { + "type": "string", + "description": "The name of the function (as defined in source code) that will be executed. Defaults to the resource name suffix, if not specified. For backward compatibility, if function with given name is not found, then the system will try to use function named \"function\".\n" + }, + "imageUri": { + "type": "string", + "description": "Artifact Registry URI to store the built image.\n" + }, + "name": { + "type": "string", + "description": "(Output)\nThe Cloud Build name of the latest successful deployment of the function.\n" + }, + "serviceAccount": { + "type": "string", + "description": "Service account to be used for building the container. The format of this field is `projects/{projectId}/serviceAccounts/{serviceAccountEmail}`.\n" + }, + "sourceLocation": { + "type": "string", + "description": "The Cloud Storage bucket URI where the function source code is located.\n" + }, + "workerPool": { + "type": "string", + "description": "Name of the Cloud Build Custom Worker Pool that should be used to build the Cloud Run function. The format of this field is `projects/{project}/locations/{region}/workerPools/{workerPool}` where {project} and {region} are the project id and region respectively where the worker pool is defined and {workerPool} is the short name of the worker pool.\n" + } + }, + "type": "object", + "language": { + "nodejs": { + "requiredOutputs": [ + "name" + ] + } + } + }, "gcp:cloudrunv2/ServiceCondition:ServiceCondition": { "properties": { "executionReason": { @@ -27564,6 +27708,66 @@ } } }, + "gcp:cloudrunv2/getServiceBuildConfig:getServiceBuildConfig": { + "properties": { + "baseImage": { + "type": "string", + "description": "The base image used to build the function.\n" + }, + "enableAutomaticUpdates": { + "type": "boolean", + "description": "Sets whether the function will receive automatic base image updates.\n" + }, + "environmentVariables": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "User-provided build-time environment variables for the function.\n" + }, + "functionTarget": { + "type": "string", + "description": "The name of the function (as defined in source code) that will be executed. Defaults to the resource name suffix, if not specified. For backward compatibility, if function with given name is not found, then the system will try to use function named \"function\".\n" + }, + "imageUri": { + "type": "string", + "description": "Artifact Registry URI to store the built image.\n" + }, + "name": { + "type": "string", + "description": "The name of the Cloud Run v2 Service.\n" + }, + "serviceAccount": { + "type": "string", + "description": "Service account to be used for building the container. The format of this field is 'projects/{projectId}/serviceAccounts/{serviceAccountEmail}'.\n" + }, + "sourceLocation": { + "type": "string", + "description": "The Cloud Storage bucket URI where the function source code is located.\n" + }, + "workerPool": { + "type": "string", + "description": "Name of the Cloud Build Custom Worker Pool that should be used to build the Cloud Run function. The format of this field is 'projects/{project}/locations/{region}/workerPools/{workerPool}' where {project} and {region} are the project id and region respectively where the worker pool is defined and {workerPool} is the short name of the worker pool.\n" + } + }, + "type": "object", + "required": [ + "baseImage", + "enableAutomaticUpdates", + "environmentVariables", + "functionTarget", + "imageUri", + "name", + "serviceAccount", + "sourceLocation", + "workerPool" + ], + "language": { + "nodejs": { + "requiredInputs": [] + } + } + }, "gcp:cloudrunv2/getServiceCondition:getServiceCondition": { "properties": { "executionReason": { @@ -29232,6 +29436,18 @@ "samplingRatio" ] }, + "gcp:colab/RuntimeNotebookRuntimeTemplateRef:RuntimeNotebookRuntimeTemplateRef": { + "properties": { + "notebookRuntimeTemplate": { + "type": "string", + "description": "The resource name of the NotebookRuntimeTemplate based on which a NotebookRuntime will be created.\n" + } + }, + "type": "object", + "required": [ + "notebookRuntimeTemplate" + ] + }, "gcp:colab/RuntimeTemplateDataPersistentDiskSpec:RuntimeTemplateDataPersistentDiskSpec": { "properties": { "diskSizeGb": { @@ -29275,6 +29491,48 @@ }, "type": "object" }, + "gcp:colab/RuntimeTemplateIamBindingCondition:RuntimeTemplateIamBindingCondition": { + "properties": { + "description": { + "type": "string", + "willReplaceOnChanges": true + }, + "expression": { + "type": "string", + "willReplaceOnChanges": true + }, + "title": { + "type": "string", + "willReplaceOnChanges": true + } + }, + "type": "object", + "required": [ + "expression", + "title" + ] + }, + "gcp:colab/RuntimeTemplateIamMemberCondition:RuntimeTemplateIamMemberCondition": { + "properties": { + "description": { + "type": "string", + "willReplaceOnChanges": true + }, + "expression": { + "type": "string", + "willReplaceOnChanges": true + }, + "title": { + "type": "string", + "willReplaceOnChanges": true + } + }, + "type": "object", + "required": [ + "expression", + "title" + ] + }, "gcp:colab/RuntimeTemplateIdleShutdownConfig:RuntimeTemplateIdleShutdownConfig": { "properties": { "idleTimeout": { @@ -32307,6 +32565,10 @@ }, "description": "CIDR IP address range. Maximum number of destination CIDR IP ranges allowed is 5000.\n" }, + "destNetworkScope": { + "type": "string", + "description": "Network scope of the traffic destination.\nPossible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`.\n" + }, "destRegionCodes": { "type": "array", "items": { @@ -32349,6 +32611,17 @@ }, "description": "CIDR IP address range. Maximum number of source CIDR IP ranges allowed is 5000.\n" }, + "srcNetworkScope": { + "type": "string", + "description": "Network scope of the traffic source.\nPossible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`.\n" + }, + "srcNetworks": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Networks of the traffic source. It can be either a full or partial url.\n" + }, "srcRegionCodes": { "type": "array", "items": { @@ -32678,6 +32951,10 @@ }, "description": "Destination IP address range in CIDR format. Required for\nEGRESS rules.\n" }, + "destNetworkScope": { + "type": "string", + "description": "Network scope of the traffic destination.\nPossible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`.\n" + }, "destRegionCodes": { "type": "array", "items": { @@ -32720,6 +32997,17 @@ }, "description": "Source IP address range in CIDR format. Required for\nINGRESS rules.\n" }, + "srcNetworkScope": { + "type": "string", + "description": "Network scope of the traffic source.\nPossible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`.\n" + }, + "srcNetworks": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Networks of the traffic source. It can be either a full or partial url.\n" + }, "srcRegionCodes": { "type": "array", "items": { @@ -36151,6 +36439,52 @@ "type" ] }, + "gcp:compute/InstanceTemplateIamBindingCondition:InstanceTemplateIamBindingCondition": { + "properties": { + "description": { + "type": "string", + "willReplaceOnChanges": true + }, + "expression": { + "type": "string", + "description": "Textual representation of an expression in Common Expression Language syntax.\n", + "willReplaceOnChanges": true + }, + "title": { + "type": "string", + "description": "A title for the expression, i.e. a short string describing its purpose.\n", + "willReplaceOnChanges": true + } + }, + "type": "object", + "required": [ + "expression", + "title" + ] + }, + "gcp:compute/InstanceTemplateIamMemberCondition:InstanceTemplateIamMemberCondition": { + "properties": { + "description": { + "type": "string", + "willReplaceOnChanges": true + }, + "expression": { + "type": "string", + "description": "Textual representation of an expression in Common Expression Language syntax.\n", + "willReplaceOnChanges": true + }, + "title": { + "type": "string", + "description": "A title for the expression, i.e. a short string describing its purpose.\n", + "willReplaceOnChanges": true + } + }, + "type": "object", + "required": [ + "expression", + "title" + ] + }, "gcp:compute/InstanceTemplateNetworkInterface:InstanceTemplateNetworkInterface": { "properties": { "accessConfigs": { @@ -36929,6 +37263,10 @@ }, "description": "CIDR IP address range. Maximum number of destination CIDR IP ranges allowed is 5000.\n" }, + "destNetworkScope": { + "type": "string", + "description": "Network scope of the traffic destination.\nPossible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`.\n" + }, "destRegionCodes": { "type": "array", "items": { @@ -36971,6 +37309,17 @@ }, "description": "CIDR IP address range. Maximum number of source CIDR IP ranges allowed is 5000.\n" }, + "srcNetworkScope": { + "type": "string", + "description": "Network scope of the traffic source.\nPossible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`.\n" + }, + "srcNetworks": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Networks of the traffic source. It can be either a full or partial url.\n" + }, "srcRegionCodes": { "type": "array", "items": { @@ -37397,6 +37746,10 @@ }, "description": "Destination IP address range in CIDR format. Required for\nEGRESS rules.\n" }, + "destNetworkScope": { + "type": "string", + "description": "Network scope of the traffic destination.\nPossible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`.\n" + }, "destRegionCodes": { "type": "array", "items": { @@ -37439,6 +37792,17 @@ }, "description": "Source IP address range in CIDR format. Required for\nINGRESS rules.\n" }, + "srcNetworkScope": { + "type": "string", + "description": "Network scope of the traffic source.\nPossible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`.\n" + }, + "srcNetworks": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Networks of the traffic source. It can be either a full or partial url.\n" + }, "srcRegionCodes": { "type": "array", "items": { @@ -40248,6 +40612,10 @@ }, "description": "CIDR IP address range. Maximum number of destination CIDR IP ranges allowed is 5000.\n" }, + "destNetworkScope": { + "type": "string", + "description": "Network scope of the traffic destination.\nPossible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`.\n" + }, "destRegionCodes": { "type": "array", "items": { @@ -40290,6 +40658,17 @@ }, "description": "CIDR IP address range. Maximum number of source CIDR IP ranges allowed is 5000.\n" }, + "srcNetworkScope": { + "type": "string", + "description": "Network scope of the traffic source.\nPossible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`.\n" + }, + "srcNetworks": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Networks of the traffic source. It can be either a full or partial url.\n" + }, "srcRegionCodes": { "type": "array", "items": { @@ -40716,6 +41095,10 @@ }, "description": "Destination IP address range in CIDR format. Required for\nEGRESS rules.\n" }, + "destNetworkScope": { + "type": "string", + "description": "Network scope of the traffic destination.\nPossible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`.\n" + }, "destRegionCodes": { "type": "array", "items": { @@ -40758,6 +41141,17 @@ }, "description": "Source IP address range in CIDR format. Required for\nINGRESS rules.\n" }, + "srcNetworkScope": { + "type": "string", + "description": "Network scope of the traffic source.\nPossible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`.\n" + }, + "srcNetworks": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Networks of the traffic source. It can be either a full or partial url.\n" + }, "srcRegionCodes": { "type": "array", "items": { @@ -99916,6 +100310,33 @@ } } }, + "gcp:kms/getKeyHandlesKeyHandle:getKeyHandlesKeyHandle": { + "properties": { + "kmsKey": { + "type": "string", + "description": "The identifier of the KMS Key created for the KeyHandle. Its format is `projects/{projectId}/locations/{location}/keyRings/{keyRingName}/cryptoKeys/{cryptoKeyName}`.\n" + }, + "name": { + "type": "string", + "description": "The name of the KeyHandle. Its format is `projects/{projectId}/locations/{location}/keyHandles/{keyHandleName}`.\n" + }, + "resourceTypeSelector": { + "type": "string", + "description": "The resource type by which to filter KeyHandle e.g. {SERVICE}.googleapis.com/{TYPE}. See documentation for supported resource types. \n\n- - -\n" + } + }, + "type": "object", + "required": [ + "kmsKey", + "name", + "resourceTypeSelector" + ], + "language": { + "nodejs": { + "requiredInputs": [] + } + } + }, "gcp:kms/getKeyRingsKeyRing:getKeyRingsKeyRing": { "properties": { "id": { @@ -104177,6 +104598,30 @@ } } }, + "gcp:networksecurity/SecurityProfileCustomInterceptProfile:SecurityProfileCustomInterceptProfile": { + "properties": { + "interceptEndpointGroup": { + "type": "string", + "description": "The Intercept Endpoint Group to which matching traffic should be intercepted.\nFormat: projects/{project_id}/locations/global/interceptEndpointGroups/{endpoint_group_id}\n" + } + }, + "type": "object", + "required": [ + "interceptEndpointGroup" + ] + }, + "gcp:networksecurity/SecurityProfileCustomMirroringProfile:SecurityProfileCustomMirroringProfile": { + "properties": { + "mirroringEndpointGroup": { + "type": "string", + "description": "The Mirroring Endpoint Group to which matching traffic should be mirrored.\nFormat: projects/{project_id}/locations/global/mirroringEndpointGroups/{endpoint_group_id}\n" + } + }, + "type": "object", + "required": [ + "mirroringEndpointGroup" + ] + }, "gcp:networksecurity/SecurityProfileThreatPreventionProfile:SecurityProfileThreatPreventionProfile": { "properties": { "severityOverrides": { @@ -110890,6 +111335,43 @@ "title" ] }, + "gcp:organizations/getSOrganization:getSOrganization": { + "properties": { + "directoryCustomerId": { + "type": "string", + "description": "The Google for Work customer ID of the Organization.\n" + }, + "displayName": { + "type": "string", + "description": "A human-readable string that refers to the Organization in the Google Cloud console. The string will be set to the primary domain (for example, `\"google.com\"`) of the G Suite customer that owns the organization.\n" + }, + "lifecycleState": { + "type": "string", + "description": "The Organization's current lifecycle state.\n" + }, + "name": { + "type": "string", + "description": "The resource name of the Organization in the form `organizations/{organization_id}`.\n" + }, + "orgId": { + "type": "string", + "description": "The Organization ID.\n" + } + }, + "type": "object", + "required": [ + "directoryCustomerId", + "displayName", + "lifecycleState", + "name", + "orgId" + ], + "language": { + "nodejs": { + "requiredInputs": [] + } + } + }, "gcp:orgpolicy/PolicyDryRunSpec:PolicyDryRunSpec": { "properties": { "etag": { @@ -113502,6 +113984,28 @@ } } }, + "gcp:parametermanager/getParameterPolicyMember:getParameterPolicyMember": { + "properties": { + "iamPolicyNamePrincipal": { + "type": "string", + "description": "IAM policy binding member referring to a Google Cloud resource by user-assigned name. If a\nresource is deleted and recreated with the same name, the binding will be applicable to the\nnew resource. Format:\n'principal://parametermanager.googleapis.com/projects/{{project}}/name/locations/global/parameters/{{parameter_id}}'\n" + }, + "iamPolicyUidPrincipal": { + "type": "string", + "description": "IAM policy binding member referring to a Google Cloud resource by system-assigned unique identifier.\nIf a resource is deleted and recreated with the same name, the binding will not be applicable to the\nnew resource. Format:\n'principal://parametermanager.googleapis.com/projects/{{project}}/uid/locations/global/parameters/{{uid}}'\n" + } + }, + "type": "object", + "required": [ + "iamPolicyNamePrincipal", + "iamPolicyUidPrincipal" + ], + "language": { + "nodejs": { + "requiredInputs": [] + } + } + }, "gcp:parametermanager/getRegionalParameterPolicyMember:getRegionalParameterPolicyMember": { "properties": { "iamPolicyNamePrincipal": { @@ -113524,6 +114028,108 @@ } } }, + "gcp:parametermanager/getRegionalParametersParameter:getRegionalParametersParameter": { + "properties": { + "createTime": { + "type": "string", + "description": "The time at which the regional parameter was created.\n" + }, + "effectiveLabels": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "secret": true + }, + "format": { + "type": "string", + "description": "The format type of the regional parameter.\n" + }, + "labels": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The labels assigned to the regional parameter.\n" + }, + "location": { + "type": "string", + "description": "The location of regional parameter.\n" + }, + "name": { + "type": "string", + "description": "The resource name of the regional parameter. Format: `projects/{{project}}/locations/{{location}}/parameters/{{parameter_id}}`\n" + }, + "parameterId": { + "type": "string", + "description": "The unique name of the resource.\n" + }, + "policyMembers": { + "type": "array", + "items": { + "$ref": "#/types/gcp:parametermanager/getRegionalParametersParameterPolicyMember:getRegionalParametersParameterPolicyMember" + }, + "description": "An object containing a unique resource identity tied to the regional parameter. Structure is documented below.\n" + }, + "project": { + "type": "string", + "description": "The ID of the project.\n" + }, + "pulumiLabels": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The combination of labels configured directly on the resource\n and default labels configured on the provider.\n", + "secret": true + }, + "updateTime": { + "type": "string", + "description": "The time at which the regional parameter was updated.\n" + } + }, + "type": "object", + "required": [ + "createTime", + "effectiveLabels", + "format", + "labels", + "location", + "name", + "parameterId", + "policyMembers", + "project", + "pulumiLabels", + "updateTime" + ], + "language": { + "nodejs": { + "requiredInputs": [] + } + } + }, + "gcp:parametermanager/getRegionalParametersParameterPolicyMember:getRegionalParametersParameterPolicyMember": { + "properties": { + "iamPolicyNamePrincipal": { + "type": "string", + "description": "AM policy binding member referring to a Google Cloud resource by user-assigned name. If a resource is deleted and recreated with the same name, the binding will be applicable to the\nnew resource. Format:\n`principal://parametermanager.googleapis.com/projects/{{project}}/name/locations/{{location}}/parameters/{{parameter_id}}`\n" + }, + "iamPolicyUidPrincipal": { + "type": "string", + "description": "IAM policy binding member referring to a Google Cloud resource by system-assigned unique identifier.\nIf a resource is deleted and recreated with the same name, the binding will not be applicable to the\nnew resource. Format:\n`principal://parametermanager.googleapis.com/projects/{{project}}/uid/locations/{{location}}/parameters/{{uid}}`\n" + } + }, + "type": "object", + "required": [ + "iamPolicyNamePrincipal", + "iamPolicyUidPrincipal" + ], + "language": { + "nodejs": { + "requiredInputs": [] + } + } + }, "gcp:privilegedaccessmanager/entitlementAdditionalNotificationTargets:entitlementAdditionalNotificationTargets": { "properties": { "adminEmailRecipients": { @@ -114821,6 +115427,10 @@ "$ref": "#/types/gcp:pubsub/TopicIngestionDataSourceSettingsAwsKinesis:TopicIngestionDataSourceSettingsAwsKinesis", "description": "Settings for ingestion from Amazon Kinesis Data Streams.\nStructure is documented below.\n" }, + "azureEventHubs": { + "$ref": "#/types/gcp:pubsub/TopicIngestionDataSourceSettingsAzureEventHubs:TopicIngestionDataSourceSettingsAzureEventHubs", + "description": "Settings for ingestion from Azure Event Hubs.\nStructure is documented below.\n" + }, "cloudStorage": { "$ref": "#/types/gcp:pubsub/TopicIngestionDataSourceSettingsCloudStorage:TopicIngestionDataSourceSettingsCloudStorage", "description": "Settings for ingestion from Cloud Storage.\nStructure is documented below.\n" @@ -114859,6 +115469,39 @@ "streamArn" ] }, + "gcp:pubsub/TopicIngestionDataSourceSettingsAzureEventHubs:TopicIngestionDataSourceSettingsAzureEventHubs": { + "properties": { + "clientId": { + "type": "string", + "description": "The Azure event hub client ID to use for ingestion.\n" + }, + "eventHub": { + "type": "string", + "description": "The Azure event hub to ingest data from.\n" + }, + "gcpServiceAccount": { + "type": "string", + "description": "The GCP service account to be used for Federated Identity authentication\nwith Azure (via a `AssumeRoleWithWebIdentity` call for the provided\nrole).\n" + }, + "namespace": { + "type": "string", + "description": "The Azure event hub namespace to ingest data from.\n" + }, + "resourceGroup": { + "type": "string", + "description": "The name of the resource group within an Azure subscription.\n" + }, + "subscriptionId": { + "type": "string", + "description": "The Azure event hub subscription ID to use for ingestion.\n" + }, + "tenantId": { + "type": "string", + "description": "The Azure event hub tenant ID to use for ingestion.\n" + } + }, + "type": "object" + }, "gcp:pubsub/TopicIngestionDataSourceSettingsCloudStorage:TopicIngestionDataSourceSettingsCloudStorage": { "properties": { "avroFormat": { @@ -114923,6 +115566,10 @@ "type": "string" }, "description": "A list of IDs of GCP regions where messages that are published to\nthe topic may be persisted in storage. Messages published by\npublishers running in non-allowed GCP regions (or running outside\nof GCP altogether) will be routed for storage in one of the\nallowed regions. An empty list means that no regions are allowed,\nand is not a valid configuration.\n" + }, + "enforceInTransit": { + "type": "boolean", + "description": "If true, `allowedPersistenceRegions` is also used to enforce in-transit\nguarantees for messages. That is, Pub/Sub will fail topics.publish\noperations on this topic and subscribe operations on any subscription\nattached to this topic in any region that is not in `allowedPersistenceRegions`.\n" } }, "type": "object", @@ -115225,6 +115872,13 @@ }, "description": "Settings for ingestion from Amazon Kinesis Data Streams.\n" }, + "azureEventHubs": { + "type": "array", + "items": { + "$ref": "#/types/gcp:pubsub/getTopicIngestionDataSourceSettingAzureEventHub:getTopicIngestionDataSourceSettingAzureEventHub" + }, + "description": "Settings for ingestion from Azure Event Hubs.\n" + }, "cloudStorages": { "type": "array", "items": { @@ -115243,6 +115897,7 @@ "type": "object", "required": [ "awsKineses", + "azureEventHubs", "cloudStorages", "platformLogsSettings" ], @@ -115284,6 +115939,53 @@ } } }, + "gcp:pubsub/getTopicIngestionDataSourceSettingAzureEventHub:getTopicIngestionDataSourceSettingAzureEventHub": { + "properties": { + "clientId": { + "type": "string", + "description": "The Azure event hub client ID to use for ingestion.\n" + }, + "eventHub": { + "type": "string", + "description": "The Azure event hub to ingest data from.\n" + }, + "gcpServiceAccount": { + "type": "string", + "description": "The GCP service account to be used for Federated Identity authentication\nwith Azure (via a 'AssumeRoleWithWebIdentity' call for the provided\nrole).\n" + }, + "namespace": { + "type": "string", + "description": "The Azure event hub namespace to ingest data from.\n" + }, + "resourceGroup": { + "type": "string", + "description": "The name of the resource group within an Azure subscription.\n" + }, + "subscriptionId": { + "type": "string", + "description": "The Azure event hub subscription ID to use for ingestion.\n" + }, + "tenantId": { + "type": "string", + "description": "The Azure event hub tenant ID to use for ingestion.\n" + } + }, + "type": "object", + "required": [ + "clientId", + "eventHub", + "gcpServiceAccount", + "namespace", + "resourceGroup", + "subscriptionId", + "tenantId" + ], + "language": { + "nodejs": { + "requiredInputs": [] + } + } + }, "gcp:pubsub/getTopicIngestionDataSourceSettingCloudStorage:getTopicIngestionDataSourceSettingCloudStorage": { "properties": { "avroFormats": { @@ -115383,11 +116085,16 @@ "type": "string" }, "description": "A list of IDs of GCP regions where messages that are published to\nthe topic may be persisted in storage. Messages published by\npublishers running in non-allowed GCP regions (or running outside\nof GCP altogether) will be routed for storage in one of the\nallowed regions. An empty list means that no regions are allowed,\nand is not a valid configuration.\n" + }, + "enforceInTransit": { + "type": "boolean", + "description": "If true, 'allowedPersistenceRegions' is also used to enforce in-transit\nguarantees for messages. That is, Pub/Sub will fail topics.publish\noperations on this topic and subscribe operations on any subscription\nattached to this topic in any region that is not in 'allowedPersistenceRegions'.\n" } }, "type": "object", "required": [ - "allowedPersistenceRegions" + "allowedPersistenceRegions", + "enforceInTransit" ], "language": { "nodejs": { @@ -115876,7 +116583,7 @@ "properties": { "network": { "type": "string", - "description": "Required. The consumer network where the network address of\nthe discovery endpoint will be reserved, in the form of\nprojects/{network_project_id_or_number}/global/networks/{network_id}.\n\n- - -\n" + "description": "Required. The consumer network where the network address of\nthe discovery endpoint will be reserved, in the form of\nprojects/{network_project_id_or_number}/global/networks/{network_id}.\n" } }, "type": "object", @@ -115909,6 +116616,27 @@ }, "type": "object" }, + "gcp:redis/ClusterPscServiceAttachment:ClusterPscServiceAttachment": { + "properties": { + "connectionType": { + "type": "string", + "description": "(Output)\nType of a PSC connection targeting this service attachment.\n" + }, + "serviceAttachment": { + "type": "string", + "description": "(Output)\nService attachment URI which your self-created PscConnection should use as\n" + } + }, + "type": "object", + "language": { + "nodejs": { + "requiredOutputs": [ + "connectionType", + "serviceAttachment" + ] + } + } + }, "gcp:redis/ClusterStateInfo:ClusterStateInfo": { "properties": { "updateInfo": { @@ -115931,6 +116659,85 @@ }, "type": "object" }, + "gcp:redis/ClusterUserCreatedConnectionsClusterEndpoint:ClusterUserCreatedConnectionsClusterEndpoint": { + "properties": { + "connections": { + "type": "array", + "items": { + "$ref": "#/types/gcp:redis/ClusterUserCreatedConnectionsClusterEndpointConnection:ClusterUserCreatedConnectionsClusterEndpointConnection" + }, + "description": "Structure is documented below.\n" + } + }, + "type": "object" + }, + "gcp:redis/ClusterUserCreatedConnectionsClusterEndpointConnection:ClusterUserCreatedConnectionsClusterEndpointConnection": { + "properties": { + "pscConnection": { + "$ref": "#/types/gcp:redis/ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnection:ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnection", + "description": "Detailed information of a PSC connection that is created by the customer\nwho owns the cluster.\nStructure is documented below.\n" + } + }, + "type": "object" + }, + "gcp:redis/ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnection:ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnection": { + "properties": { + "address": { + "type": "string", + "description": "The IP allocated on the consumer network for the PSC forwarding rule.\n" + }, + "connectionType": { + "type": "string", + "description": "(Output)\nOutput Only. Type of a PSC Connection.\nPossible values:\nCONNECTION_TYPE_DISCOVERY\nCONNECTION_TYPE_PRIMARY\nCONNECTION_TYPE_READER\n" + }, + "forwardingRule": { + "type": "string", + "description": "The URI of the consumer side forwarding rule.\nFormat:\nprojects/{project}/regions/{region}/forwardingRules/{forwarding_rule}\n" + }, + "network": { + "type": "string", + "description": "The consumer network where the IP address resides, in the form of\nprojects/{project_id}/global/networks/{network_id}.\n" + }, + "projectId": { + "type": "string", + "description": "The consumer project_id where the forwarding rule is created from.\n" + }, + "pscConnectionId": { + "type": "string", + "description": "The PSC connection id of the forwarding rule connected to the\nservice attachment.\n" + }, + "pscConnectionStatus": { + "type": "string", + "description": "(Output)\nOutput Only. The status of the PSC connection: whether a connection exists and ACTIVE or it no longer exists.\nPossible values:\nACTIVE\nNOT_FOUND\n" + }, + "serviceAttachment": { + "type": "string", + "description": "The service attachment which is the target of the PSC connection, in the form of projects/{project-id}/regions/{region}/serviceAttachments/{service-attachment-id}.\n" + } + }, + "type": "object", + "required": [ + "address", + "forwardingRule", + "network", + "pscConnectionId", + "serviceAttachment" + ], + "language": { + "nodejs": { + "requiredOutputs": [ + "address", + "connectionType", + "forwardingRule", + "network", + "projectId", + "pscConnectionId", + "pscConnectionStatus", + "serviceAttachment" + ] + } + } + }, "gcp:redis/ClusterZoneDistributionConfig:ClusterZoneDistributionConfig": { "properties": { "mode": { @@ -129887,6 +130694,9 @@ "apigeeCustomEndpoint": { "type": "string" }, + "apihubCustomEndpoint": { + "type": "string" + }, "apikeysCustomEndpoint": { "type": "string" }, @@ -130451,6 +131261,9 @@ "apigeeCustomEndpoint": { "type": "string" }, + "apihubCustomEndpoint": { + "type": "string" + }, "apikeysCustomEndpoint": { "type": "string" }, @@ -133525,7 +134338,7 @@ }, "databaseVersion": { "type": "string", - "description": "The database engine major version. This is an optional field and it's populated at the Cluster creation time. This field cannot be changed after cluster creation.\n" + "description": "The database engine major version. This is an optional field and it's populated at the Cluster creation time.\nNote: Changing this field to a higer version results in upgrading the AlloyDB cluster which is an irreversible change.\n" }, "deletionPolicy": { "type": "string", @@ -133630,6 +134443,10 @@ "$ref": "#/types/gcp:alloydb/ClusterSecondaryConfig:ClusterSecondaryConfig", "description": "Configuration of the secondary cluster for Cross Region Replication. This should be set if and only if the cluster is of type SECONDARY.\nStructure is documented below.\n" }, + "skipAwaitMajorVersionUpgrade": { + "type": "boolean", + "description": "Set to true to skip awaiting on the major version upgrade of the cluster.\nPossible values: true, false\nDefault value: \"true\"\n" + }, "state": { "type": "string", "description": "Output only. The current serving state of the cluster.\n" @@ -133699,7 +134516,7 @@ }, "databaseVersion": { "type": "string", - "description": "The database engine major version. This is an optional field and it's populated at the Cluster creation time. This field cannot be changed after cluster creation.\n" + "description": "The database engine major version. This is an optional field and it's populated at the Cluster creation time.\nNote: Changing this field to a higer version results in upgrading the AlloyDB cluster which is an irreversible change.\n" }, "deletionPolicy": { "type": "string", @@ -133764,6 +134581,10 @@ "$ref": "#/types/gcp:alloydb/ClusterSecondaryConfig:ClusterSecondaryConfig", "description": "Configuration of the secondary cluster for Cross Region Replication. This should be set if and only if the cluster is of type SECONDARY.\nStructure is documented below.\n" }, + "skipAwaitMajorVersionUpgrade": { + "type": "boolean", + "description": "Set to true to skip awaiting on the major version upgrade of the cluster.\nPossible values: true, false\nDefault value: \"true\"\n" + }, "subscriptionType": { "type": "string", "description": "The subscrition type of cluster.\nPossible values are: `TRIAL`, `STANDARD`.\n" @@ -133816,7 +134637,7 @@ }, "databaseVersion": { "type": "string", - "description": "The database engine major version. This is an optional field and it's populated at the Cluster creation time. This field cannot be changed after cluster creation.\n" + "description": "The database engine major version. This is an optional field and it's populated at the Cluster creation time.\nNote: Changing this field to a higer version results in upgrading the AlloyDB cluster which is an irreversible change.\n" }, "deletionPolicy": { "type": "string", @@ -133925,6 +134746,10 @@ "$ref": "#/types/gcp:alloydb/ClusterSecondaryConfig:ClusterSecondaryConfig", "description": "Configuration of the secondary cluster for Cross Region Replication. This should be set if and only if the cluster is of type SECONDARY.\nStructure is documented below.\n" }, + "skipAwaitMajorVersionUpgrade": { + "type": "boolean", + "description": "Set to true to skip awaiting on the major version upgrade of the cluster.\nPossible values: true, false\nDefault value: \"true\"\n" + }, "state": { "type": "string", "description": "Output only. The current serving state of the cluster.\n" @@ -136375,7 +137200,7 @@ } }, "gcp:apigee/endpointAttachment:EndpointAttachment": { - "description": "Apigee Endpoint Attachment.\n\n\nTo get more information about EndpointAttachment, see:\n\n* [API documentation](https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations.endpointAttachments/create)\n* How-to Guides\n * [Creating an environment](https://cloud.google.com/apigee/docs/api-platform/get-started/create-environment)\n\n## Example Usage\n\n### Apigee Endpoint Attachment Basic\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst current = gcp.organizations.getClientConfig({});\nconst apigeeNetwork = new gcp.compute.Network(\"apigee_network\", {name: \"apigee-network\"});\nconst apigeeRange = new gcp.compute.GlobalAddress(\"apigee_range\", {\n name: \"apigee-range\",\n purpose: \"VPC_PEERING\",\n addressType: \"INTERNAL\",\n prefixLength: 16,\n network: apigeeNetwork.id,\n});\nconst apigeeVpcConnection = new gcp.servicenetworking.Connection(\"apigee_vpc_connection\", {\n network: apigeeNetwork.id,\n service: \"servicenetworking.googleapis.com\",\n reservedPeeringRanges: [apigeeRange.name],\n});\nconst apigeeOrg = new gcp.apigee.Organization(\"apigee_org\", {\n analyticsRegion: \"us-central1\",\n projectId: current.then(current =\u003e current.project),\n authorizedNetwork: apigeeNetwork.id,\n}, {\n dependsOn: [apigeeVpcConnection],\n});\nconst apigeeEndpointAttachment = new gcp.apigee.EndpointAttachment(\"apigee_endpoint_attachment\", {\n orgId: apigeeOrg.id,\n endpointAttachmentId: \"test1\",\n location: \"{google_compute_service_attachment location}\",\n serviceAttachment: \"{google_compute_service_attachment id}\",\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\ncurrent = gcp.organizations.get_client_config()\napigee_network = gcp.compute.Network(\"apigee_network\", name=\"apigee-network\")\napigee_range = gcp.compute.GlobalAddress(\"apigee_range\",\n name=\"apigee-range\",\n purpose=\"VPC_PEERING\",\n address_type=\"INTERNAL\",\n prefix_length=16,\n network=apigee_network.id)\napigee_vpc_connection = gcp.servicenetworking.Connection(\"apigee_vpc_connection\",\n network=apigee_network.id,\n service=\"servicenetworking.googleapis.com\",\n reserved_peering_ranges=[apigee_range.name])\napigee_org = gcp.apigee.Organization(\"apigee_org\",\n analytics_region=\"us-central1\",\n project_id=current.project,\n authorized_network=apigee_network.id,\n opts = pulumi.ResourceOptions(depends_on=[apigee_vpc_connection]))\napigee_endpoint_attachment = gcp.apigee.EndpointAttachment(\"apigee_endpoint_attachment\",\n org_id=apigee_org.id,\n endpoint_attachment_id=\"test1\",\n location=\"{google_compute_service_attachment location}\",\n service_attachment=\"{google_compute_service_attachment id}\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Gcp.Organizations.GetClientConfig.Invoke();\n\n var apigeeNetwork = new Gcp.Compute.Network(\"apigee_network\", new()\n {\n Name = \"apigee-network\",\n });\n\n var apigeeRange = new Gcp.Compute.GlobalAddress(\"apigee_range\", new()\n {\n Name = \"apigee-range\",\n Purpose = \"VPC_PEERING\",\n AddressType = \"INTERNAL\",\n PrefixLength = 16,\n Network = apigeeNetwork.Id,\n });\n\n var apigeeVpcConnection = new Gcp.ServiceNetworking.Connection(\"apigee_vpc_connection\", new()\n {\n Network = apigeeNetwork.Id,\n Service = \"servicenetworking.googleapis.com\",\n ReservedPeeringRanges = new[]\n {\n apigeeRange.Name,\n },\n });\n\n var apigeeOrg = new Gcp.Apigee.Organization(\"apigee_org\", new()\n {\n AnalyticsRegion = \"us-central1\",\n ProjectId = current.Apply(getClientConfigResult =\u003e getClientConfigResult.Project),\n AuthorizedNetwork = apigeeNetwork.Id,\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n apigeeVpcConnection,\n },\n });\n\n var apigeeEndpointAttachment = new Gcp.Apigee.EndpointAttachment(\"apigee_endpoint_attachment\", new()\n {\n OrgId = apigeeOrg.Id,\n EndpointAttachmentId = \"test1\",\n Location = \"{google_compute_service_attachment location}\",\n ServiceAttachment = \"{google_compute_service_attachment id}\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/apigee\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/servicenetworking\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := organizations.GetClientConfig(ctx, map[string]interface{}{}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tapigeeNetwork, err := compute.NewNetwork(ctx, \"apigee_network\", \u0026compute.NetworkArgs{\n\t\t\tName: pulumi.String(\"apigee-network\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tapigeeRange, err := compute.NewGlobalAddress(ctx, \"apigee_range\", \u0026compute.GlobalAddressArgs{\n\t\t\tName: pulumi.String(\"apigee-range\"),\n\t\t\tPurpose: pulumi.String(\"VPC_PEERING\"),\n\t\t\tAddressType: pulumi.String(\"INTERNAL\"),\n\t\t\tPrefixLength: pulumi.Int(16),\n\t\t\tNetwork: apigeeNetwork.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tapigeeVpcConnection, err := servicenetworking.NewConnection(ctx, \"apigee_vpc_connection\", \u0026servicenetworking.ConnectionArgs{\n\t\t\tNetwork: apigeeNetwork.ID(),\n\t\t\tService: pulumi.String(\"servicenetworking.googleapis.com\"),\n\t\t\tReservedPeeringRanges: pulumi.StringArray{\n\t\t\t\tapigeeRange.Name,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tapigeeOrg, err := apigee.NewOrganization(ctx, \"apigee_org\", \u0026apigee.OrganizationArgs{\n\t\t\tAnalyticsRegion: pulumi.String(\"us-central1\"),\n\t\t\tProjectId: pulumi.String(current.Project),\n\t\t\tAuthorizedNetwork: apigeeNetwork.ID(),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tapigeeVpcConnection,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = apigee.NewEndpointAttachment(ctx, \"apigee_endpoint_attachment\", \u0026apigee.EndpointAttachmentArgs{\n\t\t\tOrgId: apigeeOrg.ID(),\n\t\t\tEndpointAttachmentId: pulumi.String(\"test1\"),\n\t\t\tLocation: pulumi.String(\"{google_compute_service_attachment location}\"),\n\t\t\tServiceAttachment: pulumi.String(\"{google_compute_service_attachment id}\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.organizations.OrganizationsFunctions;\nimport com.pulumi.gcp.compute.Network;\nimport com.pulumi.gcp.compute.NetworkArgs;\nimport com.pulumi.gcp.compute.GlobalAddress;\nimport com.pulumi.gcp.compute.GlobalAddressArgs;\nimport com.pulumi.gcp.servicenetworking.Connection;\nimport com.pulumi.gcp.servicenetworking.ConnectionArgs;\nimport com.pulumi.gcp.apigee.Organization;\nimport com.pulumi.gcp.apigee.OrganizationArgs;\nimport com.pulumi.gcp.apigee.EndpointAttachment;\nimport com.pulumi.gcp.apigee.EndpointAttachmentArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = OrganizationsFunctions.getClientConfig();\n\n var apigeeNetwork = new Network(\"apigeeNetwork\", NetworkArgs.builder()\n .name(\"apigee-network\")\n .build());\n\n var apigeeRange = new GlobalAddress(\"apigeeRange\", GlobalAddressArgs.builder()\n .name(\"apigee-range\")\n .purpose(\"VPC_PEERING\")\n .addressType(\"INTERNAL\")\n .prefixLength(16)\n .network(apigeeNetwork.id())\n .build());\n\n var apigeeVpcConnection = new Connection(\"apigeeVpcConnection\", ConnectionArgs.builder()\n .network(apigeeNetwork.id())\n .service(\"servicenetworking.googleapis.com\")\n .reservedPeeringRanges(apigeeRange.name())\n .build());\n\n var apigeeOrg = new Organization(\"apigeeOrg\", OrganizationArgs.builder()\n .analyticsRegion(\"us-central1\")\n .projectId(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.project()))\n .authorizedNetwork(apigeeNetwork.id())\n .build(), CustomResourceOptions.builder()\n .dependsOn(apigeeVpcConnection)\n .build());\n\n var apigeeEndpointAttachment = new EndpointAttachment(\"apigeeEndpointAttachment\", EndpointAttachmentArgs.builder()\n .orgId(apigeeOrg.id())\n .endpointAttachmentId(\"test1\")\n .location(\"{google_compute_service_attachment location}\")\n .serviceAttachment(\"{google_compute_service_attachment id}\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n apigeeNetwork:\n type: gcp:compute:Network\n name: apigee_network\n properties:\n name: apigee-network\n apigeeRange:\n type: gcp:compute:GlobalAddress\n name: apigee_range\n properties:\n name: apigee-range\n purpose: VPC_PEERING\n addressType: INTERNAL\n prefixLength: 16\n network: ${apigeeNetwork.id}\n apigeeVpcConnection:\n type: gcp:servicenetworking:Connection\n name: apigee_vpc_connection\n properties:\n network: ${apigeeNetwork.id}\n service: servicenetworking.googleapis.com\n reservedPeeringRanges:\n - ${apigeeRange.name}\n apigeeOrg:\n type: gcp:apigee:Organization\n name: apigee_org\n properties:\n analyticsRegion: us-central1\n projectId: ${current.project}\n authorizedNetwork: ${apigeeNetwork.id}\n options:\n dependsOn:\n - ${apigeeVpcConnection}\n apigeeEndpointAttachment:\n type: gcp:apigee:EndpointAttachment\n name: apigee_endpoint_attachment\n properties:\n orgId: ${apigeeOrg.id}\n endpointAttachmentId: test1\n location: '{google_compute_service_attachment location}'\n serviceAttachment: '{google_compute_service_attachment id}'\nvariables:\n current:\n fn::invoke:\n function: gcp:organizations:getClientConfig\n arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nEndpointAttachment can be imported using any of these accepted formats:\n\n* `{{org_id}}/endpointAttachments/{{endpoint_attachment_id}}`\n\n* `{{org_id}}/{{endpoint_attachment_id}}`\n\nWhen using the `pulumi import` command, EndpointAttachment can be imported using one of the formats above. For example:\n\n```sh\n$ pulumi import gcp:apigee/endpointAttachment:EndpointAttachment default {{org_id}}/endpointAttachments/{{endpoint_attachment_id}}\n```\n\n```sh\n$ pulumi import gcp:apigee/endpointAttachment:EndpointAttachment default {{org_id}}/{{endpoint_attachment_id}}\n```\n\n", + "description": "Apigee Endpoint Attachment.\n\n\nTo get more information about EndpointAttachment, see:\n\n* [API documentation](https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations.endpointAttachments/create)\n* How-to Guides\n * [Creating an environment](https://cloud.google.com/apigee/docs/api-platform/get-started/create-environment)\n\n## Import\n\nEndpointAttachment can be imported using any of these accepted formats:\n\n* `{{org_id}}/endpointAttachments/{{endpoint_attachment_id}}`\n\n* `{{org_id}}/{{endpoint_attachment_id}}`\n\nWhen using the `pulumi import` command, EndpointAttachment can be imported using one of the formats above. For example:\n\n```sh\n$ pulumi import gcp:apigee/endpointAttachment:EndpointAttachment default {{org_id}}/endpointAttachments/{{endpoint_attachment_id}}\n```\n\n```sh\n$ pulumi import gcp:apigee/endpointAttachment:EndpointAttachment default {{org_id}}/{{endpoint_attachment_id}}\n```\n\n", "properties": { "connectionState": { "type": "string", @@ -136799,6 +137624,10 @@ "type": "string", "description": "The Apigee Organization associated with the Apigee environment,\nin the format `organizations/{{org_name}}`.\n\n\n- - -\n" }, + "properties": { + "$ref": "#/types/gcp:apigee/EnvironmentProperties:EnvironmentProperties", + "description": "Key-value pairs that may be used for customizing the environment.\nStructure is documented below.\n" + }, "type": { "type": "string", "description": "Types that can be selected for an Environment. Each of the types are\nlimited by capability and capacity. Refer to Apigee's public documentation\nto understand about each of these types in details.\nAn Apigee org can support heterogeneous Environments.\nPossible values are: `ENVIRONMENT_TYPE_UNSPECIFIED`, `BASE`, `INTERMEDIATE`, `COMPREHENSIVE`.\n" @@ -136849,6 +137678,10 @@ "description": "The Apigee Organization associated with the Apigee environment,\nin the format `organizations/{{org_name}}`.\n\n\n- - -\n", "willReplaceOnChanges": true }, + "properties": { + "$ref": "#/types/gcp:apigee/EnvironmentProperties:EnvironmentProperties", + "description": "Key-value pairs that may be used for customizing the environment.\nStructure is documented below.\n" + }, "type": { "type": "string", "description": "Types that can be selected for an Environment. Each of the types are\nlimited by capability and capacity. Refer to Apigee's public documentation\nto understand about each of these types in details.\nAn Apigee org can support heterogeneous Environments.\nPossible values are: `ENVIRONMENT_TYPE_UNSPECIFIED`, `BASE`, `INTERMEDIATE`, `COMPREHENSIVE`.\n" @@ -136896,6 +137729,10 @@ "description": "The Apigee Organization associated with the Apigee environment,\nin the format `organizations/{{org_name}}`.\n\n\n- - -\n", "willReplaceOnChanges": true }, + "properties": { + "$ref": "#/types/gcp:apigee/EnvironmentProperties:EnvironmentProperties", + "description": "Key-value pairs that may be used for customizing the environment.\nStructure is documented below.\n" + }, "type": { "type": "string", "description": "Types that can be selected for an Environment. Each of the types are\nlimited by capability and capacity. Refer to Apigee's public documentation\nto understand about each of these types in details.\nAn Apigee org can support heterogeneous Environments.\nPossible values are: `ENVIRONMENT_TYPE_UNSPECIFIED`, `BASE`, `INTERMEDIATE`, `COMPREHENSIVE`.\n" @@ -138884,6 +139721,196 @@ "type": "object" } }, + "gcp:apihub/apiHubInstance:ApiHubInstance": { + "description": "An ApiHubInstance represents the instance resources of the API Hub.\nCurrently, only one ApiHub instance is allowed for each project.\nCurrently, updation/deletion of ApiHub instance is not allowed.\n\n\n\n## Example Usage\n\n### Apihub Api Hub Instance Basic\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst apihub_instance_without_search = new gcp.apihub.ApiHubInstance(\"apihub-instance-without-search\", {\n location: \"us-central1\",\n config: {\n disableSearch: true,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\napihub_instance_without_search = gcp.apihub.ApiHubInstance(\"apihub-instance-without-search\",\n location=\"us-central1\",\n config={\n \"disable_search\": True,\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var apihub_instance_without_search = new Gcp.ApiHub.ApiHubInstance(\"apihub-instance-without-search\", new()\n {\n Location = \"us-central1\",\n Config = new Gcp.ApiHub.Inputs.ApiHubInstanceConfigArgs\n {\n DisableSearch = true,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/apihub\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := apihub.NewApiHubInstance(ctx, \"apihub-instance-without-search\", \u0026apihub.ApiHubInstanceArgs{\n\t\t\tLocation: pulumi.String(\"us-central1\"),\n\t\t\tConfig: \u0026apihub.ApiHubInstanceConfigArgs{\n\t\t\t\tDisableSearch: pulumi.Bool(true),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.apihub.ApiHubInstance;\nimport com.pulumi.gcp.apihub.ApiHubInstanceArgs;\nimport com.pulumi.gcp.apihub.inputs.ApiHubInstanceConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var apihub_instance_without_search = new ApiHubInstance(\"apihub-instance-without-search\", ApiHubInstanceArgs.builder()\n .location(\"us-central1\")\n .config(ApiHubInstanceConfigArgs.builder()\n .disableSearch(true)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n apihub-instance-without-search:\n type: gcp:apihub:ApiHubInstance\n properties:\n location: us-central1\n config:\n disableSearch: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Apihub Api Hub Instance Full\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst apihub_instance_search = new gcp.apihub.ApiHubInstance(\"apihub-instance-search\", {\n project: \"my-project\",\n apiHubInstanceId: \"test-instance-full\",\n description: \"Test API hub instance\",\n location: \"us-central1\",\n config: {\n encryptionType: \"CMEK\",\n cmekKeyName: \"projects/my-project/locations/us-central1/keyRings/apihub/cryptoKeys/apihub-key\",\n disableSearch: false,\n vertexLocation: \"us\",\n },\n labels: {\n environment: \"dev\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\napihub_instance_search = gcp.apihub.ApiHubInstance(\"apihub-instance-search\",\n project=\"my-project\",\n api_hub_instance_id=\"test-instance-full\",\n description=\"Test API hub instance\",\n location=\"us-central1\",\n config={\n \"encryption_type\": \"CMEK\",\n \"cmek_key_name\": \"projects/my-project/locations/us-central1/keyRings/apihub/cryptoKeys/apihub-key\",\n \"disable_search\": False,\n \"vertex_location\": \"us\",\n },\n labels={\n \"environment\": \"dev\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var apihub_instance_search = new Gcp.ApiHub.ApiHubInstance(\"apihub-instance-search\", new()\n {\n Project = \"my-project\",\n ApiHubInstanceId = \"test-instance-full\",\n Description = \"Test API hub instance\",\n Location = \"us-central1\",\n Config = new Gcp.ApiHub.Inputs.ApiHubInstanceConfigArgs\n {\n EncryptionType = \"CMEK\",\n CmekKeyName = \"projects/my-project/locations/us-central1/keyRings/apihub/cryptoKeys/apihub-key\",\n DisableSearch = false,\n VertexLocation = \"us\",\n },\n Labels = \n {\n { \"environment\", \"dev\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/apihub\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := apihub.NewApiHubInstance(ctx, \"apihub-instance-search\", \u0026apihub.ApiHubInstanceArgs{\n\t\t\tProject: pulumi.String(\"my-project\"),\n\t\t\tApiHubInstanceId: pulumi.String(\"test-instance-full\"),\n\t\t\tDescription: pulumi.String(\"Test API hub instance\"),\n\t\t\tLocation: pulumi.String(\"us-central1\"),\n\t\t\tConfig: \u0026apihub.ApiHubInstanceConfigArgs{\n\t\t\t\tEncryptionType: pulumi.String(\"CMEK\"),\n\t\t\t\tCmekKeyName: pulumi.String(\"projects/my-project/locations/us-central1/keyRings/apihub/cryptoKeys/apihub-key\"),\n\t\t\t\tDisableSearch: pulumi.Bool(false),\n\t\t\t\tVertexLocation: pulumi.String(\"us\"),\n\t\t\t},\n\t\t\tLabels: pulumi.StringMap{\n\t\t\t\t\"environment\": pulumi.String(\"dev\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.apihub.ApiHubInstance;\nimport com.pulumi.gcp.apihub.ApiHubInstanceArgs;\nimport com.pulumi.gcp.apihub.inputs.ApiHubInstanceConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var apihub_instance_search = new ApiHubInstance(\"apihub-instance-search\", ApiHubInstanceArgs.builder()\n .project(\"my-project\")\n .apiHubInstanceId(\"test-instance-full\")\n .description(\"Test API hub instance\")\n .location(\"us-central1\")\n .config(ApiHubInstanceConfigArgs.builder()\n .encryptionType(\"CMEK\")\n .cmekKeyName(\"projects/my-project/locations/us-central1/keyRings/apihub/cryptoKeys/apihub-key\")\n .disableSearch(false)\n .vertexLocation(\"us\")\n .build())\n .labels(Map.of(\"environment\", \"dev\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n apihub-instance-search:\n type: gcp:apihub:ApiHubInstance\n properties:\n project: my-project\n apiHubInstanceId: test-instance-full\n description: Test API hub instance\n location: us-central1\n config:\n encryptionType: CMEK\n cmekKeyName: projects/my-project/locations/us-central1/keyRings/apihub/cryptoKeys/apihub-key\n disableSearch: false\n vertexLocation: us\n labels:\n environment: dev\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nApiHubInstance can be imported using any of these accepted formats:\n\n* `projects/{{project}}/locations/{{location}}/apiHubInstances/{{api_hub_instance_id}}`\n\n* `{{project}}/{{location}}/{{api_hub_instance_id}}`\n\n* `{{location}}/{{api_hub_instance_id}}`\n\nWhen using the `pulumi import` command, ApiHubInstance can be imported using one of the formats above. For example:\n\n```sh\n$ pulumi import gcp:apihub/apiHubInstance:ApiHubInstance default projects/{{project}}/locations/{{location}}/apiHubInstances/{{api_hub_instance_id}}\n```\n\n```sh\n$ pulumi import gcp:apihub/apiHubInstance:ApiHubInstance default {{project}}/{{location}}/{{api_hub_instance_id}}\n```\n\n```sh\n$ pulumi import gcp:apihub/apiHubInstance:ApiHubInstance default {{location}}/{{api_hub_instance_id}}\n```\n\n", + "properties": { + "apiHubInstanceId": { + "type": "string", + "description": "Optional. Identifier to assign to the Api Hub instance. Must be unique within scope of the parent resource. If the field\nis not provided, system generated id will be used. This value should be 4-40 characters, and valid characters are\n'/a-z[0-9]-_/'.\n" + }, + "config": { + "$ref": "#/types/gcp:apihub/ApiHubInstanceConfig:ApiHubInstanceConfig", + "description": "Available configurations to provision an ApiHub Instance.\nStructure is documented below.\n" + }, + "createTime": { + "type": "string", + "description": "Output only. Creation timestamp.\n" + }, + "description": { + "type": "string", + "description": "Optional. Description of the ApiHub instance.\n" + }, + "effectiveLabels": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.\n", + "secret": true + }, + "labels": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Optional. Instance labels to represent user-provided metadata. Refer to cloud documentation on labels for more details.\nhttps://cloud.google.com/compute/docs/labeling-resources **Note**: This field is non-authoritative, and will only manage\nthe labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels present on\nthe resource.\n" + }, + "location": { + "type": "string", + "description": "Resource ID segment making up resource `name`. It identifies the resource within its parent collection as described in https://google.aip.dev/122.\n" + }, + "name": { + "type": "string", + "description": "Identifier. Format:\n`projects/{project}/locations/{location}/apiHubInstances/{apiHubInstance}`.\n" + }, + "project": { + "type": "string" + }, + "pulumiLabels": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The combination of labels configured directly on the resource\nand default labels configured on the provider.\n", + "secret": true + }, + "state": { + "type": "string", + "description": "Output only. The current state of the ApiHub instance.\nPossible values:\nSTATE_UNSPECIFIED\nINACTIVE\nCREATING\nACTIVE\nUPDATING\nDELETING\nFAILED\n" + }, + "stateMessage": { + "type": "string", + "description": "Output only. Extra information about ApiHub instance state. Currently the message\nwould be populated when state is `FAILED`.\n" + }, + "updateTime": { + "type": "string", + "description": "Output only. Last update timestamp.\n" + } + }, + "required": [ + "config", + "createTime", + "effectiveLabels", + "location", + "name", + "project", + "state", + "stateMessage", + "pulumiLabels", + "updateTime" + ], + "inputProperties": { + "apiHubInstanceId": { + "type": "string", + "description": "Optional. Identifier to assign to the Api Hub instance. Must be unique within scope of the parent resource. If the field\nis not provided, system generated id will be used. This value should be 4-40 characters, and valid characters are\n'/a-z[0-9]-_/'.\n", + "willReplaceOnChanges": true + }, + "config": { + "$ref": "#/types/gcp:apihub/ApiHubInstanceConfig:ApiHubInstanceConfig", + "description": "Available configurations to provision an ApiHub Instance.\nStructure is documented below.\n", + "willReplaceOnChanges": true + }, + "description": { + "type": "string", + "description": "Optional. Description of the ApiHub instance.\n", + "willReplaceOnChanges": true + }, + "labels": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Optional. Instance labels to represent user-provided metadata. Refer to cloud documentation on labels for more details.\nhttps://cloud.google.com/compute/docs/labeling-resources **Note**: This field is non-authoritative, and will only manage\nthe labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels present on\nthe resource.\n" + }, + "location": { + "type": "string", + "description": "Resource ID segment making up resource `name`. It identifies the resource within its parent collection as described in https://google.aip.dev/122.\n", + "willReplaceOnChanges": true + }, + "project": { + "type": "string", + "willReplaceOnChanges": true + } + }, + "requiredInputs": [ + "config", + "location" + ], + "stateInputs": { + "description": "Input properties used for looking up and filtering ApiHubInstance resources.\n", + "properties": { + "apiHubInstanceId": { + "type": "string", + "description": "Optional. Identifier to assign to the Api Hub instance. Must be unique within scope of the parent resource. If the field\nis not provided, system generated id will be used. This value should be 4-40 characters, and valid characters are\n'/a-z[0-9]-_/'.\n", + "willReplaceOnChanges": true + }, + "config": { + "$ref": "#/types/gcp:apihub/ApiHubInstanceConfig:ApiHubInstanceConfig", + "description": "Available configurations to provision an ApiHub Instance.\nStructure is documented below.\n", + "willReplaceOnChanges": true + }, + "createTime": { + "type": "string", + "description": "Output only. Creation timestamp.\n" + }, + "description": { + "type": "string", + "description": "Optional. Description of the ApiHub instance.\n", + "willReplaceOnChanges": true + }, + "effectiveLabels": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.\n", + "secret": true, + "willReplaceOnChanges": true + }, + "labels": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Optional. Instance labels to represent user-provided metadata. Refer to cloud documentation on labels for more details.\nhttps://cloud.google.com/compute/docs/labeling-resources **Note**: This field is non-authoritative, and will only manage\nthe labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels present on\nthe resource.\n" + }, + "location": { + "type": "string", + "description": "Resource ID segment making up resource `name`. It identifies the resource within its parent collection as described in https://google.aip.dev/122.\n", + "willReplaceOnChanges": true + }, + "name": { + "type": "string", + "description": "Identifier. Format:\n`projects/{project}/locations/{location}/apiHubInstances/{apiHubInstance}`.\n" + }, + "project": { + "type": "string", + "willReplaceOnChanges": true + }, + "pulumiLabels": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The combination of labels configured directly on the resource\nand default labels configured on the provider.\n", + "secret": true + }, + "state": { + "type": "string", + "description": "Output only. The current state of the ApiHub instance.\nPossible values:\nSTATE_UNSPECIFIED\nINACTIVE\nCREATING\nACTIVE\nUPDATING\nDELETING\nFAILED\n" + }, + "stateMessage": { + "type": "string", + "description": "Output only. Extra information about ApiHub instance state. Currently the message\nwould be populated when state is `FAILED`.\n" + }, + "updateTime": { + "type": "string", + "description": "Output only. Last update timestamp.\n" + } + }, + "type": "object" + } + }, "gcp:appengine/application:Application": { "description": "Allows creation and management of an App Engine application.\n\n\u003e App Engine applications cannot be deleted once they're created; you have to delete the\n entire project to delete the application. This provider will report the application has been\n successfully deleted; this is a limitation of the provider, and will go away in the future.\n This provider is not able to delete App Engine applications.\n\n\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst myProject = new gcp.organizations.Project(\"my_project\", {\n name: \"My Project\",\n projectId: \"your-project-id\",\n orgId: \"1234567\",\n});\nconst app = new gcp.appengine.Application(\"app\", {\n project: myProject.projectId,\n locationId: \"us-central\",\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nmy_project = gcp.organizations.Project(\"my_project\",\n name=\"My Project\",\n project_id=\"your-project-id\",\n org_id=\"1234567\")\napp = gcp.appengine.Application(\"app\",\n project=my_project.project_id,\n location_id=\"us-central\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var myProject = new Gcp.Organizations.Project(\"my_project\", new()\n {\n Name = \"My Project\",\n ProjectId = \"your-project-id\",\n OrgId = \"1234567\",\n });\n\n var app = new Gcp.AppEngine.Application(\"app\", new()\n {\n Project = myProject.ProjectId,\n LocationId = \"us-central\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/appengine\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmyProject, err := organizations.NewProject(ctx, \"my_project\", \u0026organizations.ProjectArgs{\n\t\t\tName: pulumi.String(\"My Project\"),\n\t\t\tProjectId: pulumi.String(\"your-project-id\"),\n\t\t\tOrgId: pulumi.String(\"1234567\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = appengine.NewApplication(ctx, \"app\", \u0026appengine.ApplicationArgs{\n\t\t\tProject: myProject.ProjectId,\n\t\t\tLocationId: pulumi.String(\"us-central\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.organizations.Project;\nimport com.pulumi.gcp.organizations.ProjectArgs;\nimport com.pulumi.gcp.appengine.Application;\nimport com.pulumi.gcp.appengine.ApplicationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var myProject = new Project(\"myProject\", ProjectArgs.builder()\n .name(\"My Project\")\n .projectId(\"your-project-id\")\n .orgId(\"1234567\")\n .build());\n\n var app = new Application(\"app\", ApplicationArgs.builder()\n .project(myProject.projectId())\n .locationId(\"us-central\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n myProject:\n type: gcp:organizations:Project\n name: my_project\n properties:\n name: My Project\n projectId: your-project-id\n orgId: '1234567'\n app:\n type: gcp:appengine:Application\n properties:\n project: ${myProject.projectId}\n locationId: us-central\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nApplications can be imported using the ID of the project the application belongs to, e.g.\n\n* `{{project-id}}`\n\nWhen using the `pulumi import` command, Applications can be imported using one of the formats above. For example:\n\n```sh\n$ pulumi import gcp:appengine/application:Application default {{project-id}}\n```\n\n", "properties": { @@ -154676,6 +155703,156 @@ "type": "object" } }, + "gcp:chronicle/retrohunt:Retrohunt": { + "description": "Retrohunt is an execution of a Rule over a time range in the past.\n\n\nTo get more information about Retrohunt, see:\n\n* [API documentation](https://cloud.google.com/chronicle/docs/reference/rest/v1alpha/projects.locations.instances.rules.retrohunts)\n* How-to Guides\n * [Google SecOps Guides](https://cloud.google.com/chronicle/docs/secops/secops-overview)\n\n## Example Usage\n\n## Import\n\nRetrohunt can be imported using any of these accepted formats:\n\n* `projects/{{project}}/locations/{{location}}/instances/{{instance}}/rules/{{rule}}/retrohunts/{{retrohunt}}`\n\n* `{{project}}/{{location}}/{{instance}}/{{rule}}/{{retrohunt}}`\n\n* `{{location}}/{{instance}}/{{rule}}/{{retrohunt}}`\n\nWhen using the `pulumi import` command, Retrohunt can be imported using one of the formats above. For example:\n\n```sh\n$ pulumi import gcp:chronicle/retrohunt:Retrohunt default projects/{{project}}/locations/{{location}}/instances/{{instance}}/rules/{{rule}}/retrohunts/{{retrohunt}}\n```\n\n```sh\n$ pulumi import gcp:chronicle/retrohunt:Retrohunt default {{project}}/{{location}}/{{instance}}/{{rule}}/{{retrohunt}}\n```\n\n```sh\n$ pulumi import gcp:chronicle/retrohunt:Retrohunt default {{location}}/{{instance}}/{{rule}}/{{retrohunt}}\n```\n\n", + "properties": { + "executionIntervals": { + "type": "array", + "items": { + "$ref": "#/types/gcp:chronicle/RetrohuntExecutionInterval:RetrohuntExecutionInterval" + }, + "description": "Represents a time interval, encoded as a Timestamp start (inclusive) and a\nTimestamp end (exclusive).\nThe start must be less than or equal to the end.\nWhen the start equals the end, the interval is empty (matches no time).\nWhen both start and end are unspecified, the interval matches any time.\nStructure is documented below.\n" + }, + "instance": { + "type": "string", + "description": "The unique identifier for the Chronicle instance, which is the same as the customer ID.\n" + }, + "location": { + "type": "string", + "description": "The location of the resource. This is the geographical region where the Chronicle instance resides, such as \"us\" or \"europe-west2\".\n" + }, + "name": { + "type": "string", + "description": "The resource name of the retrohunt.\nRetrohunt is the child of a rule revision. {rule} in the format below is\nstructured as {rule_id@revision_id}.\nFormat:\nprojects/{project}/locations/{location}/instances/{instance}/rules/{rule}/retrohunts/{retrohunt}\n" + }, + "processInterval": { + "$ref": "#/types/gcp:chronicle/RetrohuntProcessInterval:RetrohuntProcessInterval", + "description": "Represents a time interval, encoded as a Timestamp start (inclusive) and a\nTimestamp end (exclusive).\nThe start must be less than or equal to the end.\nWhen the start equals the end, the interval is empty (matches no time).\nWhen both start and end are unspecified, the interval matches any time.\nStructure is documented below.\n" + }, + "progressPercentage": { + "type": "number", + "description": "Output only. Percent progress of the retrohunt towards completion, from 0.00 to 100.00.\n" + }, + "project": { + "type": "string" + }, + "retrohunt": { + "type": "string", + "description": "The retrohunt ID of the Retrohunt. A retrohunt is an execution of a Rule over a time range in the past.\n" + }, + "rule": { + "type": "string", + "description": "The Rule ID of the rule.\n" + }, + "state": { + "type": "string", + "description": "Output only. The state of the retrohunt.\nPossible values:\nRUNNING\nDONE\nCANCELLED\nFAILED\n" + } + }, + "required": [ + "executionIntervals", + "instance", + "location", + "name", + "processInterval", + "progressPercentage", + "project", + "retrohunt", + "rule", + "state" + ], + "inputProperties": { + "instance": { + "type": "string", + "description": "The unique identifier for the Chronicle instance, which is the same as the customer ID.\n", + "willReplaceOnChanges": true + }, + "location": { + "type": "string", + "description": "The location of the resource. This is the geographical region where the Chronicle instance resides, such as \"us\" or \"europe-west2\".\n", + "willReplaceOnChanges": true + }, + "processInterval": { + "$ref": "#/types/gcp:chronicle/RetrohuntProcessInterval:RetrohuntProcessInterval", + "description": "Represents a time interval, encoded as a Timestamp start (inclusive) and a\nTimestamp end (exclusive).\nThe start must be less than or equal to the end.\nWhen the start equals the end, the interval is empty (matches no time).\nWhen both start and end are unspecified, the interval matches any time.\nStructure is documented below.\n", + "willReplaceOnChanges": true + }, + "project": { + "type": "string", + "willReplaceOnChanges": true + }, + "retrohunt": { + "type": "string", + "description": "The retrohunt ID of the Retrohunt. A retrohunt is an execution of a Rule over a time range in the past.\n", + "willReplaceOnChanges": true + }, + "rule": { + "type": "string", + "description": "The Rule ID of the rule.\n", + "willReplaceOnChanges": true + } + }, + "requiredInputs": [ + "instance", + "location", + "processInterval", + "rule" + ], + "stateInputs": { + "description": "Input properties used for looking up and filtering Retrohunt resources.\n", + "properties": { + "executionIntervals": { + "type": "array", + "items": { + "$ref": "#/types/gcp:chronicle/RetrohuntExecutionInterval:RetrohuntExecutionInterval" + }, + "description": "Represents a time interval, encoded as a Timestamp start (inclusive) and a\nTimestamp end (exclusive).\nThe start must be less than or equal to the end.\nWhen the start equals the end, the interval is empty (matches no time).\nWhen both start and end are unspecified, the interval matches any time.\nStructure is documented below.\n" + }, + "instance": { + "type": "string", + "description": "The unique identifier for the Chronicle instance, which is the same as the customer ID.\n", + "willReplaceOnChanges": true + }, + "location": { + "type": "string", + "description": "The location of the resource. This is the geographical region where the Chronicle instance resides, such as \"us\" or \"europe-west2\".\n", + "willReplaceOnChanges": true + }, + "name": { + "type": "string", + "description": "The resource name of the retrohunt.\nRetrohunt is the child of a rule revision. {rule} in the format below is\nstructured as {rule_id@revision_id}.\nFormat:\nprojects/{project}/locations/{location}/instances/{instance}/rules/{rule}/retrohunts/{retrohunt}\n" + }, + "processInterval": { + "$ref": "#/types/gcp:chronicle/RetrohuntProcessInterval:RetrohuntProcessInterval", + "description": "Represents a time interval, encoded as a Timestamp start (inclusive) and a\nTimestamp end (exclusive).\nThe start must be less than or equal to the end.\nWhen the start equals the end, the interval is empty (matches no time).\nWhen both start and end are unspecified, the interval matches any time.\nStructure is documented below.\n", + "willReplaceOnChanges": true + }, + "progressPercentage": { + "type": "number", + "description": "Output only. Percent progress of the retrohunt towards completion, from 0.00 to 100.00.\n" + }, + "project": { + "type": "string", + "willReplaceOnChanges": true + }, + "retrohunt": { + "type": "string", + "description": "The retrohunt ID of the Retrohunt. A retrohunt is an execution of a Rule over a time range in the past.\n", + "willReplaceOnChanges": true + }, + "rule": { + "type": "string", + "description": "The Rule ID of the rule.\n", + "willReplaceOnChanges": true + }, + "state": { + "type": "string", + "description": "Output only. The state of the retrohunt.\nPossible values:\nRUNNING\nDONE\nCANCELLED\nFAILED\n" + } + }, + "type": "object" + } + }, "gcp:chronicle/rule:Rule": { "description": "## Example Usage\n\n### Chronicle Rule Basic\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst example = new gcp.chronicle.Rule(\"example\", {\n location: \"us\",\n instance: \"00000000-0000-0000-0000-000000000000\",\n deletionPolicy: \"DEFAULT\",\n text: \"rule test_rule { meta: events: $userid = $e.principal.user.userid match: $userid over 10m condition: $e }\\n\",\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nexample = gcp.chronicle.Rule(\"example\",\n location=\"us\",\n instance=\"00000000-0000-0000-0000-000000000000\",\n deletion_policy=\"DEFAULT\",\n text=\"rule test_rule { meta: events: $userid = $e.principal.user.userid match: $userid over 10m condition: $e }\\n\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Gcp.Chronicle.Rule(\"example\", new()\n {\n Location = \"us\",\n Instance = \"00000000-0000-0000-0000-000000000000\",\n DeletionPolicy = \"DEFAULT\",\n Text = @\"rule test_rule { meta: events: $userid = $e.principal.user.userid match: $userid over 10m condition: $e }\n\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/chronicle\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := chronicle.NewRule(ctx, \"example\", \u0026chronicle.RuleArgs{\n\t\t\tLocation: pulumi.String(\"us\"),\n\t\t\tInstance: pulumi.String(\"00000000-0000-0000-0000-000000000000\"),\n\t\t\tDeletionPolicy: pulumi.String(\"DEFAULT\"),\n\t\t\tText: pulumi.String(\"rule test_rule { meta: events: $userid = $e.principal.user.userid match: $userid over 10m condition: $e }\\n\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.chronicle.Rule;\nimport com.pulumi.gcp.chronicle.RuleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Rule(\"example\", RuleArgs.builder()\n .location(\"us\")\n .instance(\"00000000-0000-0000-0000-000000000000\")\n .deletionPolicy(\"DEFAULT\")\n .text(\"\"\"\nrule test_rule { meta: events: $userid = $e.principal.user.userid match: $userid over 10m condition: $e }\n \"\"\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: gcp:chronicle:Rule\n properties:\n location: us\n instance: 00000000-0000-0000-0000-000000000000\n deletionPolicy: DEFAULT\n text: |\n rule test_rule { meta: events: $userid = $e.principal.user.userid match: $userid over 10m condition: $e }\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Chronicle Rule With Force Deletion\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst example = new gcp.chronicle.Rule(\"example\", {\n location: \"us\",\n instance: \"00000000-0000-0000-0000-000000000000\",\n deletionPolicy: \"FORCE\",\n text: \"rule test_rule { meta: events: $userid = $e.principal.user.userid match: $userid over 10m condition: $e }\\n\",\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nexample = gcp.chronicle.Rule(\"example\",\n location=\"us\",\n instance=\"00000000-0000-0000-0000-000000000000\",\n deletion_policy=\"FORCE\",\n text=\"rule test_rule { meta: events: $userid = $e.principal.user.userid match: $userid over 10m condition: $e }\\n\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Gcp.Chronicle.Rule(\"example\", new()\n {\n Location = \"us\",\n Instance = \"00000000-0000-0000-0000-000000000000\",\n DeletionPolicy = \"FORCE\",\n Text = @\"rule test_rule { meta: events: $userid = $e.principal.user.userid match: $userid over 10m condition: $e }\n\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/chronicle\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := chronicle.NewRule(ctx, \"example\", \u0026chronicle.RuleArgs{\n\t\t\tLocation: pulumi.String(\"us\"),\n\t\t\tInstance: pulumi.String(\"00000000-0000-0000-0000-000000000000\"),\n\t\t\tDeletionPolicy: pulumi.String(\"FORCE\"),\n\t\t\tText: pulumi.String(\"rule test_rule { meta: events: $userid = $e.principal.user.userid match: $userid over 10m condition: $e }\\n\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.chronicle.Rule;\nimport com.pulumi.gcp.chronicle.RuleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Rule(\"example\", RuleArgs.builder()\n .location(\"us\")\n .instance(\"00000000-0000-0000-0000-000000000000\")\n .deletionPolicy(\"FORCE\")\n .text(\"\"\"\nrule test_rule { meta: events: $userid = $e.principal.user.userid match: $userid over 10m condition: $e }\n \"\"\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: gcp:chronicle:Rule\n properties:\n location: us\n instance: 00000000-0000-0000-0000-000000000000\n deletionPolicy: FORCE\n text: |\n rule test_rule { meta: events: $userid = $e.principal.user.userid match: $userid over 10m condition: $e }\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Chronicle Rule With Data Access Scope\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst dataAccessScopeTest = new gcp.chronicle.DataAccessScope(\"data_access_scope_test\", {\n location: \"us\",\n instance: \"00000000-0000-0000-0000-000000000000\",\n dataAccessScopeId: \"scope-name\",\n description: \"scope-description\",\n allowedDataAccessLabels: [{\n logType: \"GCP_CLOUDAUDIT\",\n }],\n});\nconst example = new gcp.chronicle.Rule(\"example\", {\n location: \"us\",\n instance: \"00000000-0000-0000-0000-000000000000\",\n scope: googleChronicleDataAccessScope.dataAccessScopeTest.name,\n text: \"rule test_rule { meta: events: $userid = $e.principal.user.userid match: $userid over 10m condition: $e }\\n\",\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\ndata_access_scope_test = gcp.chronicle.DataAccessScope(\"data_access_scope_test\",\n location=\"us\",\n instance=\"00000000-0000-0000-0000-000000000000\",\n data_access_scope_id=\"scope-name\",\n description=\"scope-description\",\n allowed_data_access_labels=[{\n \"log_type\": \"GCP_CLOUDAUDIT\",\n }])\nexample = gcp.chronicle.Rule(\"example\",\n location=\"us\",\n instance=\"00000000-0000-0000-0000-000000000000\",\n scope=google_chronicle_data_access_scope[\"dataAccessScopeTest\"][\"name\"],\n text=\"rule test_rule { meta: events: $userid = $e.principal.user.userid match: $userid over 10m condition: $e }\\n\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var dataAccessScopeTest = new Gcp.Chronicle.DataAccessScope(\"data_access_scope_test\", new()\n {\n Location = \"us\",\n Instance = \"00000000-0000-0000-0000-000000000000\",\n DataAccessScopeId = \"scope-name\",\n Description = \"scope-description\",\n AllowedDataAccessLabels = new[]\n {\n new Gcp.Chronicle.Inputs.DataAccessScopeAllowedDataAccessLabelArgs\n {\n LogType = \"GCP_CLOUDAUDIT\",\n },\n },\n });\n\n var example = new Gcp.Chronicle.Rule(\"example\", new()\n {\n Location = \"us\",\n Instance = \"00000000-0000-0000-0000-000000000000\",\n Scope = googleChronicleDataAccessScope.DataAccessScopeTest.Name,\n Text = @\"rule test_rule { meta: events: $userid = $e.principal.user.userid match: $userid over 10m condition: $e }\n\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/chronicle\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := chronicle.NewDataAccessScope(ctx, \"data_access_scope_test\", \u0026chronicle.DataAccessScopeArgs{\n\t\t\tLocation: pulumi.String(\"us\"),\n\t\t\tInstance: pulumi.String(\"00000000-0000-0000-0000-000000000000\"),\n\t\t\tDataAccessScopeId: pulumi.String(\"scope-name\"),\n\t\t\tDescription: pulumi.String(\"scope-description\"),\n\t\t\tAllowedDataAccessLabels: chronicle.DataAccessScopeAllowedDataAccessLabelArray{\n\t\t\t\t\u0026chronicle.DataAccessScopeAllowedDataAccessLabelArgs{\n\t\t\t\t\tLogType: pulumi.String(\"GCP_CLOUDAUDIT\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = chronicle.NewRule(ctx, \"example\", \u0026chronicle.RuleArgs{\n\t\t\tLocation: pulumi.String(\"us\"),\n\t\t\tInstance: pulumi.String(\"00000000-0000-0000-0000-000000000000\"),\n\t\t\tScope: pulumi.Any(googleChronicleDataAccessScope.DataAccessScopeTest.Name),\n\t\t\tText: pulumi.String(\"rule test_rule { meta: events: $userid = $e.principal.user.userid match: $userid over 10m condition: $e }\\n\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.chronicle.DataAccessScope;\nimport com.pulumi.gcp.chronicle.DataAccessScopeArgs;\nimport com.pulumi.gcp.chronicle.inputs.DataAccessScopeAllowedDataAccessLabelArgs;\nimport com.pulumi.gcp.chronicle.Rule;\nimport com.pulumi.gcp.chronicle.RuleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var dataAccessScopeTest = new DataAccessScope(\"dataAccessScopeTest\", DataAccessScopeArgs.builder()\n .location(\"us\")\n .instance(\"00000000-0000-0000-0000-000000000000\")\n .dataAccessScopeId(\"scope-name\")\n .description(\"scope-description\")\n .allowedDataAccessLabels(DataAccessScopeAllowedDataAccessLabelArgs.builder()\n .logType(\"GCP_CLOUDAUDIT\")\n .build())\n .build());\n\n var example = new Rule(\"example\", RuleArgs.builder()\n .location(\"us\")\n .instance(\"00000000-0000-0000-0000-000000000000\")\n .scope(googleChronicleDataAccessScope.dataAccessScopeTest().name())\n .text(\"\"\"\nrule test_rule { meta: events: $userid = $e.principal.user.userid match: $userid over 10m condition: $e }\n \"\"\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n dataAccessScopeTest:\n type: gcp:chronicle:DataAccessScope\n name: data_access_scope_test\n properties:\n location: us\n instance: 00000000-0000-0000-0000-000000000000\n dataAccessScopeId: scope-name\n description: scope-description\n allowedDataAccessLabels:\n - logType: GCP_CLOUDAUDIT\n example:\n type: gcp:chronicle:Rule\n properties:\n location: us\n instance: 00000000-0000-0000-0000-000000000000\n scope: ${googleChronicleDataAccessScope.dataAccessScopeTest.name}\n text: |\n rule test_rule { meta: events: $userid = $e.principal.user.userid match: $userid over 10m condition: $e }\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nRule can be imported using any of these accepted formats:\n\n* `projects/{{project}}/locations/{{location}}/instances/{{instance}}/rules/{{rule_id}}`\n\n* `{{project}}/{{location}}/{{instance}}/{{rule_id}}`\n\n* `{{location}}/{{instance}}/{{rule_id}}`\n\nWhen using the `pulumi import` command, Rule can be imported using one of the formats above. For example:\n\n```sh\n$ pulumi import gcp:chronicle/rule:Rule default projects/{{project}}/locations/{{location}}/instances/{{instance}}/rules/{{rule_id}}\n```\n\n```sh\n$ pulumi import gcp:chronicle/rule:Rule default {{project}}/{{location}}/{{instance}}/{{rule_id}}\n```\n\n```sh\n$ pulumi import gcp:chronicle/rule:Rule default {{location}}/{{instance}}/{{rule_id}}\n```\n\n", "properties": { @@ -162765,7 +163942,7 @@ } }, "gcp:cloudrunv2/service:Service": { - "description": "Service acts as a top-level container that manages a set of configurations and revision templates which implement a network service. Service exists to provide a singular abstraction which can be access controlled, reasoned about, and which encapsulates software lifecycle decisions such as rollout policy and team resource ownership.\n\n\nTo get more information about Service, see:\n\n* [API documentation](https://cloud.google.com/run/docs/reference/rest/v2/projects.locations.services)\n* How-to Guides\n * [Official Documentation](https://cloud.google.com/run/docs/)\n\n## Example Usage\n\n### Cloudrunv2 Service Basic\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst _default = new gcp.cloudrunv2.Service(\"default\", {\n name: \"cloudrun-service\",\n location: \"us-central1\",\n deletionProtection: false,\n ingress: \"INGRESS_TRAFFIC_ALL\",\n template: {\n containers: [{\n image: \"us-docker.pkg.dev/cloudrun/container/hello\",\n }],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\ndefault = gcp.cloudrunv2.Service(\"default\",\n name=\"cloudrun-service\",\n location=\"us-central1\",\n deletion_protection=False,\n ingress=\"INGRESS_TRAFFIC_ALL\",\n template={\n \"containers\": [{\n \"image\": \"us-docker.pkg.dev/cloudrun/container/hello\",\n }],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = new Gcp.CloudRunV2.Service(\"default\", new()\n {\n Name = \"cloudrun-service\",\n Location = \"us-central1\",\n DeletionProtection = false,\n Ingress = \"INGRESS_TRAFFIC_ALL\",\n Template = new Gcp.CloudRunV2.Inputs.ServiceTemplateArgs\n {\n Containers = new[]\n {\n new Gcp.CloudRunV2.Inputs.ServiceTemplateContainerArgs\n {\n Image = \"us-docker.pkg.dev/cloudrun/container/hello\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/cloudrunv2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cloudrunv2.NewService(ctx, \"default\", \u0026cloudrunv2.ServiceArgs{\n\t\t\tName: pulumi.String(\"cloudrun-service\"),\n\t\t\tLocation: pulumi.String(\"us-central1\"),\n\t\t\tDeletionProtection: pulumi.Bool(false),\n\t\t\tIngress: pulumi.String(\"INGRESS_TRAFFIC_ALL\"),\n\t\t\tTemplate: \u0026cloudrunv2.ServiceTemplateArgs{\n\t\t\t\tContainers: cloudrunv2.ServiceTemplateContainerArray{\n\t\t\t\t\t\u0026cloudrunv2.ServiceTemplateContainerArgs{\n\t\t\t\t\t\tImage: pulumi.String(\"us-docker.pkg.dev/cloudrun/container/hello\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.cloudrunv2.Service;\nimport com.pulumi.gcp.cloudrunv2.ServiceArgs;\nimport com.pulumi.gcp.cloudrunv2.inputs.ServiceTemplateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var default_ = new Service(\"default\", ServiceArgs.builder()\n .name(\"cloudrun-service\")\n .location(\"us-central1\")\n .deletionProtection(false)\n .ingress(\"INGRESS_TRAFFIC_ALL\")\n .template(ServiceTemplateArgs.builder()\n .containers(ServiceTemplateContainerArgs.builder()\n .image(\"us-docker.pkg.dev/cloudrun/container/hello\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: gcp:cloudrunv2:Service\n properties:\n name: cloudrun-service\n location: us-central1\n deletionProtection: false\n ingress: INGRESS_TRAFFIC_ALL\n template:\n containers:\n - image: us-docker.pkg.dev/cloudrun/container/hello\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Cloudrunv2 Service Limits\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst _default = new gcp.cloudrunv2.Service(\"default\", {\n name: \"cloudrun-service\",\n location: \"us-central1\",\n deletionProtection: false,\n ingress: \"INGRESS_TRAFFIC_ALL\",\n template: {\n containers: [{\n image: \"us-docker.pkg.dev/cloudrun/container/hello\",\n resources: {\n limits: {\n cpu: \"2\",\n memory: \"1024Mi\",\n },\n },\n }],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\ndefault = gcp.cloudrunv2.Service(\"default\",\n name=\"cloudrun-service\",\n location=\"us-central1\",\n deletion_protection=False,\n ingress=\"INGRESS_TRAFFIC_ALL\",\n template={\n \"containers\": [{\n \"image\": \"us-docker.pkg.dev/cloudrun/container/hello\",\n \"resources\": {\n \"limits\": {\n \"cpu\": \"2\",\n \"memory\": \"1024Mi\",\n },\n },\n }],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = new Gcp.CloudRunV2.Service(\"default\", new()\n {\n Name = \"cloudrun-service\",\n Location = \"us-central1\",\n DeletionProtection = false,\n Ingress = \"INGRESS_TRAFFIC_ALL\",\n Template = new Gcp.CloudRunV2.Inputs.ServiceTemplateArgs\n {\n Containers = new[]\n {\n new Gcp.CloudRunV2.Inputs.ServiceTemplateContainerArgs\n {\n Image = \"us-docker.pkg.dev/cloudrun/container/hello\",\n Resources = new Gcp.CloudRunV2.Inputs.ServiceTemplateContainerResourcesArgs\n {\n Limits = \n {\n { \"cpu\", \"2\" },\n { \"memory\", \"1024Mi\" },\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/cloudrunv2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cloudrunv2.NewService(ctx, \"default\", \u0026cloudrunv2.ServiceArgs{\n\t\t\tName: pulumi.String(\"cloudrun-service\"),\n\t\t\tLocation: pulumi.String(\"us-central1\"),\n\t\t\tDeletionProtection: pulumi.Bool(false),\n\t\t\tIngress: pulumi.String(\"INGRESS_TRAFFIC_ALL\"),\n\t\t\tTemplate: \u0026cloudrunv2.ServiceTemplateArgs{\n\t\t\t\tContainers: cloudrunv2.ServiceTemplateContainerArray{\n\t\t\t\t\t\u0026cloudrunv2.ServiceTemplateContainerArgs{\n\t\t\t\t\t\tImage: pulumi.String(\"us-docker.pkg.dev/cloudrun/container/hello\"),\n\t\t\t\t\t\tResources: \u0026cloudrunv2.ServiceTemplateContainerResourcesArgs{\n\t\t\t\t\t\t\tLimits: pulumi.StringMap{\n\t\t\t\t\t\t\t\t\"cpu\": pulumi.String(\"2\"),\n\t\t\t\t\t\t\t\t\"memory\": pulumi.String(\"1024Mi\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.cloudrunv2.Service;\nimport com.pulumi.gcp.cloudrunv2.ServiceArgs;\nimport com.pulumi.gcp.cloudrunv2.inputs.ServiceTemplateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var default_ = new Service(\"default\", ServiceArgs.builder()\n .name(\"cloudrun-service\")\n .location(\"us-central1\")\n .deletionProtection(false)\n .ingress(\"INGRESS_TRAFFIC_ALL\")\n .template(ServiceTemplateArgs.builder()\n .containers(ServiceTemplateContainerArgs.builder()\n .image(\"us-docker.pkg.dev/cloudrun/container/hello\")\n .resources(ServiceTemplateContainerResourcesArgs.builder()\n .limits(Map.ofEntries(\n Map.entry(\"cpu\", \"2\"),\n Map.entry(\"memory\", \"1024Mi\")\n ))\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: gcp:cloudrunv2:Service\n properties:\n name: cloudrun-service\n location: us-central1\n deletionProtection: false\n ingress: INGRESS_TRAFFIC_ALL\n template:\n containers:\n - image: us-docker.pkg.dev/cloudrun/container/hello\n resources:\n limits:\n cpu: '2'\n memory: 1024Mi\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Cloudrunv2 Service Sql\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst secret = new gcp.secretmanager.Secret(\"secret\", {\n secretId: \"secret-1\",\n replication: {\n auto: {},\n },\n});\nconst secret_version_data = new gcp.secretmanager.SecretVersion(\"secret-version-data\", {\n secret: secret.name,\n secretData: \"secret-data\",\n});\nconst instance = new gcp.sql.DatabaseInstance(\"instance\", {\n name: \"cloudrun-sql\",\n region: \"us-central1\",\n databaseVersion: \"MYSQL_5_7\",\n settings: {\n tier: \"db-f1-micro\",\n },\n deletionProtection: true,\n});\nconst _default = new gcp.cloudrunv2.Service(\"default\", {\n name: \"cloudrun-service\",\n location: \"us-central1\",\n deletionProtection: false,\n ingress: \"INGRESS_TRAFFIC_ALL\",\n template: {\n scaling: {\n maxInstanceCount: 2,\n },\n volumes: [{\n name: \"cloudsql\",\n cloudSqlInstance: {\n instances: [instance.connectionName],\n },\n }],\n containers: [{\n image: \"us-docker.pkg.dev/cloudrun/container/hello\",\n envs: [\n {\n name: \"FOO\",\n value: \"bar\",\n },\n {\n name: \"SECRET_ENV_VAR\",\n valueSource: {\n secretKeyRef: {\n secret: secret.secretId,\n version: \"1\",\n },\n },\n },\n ],\n volumeMounts: [{\n name: \"cloudsql\",\n mountPath: \"/cloudsql\",\n }],\n }],\n },\n traffics: [{\n type: \"TRAFFIC_TARGET_ALLOCATION_TYPE_LATEST\",\n percent: 100,\n }],\n}, {\n dependsOn: [secret_version_data],\n});\nconst project = gcp.organizations.getProject({});\nconst secret_access = new gcp.secretmanager.SecretIamMember(\"secret-access\", {\n secretId: secret.id,\n role: \"roles/secretmanager.secretAccessor\",\n member: project.then(project =\u003e `serviceAccount:${project.number}-compute@developer.gserviceaccount.com`),\n}, {\n dependsOn: [secret],\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nsecret = gcp.secretmanager.Secret(\"secret\",\n secret_id=\"secret-1\",\n replication={\n \"auto\": {},\n })\nsecret_version_data = gcp.secretmanager.SecretVersion(\"secret-version-data\",\n secret=secret.name,\n secret_data=\"secret-data\")\ninstance = gcp.sql.DatabaseInstance(\"instance\",\n name=\"cloudrun-sql\",\n region=\"us-central1\",\n database_version=\"MYSQL_5_7\",\n settings={\n \"tier\": \"db-f1-micro\",\n },\n deletion_protection=True)\ndefault = gcp.cloudrunv2.Service(\"default\",\n name=\"cloudrun-service\",\n location=\"us-central1\",\n deletion_protection=False,\n ingress=\"INGRESS_TRAFFIC_ALL\",\n template={\n \"scaling\": {\n \"max_instance_count\": 2,\n },\n \"volumes\": [{\n \"name\": \"cloudsql\",\n \"cloud_sql_instance\": {\n \"instances\": [instance.connection_name],\n },\n }],\n \"containers\": [{\n \"image\": \"us-docker.pkg.dev/cloudrun/container/hello\",\n \"envs\": [\n {\n \"name\": \"FOO\",\n \"value\": \"bar\",\n },\n {\n \"name\": \"SECRET_ENV_VAR\",\n \"value_source\": {\n \"secret_key_ref\": {\n \"secret\": secret.secret_id,\n \"version\": \"1\",\n },\n },\n },\n ],\n \"volume_mounts\": [{\n \"name\": \"cloudsql\",\n \"mount_path\": \"/cloudsql\",\n }],\n }],\n },\n traffics=[{\n \"type\": \"TRAFFIC_TARGET_ALLOCATION_TYPE_LATEST\",\n \"percent\": 100,\n }],\n opts = pulumi.ResourceOptions(depends_on=[secret_version_data]))\nproject = gcp.organizations.get_project()\nsecret_access = gcp.secretmanager.SecretIamMember(\"secret-access\",\n secret_id=secret.id,\n role=\"roles/secretmanager.secretAccessor\",\n member=f\"serviceAccount:{project.number}-compute@developer.gserviceaccount.com\",\n opts = pulumi.ResourceOptions(depends_on=[secret]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var secret = new Gcp.SecretManager.Secret(\"secret\", new()\n {\n SecretId = \"secret-1\",\n Replication = new Gcp.SecretManager.Inputs.SecretReplicationArgs\n {\n Auto = null,\n },\n });\n\n var secret_version_data = new Gcp.SecretManager.SecretVersion(\"secret-version-data\", new()\n {\n Secret = secret.Name,\n SecretData = \"secret-data\",\n });\n\n var instance = new Gcp.Sql.DatabaseInstance(\"instance\", new()\n {\n Name = \"cloudrun-sql\",\n Region = \"us-central1\",\n DatabaseVersion = \"MYSQL_5_7\",\n Settings = new Gcp.Sql.Inputs.DatabaseInstanceSettingsArgs\n {\n Tier = \"db-f1-micro\",\n },\n DeletionProtection = true,\n });\n\n var @default = new Gcp.CloudRunV2.Service(\"default\", new()\n {\n Name = \"cloudrun-service\",\n Location = \"us-central1\",\n DeletionProtection = false,\n Ingress = \"INGRESS_TRAFFIC_ALL\",\n Template = new Gcp.CloudRunV2.Inputs.ServiceTemplateArgs\n {\n Scaling = new Gcp.CloudRunV2.Inputs.ServiceTemplateScalingArgs\n {\n MaxInstanceCount = 2,\n },\n Volumes = new[]\n {\n new Gcp.CloudRunV2.Inputs.ServiceTemplateVolumeArgs\n {\n Name = \"cloudsql\",\n CloudSqlInstance = new Gcp.CloudRunV2.Inputs.ServiceTemplateVolumeCloudSqlInstanceArgs\n {\n Instances = new[]\n {\n instance.ConnectionName,\n },\n },\n },\n },\n Containers = new[]\n {\n new Gcp.CloudRunV2.Inputs.ServiceTemplateContainerArgs\n {\n Image = \"us-docker.pkg.dev/cloudrun/container/hello\",\n Envs = new[]\n {\n new Gcp.CloudRunV2.Inputs.ServiceTemplateContainerEnvArgs\n {\n Name = \"FOO\",\n Value = \"bar\",\n },\n new Gcp.CloudRunV2.Inputs.ServiceTemplateContainerEnvArgs\n {\n Name = \"SECRET_ENV_VAR\",\n ValueSource = new Gcp.CloudRunV2.Inputs.ServiceTemplateContainerEnvValueSourceArgs\n {\n SecretKeyRef = new Gcp.CloudRunV2.Inputs.ServiceTemplateContainerEnvValueSourceSecretKeyRefArgs\n {\n Secret = secret.SecretId,\n Version = \"1\",\n },\n },\n },\n },\n VolumeMounts = new[]\n {\n new Gcp.CloudRunV2.Inputs.ServiceTemplateContainerVolumeMountArgs\n {\n Name = \"cloudsql\",\n MountPath = \"/cloudsql\",\n },\n },\n },\n },\n },\n Traffics = new[]\n {\n new Gcp.CloudRunV2.Inputs.ServiceTrafficArgs\n {\n Type = \"TRAFFIC_TARGET_ALLOCATION_TYPE_LATEST\",\n Percent = 100,\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n secret_version_data,\n },\n });\n\n var project = Gcp.Organizations.GetProject.Invoke();\n\n var secret_access = new Gcp.SecretManager.SecretIamMember(\"secret-access\", new()\n {\n SecretId = secret.Id,\n Role = \"roles/secretmanager.secretAccessor\",\n Member = $\"serviceAccount:{project.Apply(getProjectResult =\u003e getProjectResult.Number)}-compute@developer.gserviceaccount.com\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n secret,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/cloudrunv2\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/sql\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tsecret, err := secretmanager.NewSecret(ctx, \"secret\", \u0026secretmanager.SecretArgs{\n\t\t\tSecretId: pulumi.String(\"secret-1\"),\n\t\t\tReplication: \u0026secretmanager.SecretReplicationArgs{\n\t\t\t\tAuto: \u0026secretmanager.SecretReplicationAutoArgs{},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = secretmanager.NewSecretVersion(ctx, \"secret-version-data\", \u0026secretmanager.SecretVersionArgs{\n\t\t\tSecret: secret.Name,\n\t\t\tSecretData: pulumi.String(\"secret-data\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinstance, err := sql.NewDatabaseInstance(ctx, \"instance\", \u0026sql.DatabaseInstanceArgs{\n\t\t\tName: pulumi.String(\"cloudrun-sql\"),\n\t\t\tRegion: pulumi.String(\"us-central1\"),\n\t\t\tDatabaseVersion: pulumi.String(\"MYSQL_5_7\"),\n\t\t\tSettings: \u0026sql.DatabaseInstanceSettingsArgs{\n\t\t\t\tTier: pulumi.String(\"db-f1-micro\"),\n\t\t\t},\n\t\t\tDeletionProtection: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudrunv2.NewService(ctx, \"default\", \u0026cloudrunv2.ServiceArgs{\n\t\t\tName: pulumi.String(\"cloudrun-service\"),\n\t\t\tLocation: pulumi.String(\"us-central1\"),\n\t\t\tDeletionProtection: pulumi.Bool(false),\n\t\t\tIngress: pulumi.String(\"INGRESS_TRAFFIC_ALL\"),\n\t\t\tTemplate: \u0026cloudrunv2.ServiceTemplateArgs{\n\t\t\t\tScaling: \u0026cloudrunv2.ServiceTemplateScalingArgs{\n\t\t\t\t\tMaxInstanceCount: pulumi.Int(2),\n\t\t\t\t},\n\t\t\t\tVolumes: cloudrunv2.ServiceTemplateVolumeArray{\n\t\t\t\t\t\u0026cloudrunv2.ServiceTemplateVolumeArgs{\n\t\t\t\t\t\tName: pulumi.String(\"cloudsql\"),\n\t\t\t\t\t\tCloudSqlInstance: \u0026cloudrunv2.ServiceTemplateVolumeCloudSqlInstanceArgs{\n\t\t\t\t\t\t\tInstances: pulumi.StringArray{\n\t\t\t\t\t\t\t\tinstance.ConnectionName,\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tContainers: cloudrunv2.ServiceTemplateContainerArray{\n\t\t\t\t\t\u0026cloudrunv2.ServiceTemplateContainerArgs{\n\t\t\t\t\t\tImage: pulumi.String(\"us-docker.pkg.dev/cloudrun/container/hello\"),\n\t\t\t\t\t\tEnvs: cloudrunv2.ServiceTemplateContainerEnvArray{\n\t\t\t\t\t\t\t\u0026cloudrunv2.ServiceTemplateContainerEnvArgs{\n\t\t\t\t\t\t\t\tName: pulumi.String(\"FOO\"),\n\t\t\t\t\t\t\t\tValue: pulumi.String(\"bar\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\u0026cloudrunv2.ServiceTemplateContainerEnvArgs{\n\t\t\t\t\t\t\t\tName: pulumi.String(\"SECRET_ENV_VAR\"),\n\t\t\t\t\t\t\t\tValueSource: \u0026cloudrunv2.ServiceTemplateContainerEnvValueSourceArgs{\n\t\t\t\t\t\t\t\t\tSecretKeyRef: \u0026cloudrunv2.ServiceTemplateContainerEnvValueSourceSecretKeyRefArgs{\n\t\t\t\t\t\t\t\t\t\tSecret: secret.SecretId,\n\t\t\t\t\t\t\t\t\t\tVersion: pulumi.String(\"1\"),\n\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\tVolumeMounts: cloudrunv2.ServiceTemplateContainerVolumeMountArray{\n\t\t\t\t\t\t\t\u0026cloudrunv2.ServiceTemplateContainerVolumeMountArgs{\n\t\t\t\t\t\t\t\tName: pulumi.String(\"cloudsql\"),\n\t\t\t\t\t\t\t\tMountPath: pulumi.String(\"/cloudsql\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tTraffics: cloudrunv2.ServiceTrafficArray{\n\t\t\t\t\u0026cloudrunv2.ServiceTrafficArgs{\n\t\t\t\t\tType: pulumi.String(\"TRAFFIC_TARGET_ALLOCATION_TYPE_LATEST\"),\n\t\t\t\t\tPercent: pulumi.Int(100),\n\t\t\t\t},\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tsecret_version_data,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tproject, err := organizations.LookupProject(ctx, \u0026organizations.LookupProjectArgs{}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = secretmanager.NewSecretIamMember(ctx, \"secret-access\", \u0026secretmanager.SecretIamMemberArgs{\n\t\t\tSecretId: secret.ID(),\n\t\t\tRole: pulumi.String(\"roles/secretmanager.secretAccessor\"),\n\t\t\tMember: pulumi.Sprintf(\"serviceAccount:%v-compute@developer.gserviceaccount.com\", project.Number),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tsecret,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.secretmanager.Secret;\nimport com.pulumi.gcp.secretmanager.SecretArgs;\nimport com.pulumi.gcp.secretmanager.inputs.SecretReplicationArgs;\nimport com.pulumi.gcp.secretmanager.inputs.SecretReplicationAutoArgs;\nimport com.pulumi.gcp.secretmanager.SecretVersion;\nimport com.pulumi.gcp.secretmanager.SecretVersionArgs;\nimport com.pulumi.gcp.sql.DatabaseInstance;\nimport com.pulumi.gcp.sql.DatabaseInstanceArgs;\nimport com.pulumi.gcp.sql.inputs.DatabaseInstanceSettingsArgs;\nimport com.pulumi.gcp.cloudrunv2.Service;\nimport com.pulumi.gcp.cloudrunv2.ServiceArgs;\nimport com.pulumi.gcp.cloudrunv2.inputs.ServiceTemplateArgs;\nimport com.pulumi.gcp.cloudrunv2.inputs.ServiceTemplateScalingArgs;\nimport com.pulumi.gcp.cloudrunv2.inputs.ServiceTrafficArgs;\nimport com.pulumi.gcp.organizations.OrganizationsFunctions;\nimport com.pulumi.gcp.organizations.inputs.GetProjectArgs;\nimport com.pulumi.gcp.secretmanager.SecretIamMember;\nimport com.pulumi.gcp.secretmanager.SecretIamMemberArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var secret = new Secret(\"secret\", SecretArgs.builder()\n .secretId(\"secret-1\")\n .replication(SecretReplicationArgs.builder()\n .auto()\n .build())\n .build());\n\n var secret_version_data = new SecretVersion(\"secret-version-data\", SecretVersionArgs.builder()\n .secret(secret.name())\n .secretData(\"secret-data\")\n .build());\n\n var instance = new DatabaseInstance(\"instance\", DatabaseInstanceArgs.builder()\n .name(\"cloudrun-sql\")\n .region(\"us-central1\")\n .databaseVersion(\"MYSQL_5_7\")\n .settings(DatabaseInstanceSettingsArgs.builder()\n .tier(\"db-f1-micro\")\n .build())\n .deletionProtection(true)\n .build());\n\n var default_ = new Service(\"default\", ServiceArgs.builder()\n .name(\"cloudrun-service\")\n .location(\"us-central1\")\n .deletionProtection(false)\n .ingress(\"INGRESS_TRAFFIC_ALL\")\n .template(ServiceTemplateArgs.builder()\n .scaling(ServiceTemplateScalingArgs.builder()\n .maxInstanceCount(2)\n .build())\n .volumes(ServiceTemplateVolumeArgs.builder()\n .name(\"cloudsql\")\n .cloudSqlInstance(ServiceTemplateVolumeCloudSqlInstanceArgs.builder()\n .instances(instance.connectionName())\n .build())\n .build())\n .containers(ServiceTemplateContainerArgs.builder()\n .image(\"us-docker.pkg.dev/cloudrun/container/hello\")\n .envs( \n ServiceTemplateContainerEnvArgs.builder()\n .name(\"FOO\")\n .value(\"bar\")\n .build(),\n ServiceTemplateContainerEnvArgs.builder()\n .name(\"SECRET_ENV_VAR\")\n .valueSource(ServiceTemplateContainerEnvValueSourceArgs.builder()\n .secretKeyRef(ServiceTemplateContainerEnvValueSourceSecretKeyRefArgs.builder()\n .secret(secret.secretId())\n .version(\"1\")\n .build())\n .build())\n .build())\n .volumeMounts(ServiceTemplateContainerVolumeMountArgs.builder()\n .name(\"cloudsql\")\n .mountPath(\"/cloudsql\")\n .build())\n .build())\n .build())\n .traffics(ServiceTrafficArgs.builder()\n .type(\"TRAFFIC_TARGET_ALLOCATION_TYPE_LATEST\")\n .percent(100)\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(secret_version_data)\n .build());\n\n final var project = OrganizationsFunctions.getProject();\n\n var secret_access = new SecretIamMember(\"secret-access\", SecretIamMemberArgs.builder()\n .secretId(secret.id())\n .role(\"roles/secretmanager.secretAccessor\")\n .member(String.format(\"serviceAccount:%s-compute@developer.gserviceaccount.com\", project.applyValue(getProjectResult -\u003e getProjectResult.number())))\n .build(), CustomResourceOptions.builder()\n .dependsOn(secret)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: gcp:cloudrunv2:Service\n properties:\n name: cloudrun-service\n location: us-central1\n deletionProtection: false\n ingress: INGRESS_TRAFFIC_ALL\n template:\n scaling:\n maxInstanceCount: 2\n volumes:\n - name: cloudsql\n cloudSqlInstance:\n instances:\n - ${instance.connectionName}\n containers:\n - image: us-docker.pkg.dev/cloudrun/container/hello\n envs:\n - name: FOO\n value: bar\n - name: SECRET_ENV_VAR\n valueSource:\n secretKeyRef:\n secret: ${secret.secretId}\n version: '1'\n volumeMounts:\n - name: cloudsql\n mountPath: /cloudsql\n traffics:\n - type: TRAFFIC_TARGET_ALLOCATION_TYPE_LATEST\n percent: 100\n options:\n dependsOn:\n - ${[\"secret-version-data\"]}\n secret:\n type: gcp:secretmanager:Secret\n properties:\n secretId: secret-1\n replication:\n auto: {}\n secret-version-data:\n type: gcp:secretmanager:SecretVersion\n properties:\n secret: ${secret.name}\n secretData: secret-data\n secret-access:\n type: gcp:secretmanager:SecretIamMember\n properties:\n secretId: ${secret.id}\n role: roles/secretmanager.secretAccessor\n member: serviceAccount:${project.number}-compute@developer.gserviceaccount.com\n options:\n dependsOn:\n - ${secret}\n instance:\n type: gcp:sql:DatabaseInstance\n properties:\n name: cloudrun-sql\n region: us-central1\n databaseVersion: MYSQL_5_7\n settings:\n tier: db-f1-micro\n deletionProtection: true\nvariables:\n project:\n fn::invoke:\n function: gcp:organizations:getProject\n arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Cloudrunv2 Service Vpcaccess\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst customTestNetwork = new gcp.compute.Network(\"custom_test\", {\n name: \"run-network\",\n autoCreateSubnetworks: false,\n});\nconst customTest = new gcp.compute.Subnetwork(\"custom_test\", {\n name: \"run-subnetwork\",\n ipCidrRange: \"10.2.0.0/28\",\n region: \"us-central1\",\n network: customTestNetwork.id,\n});\nconst connector = new gcp.vpcaccess.Connector(\"connector\", {\n name: \"run-vpc\",\n subnet: {\n name: customTest.name,\n },\n machineType: \"e2-standard-4\",\n minInstances: 2,\n maxInstances: 3,\n region: \"us-central1\",\n});\nconst _default = new gcp.cloudrunv2.Service(\"default\", {\n name: \"cloudrun-service\",\n location: \"us-central1\",\n deletionProtection: false,\n template: {\n containers: [{\n image: \"us-docker.pkg.dev/cloudrun/container/hello\",\n }],\n vpcAccess: {\n connector: connector.id,\n egress: \"ALL_TRAFFIC\",\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\ncustom_test_network = gcp.compute.Network(\"custom_test\",\n name=\"run-network\",\n auto_create_subnetworks=False)\ncustom_test = gcp.compute.Subnetwork(\"custom_test\",\n name=\"run-subnetwork\",\n ip_cidr_range=\"10.2.0.0/28\",\n region=\"us-central1\",\n network=custom_test_network.id)\nconnector = gcp.vpcaccess.Connector(\"connector\",\n name=\"run-vpc\",\n subnet={\n \"name\": custom_test.name,\n },\n machine_type=\"e2-standard-4\",\n min_instances=2,\n max_instances=3,\n region=\"us-central1\")\ndefault = gcp.cloudrunv2.Service(\"default\",\n name=\"cloudrun-service\",\n location=\"us-central1\",\n deletion_protection=False,\n template={\n \"containers\": [{\n \"image\": \"us-docker.pkg.dev/cloudrun/container/hello\",\n }],\n \"vpc_access\": {\n \"connector\": connector.id,\n \"egress\": \"ALL_TRAFFIC\",\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var customTestNetwork = new Gcp.Compute.Network(\"custom_test\", new()\n {\n Name = \"run-network\",\n AutoCreateSubnetworks = false,\n });\n\n var customTest = new Gcp.Compute.Subnetwork(\"custom_test\", new()\n {\n Name = \"run-subnetwork\",\n IpCidrRange = \"10.2.0.0/28\",\n Region = \"us-central1\",\n Network = customTestNetwork.Id,\n });\n\n var connector = new Gcp.VpcAccess.Connector(\"connector\", new()\n {\n Name = \"run-vpc\",\n Subnet = new Gcp.VpcAccess.Inputs.ConnectorSubnetArgs\n {\n Name = customTest.Name,\n },\n MachineType = \"e2-standard-4\",\n MinInstances = 2,\n MaxInstances = 3,\n Region = \"us-central1\",\n });\n\n var @default = new Gcp.CloudRunV2.Service(\"default\", new()\n {\n Name = \"cloudrun-service\",\n Location = \"us-central1\",\n DeletionProtection = false,\n Template = new Gcp.CloudRunV2.Inputs.ServiceTemplateArgs\n {\n Containers = new[]\n {\n new Gcp.CloudRunV2.Inputs.ServiceTemplateContainerArgs\n {\n Image = \"us-docker.pkg.dev/cloudrun/container/hello\",\n },\n },\n VpcAccess = new Gcp.CloudRunV2.Inputs.ServiceTemplateVpcAccessArgs\n {\n Connector = connector.Id,\n Egress = \"ALL_TRAFFIC\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/cloudrunv2\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/vpcaccess\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcustomTestNetwork, err := compute.NewNetwork(ctx, \"custom_test\", \u0026compute.NetworkArgs{\n\t\t\tName: pulumi.String(\"run-network\"),\n\t\t\tAutoCreateSubnetworks: pulumi.Bool(false),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcustomTest, err := compute.NewSubnetwork(ctx, \"custom_test\", \u0026compute.SubnetworkArgs{\n\t\t\tName: pulumi.String(\"run-subnetwork\"),\n\t\t\tIpCidrRange: pulumi.String(\"10.2.0.0/28\"),\n\t\t\tRegion: pulumi.String(\"us-central1\"),\n\t\t\tNetwork: customTestNetwork.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tconnector, err := vpcaccess.NewConnector(ctx, \"connector\", \u0026vpcaccess.ConnectorArgs{\n\t\t\tName: pulumi.String(\"run-vpc\"),\n\t\t\tSubnet: \u0026vpcaccess.ConnectorSubnetArgs{\n\t\t\t\tName: customTest.Name,\n\t\t\t},\n\t\t\tMachineType: pulumi.String(\"e2-standard-4\"),\n\t\t\tMinInstances: pulumi.Int(2),\n\t\t\tMaxInstances: pulumi.Int(3),\n\t\t\tRegion: pulumi.String(\"us-central1\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudrunv2.NewService(ctx, \"default\", \u0026cloudrunv2.ServiceArgs{\n\t\t\tName: pulumi.String(\"cloudrun-service\"),\n\t\t\tLocation: pulumi.String(\"us-central1\"),\n\t\t\tDeletionProtection: pulumi.Bool(false),\n\t\t\tTemplate: \u0026cloudrunv2.ServiceTemplateArgs{\n\t\t\t\tContainers: cloudrunv2.ServiceTemplateContainerArray{\n\t\t\t\t\t\u0026cloudrunv2.ServiceTemplateContainerArgs{\n\t\t\t\t\t\tImage: pulumi.String(\"us-docker.pkg.dev/cloudrun/container/hello\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tVpcAccess: \u0026cloudrunv2.ServiceTemplateVpcAccessArgs{\n\t\t\t\t\tConnector: connector.ID(),\n\t\t\t\t\tEgress: pulumi.String(\"ALL_TRAFFIC\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.compute.Network;\nimport com.pulumi.gcp.compute.NetworkArgs;\nimport com.pulumi.gcp.compute.Subnetwork;\nimport com.pulumi.gcp.compute.SubnetworkArgs;\nimport com.pulumi.gcp.vpcaccess.Connector;\nimport com.pulumi.gcp.vpcaccess.ConnectorArgs;\nimport com.pulumi.gcp.vpcaccess.inputs.ConnectorSubnetArgs;\nimport com.pulumi.gcp.cloudrunv2.Service;\nimport com.pulumi.gcp.cloudrunv2.ServiceArgs;\nimport com.pulumi.gcp.cloudrunv2.inputs.ServiceTemplateArgs;\nimport com.pulumi.gcp.cloudrunv2.inputs.ServiceTemplateVpcAccessArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var customTestNetwork = new Network(\"customTestNetwork\", NetworkArgs.builder()\n .name(\"run-network\")\n .autoCreateSubnetworks(false)\n .build());\n\n var customTest = new Subnetwork(\"customTest\", SubnetworkArgs.builder()\n .name(\"run-subnetwork\")\n .ipCidrRange(\"10.2.0.0/28\")\n .region(\"us-central1\")\n .network(customTestNetwork.id())\n .build());\n\n var connector = new Connector(\"connector\", ConnectorArgs.builder()\n .name(\"run-vpc\")\n .subnet(ConnectorSubnetArgs.builder()\n .name(customTest.name())\n .build())\n .machineType(\"e2-standard-4\")\n .minInstances(2)\n .maxInstances(3)\n .region(\"us-central1\")\n .build());\n\n var default_ = new Service(\"default\", ServiceArgs.builder()\n .name(\"cloudrun-service\")\n .location(\"us-central1\")\n .deletionProtection(false)\n .template(ServiceTemplateArgs.builder()\n .containers(ServiceTemplateContainerArgs.builder()\n .image(\"us-docker.pkg.dev/cloudrun/container/hello\")\n .build())\n .vpcAccess(ServiceTemplateVpcAccessArgs.builder()\n .connector(connector.id())\n .egress(\"ALL_TRAFFIC\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: gcp:cloudrunv2:Service\n properties:\n name: cloudrun-service\n location: us-central1\n deletionProtection: false\n template:\n containers:\n - image: us-docker.pkg.dev/cloudrun/container/hello\n vpcAccess:\n connector: ${connector.id}\n egress: ALL_TRAFFIC\n connector:\n type: gcp:vpcaccess:Connector\n properties:\n name: run-vpc\n subnet:\n name: ${customTest.name}\n machineType: e2-standard-4\n minInstances: 2\n maxInstances: 3\n region: us-central1\n customTest:\n type: gcp:compute:Subnetwork\n name: custom_test\n properties:\n name: run-subnetwork\n ipCidrRange: 10.2.0.0/28\n region: us-central1\n network: ${customTestNetwork.id}\n customTestNetwork:\n type: gcp:compute:Network\n name: custom_test\n properties:\n name: run-network\n autoCreateSubnetworks: false\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Cloudrunv2 Service Directvpc\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst _default = new gcp.cloudrunv2.Service(\"default\", {\n name: \"cloudrun-service\",\n location: \"us-central1\",\n deletionProtection: false,\n launchStage: \"GA\",\n template: {\n containers: [{\n image: \"us-docker.pkg.dev/cloudrun/container/hello\",\n }],\n vpcAccess: {\n networkInterfaces: [{\n network: \"default\",\n subnetwork: \"default\",\n tags: [\n \"tag1\",\n \"tag2\",\n \"tag3\",\n ],\n }],\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\ndefault = gcp.cloudrunv2.Service(\"default\",\n name=\"cloudrun-service\",\n location=\"us-central1\",\n deletion_protection=False,\n launch_stage=\"GA\",\n template={\n \"containers\": [{\n \"image\": \"us-docker.pkg.dev/cloudrun/container/hello\",\n }],\n \"vpc_access\": {\n \"network_interfaces\": [{\n \"network\": \"default\",\n \"subnetwork\": \"default\",\n \"tags\": [\n \"tag1\",\n \"tag2\",\n \"tag3\",\n ],\n }],\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = new Gcp.CloudRunV2.Service(\"default\", new()\n {\n Name = \"cloudrun-service\",\n Location = \"us-central1\",\n DeletionProtection = false,\n LaunchStage = \"GA\",\n Template = new Gcp.CloudRunV2.Inputs.ServiceTemplateArgs\n {\n Containers = new[]\n {\n new Gcp.CloudRunV2.Inputs.ServiceTemplateContainerArgs\n {\n Image = \"us-docker.pkg.dev/cloudrun/container/hello\",\n },\n },\n VpcAccess = new Gcp.CloudRunV2.Inputs.ServiceTemplateVpcAccessArgs\n {\n NetworkInterfaces = new[]\n {\n new Gcp.CloudRunV2.Inputs.ServiceTemplateVpcAccessNetworkInterfaceArgs\n {\n Network = \"default\",\n Subnetwork = \"default\",\n Tags = new[]\n {\n \"tag1\",\n \"tag2\",\n \"tag3\",\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/cloudrunv2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cloudrunv2.NewService(ctx, \"default\", \u0026cloudrunv2.ServiceArgs{\n\t\t\tName: pulumi.String(\"cloudrun-service\"),\n\t\t\tLocation: pulumi.String(\"us-central1\"),\n\t\t\tDeletionProtection: pulumi.Bool(false),\n\t\t\tLaunchStage: pulumi.String(\"GA\"),\n\t\t\tTemplate: \u0026cloudrunv2.ServiceTemplateArgs{\n\t\t\t\tContainers: cloudrunv2.ServiceTemplateContainerArray{\n\t\t\t\t\t\u0026cloudrunv2.ServiceTemplateContainerArgs{\n\t\t\t\t\t\tImage: pulumi.String(\"us-docker.pkg.dev/cloudrun/container/hello\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tVpcAccess: \u0026cloudrunv2.ServiceTemplateVpcAccessArgs{\n\t\t\t\t\tNetworkInterfaces: cloudrunv2.ServiceTemplateVpcAccessNetworkInterfaceArray{\n\t\t\t\t\t\t\u0026cloudrunv2.ServiceTemplateVpcAccessNetworkInterfaceArgs{\n\t\t\t\t\t\t\tNetwork: pulumi.String(\"default\"),\n\t\t\t\t\t\t\tSubnetwork: pulumi.String(\"default\"),\n\t\t\t\t\t\t\tTags: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"tag1\"),\n\t\t\t\t\t\t\t\tpulumi.String(\"tag2\"),\n\t\t\t\t\t\t\t\tpulumi.String(\"tag3\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.cloudrunv2.Service;\nimport com.pulumi.gcp.cloudrunv2.ServiceArgs;\nimport com.pulumi.gcp.cloudrunv2.inputs.ServiceTemplateArgs;\nimport com.pulumi.gcp.cloudrunv2.inputs.ServiceTemplateVpcAccessArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var default_ = new Service(\"default\", ServiceArgs.builder()\n .name(\"cloudrun-service\")\n .location(\"us-central1\")\n .deletionProtection(false)\n .launchStage(\"GA\")\n .template(ServiceTemplateArgs.builder()\n .containers(ServiceTemplateContainerArgs.builder()\n .image(\"us-docker.pkg.dev/cloudrun/container/hello\")\n .build())\n .vpcAccess(ServiceTemplateVpcAccessArgs.builder()\n .networkInterfaces(ServiceTemplateVpcAccessNetworkInterfaceArgs.builder()\n .network(\"default\")\n .subnetwork(\"default\")\n .tags( \n \"tag1\",\n \"tag2\",\n \"tag3\")\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: gcp:cloudrunv2:Service\n properties:\n name: cloudrun-service\n location: us-central1\n deletionProtection: false\n launchStage: GA\n template:\n containers:\n - image: us-docker.pkg.dev/cloudrun/container/hello\n vpcAccess:\n networkInterfaces:\n - network: default\n subnetwork: default\n tags:\n - tag1\n - tag2\n - tag3\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Cloudrunv2 Service Gpu\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst _default = new gcp.cloudrunv2.Service(\"default\", {\n name: \"cloudrun-service\",\n location: \"us-central1\",\n deletionProtection: false,\n ingress: \"INGRESS_TRAFFIC_ALL\",\n launchStage: \"BETA\",\n template: {\n containers: [{\n image: \"us-docker.pkg.dev/cloudrun/container/hello\",\n resources: {\n limits: {\n cpu: \"4\",\n memory: \"16Gi\",\n \"nvidia.com/gpu\": \"1\",\n },\n startupCpuBoost: true,\n },\n }],\n nodeSelector: {\n accelerator: \"nvidia-l4\",\n },\n scaling: {\n maxInstanceCount: 1,\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\ndefault = gcp.cloudrunv2.Service(\"default\",\n name=\"cloudrun-service\",\n location=\"us-central1\",\n deletion_protection=False,\n ingress=\"INGRESS_TRAFFIC_ALL\",\n launch_stage=\"BETA\",\n template={\n \"containers\": [{\n \"image\": \"us-docker.pkg.dev/cloudrun/container/hello\",\n \"resources\": {\n \"limits\": {\n \"cpu\": \"4\",\n \"memory\": \"16Gi\",\n \"nvidia.com/gpu\": \"1\",\n },\n \"startup_cpu_boost\": True,\n },\n }],\n \"node_selector\": {\n \"accelerator\": \"nvidia-l4\",\n },\n \"scaling\": {\n \"max_instance_count\": 1,\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = new Gcp.CloudRunV2.Service(\"default\", new()\n {\n Name = \"cloudrun-service\",\n Location = \"us-central1\",\n DeletionProtection = false,\n Ingress = \"INGRESS_TRAFFIC_ALL\",\n LaunchStage = \"BETA\",\n Template = new Gcp.CloudRunV2.Inputs.ServiceTemplateArgs\n {\n Containers = new[]\n {\n new Gcp.CloudRunV2.Inputs.ServiceTemplateContainerArgs\n {\n Image = \"us-docker.pkg.dev/cloudrun/container/hello\",\n Resources = new Gcp.CloudRunV2.Inputs.ServiceTemplateContainerResourcesArgs\n {\n Limits = \n {\n { \"cpu\", \"4\" },\n { \"memory\", \"16Gi\" },\n { \"nvidia.com/gpu\", \"1\" },\n },\n StartupCpuBoost = true,\n },\n },\n },\n NodeSelector = new Gcp.CloudRunV2.Inputs.ServiceTemplateNodeSelectorArgs\n {\n Accelerator = \"nvidia-l4\",\n },\n Scaling = new Gcp.CloudRunV2.Inputs.ServiceTemplateScalingArgs\n {\n MaxInstanceCount = 1,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/cloudrunv2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cloudrunv2.NewService(ctx, \"default\", \u0026cloudrunv2.ServiceArgs{\n\t\t\tName: pulumi.String(\"cloudrun-service\"),\n\t\t\tLocation: pulumi.String(\"us-central1\"),\n\t\t\tDeletionProtection: pulumi.Bool(false),\n\t\t\tIngress: pulumi.String(\"INGRESS_TRAFFIC_ALL\"),\n\t\t\tLaunchStage: pulumi.String(\"BETA\"),\n\t\t\tTemplate: \u0026cloudrunv2.ServiceTemplateArgs{\n\t\t\t\tContainers: cloudrunv2.ServiceTemplateContainerArray{\n\t\t\t\t\t\u0026cloudrunv2.ServiceTemplateContainerArgs{\n\t\t\t\t\t\tImage: pulumi.String(\"us-docker.pkg.dev/cloudrun/container/hello\"),\n\t\t\t\t\t\tResources: \u0026cloudrunv2.ServiceTemplateContainerResourcesArgs{\n\t\t\t\t\t\t\tLimits: pulumi.StringMap{\n\t\t\t\t\t\t\t\t\"cpu\": pulumi.String(\"4\"),\n\t\t\t\t\t\t\t\t\"memory\": pulumi.String(\"16Gi\"),\n\t\t\t\t\t\t\t\t\"nvidia.com/gpu\": pulumi.String(\"1\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tStartupCpuBoost: pulumi.Bool(true),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tNodeSelector: \u0026cloudrunv2.ServiceTemplateNodeSelectorArgs{\n\t\t\t\t\tAccelerator: pulumi.String(\"nvidia-l4\"),\n\t\t\t\t},\n\t\t\t\tScaling: \u0026cloudrunv2.ServiceTemplateScalingArgs{\n\t\t\t\t\tMaxInstanceCount: pulumi.Int(1),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.cloudrunv2.Service;\nimport com.pulumi.gcp.cloudrunv2.ServiceArgs;\nimport com.pulumi.gcp.cloudrunv2.inputs.ServiceTemplateArgs;\nimport com.pulumi.gcp.cloudrunv2.inputs.ServiceTemplateNodeSelectorArgs;\nimport com.pulumi.gcp.cloudrunv2.inputs.ServiceTemplateScalingArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var default_ = new Service(\"default\", ServiceArgs.builder()\n .name(\"cloudrun-service\")\n .location(\"us-central1\")\n .deletionProtection(false)\n .ingress(\"INGRESS_TRAFFIC_ALL\")\n .launchStage(\"BETA\")\n .template(ServiceTemplateArgs.builder()\n .containers(ServiceTemplateContainerArgs.builder()\n .image(\"us-docker.pkg.dev/cloudrun/container/hello\")\n .resources(ServiceTemplateContainerResourcesArgs.builder()\n .limits(Map.ofEntries(\n Map.entry(\"cpu\", \"4\"),\n Map.entry(\"memory\", \"16Gi\"),\n Map.entry(\"nvidia.com/gpu\", \"1\")\n ))\n .startupCpuBoost(true)\n .build())\n .build())\n .nodeSelector(ServiceTemplateNodeSelectorArgs.builder()\n .accelerator(\"nvidia-l4\")\n .build())\n .scaling(ServiceTemplateScalingArgs.builder()\n .maxInstanceCount(1)\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: gcp:cloudrunv2:Service\n properties:\n name: cloudrun-service\n location: us-central1\n deletionProtection: false\n ingress: INGRESS_TRAFFIC_ALL\n launchStage: BETA\n template:\n containers:\n - image: us-docker.pkg.dev/cloudrun/container/hello\n resources:\n limits:\n cpu: '4'\n memory: 16Gi\n nvidia.com/gpu: '1'\n startupCpuBoost: true\n nodeSelector:\n accelerator: nvidia-l4\n scaling:\n maxInstanceCount: 1\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Cloudrunv2 Service Probes\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst _default = new gcp.cloudrunv2.Service(\"default\", {\n name: \"cloudrun-service\",\n location: \"us-central1\",\n deletionProtection: false,\n template: {\n containers: [{\n image: \"us-docker.pkg.dev/cloudrun/container/hello\",\n startupProbe: {\n initialDelaySeconds: 0,\n timeoutSeconds: 1,\n periodSeconds: 3,\n failureThreshold: 1,\n tcpSocket: {\n port: 8080,\n },\n },\n livenessProbe: {\n httpGet: {\n path: \"/\",\n },\n },\n }],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\ndefault = gcp.cloudrunv2.Service(\"default\",\n name=\"cloudrun-service\",\n location=\"us-central1\",\n deletion_protection=False,\n template={\n \"containers\": [{\n \"image\": \"us-docker.pkg.dev/cloudrun/container/hello\",\n \"startup_probe\": {\n \"initial_delay_seconds\": 0,\n \"timeout_seconds\": 1,\n \"period_seconds\": 3,\n \"failure_threshold\": 1,\n \"tcp_socket\": {\n \"port\": 8080,\n },\n },\n \"liveness_probe\": {\n \"http_get\": {\n \"path\": \"/\",\n },\n },\n }],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = new Gcp.CloudRunV2.Service(\"default\", new()\n {\n Name = \"cloudrun-service\",\n Location = \"us-central1\",\n DeletionProtection = false,\n Template = new Gcp.CloudRunV2.Inputs.ServiceTemplateArgs\n {\n Containers = new[]\n {\n new Gcp.CloudRunV2.Inputs.ServiceTemplateContainerArgs\n {\n Image = \"us-docker.pkg.dev/cloudrun/container/hello\",\n StartupProbe = new Gcp.CloudRunV2.Inputs.ServiceTemplateContainerStartupProbeArgs\n {\n InitialDelaySeconds = 0,\n TimeoutSeconds = 1,\n PeriodSeconds = 3,\n FailureThreshold = 1,\n TcpSocket = new Gcp.CloudRunV2.Inputs.ServiceTemplateContainerStartupProbeTcpSocketArgs\n {\n Port = 8080,\n },\n },\n LivenessProbe = new Gcp.CloudRunV2.Inputs.ServiceTemplateContainerLivenessProbeArgs\n {\n HttpGet = new Gcp.CloudRunV2.Inputs.ServiceTemplateContainerLivenessProbeHttpGetArgs\n {\n Path = \"/\",\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/cloudrunv2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cloudrunv2.NewService(ctx, \"default\", \u0026cloudrunv2.ServiceArgs{\n\t\t\tName: pulumi.String(\"cloudrun-service\"),\n\t\t\tLocation: pulumi.String(\"us-central1\"),\n\t\t\tDeletionProtection: pulumi.Bool(false),\n\t\t\tTemplate: \u0026cloudrunv2.ServiceTemplateArgs{\n\t\t\t\tContainers: cloudrunv2.ServiceTemplateContainerArray{\n\t\t\t\t\t\u0026cloudrunv2.ServiceTemplateContainerArgs{\n\t\t\t\t\t\tImage: pulumi.String(\"us-docker.pkg.dev/cloudrun/container/hello\"),\n\t\t\t\t\t\tStartupProbe: \u0026cloudrunv2.ServiceTemplateContainerStartupProbeArgs{\n\t\t\t\t\t\t\tInitialDelaySeconds: pulumi.Int(0),\n\t\t\t\t\t\t\tTimeoutSeconds: pulumi.Int(1),\n\t\t\t\t\t\t\tPeriodSeconds: pulumi.Int(3),\n\t\t\t\t\t\t\tFailureThreshold: pulumi.Int(1),\n\t\t\t\t\t\t\tTcpSocket: \u0026cloudrunv2.ServiceTemplateContainerStartupProbeTcpSocketArgs{\n\t\t\t\t\t\t\t\tPort: pulumi.Int(8080),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\tLivenessProbe: \u0026cloudrunv2.ServiceTemplateContainerLivenessProbeArgs{\n\t\t\t\t\t\t\tHttpGet: \u0026cloudrunv2.ServiceTemplateContainerLivenessProbeHttpGetArgs{\n\t\t\t\t\t\t\t\tPath: pulumi.String(\"/\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.cloudrunv2.Service;\nimport com.pulumi.gcp.cloudrunv2.ServiceArgs;\nimport com.pulumi.gcp.cloudrunv2.inputs.ServiceTemplateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var default_ = new Service(\"default\", ServiceArgs.builder()\n .name(\"cloudrun-service\")\n .location(\"us-central1\")\n .deletionProtection(false)\n .template(ServiceTemplateArgs.builder()\n .containers(ServiceTemplateContainerArgs.builder()\n .image(\"us-docker.pkg.dev/cloudrun/container/hello\")\n .startupProbe(ServiceTemplateContainerStartupProbeArgs.builder()\n .initialDelaySeconds(0)\n .timeoutSeconds(1)\n .periodSeconds(3)\n .failureThreshold(1)\n .tcpSocket(ServiceTemplateContainerStartupProbeTcpSocketArgs.builder()\n .port(8080)\n .build())\n .build())\n .livenessProbe(ServiceTemplateContainerLivenessProbeArgs.builder()\n .httpGet(ServiceTemplateContainerLivenessProbeHttpGetArgs.builder()\n .path(\"/\")\n .build())\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: gcp:cloudrunv2:Service\n properties:\n name: cloudrun-service\n location: us-central1\n deletionProtection: false\n template:\n containers:\n - image: us-docker.pkg.dev/cloudrun/container/hello\n startupProbe:\n initialDelaySeconds: 0\n timeoutSeconds: 1\n periodSeconds: 3\n failureThreshold: 1\n tcpSocket:\n port: 8080\n livenessProbe:\n httpGet:\n path: /\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Cloudrunv2 Service Secret\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst secret = new gcp.secretmanager.Secret(\"secret\", {\n secretId: \"secret-1\",\n replication: {\n auto: {},\n },\n});\nconst secret_version_data = new gcp.secretmanager.SecretVersion(\"secret-version-data\", {\n secret: secret.name,\n secretData: \"secret-data\",\n});\nconst _default = new gcp.cloudrunv2.Service(\"default\", {\n name: \"cloudrun-service\",\n location: \"us-central1\",\n deletionProtection: false,\n ingress: \"INGRESS_TRAFFIC_ALL\",\n template: {\n volumes: [{\n name: \"a-volume\",\n secret: {\n secret: secret.secretId,\n defaultMode: 292,\n items: [{\n version: \"1\",\n path: \"my-secret\",\n }],\n },\n }],\n containers: [{\n image: \"us-docker.pkg.dev/cloudrun/container/hello\",\n volumeMounts: [{\n name: \"a-volume\",\n mountPath: \"/secrets\",\n }],\n }],\n },\n}, {\n dependsOn: [secret_version_data],\n});\nconst project = gcp.organizations.getProject({});\nconst secret_access = new gcp.secretmanager.SecretIamMember(\"secret-access\", {\n secretId: secret.id,\n role: \"roles/secretmanager.secretAccessor\",\n member: project.then(project =\u003e `serviceAccount:${project.number}-compute@developer.gserviceaccount.com`),\n}, {\n dependsOn: [secret],\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nsecret = gcp.secretmanager.Secret(\"secret\",\n secret_id=\"secret-1\",\n replication={\n \"auto\": {},\n })\nsecret_version_data = gcp.secretmanager.SecretVersion(\"secret-version-data\",\n secret=secret.name,\n secret_data=\"secret-data\")\ndefault = gcp.cloudrunv2.Service(\"default\",\n name=\"cloudrun-service\",\n location=\"us-central1\",\n deletion_protection=False,\n ingress=\"INGRESS_TRAFFIC_ALL\",\n template={\n \"volumes\": [{\n \"name\": \"a-volume\",\n \"secret\": {\n \"secret\": secret.secret_id,\n \"default_mode\": 292,\n \"items\": [{\n \"version\": \"1\",\n \"path\": \"my-secret\",\n }],\n },\n }],\n \"containers\": [{\n \"image\": \"us-docker.pkg.dev/cloudrun/container/hello\",\n \"volume_mounts\": [{\n \"name\": \"a-volume\",\n \"mount_path\": \"/secrets\",\n }],\n }],\n },\n opts = pulumi.ResourceOptions(depends_on=[secret_version_data]))\nproject = gcp.organizations.get_project()\nsecret_access = gcp.secretmanager.SecretIamMember(\"secret-access\",\n secret_id=secret.id,\n role=\"roles/secretmanager.secretAccessor\",\n member=f\"serviceAccount:{project.number}-compute@developer.gserviceaccount.com\",\n opts = pulumi.ResourceOptions(depends_on=[secret]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var secret = new Gcp.SecretManager.Secret(\"secret\", new()\n {\n SecretId = \"secret-1\",\n Replication = new Gcp.SecretManager.Inputs.SecretReplicationArgs\n {\n Auto = null,\n },\n });\n\n var secret_version_data = new Gcp.SecretManager.SecretVersion(\"secret-version-data\", new()\n {\n Secret = secret.Name,\n SecretData = \"secret-data\",\n });\n\n var @default = new Gcp.CloudRunV2.Service(\"default\", new()\n {\n Name = \"cloudrun-service\",\n Location = \"us-central1\",\n DeletionProtection = false,\n Ingress = \"INGRESS_TRAFFIC_ALL\",\n Template = new Gcp.CloudRunV2.Inputs.ServiceTemplateArgs\n {\n Volumes = new[]\n {\n new Gcp.CloudRunV2.Inputs.ServiceTemplateVolumeArgs\n {\n Name = \"a-volume\",\n Secret = new Gcp.CloudRunV2.Inputs.ServiceTemplateVolumeSecretArgs\n {\n Secret = secret.SecretId,\n DefaultMode = 292,\n Items = new[]\n {\n new Gcp.CloudRunV2.Inputs.ServiceTemplateVolumeSecretItemArgs\n {\n Version = \"1\",\n Path = \"my-secret\",\n },\n },\n },\n },\n },\n Containers = new[]\n {\n new Gcp.CloudRunV2.Inputs.ServiceTemplateContainerArgs\n {\n Image = \"us-docker.pkg.dev/cloudrun/container/hello\",\n VolumeMounts = new[]\n {\n new Gcp.CloudRunV2.Inputs.ServiceTemplateContainerVolumeMountArgs\n {\n Name = \"a-volume\",\n MountPath = \"/secrets\",\n },\n },\n },\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n secret_version_data,\n },\n });\n\n var project = Gcp.Organizations.GetProject.Invoke();\n\n var secret_access = new Gcp.SecretManager.SecretIamMember(\"secret-access\", new()\n {\n SecretId = secret.Id,\n Role = \"roles/secretmanager.secretAccessor\",\n Member = $\"serviceAccount:{project.Apply(getProjectResult =\u003e getProjectResult.Number)}-compute@developer.gserviceaccount.com\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n secret,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/cloudrunv2\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tsecret, err := secretmanager.NewSecret(ctx, \"secret\", \u0026secretmanager.SecretArgs{\n\t\t\tSecretId: pulumi.String(\"secret-1\"),\n\t\t\tReplication: \u0026secretmanager.SecretReplicationArgs{\n\t\t\t\tAuto: \u0026secretmanager.SecretReplicationAutoArgs{},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = secretmanager.NewSecretVersion(ctx, \"secret-version-data\", \u0026secretmanager.SecretVersionArgs{\n\t\t\tSecret: secret.Name,\n\t\t\tSecretData: pulumi.String(\"secret-data\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudrunv2.NewService(ctx, \"default\", \u0026cloudrunv2.ServiceArgs{\n\t\t\tName: pulumi.String(\"cloudrun-service\"),\n\t\t\tLocation: pulumi.String(\"us-central1\"),\n\t\t\tDeletionProtection: pulumi.Bool(false),\n\t\t\tIngress: pulumi.String(\"INGRESS_TRAFFIC_ALL\"),\n\t\t\tTemplate: \u0026cloudrunv2.ServiceTemplateArgs{\n\t\t\t\tVolumes: cloudrunv2.ServiceTemplateVolumeArray{\n\t\t\t\t\t\u0026cloudrunv2.ServiceTemplateVolumeArgs{\n\t\t\t\t\t\tName: pulumi.String(\"a-volume\"),\n\t\t\t\t\t\tSecret: \u0026cloudrunv2.ServiceTemplateVolumeSecretArgs{\n\t\t\t\t\t\t\tSecret: secret.SecretId,\n\t\t\t\t\t\t\tDefaultMode: pulumi.Int(292),\n\t\t\t\t\t\t\tItems: cloudrunv2.ServiceTemplateVolumeSecretItemArray{\n\t\t\t\t\t\t\t\t\u0026cloudrunv2.ServiceTemplateVolumeSecretItemArgs{\n\t\t\t\t\t\t\t\t\tVersion: pulumi.String(\"1\"),\n\t\t\t\t\t\t\t\t\tPath: pulumi.String(\"my-secret\"),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tContainers: cloudrunv2.ServiceTemplateContainerArray{\n\t\t\t\t\t\u0026cloudrunv2.ServiceTemplateContainerArgs{\n\t\t\t\t\t\tImage: pulumi.String(\"us-docker.pkg.dev/cloudrun/container/hello\"),\n\t\t\t\t\t\tVolumeMounts: cloudrunv2.ServiceTemplateContainerVolumeMountArray{\n\t\t\t\t\t\t\t\u0026cloudrunv2.ServiceTemplateContainerVolumeMountArgs{\n\t\t\t\t\t\t\t\tName: pulumi.String(\"a-volume\"),\n\t\t\t\t\t\t\t\tMountPath: pulumi.String(\"/secrets\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tsecret_version_data,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tproject, err := organizations.LookupProject(ctx, \u0026organizations.LookupProjectArgs{}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = secretmanager.NewSecretIamMember(ctx, \"secret-access\", \u0026secretmanager.SecretIamMemberArgs{\n\t\t\tSecretId: secret.ID(),\n\t\t\tRole: pulumi.String(\"roles/secretmanager.secretAccessor\"),\n\t\t\tMember: pulumi.Sprintf(\"serviceAccount:%v-compute@developer.gserviceaccount.com\", project.Number),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tsecret,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.secretmanager.Secret;\nimport com.pulumi.gcp.secretmanager.SecretArgs;\nimport com.pulumi.gcp.secretmanager.inputs.SecretReplicationArgs;\nimport com.pulumi.gcp.secretmanager.inputs.SecretReplicationAutoArgs;\nimport com.pulumi.gcp.secretmanager.SecretVersion;\nimport com.pulumi.gcp.secretmanager.SecretVersionArgs;\nimport com.pulumi.gcp.cloudrunv2.Service;\nimport com.pulumi.gcp.cloudrunv2.ServiceArgs;\nimport com.pulumi.gcp.cloudrunv2.inputs.ServiceTemplateArgs;\nimport com.pulumi.gcp.organizations.OrganizationsFunctions;\nimport com.pulumi.gcp.organizations.inputs.GetProjectArgs;\nimport com.pulumi.gcp.secretmanager.SecretIamMember;\nimport com.pulumi.gcp.secretmanager.SecretIamMemberArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var secret = new Secret(\"secret\", SecretArgs.builder()\n .secretId(\"secret-1\")\n .replication(SecretReplicationArgs.builder()\n .auto()\n .build())\n .build());\n\n var secret_version_data = new SecretVersion(\"secret-version-data\", SecretVersionArgs.builder()\n .secret(secret.name())\n .secretData(\"secret-data\")\n .build());\n\n var default_ = new Service(\"default\", ServiceArgs.builder()\n .name(\"cloudrun-service\")\n .location(\"us-central1\")\n .deletionProtection(false)\n .ingress(\"INGRESS_TRAFFIC_ALL\")\n .template(ServiceTemplateArgs.builder()\n .volumes(ServiceTemplateVolumeArgs.builder()\n .name(\"a-volume\")\n .secret(ServiceTemplateVolumeSecretArgs.builder()\n .secret(secret.secretId())\n .defaultMode(292)\n .items(ServiceTemplateVolumeSecretItemArgs.builder()\n .version(\"1\")\n .path(\"my-secret\")\n .build())\n .build())\n .build())\n .containers(ServiceTemplateContainerArgs.builder()\n .image(\"us-docker.pkg.dev/cloudrun/container/hello\")\n .volumeMounts(ServiceTemplateContainerVolumeMountArgs.builder()\n .name(\"a-volume\")\n .mountPath(\"/secrets\")\n .build())\n .build())\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(secret_version_data)\n .build());\n\n final var project = OrganizationsFunctions.getProject();\n\n var secret_access = new SecretIamMember(\"secret-access\", SecretIamMemberArgs.builder()\n .secretId(secret.id())\n .role(\"roles/secretmanager.secretAccessor\")\n .member(String.format(\"serviceAccount:%s-compute@developer.gserviceaccount.com\", project.applyValue(getProjectResult -\u003e getProjectResult.number())))\n .build(), CustomResourceOptions.builder()\n .dependsOn(secret)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: gcp:cloudrunv2:Service\n properties:\n name: cloudrun-service\n location: us-central1\n deletionProtection: false\n ingress: INGRESS_TRAFFIC_ALL\n template:\n volumes:\n - name: a-volume\n secret:\n secret: ${secret.secretId}\n defaultMode: 292\n items:\n - version: '1'\n path: my-secret\n containers:\n - image: us-docker.pkg.dev/cloudrun/container/hello\n volumeMounts:\n - name: a-volume\n mountPath: /secrets\n options:\n dependsOn:\n - ${[\"secret-version-data\"]}\n secret:\n type: gcp:secretmanager:Secret\n properties:\n secretId: secret-1\n replication:\n auto: {}\n secret-version-data:\n type: gcp:secretmanager:SecretVersion\n properties:\n secret: ${secret.name}\n secretData: secret-data\n secret-access:\n type: gcp:secretmanager:SecretIamMember\n properties:\n secretId: ${secret.id}\n role: roles/secretmanager.secretAccessor\n member: serviceAccount:${project.number}-compute@developer.gserviceaccount.com\n options:\n dependsOn:\n - ${secret}\nvariables:\n project:\n fn::invoke:\n function: gcp:organizations:getProject\n arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Cloudrunv2 Service Multicontainer\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst _default = new gcp.cloudrunv2.Service(\"default\", {\n name: \"cloudrun-service\",\n location: \"us-central1\",\n deletionProtection: false,\n ingress: \"INGRESS_TRAFFIC_ALL\",\n template: {\n containers: [\n {\n name: \"hello-1\",\n ports: {\n containerPort: 8080,\n },\n image: \"us-docker.pkg.dev/cloudrun/container/hello\",\n dependsOns: [\"hello-2\"],\n volumeMounts: [{\n name: \"empty-dir-volume\",\n mountPath: \"/mnt\",\n }],\n },\n {\n name: \"hello-2\",\n image: \"us-docker.pkg.dev/cloudrun/container/hello\",\n envs: [{\n name: \"PORT\",\n value: \"8081\",\n }],\n startupProbe: {\n httpGet: {\n port: 8081,\n },\n },\n },\n ],\n volumes: [{\n name: \"empty-dir-volume\",\n emptyDir: {\n medium: \"MEMORY\",\n sizeLimit: \"256Mi\",\n },\n }],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\ndefault = gcp.cloudrunv2.Service(\"default\",\n name=\"cloudrun-service\",\n location=\"us-central1\",\n deletion_protection=False,\n ingress=\"INGRESS_TRAFFIC_ALL\",\n template={\n \"containers\": [\n {\n \"name\": \"hello-1\",\n \"ports\": {\n \"container_port\": 8080,\n },\n \"image\": \"us-docker.pkg.dev/cloudrun/container/hello\",\n \"depends_ons\": [\"hello-2\"],\n \"volume_mounts\": [{\n \"name\": \"empty-dir-volume\",\n \"mount_path\": \"/mnt\",\n }],\n },\n {\n \"name\": \"hello-2\",\n \"image\": \"us-docker.pkg.dev/cloudrun/container/hello\",\n \"envs\": [{\n \"name\": \"PORT\",\n \"value\": \"8081\",\n }],\n \"startup_probe\": {\n \"http_get\": {\n \"port\": 8081,\n },\n },\n },\n ],\n \"volumes\": [{\n \"name\": \"empty-dir-volume\",\n \"empty_dir\": {\n \"medium\": \"MEMORY\",\n \"size_limit\": \"256Mi\",\n },\n }],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = new Gcp.CloudRunV2.Service(\"default\", new()\n {\n Name = \"cloudrun-service\",\n Location = \"us-central1\",\n DeletionProtection = false,\n Ingress = \"INGRESS_TRAFFIC_ALL\",\n Template = new Gcp.CloudRunV2.Inputs.ServiceTemplateArgs\n {\n Containers = new[]\n {\n new Gcp.CloudRunV2.Inputs.ServiceTemplateContainerArgs\n {\n Name = \"hello-1\",\n Ports = new Gcp.CloudRunV2.Inputs.ServiceTemplateContainerPortsArgs\n {\n ContainerPort = 8080,\n },\n Image = \"us-docker.pkg.dev/cloudrun/container/hello\",\n DependsOns = new[]\n {\n \"hello-2\",\n },\n VolumeMounts = new[]\n {\n new Gcp.CloudRunV2.Inputs.ServiceTemplateContainerVolumeMountArgs\n {\n Name = \"empty-dir-volume\",\n MountPath = \"/mnt\",\n },\n },\n },\n new Gcp.CloudRunV2.Inputs.ServiceTemplateContainerArgs\n {\n Name = \"hello-2\",\n Image = \"us-docker.pkg.dev/cloudrun/container/hello\",\n Envs = new[]\n {\n new Gcp.CloudRunV2.Inputs.ServiceTemplateContainerEnvArgs\n {\n Name = \"PORT\",\n Value = \"8081\",\n },\n },\n StartupProbe = new Gcp.CloudRunV2.Inputs.ServiceTemplateContainerStartupProbeArgs\n {\n HttpGet = new Gcp.CloudRunV2.Inputs.ServiceTemplateContainerStartupProbeHttpGetArgs\n {\n Port = 8081,\n },\n },\n },\n },\n Volumes = new[]\n {\n new Gcp.CloudRunV2.Inputs.ServiceTemplateVolumeArgs\n {\n Name = \"empty-dir-volume\",\n EmptyDir = new Gcp.CloudRunV2.Inputs.ServiceTemplateVolumeEmptyDirArgs\n {\n Medium = \"MEMORY\",\n SizeLimit = \"256Mi\",\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/cloudrunv2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cloudrunv2.NewService(ctx, \"default\", \u0026cloudrunv2.ServiceArgs{\n\t\t\tName: pulumi.String(\"cloudrun-service\"),\n\t\t\tLocation: pulumi.String(\"us-central1\"),\n\t\t\tDeletionProtection: pulumi.Bool(false),\n\t\t\tIngress: pulumi.String(\"INGRESS_TRAFFIC_ALL\"),\n\t\t\tTemplate: \u0026cloudrunv2.ServiceTemplateArgs{\n\t\t\t\tContainers: cloudrunv2.ServiceTemplateContainerArray{\n\t\t\t\t\t\u0026cloudrunv2.ServiceTemplateContainerArgs{\n\t\t\t\t\t\tName: pulumi.String(\"hello-1\"),\n\t\t\t\t\t\tPorts: \u0026cloudrunv2.ServiceTemplateContainerPortsArgs{\n\t\t\t\t\t\t\tContainerPort: pulumi.Int(8080),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tImage: pulumi.String(\"us-docker.pkg.dev/cloudrun/container/hello\"),\n\t\t\t\t\t\tDependsOns: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"hello-2\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tVolumeMounts: cloudrunv2.ServiceTemplateContainerVolumeMountArray{\n\t\t\t\t\t\t\t\u0026cloudrunv2.ServiceTemplateContainerVolumeMountArgs{\n\t\t\t\t\t\t\t\tName: pulumi.String(\"empty-dir-volume\"),\n\t\t\t\t\t\t\t\tMountPath: pulumi.String(\"/mnt\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\t\u0026cloudrunv2.ServiceTemplateContainerArgs{\n\t\t\t\t\t\tName: pulumi.String(\"hello-2\"),\n\t\t\t\t\t\tImage: pulumi.String(\"us-docker.pkg.dev/cloudrun/container/hello\"),\n\t\t\t\t\t\tEnvs: cloudrunv2.ServiceTemplateContainerEnvArray{\n\t\t\t\t\t\t\t\u0026cloudrunv2.ServiceTemplateContainerEnvArgs{\n\t\t\t\t\t\t\t\tName: pulumi.String(\"PORT\"),\n\t\t\t\t\t\t\t\tValue: pulumi.String(\"8081\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\tStartupProbe: \u0026cloudrunv2.ServiceTemplateContainerStartupProbeArgs{\n\t\t\t\t\t\t\tHttpGet: \u0026cloudrunv2.ServiceTemplateContainerStartupProbeHttpGetArgs{\n\t\t\t\t\t\t\t\tPort: pulumi.Int(8081),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tVolumes: cloudrunv2.ServiceTemplateVolumeArray{\n\t\t\t\t\t\u0026cloudrunv2.ServiceTemplateVolumeArgs{\n\t\t\t\t\t\tName: pulumi.String(\"empty-dir-volume\"),\n\t\t\t\t\t\tEmptyDir: \u0026cloudrunv2.ServiceTemplateVolumeEmptyDirArgs{\n\t\t\t\t\t\t\tMedium: pulumi.String(\"MEMORY\"),\n\t\t\t\t\t\t\tSizeLimit: pulumi.String(\"256Mi\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.cloudrunv2.Service;\nimport com.pulumi.gcp.cloudrunv2.ServiceArgs;\nimport com.pulumi.gcp.cloudrunv2.inputs.ServiceTemplateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var default_ = new Service(\"default\", ServiceArgs.builder()\n .name(\"cloudrun-service\")\n .location(\"us-central1\")\n .deletionProtection(false)\n .ingress(\"INGRESS_TRAFFIC_ALL\")\n .template(ServiceTemplateArgs.builder()\n .containers( \n ServiceTemplateContainerArgs.builder()\n .name(\"hello-1\")\n .ports(ServiceTemplateContainerPortsArgs.builder()\n .containerPort(8080)\n .build())\n .image(\"us-docker.pkg.dev/cloudrun/container/hello\")\n .dependsOns(\"hello-2\")\n .volumeMounts(ServiceTemplateContainerVolumeMountArgs.builder()\n .name(\"empty-dir-volume\")\n .mountPath(\"/mnt\")\n .build())\n .build(),\n ServiceTemplateContainerArgs.builder()\n .name(\"hello-2\")\n .image(\"us-docker.pkg.dev/cloudrun/container/hello\")\n .envs(ServiceTemplateContainerEnvArgs.builder()\n .name(\"PORT\")\n .value(\"8081\")\n .build())\n .startupProbe(ServiceTemplateContainerStartupProbeArgs.builder()\n .httpGet(ServiceTemplateContainerStartupProbeHttpGetArgs.builder()\n .port(8081)\n .build())\n .build())\n .build())\n .volumes(ServiceTemplateVolumeArgs.builder()\n .name(\"empty-dir-volume\")\n .emptyDir(ServiceTemplateVolumeEmptyDirArgs.builder()\n .medium(\"MEMORY\")\n .sizeLimit(\"256Mi\")\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: gcp:cloudrunv2:Service\n properties:\n name: cloudrun-service\n location: us-central1\n deletionProtection: false\n ingress: INGRESS_TRAFFIC_ALL\n template:\n containers:\n - name: hello-1\n ports:\n containerPort: 8080\n image: us-docker.pkg.dev/cloudrun/container/hello\n dependsOns:\n - hello-2\n volumeMounts:\n - name: empty-dir-volume\n mountPath: /mnt\n - name: hello-2\n image: us-docker.pkg.dev/cloudrun/container/hello\n envs:\n - name: PORT\n value: '8081'\n startupProbe:\n httpGet:\n port: 8081\n volumes:\n - name: empty-dir-volume\n emptyDir:\n medium: MEMORY\n sizeLimit: 256Mi\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Cloudrunv2 Service Mount Gcs\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst defaultBucket = new gcp.storage.Bucket(\"default\", {\n name: \"cloudrun-service\",\n location: \"US\",\n});\nconst _default = new gcp.cloudrunv2.Service(\"default\", {\n name: \"cloudrun-service\",\n location: \"us-central1\",\n deletionProtection: false,\n template: {\n executionEnvironment: \"EXECUTION_ENVIRONMENT_GEN2\",\n containers: [{\n image: \"us-docker.pkg.dev/cloudrun/container/hello\",\n volumeMounts: [{\n name: \"bucket\",\n mountPath: \"/var/www\",\n }],\n }],\n volumes: [{\n name: \"bucket\",\n gcs: {\n bucket: defaultBucket.name,\n readOnly: false,\n },\n }],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\ndefault_bucket = gcp.storage.Bucket(\"default\",\n name=\"cloudrun-service\",\n location=\"US\")\ndefault = gcp.cloudrunv2.Service(\"default\",\n name=\"cloudrun-service\",\n location=\"us-central1\",\n deletion_protection=False,\n template={\n \"execution_environment\": \"EXECUTION_ENVIRONMENT_GEN2\",\n \"containers\": [{\n \"image\": \"us-docker.pkg.dev/cloudrun/container/hello\",\n \"volume_mounts\": [{\n \"name\": \"bucket\",\n \"mount_path\": \"/var/www\",\n }],\n }],\n \"volumes\": [{\n \"name\": \"bucket\",\n \"gcs\": {\n \"bucket\": default_bucket.name,\n \"read_only\": False,\n },\n }],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var defaultBucket = new Gcp.Storage.Bucket(\"default\", new()\n {\n Name = \"cloudrun-service\",\n Location = \"US\",\n });\n\n var @default = new Gcp.CloudRunV2.Service(\"default\", new()\n {\n Name = \"cloudrun-service\",\n Location = \"us-central1\",\n DeletionProtection = false,\n Template = new Gcp.CloudRunV2.Inputs.ServiceTemplateArgs\n {\n ExecutionEnvironment = \"EXECUTION_ENVIRONMENT_GEN2\",\n Containers = new[]\n {\n new Gcp.CloudRunV2.Inputs.ServiceTemplateContainerArgs\n {\n Image = \"us-docker.pkg.dev/cloudrun/container/hello\",\n VolumeMounts = new[]\n {\n new Gcp.CloudRunV2.Inputs.ServiceTemplateContainerVolumeMountArgs\n {\n Name = \"bucket\",\n MountPath = \"/var/www\",\n },\n },\n },\n },\n Volumes = new[]\n {\n new Gcp.CloudRunV2.Inputs.ServiceTemplateVolumeArgs\n {\n Name = \"bucket\",\n Gcs = new Gcp.CloudRunV2.Inputs.ServiceTemplateVolumeGcsArgs\n {\n Bucket = defaultBucket.Name,\n ReadOnly = false,\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/cloudrunv2\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/storage\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tdefaultBucket, err := storage.NewBucket(ctx, \"default\", \u0026storage.BucketArgs{\n\t\t\tName: pulumi.String(\"cloudrun-service\"),\n\t\t\tLocation: pulumi.String(\"US\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudrunv2.NewService(ctx, \"default\", \u0026cloudrunv2.ServiceArgs{\n\t\t\tName: pulumi.String(\"cloudrun-service\"),\n\t\t\tLocation: pulumi.String(\"us-central1\"),\n\t\t\tDeletionProtection: pulumi.Bool(false),\n\t\t\tTemplate: \u0026cloudrunv2.ServiceTemplateArgs{\n\t\t\t\tExecutionEnvironment: pulumi.String(\"EXECUTION_ENVIRONMENT_GEN2\"),\n\t\t\t\tContainers: cloudrunv2.ServiceTemplateContainerArray{\n\t\t\t\t\t\u0026cloudrunv2.ServiceTemplateContainerArgs{\n\t\t\t\t\t\tImage: pulumi.String(\"us-docker.pkg.dev/cloudrun/container/hello\"),\n\t\t\t\t\t\tVolumeMounts: cloudrunv2.ServiceTemplateContainerVolumeMountArray{\n\t\t\t\t\t\t\t\u0026cloudrunv2.ServiceTemplateContainerVolumeMountArgs{\n\t\t\t\t\t\t\t\tName: pulumi.String(\"bucket\"),\n\t\t\t\t\t\t\t\tMountPath: pulumi.String(\"/var/www\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tVolumes: cloudrunv2.ServiceTemplateVolumeArray{\n\t\t\t\t\t\u0026cloudrunv2.ServiceTemplateVolumeArgs{\n\t\t\t\t\t\tName: pulumi.String(\"bucket\"),\n\t\t\t\t\t\tGcs: \u0026cloudrunv2.ServiceTemplateVolumeGcsArgs{\n\t\t\t\t\t\t\tBucket: defaultBucket.Name,\n\t\t\t\t\t\t\tReadOnly: pulumi.Bool(false),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.storage.Bucket;\nimport com.pulumi.gcp.storage.BucketArgs;\nimport com.pulumi.gcp.cloudrunv2.Service;\nimport com.pulumi.gcp.cloudrunv2.ServiceArgs;\nimport com.pulumi.gcp.cloudrunv2.inputs.ServiceTemplateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var defaultBucket = new Bucket(\"defaultBucket\", BucketArgs.builder()\n .name(\"cloudrun-service\")\n .location(\"US\")\n .build());\n\n var default_ = new Service(\"default\", ServiceArgs.builder()\n .name(\"cloudrun-service\")\n .location(\"us-central1\")\n .deletionProtection(false)\n .template(ServiceTemplateArgs.builder()\n .executionEnvironment(\"EXECUTION_ENVIRONMENT_GEN2\")\n .containers(ServiceTemplateContainerArgs.builder()\n .image(\"us-docker.pkg.dev/cloudrun/container/hello\")\n .volumeMounts(ServiceTemplateContainerVolumeMountArgs.builder()\n .name(\"bucket\")\n .mountPath(\"/var/www\")\n .build())\n .build())\n .volumes(ServiceTemplateVolumeArgs.builder()\n .name(\"bucket\")\n .gcs(ServiceTemplateVolumeGcsArgs.builder()\n .bucket(defaultBucket.name())\n .readOnly(false)\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: gcp:cloudrunv2:Service\n properties:\n name: cloudrun-service\n location: us-central1\n deletionProtection: false\n template:\n executionEnvironment: EXECUTION_ENVIRONMENT_GEN2\n containers:\n - image: us-docker.pkg.dev/cloudrun/container/hello\n volumeMounts:\n - name: bucket\n mountPath: /var/www\n volumes:\n - name: bucket\n gcs:\n bucket: ${defaultBucket.name}\n readOnly: false\n defaultBucket:\n type: gcp:storage:Bucket\n name: default\n properties:\n name: cloudrun-service\n location: US\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Cloudrunv2 Service Mount Nfs\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst defaultInstance = new gcp.filestore.Instance(\"default\", {\n name: \"cloudrun-service\",\n location: \"us-central1-b\",\n tier: \"BASIC_HDD\",\n fileShares: {\n capacityGb: 1024,\n name: \"share1\",\n },\n networks: [{\n network: \"default\",\n modes: [\"MODE_IPV4\"],\n }],\n});\nconst _default = new gcp.cloudrunv2.Service(\"default\", {\n name: \"cloudrun-service\",\n location: \"us-central1\",\n deletionProtection: false,\n ingress: \"INGRESS_TRAFFIC_ALL\",\n template: {\n executionEnvironment: \"EXECUTION_ENVIRONMENT_GEN2\",\n containers: [{\n image: \"us-docker.pkg.dev/cloudrun/container/hello:latest\",\n volumeMounts: [{\n name: \"nfs\",\n mountPath: \"/mnt/nfs/filestore\",\n }],\n }],\n vpcAccess: {\n networkInterfaces: [{\n network: \"default\",\n subnetwork: \"default\",\n }],\n },\n volumes: [{\n name: \"nfs\",\n nfs: {\n server: defaultInstance.networks.apply(networks =\u003e networks[0].ipAddresses?.[0]),\n path: \"/share1\",\n readOnly: false,\n },\n }],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\ndefault_instance = gcp.filestore.Instance(\"default\",\n name=\"cloudrun-service\",\n location=\"us-central1-b\",\n tier=\"BASIC_HDD\",\n file_shares={\n \"capacity_gb\": 1024,\n \"name\": \"share1\",\n },\n networks=[{\n \"network\": \"default\",\n \"modes\": [\"MODE_IPV4\"],\n }])\ndefault = gcp.cloudrunv2.Service(\"default\",\n name=\"cloudrun-service\",\n location=\"us-central1\",\n deletion_protection=False,\n ingress=\"INGRESS_TRAFFIC_ALL\",\n template={\n \"execution_environment\": \"EXECUTION_ENVIRONMENT_GEN2\",\n \"containers\": [{\n \"image\": \"us-docker.pkg.dev/cloudrun/container/hello:latest\",\n \"volume_mounts\": [{\n \"name\": \"nfs\",\n \"mount_path\": \"/mnt/nfs/filestore\",\n }],\n }],\n \"vpc_access\": {\n \"network_interfaces\": [{\n \"network\": \"default\",\n \"subnetwork\": \"default\",\n }],\n },\n \"volumes\": [{\n \"name\": \"nfs\",\n \"nfs\": {\n \"server\": default_instance.networks[0].ip_addresses[0],\n \"path\": \"/share1\",\n \"read_only\": False,\n },\n }],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var defaultInstance = new Gcp.Filestore.Instance(\"default\", new()\n {\n Name = \"cloudrun-service\",\n Location = \"us-central1-b\",\n Tier = \"BASIC_HDD\",\n FileShares = new Gcp.Filestore.Inputs.InstanceFileSharesArgs\n {\n CapacityGb = 1024,\n Name = \"share1\",\n },\n Networks = new[]\n {\n new Gcp.Filestore.Inputs.InstanceNetworkArgs\n {\n Network = \"default\",\n Modes = new[]\n {\n \"MODE_IPV4\",\n },\n },\n },\n });\n\n var @default = new Gcp.CloudRunV2.Service(\"default\", new()\n {\n Name = \"cloudrun-service\",\n Location = \"us-central1\",\n DeletionProtection = false,\n Ingress = \"INGRESS_TRAFFIC_ALL\",\n Template = new Gcp.CloudRunV2.Inputs.ServiceTemplateArgs\n {\n ExecutionEnvironment = \"EXECUTION_ENVIRONMENT_GEN2\",\n Containers = new[]\n {\n new Gcp.CloudRunV2.Inputs.ServiceTemplateContainerArgs\n {\n Image = \"us-docker.pkg.dev/cloudrun/container/hello:latest\",\n VolumeMounts = new[]\n {\n new Gcp.CloudRunV2.Inputs.ServiceTemplateContainerVolumeMountArgs\n {\n Name = \"nfs\",\n MountPath = \"/mnt/nfs/filestore\",\n },\n },\n },\n },\n VpcAccess = new Gcp.CloudRunV2.Inputs.ServiceTemplateVpcAccessArgs\n {\n NetworkInterfaces = new[]\n {\n new Gcp.CloudRunV2.Inputs.ServiceTemplateVpcAccessNetworkInterfaceArgs\n {\n Network = \"default\",\n Subnetwork = \"default\",\n },\n },\n },\n Volumes = new[]\n {\n new Gcp.CloudRunV2.Inputs.ServiceTemplateVolumeArgs\n {\n Name = \"nfs\",\n Nfs = new Gcp.CloudRunV2.Inputs.ServiceTemplateVolumeNfsArgs\n {\n Server = defaultInstance.Networks.Apply(networks =\u003e networks[0].IpAddresses[0]),\n Path = \"/share1\",\n ReadOnly = false,\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/cloudrunv2\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/filestore\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tdefaultInstance, err := filestore.NewInstance(ctx, \"default\", \u0026filestore.InstanceArgs{\n\t\t\tName: pulumi.String(\"cloudrun-service\"),\n\t\t\tLocation: pulumi.String(\"us-central1-b\"),\n\t\t\tTier: pulumi.String(\"BASIC_HDD\"),\n\t\t\tFileShares: \u0026filestore.InstanceFileSharesArgs{\n\t\t\t\tCapacityGb: pulumi.Int(1024),\n\t\t\t\tName: pulumi.String(\"share1\"),\n\t\t\t},\n\t\t\tNetworks: filestore.InstanceNetworkArray{\n\t\t\t\t\u0026filestore.InstanceNetworkArgs{\n\t\t\t\t\tNetwork: pulumi.String(\"default\"),\n\t\t\t\t\tModes: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"MODE_IPV4\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudrunv2.NewService(ctx, \"default\", \u0026cloudrunv2.ServiceArgs{\n\t\t\tName: pulumi.String(\"cloudrun-service\"),\n\t\t\tLocation: pulumi.String(\"us-central1\"),\n\t\t\tDeletionProtection: pulumi.Bool(false),\n\t\t\tIngress: pulumi.String(\"INGRESS_TRAFFIC_ALL\"),\n\t\t\tTemplate: \u0026cloudrunv2.ServiceTemplateArgs{\n\t\t\t\tExecutionEnvironment: pulumi.String(\"EXECUTION_ENVIRONMENT_GEN2\"),\n\t\t\t\tContainers: cloudrunv2.ServiceTemplateContainerArray{\n\t\t\t\t\t\u0026cloudrunv2.ServiceTemplateContainerArgs{\n\t\t\t\t\t\tImage: pulumi.String(\"us-docker.pkg.dev/cloudrun/container/hello:latest\"),\n\t\t\t\t\t\tVolumeMounts: cloudrunv2.ServiceTemplateContainerVolumeMountArray{\n\t\t\t\t\t\t\t\u0026cloudrunv2.ServiceTemplateContainerVolumeMountArgs{\n\t\t\t\t\t\t\t\tName: pulumi.String(\"nfs\"),\n\t\t\t\t\t\t\t\tMountPath: pulumi.String(\"/mnt/nfs/filestore\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tVpcAccess: \u0026cloudrunv2.ServiceTemplateVpcAccessArgs{\n\t\t\t\t\tNetworkInterfaces: cloudrunv2.ServiceTemplateVpcAccessNetworkInterfaceArray{\n\t\t\t\t\t\t\u0026cloudrunv2.ServiceTemplateVpcAccessNetworkInterfaceArgs{\n\t\t\t\t\t\t\tNetwork: pulumi.String(\"default\"),\n\t\t\t\t\t\t\tSubnetwork: pulumi.String(\"default\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tVolumes: cloudrunv2.ServiceTemplateVolumeArray{\n\t\t\t\t\t\u0026cloudrunv2.ServiceTemplateVolumeArgs{\n\t\t\t\t\t\tName: pulumi.String(\"nfs\"),\n\t\t\t\t\t\tNfs: \u0026cloudrunv2.ServiceTemplateVolumeNfsArgs{\n\t\t\t\t\t\t\tServer: defaultInstance.Networks.ApplyT(func(networks []filestore.InstanceNetwork) (*string, error) {\n\t\t\t\t\t\t\t\treturn \u0026networks[0].IpAddresses[0], nil\n\t\t\t\t\t\t\t}).(pulumi.StringPtrOutput),\n\t\t\t\t\t\t\tPath: pulumi.String(\"/share1\"),\n\t\t\t\t\t\t\tReadOnly: pulumi.Bool(false),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.filestore.Instance;\nimport com.pulumi.gcp.filestore.InstanceArgs;\nimport com.pulumi.gcp.filestore.inputs.InstanceFileSharesArgs;\nimport com.pulumi.gcp.filestore.inputs.InstanceNetworkArgs;\nimport com.pulumi.gcp.cloudrunv2.Service;\nimport com.pulumi.gcp.cloudrunv2.ServiceArgs;\nimport com.pulumi.gcp.cloudrunv2.inputs.ServiceTemplateArgs;\nimport com.pulumi.gcp.cloudrunv2.inputs.ServiceTemplateVpcAccessArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var defaultInstance = new Instance(\"defaultInstance\", InstanceArgs.builder()\n .name(\"cloudrun-service\")\n .location(\"us-central1-b\")\n .tier(\"BASIC_HDD\")\n .fileShares(InstanceFileSharesArgs.builder()\n .capacityGb(1024)\n .name(\"share1\")\n .build())\n .networks(InstanceNetworkArgs.builder()\n .network(\"default\")\n .modes(\"MODE_IPV4\")\n .build())\n .build());\n\n var default_ = new Service(\"default\", ServiceArgs.builder()\n .name(\"cloudrun-service\")\n .location(\"us-central1\")\n .deletionProtection(false)\n .ingress(\"INGRESS_TRAFFIC_ALL\")\n .template(ServiceTemplateArgs.builder()\n .executionEnvironment(\"EXECUTION_ENVIRONMENT_GEN2\")\n .containers(ServiceTemplateContainerArgs.builder()\n .image(\"us-docker.pkg.dev/cloudrun/container/hello:latest\")\n .volumeMounts(ServiceTemplateContainerVolumeMountArgs.builder()\n .name(\"nfs\")\n .mountPath(\"/mnt/nfs/filestore\")\n .build())\n .build())\n .vpcAccess(ServiceTemplateVpcAccessArgs.builder()\n .networkInterfaces(ServiceTemplateVpcAccessNetworkInterfaceArgs.builder()\n .network(\"default\")\n .subnetwork(\"default\")\n .build())\n .build())\n .volumes(ServiceTemplateVolumeArgs.builder()\n .name(\"nfs\")\n .nfs(ServiceTemplateVolumeNfsArgs.builder()\n .server(defaultInstance.networks().applyValue(networks -\u003e networks[0].ipAddresses()[0]))\n .path(\"/share1\")\n .readOnly(false)\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: gcp:cloudrunv2:Service\n properties:\n name: cloudrun-service\n location: us-central1\n deletionProtection: false\n ingress: INGRESS_TRAFFIC_ALL\n template:\n executionEnvironment: EXECUTION_ENVIRONMENT_GEN2\n containers:\n - image: us-docker.pkg.dev/cloudrun/container/hello:latest\n volumeMounts:\n - name: nfs\n mountPath: /mnt/nfs/filestore\n vpcAccess:\n networkInterfaces:\n - network: default\n subnetwork: default\n volumes:\n - name: nfs\n nfs:\n server: ${defaultInstance.networks[0].ipAddresses[0]}\n path: /share1\n readOnly: false\n defaultInstance:\n type: gcp:filestore:Instance\n name: default\n properties:\n name: cloudrun-service\n location: us-central1-b\n tier: BASIC_HDD\n fileShares:\n capacityGb: 1024\n name: share1\n networks:\n - network: default\n modes:\n - MODE_IPV4\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Cloudrunv2 Service Mesh\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\nimport * as time from \"@pulumi/time\";\n\nconst mesh = new gcp.networkservices.Mesh(\"mesh\", {name: \"network-services-mesh\"});\nconst waitForMesh = new time.index.Sleep(\"wait_for_mesh\", {createDuration: \"1m\"}, {\n dependsOn: [mesh],\n});\nconst _default = new gcp.cloudrunv2.Service(\"default\", {\n name: \"cloudrun-service\",\n deletionProtection: false,\n location: \"us-central1\",\n launchStage: \"BETA\",\n template: {\n containers: [{\n image: \"us-docker.pkg.dev/cloudrun/container/hello\",\n }],\n serviceMesh: {\n mesh: mesh.id,\n },\n },\n}, {\n dependsOn: [waitForMesh],\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\nimport pulumi_time as time\n\nmesh = gcp.networkservices.Mesh(\"mesh\", name=\"network-services-mesh\")\nwait_for_mesh = time.index.Sleep(\"wait_for_mesh\", create_duration=1m,\nopts = pulumi.ResourceOptions(depends_on=[mesh]))\ndefault = gcp.cloudrunv2.Service(\"default\",\n name=\"cloudrun-service\",\n deletion_protection=False,\n location=\"us-central1\",\n launch_stage=\"BETA\",\n template={\n \"containers\": [{\n \"image\": \"us-docker.pkg.dev/cloudrun/container/hello\",\n }],\n \"service_mesh\": {\n \"mesh\": mesh.id,\n },\n },\n opts = pulumi.ResourceOptions(depends_on=[wait_for_mesh]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\nusing Time = Pulumi.Time;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var mesh = new Gcp.NetworkServices.Mesh(\"mesh\", new()\n {\n Name = \"network-services-mesh\",\n });\n\n var waitForMesh = new Time.Index.Sleep(\"wait_for_mesh\", new()\n {\n CreateDuration = \"1m\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n mesh,\n },\n });\n\n var @default = new Gcp.CloudRunV2.Service(\"default\", new()\n {\n Name = \"cloudrun-service\",\n DeletionProtection = false,\n Location = \"us-central1\",\n LaunchStage = \"BETA\",\n Template = new Gcp.CloudRunV2.Inputs.ServiceTemplateArgs\n {\n Containers = new[]\n {\n new Gcp.CloudRunV2.Inputs.ServiceTemplateContainerArgs\n {\n Image = \"us-docker.pkg.dev/cloudrun/container/hello\",\n },\n },\n ServiceMesh = new Gcp.CloudRunV2.Inputs.ServiceTemplateServiceMeshArgs\n {\n Mesh = mesh.Id,\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n waitForMesh,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/cloudrunv2\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networkservices\"\n\t\"github.com/pulumi/pulumi-time/sdk/go/time\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmesh, err := networkservices.NewMesh(ctx, \"mesh\", \u0026networkservices.MeshArgs{\n\t\t\tName: pulumi.String(\"network-services-mesh\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\twaitForMesh, err := time.NewSleep(ctx, \"wait_for_mesh\", \u0026time.SleepArgs{\n\t\t\tCreateDuration: \"1m\",\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tmesh,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudrunv2.NewService(ctx, \"default\", \u0026cloudrunv2.ServiceArgs{\n\t\t\tName: pulumi.String(\"cloudrun-service\"),\n\t\t\tDeletionProtection: pulumi.Bool(false),\n\t\t\tLocation: pulumi.String(\"us-central1\"),\n\t\t\tLaunchStage: pulumi.String(\"BETA\"),\n\t\t\tTemplate: \u0026cloudrunv2.ServiceTemplateArgs{\n\t\t\t\tContainers: cloudrunv2.ServiceTemplateContainerArray{\n\t\t\t\t\t\u0026cloudrunv2.ServiceTemplateContainerArgs{\n\t\t\t\t\t\tImage: pulumi.String(\"us-docker.pkg.dev/cloudrun/container/hello\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tServiceMesh: \u0026cloudrunv2.ServiceTemplateServiceMeshArgs{\n\t\t\t\t\tMesh: mesh.ID(),\n\t\t\t\t},\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\twaitForMesh,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.networkservices.Mesh;\nimport com.pulumi.gcp.networkservices.MeshArgs;\nimport com.pulumi.time.sleep;\nimport com.pulumi.time.SleepArgs;\nimport com.pulumi.gcp.cloudrunv2.Service;\nimport com.pulumi.gcp.cloudrunv2.ServiceArgs;\nimport com.pulumi.gcp.cloudrunv2.inputs.ServiceTemplateArgs;\nimport com.pulumi.gcp.cloudrunv2.inputs.ServiceTemplateServiceMeshArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var mesh = new Mesh(\"mesh\", MeshArgs.builder()\n .name(\"network-services-mesh\")\n .build());\n\n var waitForMesh = new Sleep(\"waitForMesh\", SleepArgs.builder()\n .createDuration(\"1m\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(mesh)\n .build());\n\n var default_ = new Service(\"default\", ServiceArgs.builder()\n .name(\"cloudrun-service\")\n .deletionProtection(false)\n .location(\"us-central1\")\n .launchStage(\"BETA\")\n .template(ServiceTemplateArgs.builder()\n .containers(ServiceTemplateContainerArgs.builder()\n .image(\"us-docker.pkg.dev/cloudrun/container/hello\")\n .build())\n .serviceMesh(ServiceTemplateServiceMeshArgs.builder()\n .mesh(mesh.id())\n .build())\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(waitForMesh)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: gcp:cloudrunv2:Service\n properties:\n name: cloudrun-service\n deletionProtection: false\n location: us-central1\n launchStage: BETA\n template:\n containers:\n - image: us-docker.pkg.dev/cloudrun/container/hello\n serviceMesh:\n mesh: ${mesh.id}\n options:\n dependsOn:\n - ${waitForMesh}\n waitForMesh:\n type: time:sleep\n name: wait_for_mesh\n properties:\n createDuration: 1m\n options:\n dependsOn:\n - ${mesh}\n mesh:\n type: gcp:networkservices:Mesh\n properties:\n name: network-services-mesh\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Cloudrunv2 Service Invokeriam\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst _default = new gcp.cloudrunv2.Service(\"default\", {\n name: \"cloudrun-service\",\n location: \"us-central1\",\n deletionProtection: false,\n invokerIamDisabled: true,\n description: \"The serving URL of this service will not perform any IAM check when invoked\",\n ingress: \"INGRESS_TRAFFIC_ALL\",\n template: {\n containers: [{\n image: \"us-docker.pkg.dev/cloudrun/container/hello\",\n }],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\ndefault = gcp.cloudrunv2.Service(\"default\",\n name=\"cloudrun-service\",\n location=\"us-central1\",\n deletion_protection=False,\n invoker_iam_disabled=True,\n description=\"The serving URL of this service will not perform any IAM check when invoked\",\n ingress=\"INGRESS_TRAFFIC_ALL\",\n template={\n \"containers\": [{\n \"image\": \"us-docker.pkg.dev/cloudrun/container/hello\",\n }],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = new Gcp.CloudRunV2.Service(\"default\", new()\n {\n Name = \"cloudrun-service\",\n Location = \"us-central1\",\n DeletionProtection = false,\n InvokerIamDisabled = true,\n Description = \"The serving URL of this service will not perform any IAM check when invoked\",\n Ingress = \"INGRESS_TRAFFIC_ALL\",\n Template = new Gcp.CloudRunV2.Inputs.ServiceTemplateArgs\n {\n Containers = new[]\n {\n new Gcp.CloudRunV2.Inputs.ServiceTemplateContainerArgs\n {\n Image = \"us-docker.pkg.dev/cloudrun/container/hello\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/cloudrunv2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cloudrunv2.NewService(ctx, \"default\", \u0026cloudrunv2.ServiceArgs{\n\t\t\tName: pulumi.String(\"cloudrun-service\"),\n\t\t\tLocation: pulumi.String(\"us-central1\"),\n\t\t\tDeletionProtection: pulumi.Bool(false),\n\t\t\tInvokerIamDisabled: pulumi.Bool(true),\n\t\t\tDescription: pulumi.String(\"The serving URL of this service will not perform any IAM check when invoked\"),\n\t\t\tIngress: pulumi.String(\"INGRESS_TRAFFIC_ALL\"),\n\t\t\tTemplate: \u0026cloudrunv2.ServiceTemplateArgs{\n\t\t\t\tContainers: cloudrunv2.ServiceTemplateContainerArray{\n\t\t\t\t\t\u0026cloudrunv2.ServiceTemplateContainerArgs{\n\t\t\t\t\t\tImage: pulumi.String(\"us-docker.pkg.dev/cloudrun/container/hello\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.cloudrunv2.Service;\nimport com.pulumi.gcp.cloudrunv2.ServiceArgs;\nimport com.pulumi.gcp.cloudrunv2.inputs.ServiceTemplateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var default_ = new Service(\"default\", ServiceArgs.builder()\n .name(\"cloudrun-service\")\n .location(\"us-central1\")\n .deletionProtection(false)\n .invokerIamDisabled(true)\n .description(\"The serving URL of this service will not perform any IAM check when invoked\")\n .ingress(\"INGRESS_TRAFFIC_ALL\")\n .template(ServiceTemplateArgs.builder()\n .containers(ServiceTemplateContainerArgs.builder()\n .image(\"us-docker.pkg.dev/cloudrun/container/hello\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: gcp:cloudrunv2:Service\n properties:\n name: cloudrun-service\n location: us-central1\n deletionProtection: false\n invokerIamDisabled: true\n description: The serving URL of this service will not perform any IAM check when invoked\n ingress: INGRESS_TRAFFIC_ALL\n template:\n containers:\n - image: us-docker.pkg.dev/cloudrun/container/hello\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nService can be imported using any of these accepted formats:\n\n* `projects/{{project}}/locations/{{location}}/services/{{name}}`\n\n* `{{project}}/{{location}}/{{name}}`\n\n* `{{location}}/{{name}}`\n\nWhen using the `pulumi import` command, Service can be imported using one of the formats above. For example:\n\n```sh\n$ pulumi import gcp:cloudrunv2/service:Service default projects/{{project}}/locations/{{location}}/services/{{name}}\n```\n\n```sh\n$ pulumi import gcp:cloudrunv2/service:Service default {{project}}/{{location}}/{{name}}\n```\n\n```sh\n$ pulumi import gcp:cloudrunv2/service:Service default {{location}}/{{name}}\n```\n\n", + "description": "Service acts as a top-level container that manages a set of configurations and revision templates which implement a network service. Service exists to provide a singular abstraction which can be access controlled, reasoned about, and which encapsulates software lifecycle decisions such as rollout policy and team resource ownership.\n\n\nTo get more information about Service, see:\n\n* [API documentation](https://cloud.google.com/run/docs/reference/rest/v2/projects.locations.services)\n* How-to Guides\n * [Official Documentation](https://cloud.google.com/run/docs/)\n\n## Example Usage\n\n### Cloudrunv2 Service Basic\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst _default = new gcp.cloudrunv2.Service(\"default\", {\n name: \"cloudrun-service\",\n location: \"us-central1\",\n deletionProtection: false,\n ingress: \"INGRESS_TRAFFIC_ALL\",\n template: {\n containers: [{\n image: \"us-docker.pkg.dev/cloudrun/container/hello\",\n }],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\ndefault = gcp.cloudrunv2.Service(\"default\",\n name=\"cloudrun-service\",\n location=\"us-central1\",\n deletion_protection=False,\n ingress=\"INGRESS_TRAFFIC_ALL\",\n template={\n \"containers\": [{\n \"image\": \"us-docker.pkg.dev/cloudrun/container/hello\",\n }],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = new Gcp.CloudRunV2.Service(\"default\", new()\n {\n Name = \"cloudrun-service\",\n Location = \"us-central1\",\n DeletionProtection = false,\n Ingress = \"INGRESS_TRAFFIC_ALL\",\n Template = new Gcp.CloudRunV2.Inputs.ServiceTemplateArgs\n {\n Containers = new[]\n {\n new Gcp.CloudRunV2.Inputs.ServiceTemplateContainerArgs\n {\n Image = \"us-docker.pkg.dev/cloudrun/container/hello\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/cloudrunv2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cloudrunv2.NewService(ctx, \"default\", \u0026cloudrunv2.ServiceArgs{\n\t\t\tName: pulumi.String(\"cloudrun-service\"),\n\t\t\tLocation: pulumi.String(\"us-central1\"),\n\t\t\tDeletionProtection: pulumi.Bool(false),\n\t\t\tIngress: pulumi.String(\"INGRESS_TRAFFIC_ALL\"),\n\t\t\tTemplate: \u0026cloudrunv2.ServiceTemplateArgs{\n\t\t\t\tContainers: cloudrunv2.ServiceTemplateContainerArray{\n\t\t\t\t\t\u0026cloudrunv2.ServiceTemplateContainerArgs{\n\t\t\t\t\t\tImage: pulumi.String(\"us-docker.pkg.dev/cloudrun/container/hello\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.cloudrunv2.Service;\nimport com.pulumi.gcp.cloudrunv2.ServiceArgs;\nimport com.pulumi.gcp.cloudrunv2.inputs.ServiceTemplateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var default_ = new Service(\"default\", ServiceArgs.builder()\n .name(\"cloudrun-service\")\n .location(\"us-central1\")\n .deletionProtection(false)\n .ingress(\"INGRESS_TRAFFIC_ALL\")\n .template(ServiceTemplateArgs.builder()\n .containers(ServiceTemplateContainerArgs.builder()\n .image(\"us-docker.pkg.dev/cloudrun/container/hello\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: gcp:cloudrunv2:Service\n properties:\n name: cloudrun-service\n location: us-central1\n deletionProtection: false\n ingress: INGRESS_TRAFFIC_ALL\n template:\n containers:\n - image: us-docker.pkg.dev/cloudrun/container/hello\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Cloudrunv2 Service Limits\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst _default = new gcp.cloudrunv2.Service(\"default\", {\n name: \"cloudrun-service\",\n location: \"us-central1\",\n deletionProtection: false,\n ingress: \"INGRESS_TRAFFIC_ALL\",\n template: {\n containers: [{\n image: \"us-docker.pkg.dev/cloudrun/container/hello\",\n resources: {\n limits: {\n cpu: \"2\",\n memory: \"1024Mi\",\n },\n },\n }],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\ndefault = gcp.cloudrunv2.Service(\"default\",\n name=\"cloudrun-service\",\n location=\"us-central1\",\n deletion_protection=False,\n ingress=\"INGRESS_TRAFFIC_ALL\",\n template={\n \"containers\": [{\n \"image\": \"us-docker.pkg.dev/cloudrun/container/hello\",\n \"resources\": {\n \"limits\": {\n \"cpu\": \"2\",\n \"memory\": \"1024Mi\",\n },\n },\n }],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = new Gcp.CloudRunV2.Service(\"default\", new()\n {\n Name = \"cloudrun-service\",\n Location = \"us-central1\",\n DeletionProtection = false,\n Ingress = \"INGRESS_TRAFFIC_ALL\",\n Template = new Gcp.CloudRunV2.Inputs.ServiceTemplateArgs\n {\n Containers = new[]\n {\n new Gcp.CloudRunV2.Inputs.ServiceTemplateContainerArgs\n {\n Image = \"us-docker.pkg.dev/cloudrun/container/hello\",\n Resources = new Gcp.CloudRunV2.Inputs.ServiceTemplateContainerResourcesArgs\n {\n Limits = \n {\n { \"cpu\", \"2\" },\n { \"memory\", \"1024Mi\" },\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/cloudrunv2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cloudrunv2.NewService(ctx, \"default\", \u0026cloudrunv2.ServiceArgs{\n\t\t\tName: pulumi.String(\"cloudrun-service\"),\n\t\t\tLocation: pulumi.String(\"us-central1\"),\n\t\t\tDeletionProtection: pulumi.Bool(false),\n\t\t\tIngress: pulumi.String(\"INGRESS_TRAFFIC_ALL\"),\n\t\t\tTemplate: \u0026cloudrunv2.ServiceTemplateArgs{\n\t\t\t\tContainers: cloudrunv2.ServiceTemplateContainerArray{\n\t\t\t\t\t\u0026cloudrunv2.ServiceTemplateContainerArgs{\n\t\t\t\t\t\tImage: pulumi.String(\"us-docker.pkg.dev/cloudrun/container/hello\"),\n\t\t\t\t\t\tResources: \u0026cloudrunv2.ServiceTemplateContainerResourcesArgs{\n\t\t\t\t\t\t\tLimits: pulumi.StringMap{\n\t\t\t\t\t\t\t\t\"cpu\": pulumi.String(\"2\"),\n\t\t\t\t\t\t\t\t\"memory\": pulumi.String(\"1024Mi\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.cloudrunv2.Service;\nimport com.pulumi.gcp.cloudrunv2.ServiceArgs;\nimport com.pulumi.gcp.cloudrunv2.inputs.ServiceTemplateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var default_ = new Service(\"default\", ServiceArgs.builder()\n .name(\"cloudrun-service\")\n .location(\"us-central1\")\n .deletionProtection(false)\n .ingress(\"INGRESS_TRAFFIC_ALL\")\n .template(ServiceTemplateArgs.builder()\n .containers(ServiceTemplateContainerArgs.builder()\n .image(\"us-docker.pkg.dev/cloudrun/container/hello\")\n .resources(ServiceTemplateContainerResourcesArgs.builder()\n .limits(Map.ofEntries(\n Map.entry(\"cpu\", \"2\"),\n Map.entry(\"memory\", \"1024Mi\")\n ))\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: gcp:cloudrunv2:Service\n properties:\n name: cloudrun-service\n location: us-central1\n deletionProtection: false\n ingress: INGRESS_TRAFFIC_ALL\n template:\n containers:\n - image: us-docker.pkg.dev/cloudrun/container/hello\n resources:\n limits:\n cpu: '2'\n memory: 1024Mi\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Cloudrunv2 Service Sql\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst secret = new gcp.secretmanager.Secret(\"secret\", {\n secretId: \"secret-1\",\n replication: {\n auto: {},\n },\n});\nconst secret_version_data = new gcp.secretmanager.SecretVersion(\"secret-version-data\", {\n secret: secret.name,\n secretData: \"secret-data\",\n});\nconst instance = new gcp.sql.DatabaseInstance(\"instance\", {\n name: \"cloudrun-sql\",\n region: \"us-central1\",\n databaseVersion: \"MYSQL_5_7\",\n settings: {\n tier: \"db-f1-micro\",\n },\n deletionProtection: true,\n});\nconst _default = new gcp.cloudrunv2.Service(\"default\", {\n name: \"cloudrun-service\",\n location: \"us-central1\",\n deletionProtection: false,\n ingress: \"INGRESS_TRAFFIC_ALL\",\n template: {\n scaling: {\n maxInstanceCount: 2,\n },\n volumes: [{\n name: \"cloudsql\",\n cloudSqlInstance: {\n instances: [instance.connectionName],\n },\n }],\n containers: [{\n image: \"us-docker.pkg.dev/cloudrun/container/hello\",\n envs: [\n {\n name: \"FOO\",\n value: \"bar\",\n },\n {\n name: \"SECRET_ENV_VAR\",\n valueSource: {\n secretKeyRef: {\n secret: secret.secretId,\n version: \"1\",\n },\n },\n },\n ],\n volumeMounts: [{\n name: \"cloudsql\",\n mountPath: \"/cloudsql\",\n }],\n }],\n },\n traffics: [{\n type: \"TRAFFIC_TARGET_ALLOCATION_TYPE_LATEST\",\n percent: 100,\n }],\n}, {\n dependsOn: [secret_version_data],\n});\nconst project = gcp.organizations.getProject({});\nconst secret_access = new gcp.secretmanager.SecretIamMember(\"secret-access\", {\n secretId: secret.id,\n role: \"roles/secretmanager.secretAccessor\",\n member: project.then(project =\u003e `serviceAccount:${project.number}-compute@developer.gserviceaccount.com`),\n}, {\n dependsOn: [secret],\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nsecret = gcp.secretmanager.Secret(\"secret\",\n secret_id=\"secret-1\",\n replication={\n \"auto\": {},\n })\nsecret_version_data = gcp.secretmanager.SecretVersion(\"secret-version-data\",\n secret=secret.name,\n secret_data=\"secret-data\")\ninstance = gcp.sql.DatabaseInstance(\"instance\",\n name=\"cloudrun-sql\",\n region=\"us-central1\",\n database_version=\"MYSQL_5_7\",\n settings={\n \"tier\": \"db-f1-micro\",\n },\n deletion_protection=True)\ndefault = gcp.cloudrunv2.Service(\"default\",\n name=\"cloudrun-service\",\n location=\"us-central1\",\n deletion_protection=False,\n ingress=\"INGRESS_TRAFFIC_ALL\",\n template={\n \"scaling\": {\n \"max_instance_count\": 2,\n },\n \"volumes\": [{\n \"name\": \"cloudsql\",\n \"cloud_sql_instance\": {\n \"instances\": [instance.connection_name],\n },\n }],\n \"containers\": [{\n \"image\": \"us-docker.pkg.dev/cloudrun/container/hello\",\n \"envs\": [\n {\n \"name\": \"FOO\",\n \"value\": \"bar\",\n },\n {\n \"name\": \"SECRET_ENV_VAR\",\n \"value_source\": {\n \"secret_key_ref\": {\n \"secret\": secret.secret_id,\n \"version\": \"1\",\n },\n },\n },\n ],\n \"volume_mounts\": [{\n \"name\": \"cloudsql\",\n \"mount_path\": \"/cloudsql\",\n }],\n }],\n },\n traffics=[{\n \"type\": \"TRAFFIC_TARGET_ALLOCATION_TYPE_LATEST\",\n \"percent\": 100,\n }],\n opts = pulumi.ResourceOptions(depends_on=[secret_version_data]))\nproject = gcp.organizations.get_project()\nsecret_access = gcp.secretmanager.SecretIamMember(\"secret-access\",\n secret_id=secret.id,\n role=\"roles/secretmanager.secretAccessor\",\n member=f\"serviceAccount:{project.number}-compute@developer.gserviceaccount.com\",\n opts = pulumi.ResourceOptions(depends_on=[secret]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var secret = new Gcp.SecretManager.Secret(\"secret\", new()\n {\n SecretId = \"secret-1\",\n Replication = new Gcp.SecretManager.Inputs.SecretReplicationArgs\n {\n Auto = null,\n },\n });\n\n var secret_version_data = new Gcp.SecretManager.SecretVersion(\"secret-version-data\", new()\n {\n Secret = secret.Name,\n SecretData = \"secret-data\",\n });\n\n var instance = new Gcp.Sql.DatabaseInstance(\"instance\", new()\n {\n Name = \"cloudrun-sql\",\n Region = \"us-central1\",\n DatabaseVersion = \"MYSQL_5_7\",\n Settings = new Gcp.Sql.Inputs.DatabaseInstanceSettingsArgs\n {\n Tier = \"db-f1-micro\",\n },\n DeletionProtection = true,\n });\n\n var @default = new Gcp.CloudRunV2.Service(\"default\", new()\n {\n Name = \"cloudrun-service\",\n Location = \"us-central1\",\n DeletionProtection = false,\n Ingress = \"INGRESS_TRAFFIC_ALL\",\n Template = new Gcp.CloudRunV2.Inputs.ServiceTemplateArgs\n {\n Scaling = new Gcp.CloudRunV2.Inputs.ServiceTemplateScalingArgs\n {\n MaxInstanceCount = 2,\n },\n Volumes = new[]\n {\n new Gcp.CloudRunV2.Inputs.ServiceTemplateVolumeArgs\n {\n Name = \"cloudsql\",\n CloudSqlInstance = new Gcp.CloudRunV2.Inputs.ServiceTemplateVolumeCloudSqlInstanceArgs\n {\n Instances = new[]\n {\n instance.ConnectionName,\n },\n },\n },\n },\n Containers = new[]\n {\n new Gcp.CloudRunV2.Inputs.ServiceTemplateContainerArgs\n {\n Image = \"us-docker.pkg.dev/cloudrun/container/hello\",\n Envs = new[]\n {\n new Gcp.CloudRunV2.Inputs.ServiceTemplateContainerEnvArgs\n {\n Name = \"FOO\",\n Value = \"bar\",\n },\n new Gcp.CloudRunV2.Inputs.ServiceTemplateContainerEnvArgs\n {\n Name = \"SECRET_ENV_VAR\",\n ValueSource = new Gcp.CloudRunV2.Inputs.ServiceTemplateContainerEnvValueSourceArgs\n {\n SecretKeyRef = new Gcp.CloudRunV2.Inputs.ServiceTemplateContainerEnvValueSourceSecretKeyRefArgs\n {\n Secret = secret.SecretId,\n Version = \"1\",\n },\n },\n },\n },\n VolumeMounts = new[]\n {\n new Gcp.CloudRunV2.Inputs.ServiceTemplateContainerVolumeMountArgs\n {\n Name = \"cloudsql\",\n MountPath = \"/cloudsql\",\n },\n },\n },\n },\n },\n Traffics = new[]\n {\n new Gcp.CloudRunV2.Inputs.ServiceTrafficArgs\n {\n Type = \"TRAFFIC_TARGET_ALLOCATION_TYPE_LATEST\",\n Percent = 100,\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n secret_version_data,\n },\n });\n\n var project = Gcp.Organizations.GetProject.Invoke();\n\n var secret_access = new Gcp.SecretManager.SecretIamMember(\"secret-access\", new()\n {\n SecretId = secret.Id,\n Role = \"roles/secretmanager.secretAccessor\",\n Member = $\"serviceAccount:{project.Apply(getProjectResult =\u003e getProjectResult.Number)}-compute@developer.gserviceaccount.com\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n secret,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/cloudrunv2\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/sql\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tsecret, err := secretmanager.NewSecret(ctx, \"secret\", \u0026secretmanager.SecretArgs{\n\t\t\tSecretId: pulumi.String(\"secret-1\"),\n\t\t\tReplication: \u0026secretmanager.SecretReplicationArgs{\n\t\t\t\tAuto: \u0026secretmanager.SecretReplicationAutoArgs{},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = secretmanager.NewSecretVersion(ctx, \"secret-version-data\", \u0026secretmanager.SecretVersionArgs{\n\t\t\tSecret: secret.Name,\n\t\t\tSecretData: pulumi.String(\"secret-data\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinstance, err := sql.NewDatabaseInstance(ctx, \"instance\", \u0026sql.DatabaseInstanceArgs{\n\t\t\tName: pulumi.String(\"cloudrun-sql\"),\n\t\t\tRegion: pulumi.String(\"us-central1\"),\n\t\t\tDatabaseVersion: pulumi.String(\"MYSQL_5_7\"),\n\t\t\tSettings: \u0026sql.DatabaseInstanceSettingsArgs{\n\t\t\t\tTier: pulumi.String(\"db-f1-micro\"),\n\t\t\t},\n\t\t\tDeletionProtection: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudrunv2.NewService(ctx, \"default\", \u0026cloudrunv2.ServiceArgs{\n\t\t\tName: pulumi.String(\"cloudrun-service\"),\n\t\t\tLocation: pulumi.String(\"us-central1\"),\n\t\t\tDeletionProtection: pulumi.Bool(false),\n\t\t\tIngress: pulumi.String(\"INGRESS_TRAFFIC_ALL\"),\n\t\t\tTemplate: \u0026cloudrunv2.ServiceTemplateArgs{\n\t\t\t\tScaling: \u0026cloudrunv2.ServiceTemplateScalingArgs{\n\t\t\t\t\tMaxInstanceCount: pulumi.Int(2),\n\t\t\t\t},\n\t\t\t\tVolumes: cloudrunv2.ServiceTemplateVolumeArray{\n\t\t\t\t\t\u0026cloudrunv2.ServiceTemplateVolumeArgs{\n\t\t\t\t\t\tName: pulumi.String(\"cloudsql\"),\n\t\t\t\t\t\tCloudSqlInstance: \u0026cloudrunv2.ServiceTemplateVolumeCloudSqlInstanceArgs{\n\t\t\t\t\t\t\tInstances: pulumi.StringArray{\n\t\t\t\t\t\t\t\tinstance.ConnectionName,\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tContainers: cloudrunv2.ServiceTemplateContainerArray{\n\t\t\t\t\t\u0026cloudrunv2.ServiceTemplateContainerArgs{\n\t\t\t\t\t\tImage: pulumi.String(\"us-docker.pkg.dev/cloudrun/container/hello\"),\n\t\t\t\t\t\tEnvs: cloudrunv2.ServiceTemplateContainerEnvArray{\n\t\t\t\t\t\t\t\u0026cloudrunv2.ServiceTemplateContainerEnvArgs{\n\t\t\t\t\t\t\t\tName: pulumi.String(\"FOO\"),\n\t\t\t\t\t\t\t\tValue: pulumi.String(\"bar\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\u0026cloudrunv2.ServiceTemplateContainerEnvArgs{\n\t\t\t\t\t\t\t\tName: pulumi.String(\"SECRET_ENV_VAR\"),\n\t\t\t\t\t\t\t\tValueSource: \u0026cloudrunv2.ServiceTemplateContainerEnvValueSourceArgs{\n\t\t\t\t\t\t\t\t\tSecretKeyRef: \u0026cloudrunv2.ServiceTemplateContainerEnvValueSourceSecretKeyRefArgs{\n\t\t\t\t\t\t\t\t\t\tSecret: secret.SecretId,\n\t\t\t\t\t\t\t\t\t\tVersion: pulumi.String(\"1\"),\n\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\tVolumeMounts: cloudrunv2.ServiceTemplateContainerVolumeMountArray{\n\t\t\t\t\t\t\t\u0026cloudrunv2.ServiceTemplateContainerVolumeMountArgs{\n\t\t\t\t\t\t\t\tName: pulumi.String(\"cloudsql\"),\n\t\t\t\t\t\t\t\tMountPath: pulumi.String(\"/cloudsql\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tTraffics: cloudrunv2.ServiceTrafficArray{\n\t\t\t\t\u0026cloudrunv2.ServiceTrafficArgs{\n\t\t\t\t\tType: pulumi.String(\"TRAFFIC_TARGET_ALLOCATION_TYPE_LATEST\"),\n\t\t\t\t\tPercent: pulumi.Int(100),\n\t\t\t\t},\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tsecret_version_data,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tproject, err := organizations.LookupProject(ctx, \u0026organizations.LookupProjectArgs{}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = secretmanager.NewSecretIamMember(ctx, \"secret-access\", \u0026secretmanager.SecretIamMemberArgs{\n\t\t\tSecretId: secret.ID(),\n\t\t\tRole: pulumi.String(\"roles/secretmanager.secretAccessor\"),\n\t\t\tMember: pulumi.Sprintf(\"serviceAccount:%v-compute@developer.gserviceaccount.com\", project.Number),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tsecret,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.secretmanager.Secret;\nimport com.pulumi.gcp.secretmanager.SecretArgs;\nimport com.pulumi.gcp.secretmanager.inputs.SecretReplicationArgs;\nimport com.pulumi.gcp.secretmanager.inputs.SecretReplicationAutoArgs;\nimport com.pulumi.gcp.secretmanager.SecretVersion;\nimport com.pulumi.gcp.secretmanager.SecretVersionArgs;\nimport com.pulumi.gcp.sql.DatabaseInstance;\nimport com.pulumi.gcp.sql.DatabaseInstanceArgs;\nimport com.pulumi.gcp.sql.inputs.DatabaseInstanceSettingsArgs;\nimport com.pulumi.gcp.cloudrunv2.Service;\nimport com.pulumi.gcp.cloudrunv2.ServiceArgs;\nimport com.pulumi.gcp.cloudrunv2.inputs.ServiceTemplateArgs;\nimport com.pulumi.gcp.cloudrunv2.inputs.ServiceTemplateScalingArgs;\nimport com.pulumi.gcp.cloudrunv2.inputs.ServiceTrafficArgs;\nimport com.pulumi.gcp.organizations.OrganizationsFunctions;\nimport com.pulumi.gcp.organizations.inputs.GetProjectArgs;\nimport com.pulumi.gcp.secretmanager.SecretIamMember;\nimport com.pulumi.gcp.secretmanager.SecretIamMemberArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var secret = new Secret(\"secret\", SecretArgs.builder()\n .secretId(\"secret-1\")\n .replication(SecretReplicationArgs.builder()\n .auto()\n .build())\n .build());\n\n var secret_version_data = new SecretVersion(\"secret-version-data\", SecretVersionArgs.builder()\n .secret(secret.name())\n .secretData(\"secret-data\")\n .build());\n\n var instance = new DatabaseInstance(\"instance\", DatabaseInstanceArgs.builder()\n .name(\"cloudrun-sql\")\n .region(\"us-central1\")\n .databaseVersion(\"MYSQL_5_7\")\n .settings(DatabaseInstanceSettingsArgs.builder()\n .tier(\"db-f1-micro\")\n .build())\n .deletionProtection(true)\n .build());\n\n var default_ = new Service(\"default\", ServiceArgs.builder()\n .name(\"cloudrun-service\")\n .location(\"us-central1\")\n .deletionProtection(false)\n .ingress(\"INGRESS_TRAFFIC_ALL\")\n .template(ServiceTemplateArgs.builder()\n .scaling(ServiceTemplateScalingArgs.builder()\n .maxInstanceCount(2)\n .build())\n .volumes(ServiceTemplateVolumeArgs.builder()\n .name(\"cloudsql\")\n .cloudSqlInstance(ServiceTemplateVolumeCloudSqlInstanceArgs.builder()\n .instances(instance.connectionName())\n .build())\n .build())\n .containers(ServiceTemplateContainerArgs.builder()\n .image(\"us-docker.pkg.dev/cloudrun/container/hello\")\n .envs( \n ServiceTemplateContainerEnvArgs.builder()\n .name(\"FOO\")\n .value(\"bar\")\n .build(),\n ServiceTemplateContainerEnvArgs.builder()\n .name(\"SECRET_ENV_VAR\")\n .valueSource(ServiceTemplateContainerEnvValueSourceArgs.builder()\n .secretKeyRef(ServiceTemplateContainerEnvValueSourceSecretKeyRefArgs.builder()\n .secret(secret.secretId())\n .version(\"1\")\n .build())\n .build())\n .build())\n .volumeMounts(ServiceTemplateContainerVolumeMountArgs.builder()\n .name(\"cloudsql\")\n .mountPath(\"/cloudsql\")\n .build())\n .build())\n .build())\n .traffics(ServiceTrafficArgs.builder()\n .type(\"TRAFFIC_TARGET_ALLOCATION_TYPE_LATEST\")\n .percent(100)\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(secret_version_data)\n .build());\n\n final var project = OrganizationsFunctions.getProject();\n\n var secret_access = new SecretIamMember(\"secret-access\", SecretIamMemberArgs.builder()\n .secretId(secret.id())\n .role(\"roles/secretmanager.secretAccessor\")\n .member(String.format(\"serviceAccount:%s-compute@developer.gserviceaccount.com\", project.applyValue(getProjectResult -\u003e getProjectResult.number())))\n .build(), CustomResourceOptions.builder()\n .dependsOn(secret)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: gcp:cloudrunv2:Service\n properties:\n name: cloudrun-service\n location: us-central1\n deletionProtection: false\n ingress: INGRESS_TRAFFIC_ALL\n template:\n scaling:\n maxInstanceCount: 2\n volumes:\n - name: cloudsql\n cloudSqlInstance:\n instances:\n - ${instance.connectionName}\n containers:\n - image: us-docker.pkg.dev/cloudrun/container/hello\n envs:\n - name: FOO\n value: bar\n - name: SECRET_ENV_VAR\n valueSource:\n secretKeyRef:\n secret: ${secret.secretId}\n version: '1'\n volumeMounts:\n - name: cloudsql\n mountPath: /cloudsql\n traffics:\n - type: TRAFFIC_TARGET_ALLOCATION_TYPE_LATEST\n percent: 100\n options:\n dependsOn:\n - ${[\"secret-version-data\"]}\n secret:\n type: gcp:secretmanager:Secret\n properties:\n secretId: secret-1\n replication:\n auto: {}\n secret-version-data:\n type: gcp:secretmanager:SecretVersion\n properties:\n secret: ${secret.name}\n secretData: secret-data\n secret-access:\n type: gcp:secretmanager:SecretIamMember\n properties:\n secretId: ${secret.id}\n role: roles/secretmanager.secretAccessor\n member: serviceAccount:${project.number}-compute@developer.gserviceaccount.com\n options:\n dependsOn:\n - ${secret}\n instance:\n type: gcp:sql:DatabaseInstance\n properties:\n name: cloudrun-sql\n region: us-central1\n databaseVersion: MYSQL_5_7\n settings:\n tier: db-f1-micro\n deletionProtection: true\nvariables:\n project:\n fn::invoke:\n function: gcp:organizations:getProject\n arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Cloudrunv2 Service Vpcaccess\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst customTestNetwork = new gcp.compute.Network(\"custom_test\", {\n name: \"run-network\",\n autoCreateSubnetworks: false,\n});\nconst customTest = new gcp.compute.Subnetwork(\"custom_test\", {\n name: \"run-subnetwork\",\n ipCidrRange: \"10.2.0.0/28\",\n region: \"us-central1\",\n network: customTestNetwork.id,\n});\nconst connector = new gcp.vpcaccess.Connector(\"connector\", {\n name: \"run-vpc\",\n subnet: {\n name: customTest.name,\n },\n machineType: \"e2-standard-4\",\n minInstances: 2,\n maxInstances: 3,\n region: \"us-central1\",\n});\nconst _default = new gcp.cloudrunv2.Service(\"default\", {\n name: \"cloudrun-service\",\n location: \"us-central1\",\n deletionProtection: false,\n template: {\n containers: [{\n image: \"us-docker.pkg.dev/cloudrun/container/hello\",\n }],\n vpcAccess: {\n connector: connector.id,\n egress: \"ALL_TRAFFIC\",\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\ncustom_test_network = gcp.compute.Network(\"custom_test\",\n name=\"run-network\",\n auto_create_subnetworks=False)\ncustom_test = gcp.compute.Subnetwork(\"custom_test\",\n name=\"run-subnetwork\",\n ip_cidr_range=\"10.2.0.0/28\",\n region=\"us-central1\",\n network=custom_test_network.id)\nconnector = gcp.vpcaccess.Connector(\"connector\",\n name=\"run-vpc\",\n subnet={\n \"name\": custom_test.name,\n },\n machine_type=\"e2-standard-4\",\n min_instances=2,\n max_instances=3,\n region=\"us-central1\")\ndefault = gcp.cloudrunv2.Service(\"default\",\n name=\"cloudrun-service\",\n location=\"us-central1\",\n deletion_protection=False,\n template={\n \"containers\": [{\n \"image\": \"us-docker.pkg.dev/cloudrun/container/hello\",\n }],\n \"vpc_access\": {\n \"connector\": connector.id,\n \"egress\": \"ALL_TRAFFIC\",\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var customTestNetwork = new Gcp.Compute.Network(\"custom_test\", new()\n {\n Name = \"run-network\",\n AutoCreateSubnetworks = false,\n });\n\n var customTest = new Gcp.Compute.Subnetwork(\"custom_test\", new()\n {\n Name = \"run-subnetwork\",\n IpCidrRange = \"10.2.0.0/28\",\n Region = \"us-central1\",\n Network = customTestNetwork.Id,\n });\n\n var connector = new Gcp.VpcAccess.Connector(\"connector\", new()\n {\n Name = \"run-vpc\",\n Subnet = new Gcp.VpcAccess.Inputs.ConnectorSubnetArgs\n {\n Name = customTest.Name,\n },\n MachineType = \"e2-standard-4\",\n MinInstances = 2,\n MaxInstances = 3,\n Region = \"us-central1\",\n });\n\n var @default = new Gcp.CloudRunV2.Service(\"default\", new()\n {\n Name = \"cloudrun-service\",\n Location = \"us-central1\",\n DeletionProtection = false,\n Template = new Gcp.CloudRunV2.Inputs.ServiceTemplateArgs\n {\n Containers = new[]\n {\n new Gcp.CloudRunV2.Inputs.ServiceTemplateContainerArgs\n {\n Image = \"us-docker.pkg.dev/cloudrun/container/hello\",\n },\n },\n VpcAccess = new Gcp.CloudRunV2.Inputs.ServiceTemplateVpcAccessArgs\n {\n Connector = connector.Id,\n Egress = \"ALL_TRAFFIC\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/cloudrunv2\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/vpcaccess\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcustomTestNetwork, err := compute.NewNetwork(ctx, \"custom_test\", \u0026compute.NetworkArgs{\n\t\t\tName: pulumi.String(\"run-network\"),\n\t\t\tAutoCreateSubnetworks: pulumi.Bool(false),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcustomTest, err := compute.NewSubnetwork(ctx, \"custom_test\", \u0026compute.SubnetworkArgs{\n\t\t\tName: pulumi.String(\"run-subnetwork\"),\n\t\t\tIpCidrRange: pulumi.String(\"10.2.0.0/28\"),\n\t\t\tRegion: pulumi.String(\"us-central1\"),\n\t\t\tNetwork: customTestNetwork.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tconnector, err := vpcaccess.NewConnector(ctx, \"connector\", \u0026vpcaccess.ConnectorArgs{\n\t\t\tName: pulumi.String(\"run-vpc\"),\n\t\t\tSubnet: \u0026vpcaccess.ConnectorSubnetArgs{\n\t\t\t\tName: customTest.Name,\n\t\t\t},\n\t\t\tMachineType: pulumi.String(\"e2-standard-4\"),\n\t\t\tMinInstances: pulumi.Int(2),\n\t\t\tMaxInstances: pulumi.Int(3),\n\t\t\tRegion: pulumi.String(\"us-central1\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudrunv2.NewService(ctx, \"default\", \u0026cloudrunv2.ServiceArgs{\n\t\t\tName: pulumi.String(\"cloudrun-service\"),\n\t\t\tLocation: pulumi.String(\"us-central1\"),\n\t\t\tDeletionProtection: pulumi.Bool(false),\n\t\t\tTemplate: \u0026cloudrunv2.ServiceTemplateArgs{\n\t\t\t\tContainers: cloudrunv2.ServiceTemplateContainerArray{\n\t\t\t\t\t\u0026cloudrunv2.ServiceTemplateContainerArgs{\n\t\t\t\t\t\tImage: pulumi.String(\"us-docker.pkg.dev/cloudrun/container/hello\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tVpcAccess: \u0026cloudrunv2.ServiceTemplateVpcAccessArgs{\n\t\t\t\t\tConnector: connector.ID(),\n\t\t\t\t\tEgress: pulumi.String(\"ALL_TRAFFIC\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.compute.Network;\nimport com.pulumi.gcp.compute.NetworkArgs;\nimport com.pulumi.gcp.compute.Subnetwork;\nimport com.pulumi.gcp.compute.SubnetworkArgs;\nimport com.pulumi.gcp.vpcaccess.Connector;\nimport com.pulumi.gcp.vpcaccess.ConnectorArgs;\nimport com.pulumi.gcp.vpcaccess.inputs.ConnectorSubnetArgs;\nimport com.pulumi.gcp.cloudrunv2.Service;\nimport com.pulumi.gcp.cloudrunv2.ServiceArgs;\nimport com.pulumi.gcp.cloudrunv2.inputs.ServiceTemplateArgs;\nimport com.pulumi.gcp.cloudrunv2.inputs.ServiceTemplateVpcAccessArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var customTestNetwork = new Network(\"customTestNetwork\", NetworkArgs.builder()\n .name(\"run-network\")\n .autoCreateSubnetworks(false)\n .build());\n\n var customTest = new Subnetwork(\"customTest\", SubnetworkArgs.builder()\n .name(\"run-subnetwork\")\n .ipCidrRange(\"10.2.0.0/28\")\n .region(\"us-central1\")\n .network(customTestNetwork.id())\n .build());\n\n var connector = new Connector(\"connector\", ConnectorArgs.builder()\n .name(\"run-vpc\")\n .subnet(ConnectorSubnetArgs.builder()\n .name(customTest.name())\n .build())\n .machineType(\"e2-standard-4\")\n .minInstances(2)\n .maxInstances(3)\n .region(\"us-central1\")\n .build());\n\n var default_ = new Service(\"default\", ServiceArgs.builder()\n .name(\"cloudrun-service\")\n .location(\"us-central1\")\n .deletionProtection(false)\n .template(ServiceTemplateArgs.builder()\n .containers(ServiceTemplateContainerArgs.builder()\n .image(\"us-docker.pkg.dev/cloudrun/container/hello\")\n .build())\n .vpcAccess(ServiceTemplateVpcAccessArgs.builder()\n .connector(connector.id())\n .egress(\"ALL_TRAFFIC\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: gcp:cloudrunv2:Service\n properties:\n name: cloudrun-service\n location: us-central1\n deletionProtection: false\n template:\n containers:\n - image: us-docker.pkg.dev/cloudrun/container/hello\n vpcAccess:\n connector: ${connector.id}\n egress: ALL_TRAFFIC\n connector:\n type: gcp:vpcaccess:Connector\n properties:\n name: run-vpc\n subnet:\n name: ${customTest.name}\n machineType: e2-standard-4\n minInstances: 2\n maxInstances: 3\n region: us-central1\n customTest:\n type: gcp:compute:Subnetwork\n name: custom_test\n properties:\n name: run-subnetwork\n ipCidrRange: 10.2.0.0/28\n region: us-central1\n network: ${customTestNetwork.id}\n customTestNetwork:\n type: gcp:compute:Network\n name: custom_test\n properties:\n name: run-network\n autoCreateSubnetworks: false\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Cloudrunv2 Service Directvpc\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst _default = new gcp.cloudrunv2.Service(\"default\", {\n name: \"cloudrun-service\",\n location: \"us-central1\",\n deletionProtection: false,\n launchStage: \"GA\",\n template: {\n containers: [{\n image: \"us-docker.pkg.dev/cloudrun/container/hello\",\n }],\n vpcAccess: {\n networkInterfaces: [{\n network: \"default\",\n subnetwork: \"default\",\n tags: [\n \"tag1\",\n \"tag2\",\n \"tag3\",\n ],\n }],\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\ndefault = gcp.cloudrunv2.Service(\"default\",\n name=\"cloudrun-service\",\n location=\"us-central1\",\n deletion_protection=False,\n launch_stage=\"GA\",\n template={\n \"containers\": [{\n \"image\": \"us-docker.pkg.dev/cloudrun/container/hello\",\n }],\n \"vpc_access\": {\n \"network_interfaces\": [{\n \"network\": \"default\",\n \"subnetwork\": \"default\",\n \"tags\": [\n \"tag1\",\n \"tag2\",\n \"tag3\",\n ],\n }],\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = new Gcp.CloudRunV2.Service(\"default\", new()\n {\n Name = \"cloudrun-service\",\n Location = \"us-central1\",\n DeletionProtection = false,\n LaunchStage = \"GA\",\n Template = new Gcp.CloudRunV2.Inputs.ServiceTemplateArgs\n {\n Containers = new[]\n {\n new Gcp.CloudRunV2.Inputs.ServiceTemplateContainerArgs\n {\n Image = \"us-docker.pkg.dev/cloudrun/container/hello\",\n },\n },\n VpcAccess = new Gcp.CloudRunV2.Inputs.ServiceTemplateVpcAccessArgs\n {\n NetworkInterfaces = new[]\n {\n new Gcp.CloudRunV2.Inputs.ServiceTemplateVpcAccessNetworkInterfaceArgs\n {\n Network = \"default\",\n Subnetwork = \"default\",\n Tags = new[]\n {\n \"tag1\",\n \"tag2\",\n \"tag3\",\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/cloudrunv2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cloudrunv2.NewService(ctx, \"default\", \u0026cloudrunv2.ServiceArgs{\n\t\t\tName: pulumi.String(\"cloudrun-service\"),\n\t\t\tLocation: pulumi.String(\"us-central1\"),\n\t\t\tDeletionProtection: pulumi.Bool(false),\n\t\t\tLaunchStage: pulumi.String(\"GA\"),\n\t\t\tTemplate: \u0026cloudrunv2.ServiceTemplateArgs{\n\t\t\t\tContainers: cloudrunv2.ServiceTemplateContainerArray{\n\t\t\t\t\t\u0026cloudrunv2.ServiceTemplateContainerArgs{\n\t\t\t\t\t\tImage: pulumi.String(\"us-docker.pkg.dev/cloudrun/container/hello\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tVpcAccess: \u0026cloudrunv2.ServiceTemplateVpcAccessArgs{\n\t\t\t\t\tNetworkInterfaces: cloudrunv2.ServiceTemplateVpcAccessNetworkInterfaceArray{\n\t\t\t\t\t\t\u0026cloudrunv2.ServiceTemplateVpcAccessNetworkInterfaceArgs{\n\t\t\t\t\t\t\tNetwork: pulumi.String(\"default\"),\n\t\t\t\t\t\t\tSubnetwork: pulumi.String(\"default\"),\n\t\t\t\t\t\t\tTags: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"tag1\"),\n\t\t\t\t\t\t\t\tpulumi.String(\"tag2\"),\n\t\t\t\t\t\t\t\tpulumi.String(\"tag3\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.cloudrunv2.Service;\nimport com.pulumi.gcp.cloudrunv2.ServiceArgs;\nimport com.pulumi.gcp.cloudrunv2.inputs.ServiceTemplateArgs;\nimport com.pulumi.gcp.cloudrunv2.inputs.ServiceTemplateVpcAccessArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var default_ = new Service(\"default\", ServiceArgs.builder()\n .name(\"cloudrun-service\")\n .location(\"us-central1\")\n .deletionProtection(false)\n .launchStage(\"GA\")\n .template(ServiceTemplateArgs.builder()\n .containers(ServiceTemplateContainerArgs.builder()\n .image(\"us-docker.pkg.dev/cloudrun/container/hello\")\n .build())\n .vpcAccess(ServiceTemplateVpcAccessArgs.builder()\n .networkInterfaces(ServiceTemplateVpcAccessNetworkInterfaceArgs.builder()\n .network(\"default\")\n .subnetwork(\"default\")\n .tags( \n \"tag1\",\n \"tag2\",\n \"tag3\")\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: gcp:cloudrunv2:Service\n properties:\n name: cloudrun-service\n location: us-central1\n deletionProtection: false\n launchStage: GA\n template:\n containers:\n - image: us-docker.pkg.dev/cloudrun/container/hello\n vpcAccess:\n networkInterfaces:\n - network: default\n subnetwork: default\n tags:\n - tag1\n - tag2\n - tag3\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Cloudrunv2 Service Gpu\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst _default = new gcp.cloudrunv2.Service(\"default\", {\n name: \"cloudrun-service\",\n location: \"us-central1\",\n deletionProtection: false,\n ingress: \"INGRESS_TRAFFIC_ALL\",\n launchStage: \"BETA\",\n template: {\n containers: [{\n image: \"us-docker.pkg.dev/cloudrun/container/hello\",\n resources: {\n limits: {\n cpu: \"4\",\n memory: \"16Gi\",\n \"nvidia.com/gpu\": \"1\",\n },\n startupCpuBoost: true,\n },\n }],\n nodeSelector: {\n accelerator: \"nvidia-l4\",\n },\n scaling: {\n maxInstanceCount: 1,\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\ndefault = gcp.cloudrunv2.Service(\"default\",\n name=\"cloudrun-service\",\n location=\"us-central1\",\n deletion_protection=False,\n ingress=\"INGRESS_TRAFFIC_ALL\",\n launch_stage=\"BETA\",\n template={\n \"containers\": [{\n \"image\": \"us-docker.pkg.dev/cloudrun/container/hello\",\n \"resources\": {\n \"limits\": {\n \"cpu\": \"4\",\n \"memory\": \"16Gi\",\n \"nvidia.com/gpu\": \"1\",\n },\n \"startup_cpu_boost\": True,\n },\n }],\n \"node_selector\": {\n \"accelerator\": \"nvidia-l4\",\n },\n \"scaling\": {\n \"max_instance_count\": 1,\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = new Gcp.CloudRunV2.Service(\"default\", new()\n {\n Name = \"cloudrun-service\",\n Location = \"us-central1\",\n DeletionProtection = false,\n Ingress = \"INGRESS_TRAFFIC_ALL\",\n LaunchStage = \"BETA\",\n Template = new Gcp.CloudRunV2.Inputs.ServiceTemplateArgs\n {\n Containers = new[]\n {\n new Gcp.CloudRunV2.Inputs.ServiceTemplateContainerArgs\n {\n Image = \"us-docker.pkg.dev/cloudrun/container/hello\",\n Resources = new Gcp.CloudRunV2.Inputs.ServiceTemplateContainerResourcesArgs\n {\n Limits = \n {\n { \"cpu\", \"4\" },\n { \"memory\", \"16Gi\" },\n { \"nvidia.com/gpu\", \"1\" },\n },\n StartupCpuBoost = true,\n },\n },\n },\n NodeSelector = new Gcp.CloudRunV2.Inputs.ServiceTemplateNodeSelectorArgs\n {\n Accelerator = \"nvidia-l4\",\n },\n Scaling = new Gcp.CloudRunV2.Inputs.ServiceTemplateScalingArgs\n {\n MaxInstanceCount = 1,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/cloudrunv2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cloudrunv2.NewService(ctx, \"default\", \u0026cloudrunv2.ServiceArgs{\n\t\t\tName: pulumi.String(\"cloudrun-service\"),\n\t\t\tLocation: pulumi.String(\"us-central1\"),\n\t\t\tDeletionProtection: pulumi.Bool(false),\n\t\t\tIngress: pulumi.String(\"INGRESS_TRAFFIC_ALL\"),\n\t\t\tLaunchStage: pulumi.String(\"BETA\"),\n\t\t\tTemplate: \u0026cloudrunv2.ServiceTemplateArgs{\n\t\t\t\tContainers: cloudrunv2.ServiceTemplateContainerArray{\n\t\t\t\t\t\u0026cloudrunv2.ServiceTemplateContainerArgs{\n\t\t\t\t\t\tImage: pulumi.String(\"us-docker.pkg.dev/cloudrun/container/hello\"),\n\t\t\t\t\t\tResources: \u0026cloudrunv2.ServiceTemplateContainerResourcesArgs{\n\t\t\t\t\t\t\tLimits: pulumi.StringMap{\n\t\t\t\t\t\t\t\t\"cpu\": pulumi.String(\"4\"),\n\t\t\t\t\t\t\t\t\"memory\": pulumi.String(\"16Gi\"),\n\t\t\t\t\t\t\t\t\"nvidia.com/gpu\": pulumi.String(\"1\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tStartupCpuBoost: pulumi.Bool(true),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tNodeSelector: \u0026cloudrunv2.ServiceTemplateNodeSelectorArgs{\n\t\t\t\t\tAccelerator: pulumi.String(\"nvidia-l4\"),\n\t\t\t\t},\n\t\t\t\tScaling: \u0026cloudrunv2.ServiceTemplateScalingArgs{\n\t\t\t\t\tMaxInstanceCount: pulumi.Int(1),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.cloudrunv2.Service;\nimport com.pulumi.gcp.cloudrunv2.ServiceArgs;\nimport com.pulumi.gcp.cloudrunv2.inputs.ServiceTemplateArgs;\nimport com.pulumi.gcp.cloudrunv2.inputs.ServiceTemplateNodeSelectorArgs;\nimport com.pulumi.gcp.cloudrunv2.inputs.ServiceTemplateScalingArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var default_ = new Service(\"default\", ServiceArgs.builder()\n .name(\"cloudrun-service\")\n .location(\"us-central1\")\n .deletionProtection(false)\n .ingress(\"INGRESS_TRAFFIC_ALL\")\n .launchStage(\"BETA\")\n .template(ServiceTemplateArgs.builder()\n .containers(ServiceTemplateContainerArgs.builder()\n .image(\"us-docker.pkg.dev/cloudrun/container/hello\")\n .resources(ServiceTemplateContainerResourcesArgs.builder()\n .limits(Map.ofEntries(\n Map.entry(\"cpu\", \"4\"),\n Map.entry(\"memory\", \"16Gi\"),\n Map.entry(\"nvidia.com/gpu\", \"1\")\n ))\n .startupCpuBoost(true)\n .build())\n .build())\n .nodeSelector(ServiceTemplateNodeSelectorArgs.builder()\n .accelerator(\"nvidia-l4\")\n .build())\n .scaling(ServiceTemplateScalingArgs.builder()\n .maxInstanceCount(1)\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: gcp:cloudrunv2:Service\n properties:\n name: cloudrun-service\n location: us-central1\n deletionProtection: false\n ingress: INGRESS_TRAFFIC_ALL\n launchStage: BETA\n template:\n containers:\n - image: us-docker.pkg.dev/cloudrun/container/hello\n resources:\n limits:\n cpu: '4'\n memory: 16Gi\n nvidia.com/gpu: '1'\n startupCpuBoost: true\n nodeSelector:\n accelerator: nvidia-l4\n scaling:\n maxInstanceCount: 1\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Cloudrunv2 Service Probes\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst _default = new gcp.cloudrunv2.Service(\"default\", {\n name: \"cloudrun-service\",\n location: \"us-central1\",\n deletionProtection: false,\n template: {\n containers: [{\n image: \"us-docker.pkg.dev/cloudrun/container/hello\",\n startupProbe: {\n initialDelaySeconds: 0,\n timeoutSeconds: 1,\n periodSeconds: 3,\n failureThreshold: 1,\n tcpSocket: {\n port: 8080,\n },\n },\n livenessProbe: {\n httpGet: {\n path: \"/\",\n },\n },\n }],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\ndefault = gcp.cloudrunv2.Service(\"default\",\n name=\"cloudrun-service\",\n location=\"us-central1\",\n deletion_protection=False,\n template={\n \"containers\": [{\n \"image\": \"us-docker.pkg.dev/cloudrun/container/hello\",\n \"startup_probe\": {\n \"initial_delay_seconds\": 0,\n \"timeout_seconds\": 1,\n \"period_seconds\": 3,\n \"failure_threshold\": 1,\n \"tcp_socket\": {\n \"port\": 8080,\n },\n },\n \"liveness_probe\": {\n \"http_get\": {\n \"path\": \"/\",\n },\n },\n }],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = new Gcp.CloudRunV2.Service(\"default\", new()\n {\n Name = \"cloudrun-service\",\n Location = \"us-central1\",\n DeletionProtection = false,\n Template = new Gcp.CloudRunV2.Inputs.ServiceTemplateArgs\n {\n Containers = new[]\n {\n new Gcp.CloudRunV2.Inputs.ServiceTemplateContainerArgs\n {\n Image = \"us-docker.pkg.dev/cloudrun/container/hello\",\n StartupProbe = new Gcp.CloudRunV2.Inputs.ServiceTemplateContainerStartupProbeArgs\n {\n InitialDelaySeconds = 0,\n TimeoutSeconds = 1,\n PeriodSeconds = 3,\n FailureThreshold = 1,\n TcpSocket = new Gcp.CloudRunV2.Inputs.ServiceTemplateContainerStartupProbeTcpSocketArgs\n {\n Port = 8080,\n },\n },\n LivenessProbe = new Gcp.CloudRunV2.Inputs.ServiceTemplateContainerLivenessProbeArgs\n {\n HttpGet = new Gcp.CloudRunV2.Inputs.ServiceTemplateContainerLivenessProbeHttpGetArgs\n {\n Path = \"/\",\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/cloudrunv2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cloudrunv2.NewService(ctx, \"default\", \u0026cloudrunv2.ServiceArgs{\n\t\t\tName: pulumi.String(\"cloudrun-service\"),\n\t\t\tLocation: pulumi.String(\"us-central1\"),\n\t\t\tDeletionProtection: pulumi.Bool(false),\n\t\t\tTemplate: \u0026cloudrunv2.ServiceTemplateArgs{\n\t\t\t\tContainers: cloudrunv2.ServiceTemplateContainerArray{\n\t\t\t\t\t\u0026cloudrunv2.ServiceTemplateContainerArgs{\n\t\t\t\t\t\tImage: pulumi.String(\"us-docker.pkg.dev/cloudrun/container/hello\"),\n\t\t\t\t\t\tStartupProbe: \u0026cloudrunv2.ServiceTemplateContainerStartupProbeArgs{\n\t\t\t\t\t\t\tInitialDelaySeconds: pulumi.Int(0),\n\t\t\t\t\t\t\tTimeoutSeconds: pulumi.Int(1),\n\t\t\t\t\t\t\tPeriodSeconds: pulumi.Int(3),\n\t\t\t\t\t\t\tFailureThreshold: pulumi.Int(1),\n\t\t\t\t\t\t\tTcpSocket: \u0026cloudrunv2.ServiceTemplateContainerStartupProbeTcpSocketArgs{\n\t\t\t\t\t\t\t\tPort: pulumi.Int(8080),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\tLivenessProbe: \u0026cloudrunv2.ServiceTemplateContainerLivenessProbeArgs{\n\t\t\t\t\t\t\tHttpGet: \u0026cloudrunv2.ServiceTemplateContainerLivenessProbeHttpGetArgs{\n\t\t\t\t\t\t\t\tPath: pulumi.String(\"/\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.cloudrunv2.Service;\nimport com.pulumi.gcp.cloudrunv2.ServiceArgs;\nimport com.pulumi.gcp.cloudrunv2.inputs.ServiceTemplateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var default_ = new Service(\"default\", ServiceArgs.builder()\n .name(\"cloudrun-service\")\n .location(\"us-central1\")\n .deletionProtection(false)\n .template(ServiceTemplateArgs.builder()\n .containers(ServiceTemplateContainerArgs.builder()\n .image(\"us-docker.pkg.dev/cloudrun/container/hello\")\n .startupProbe(ServiceTemplateContainerStartupProbeArgs.builder()\n .initialDelaySeconds(0)\n .timeoutSeconds(1)\n .periodSeconds(3)\n .failureThreshold(1)\n .tcpSocket(ServiceTemplateContainerStartupProbeTcpSocketArgs.builder()\n .port(8080)\n .build())\n .build())\n .livenessProbe(ServiceTemplateContainerLivenessProbeArgs.builder()\n .httpGet(ServiceTemplateContainerLivenessProbeHttpGetArgs.builder()\n .path(\"/\")\n .build())\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: gcp:cloudrunv2:Service\n properties:\n name: cloudrun-service\n location: us-central1\n deletionProtection: false\n template:\n containers:\n - image: us-docker.pkg.dev/cloudrun/container/hello\n startupProbe:\n initialDelaySeconds: 0\n timeoutSeconds: 1\n periodSeconds: 3\n failureThreshold: 1\n tcpSocket:\n port: 8080\n livenessProbe:\n httpGet:\n path: /\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Cloudrunv2 Service Secret\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst secret = new gcp.secretmanager.Secret(\"secret\", {\n secretId: \"secret-1\",\n replication: {\n auto: {},\n },\n});\nconst secret_version_data = new gcp.secretmanager.SecretVersion(\"secret-version-data\", {\n secret: secret.name,\n secretData: \"secret-data\",\n});\nconst _default = new gcp.cloudrunv2.Service(\"default\", {\n name: \"cloudrun-service\",\n location: \"us-central1\",\n deletionProtection: false,\n ingress: \"INGRESS_TRAFFIC_ALL\",\n template: {\n volumes: [{\n name: \"a-volume\",\n secret: {\n secret: secret.secretId,\n defaultMode: 292,\n items: [{\n version: \"1\",\n path: \"my-secret\",\n }],\n },\n }],\n containers: [{\n image: \"us-docker.pkg.dev/cloudrun/container/hello\",\n volumeMounts: [{\n name: \"a-volume\",\n mountPath: \"/secrets\",\n }],\n }],\n },\n}, {\n dependsOn: [secret_version_data],\n});\nconst project = gcp.organizations.getProject({});\nconst secret_access = new gcp.secretmanager.SecretIamMember(\"secret-access\", {\n secretId: secret.id,\n role: \"roles/secretmanager.secretAccessor\",\n member: project.then(project =\u003e `serviceAccount:${project.number}-compute@developer.gserviceaccount.com`),\n}, {\n dependsOn: [secret],\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nsecret = gcp.secretmanager.Secret(\"secret\",\n secret_id=\"secret-1\",\n replication={\n \"auto\": {},\n })\nsecret_version_data = gcp.secretmanager.SecretVersion(\"secret-version-data\",\n secret=secret.name,\n secret_data=\"secret-data\")\ndefault = gcp.cloudrunv2.Service(\"default\",\n name=\"cloudrun-service\",\n location=\"us-central1\",\n deletion_protection=False,\n ingress=\"INGRESS_TRAFFIC_ALL\",\n template={\n \"volumes\": [{\n \"name\": \"a-volume\",\n \"secret\": {\n \"secret\": secret.secret_id,\n \"default_mode\": 292,\n \"items\": [{\n \"version\": \"1\",\n \"path\": \"my-secret\",\n }],\n },\n }],\n \"containers\": [{\n \"image\": \"us-docker.pkg.dev/cloudrun/container/hello\",\n \"volume_mounts\": [{\n \"name\": \"a-volume\",\n \"mount_path\": \"/secrets\",\n }],\n }],\n },\n opts = pulumi.ResourceOptions(depends_on=[secret_version_data]))\nproject = gcp.organizations.get_project()\nsecret_access = gcp.secretmanager.SecretIamMember(\"secret-access\",\n secret_id=secret.id,\n role=\"roles/secretmanager.secretAccessor\",\n member=f\"serviceAccount:{project.number}-compute@developer.gserviceaccount.com\",\n opts = pulumi.ResourceOptions(depends_on=[secret]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var secret = new Gcp.SecretManager.Secret(\"secret\", new()\n {\n SecretId = \"secret-1\",\n Replication = new Gcp.SecretManager.Inputs.SecretReplicationArgs\n {\n Auto = null,\n },\n });\n\n var secret_version_data = new Gcp.SecretManager.SecretVersion(\"secret-version-data\", new()\n {\n Secret = secret.Name,\n SecretData = \"secret-data\",\n });\n\n var @default = new Gcp.CloudRunV2.Service(\"default\", new()\n {\n Name = \"cloudrun-service\",\n Location = \"us-central1\",\n DeletionProtection = false,\n Ingress = \"INGRESS_TRAFFIC_ALL\",\n Template = new Gcp.CloudRunV2.Inputs.ServiceTemplateArgs\n {\n Volumes = new[]\n {\n new Gcp.CloudRunV2.Inputs.ServiceTemplateVolumeArgs\n {\n Name = \"a-volume\",\n Secret = new Gcp.CloudRunV2.Inputs.ServiceTemplateVolumeSecretArgs\n {\n Secret = secret.SecretId,\n DefaultMode = 292,\n Items = new[]\n {\n new Gcp.CloudRunV2.Inputs.ServiceTemplateVolumeSecretItemArgs\n {\n Version = \"1\",\n Path = \"my-secret\",\n },\n },\n },\n },\n },\n Containers = new[]\n {\n new Gcp.CloudRunV2.Inputs.ServiceTemplateContainerArgs\n {\n Image = \"us-docker.pkg.dev/cloudrun/container/hello\",\n VolumeMounts = new[]\n {\n new Gcp.CloudRunV2.Inputs.ServiceTemplateContainerVolumeMountArgs\n {\n Name = \"a-volume\",\n MountPath = \"/secrets\",\n },\n },\n },\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n secret_version_data,\n },\n });\n\n var project = Gcp.Organizations.GetProject.Invoke();\n\n var secret_access = new Gcp.SecretManager.SecretIamMember(\"secret-access\", new()\n {\n SecretId = secret.Id,\n Role = \"roles/secretmanager.secretAccessor\",\n Member = $\"serviceAccount:{project.Apply(getProjectResult =\u003e getProjectResult.Number)}-compute@developer.gserviceaccount.com\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n secret,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/cloudrunv2\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tsecret, err := secretmanager.NewSecret(ctx, \"secret\", \u0026secretmanager.SecretArgs{\n\t\t\tSecretId: pulumi.String(\"secret-1\"),\n\t\t\tReplication: \u0026secretmanager.SecretReplicationArgs{\n\t\t\t\tAuto: \u0026secretmanager.SecretReplicationAutoArgs{},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = secretmanager.NewSecretVersion(ctx, \"secret-version-data\", \u0026secretmanager.SecretVersionArgs{\n\t\t\tSecret: secret.Name,\n\t\t\tSecretData: pulumi.String(\"secret-data\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudrunv2.NewService(ctx, \"default\", \u0026cloudrunv2.ServiceArgs{\n\t\t\tName: pulumi.String(\"cloudrun-service\"),\n\t\t\tLocation: pulumi.String(\"us-central1\"),\n\t\t\tDeletionProtection: pulumi.Bool(false),\n\t\t\tIngress: pulumi.String(\"INGRESS_TRAFFIC_ALL\"),\n\t\t\tTemplate: \u0026cloudrunv2.ServiceTemplateArgs{\n\t\t\t\tVolumes: cloudrunv2.ServiceTemplateVolumeArray{\n\t\t\t\t\t\u0026cloudrunv2.ServiceTemplateVolumeArgs{\n\t\t\t\t\t\tName: pulumi.String(\"a-volume\"),\n\t\t\t\t\t\tSecret: \u0026cloudrunv2.ServiceTemplateVolumeSecretArgs{\n\t\t\t\t\t\t\tSecret: secret.SecretId,\n\t\t\t\t\t\t\tDefaultMode: pulumi.Int(292),\n\t\t\t\t\t\t\tItems: cloudrunv2.ServiceTemplateVolumeSecretItemArray{\n\t\t\t\t\t\t\t\t\u0026cloudrunv2.ServiceTemplateVolumeSecretItemArgs{\n\t\t\t\t\t\t\t\t\tVersion: pulumi.String(\"1\"),\n\t\t\t\t\t\t\t\t\tPath: pulumi.String(\"my-secret\"),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tContainers: cloudrunv2.ServiceTemplateContainerArray{\n\t\t\t\t\t\u0026cloudrunv2.ServiceTemplateContainerArgs{\n\t\t\t\t\t\tImage: pulumi.String(\"us-docker.pkg.dev/cloudrun/container/hello\"),\n\t\t\t\t\t\tVolumeMounts: cloudrunv2.ServiceTemplateContainerVolumeMountArray{\n\t\t\t\t\t\t\t\u0026cloudrunv2.ServiceTemplateContainerVolumeMountArgs{\n\t\t\t\t\t\t\t\tName: pulumi.String(\"a-volume\"),\n\t\t\t\t\t\t\t\tMountPath: pulumi.String(\"/secrets\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tsecret_version_data,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tproject, err := organizations.LookupProject(ctx, \u0026organizations.LookupProjectArgs{}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = secretmanager.NewSecretIamMember(ctx, \"secret-access\", \u0026secretmanager.SecretIamMemberArgs{\n\t\t\tSecretId: secret.ID(),\n\t\t\tRole: pulumi.String(\"roles/secretmanager.secretAccessor\"),\n\t\t\tMember: pulumi.Sprintf(\"serviceAccount:%v-compute@developer.gserviceaccount.com\", project.Number),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tsecret,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.secretmanager.Secret;\nimport com.pulumi.gcp.secretmanager.SecretArgs;\nimport com.pulumi.gcp.secretmanager.inputs.SecretReplicationArgs;\nimport com.pulumi.gcp.secretmanager.inputs.SecretReplicationAutoArgs;\nimport com.pulumi.gcp.secretmanager.SecretVersion;\nimport com.pulumi.gcp.secretmanager.SecretVersionArgs;\nimport com.pulumi.gcp.cloudrunv2.Service;\nimport com.pulumi.gcp.cloudrunv2.ServiceArgs;\nimport com.pulumi.gcp.cloudrunv2.inputs.ServiceTemplateArgs;\nimport com.pulumi.gcp.organizations.OrganizationsFunctions;\nimport com.pulumi.gcp.organizations.inputs.GetProjectArgs;\nimport com.pulumi.gcp.secretmanager.SecretIamMember;\nimport com.pulumi.gcp.secretmanager.SecretIamMemberArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var secret = new Secret(\"secret\", SecretArgs.builder()\n .secretId(\"secret-1\")\n .replication(SecretReplicationArgs.builder()\n .auto()\n .build())\n .build());\n\n var secret_version_data = new SecretVersion(\"secret-version-data\", SecretVersionArgs.builder()\n .secret(secret.name())\n .secretData(\"secret-data\")\n .build());\n\n var default_ = new Service(\"default\", ServiceArgs.builder()\n .name(\"cloudrun-service\")\n .location(\"us-central1\")\n .deletionProtection(false)\n .ingress(\"INGRESS_TRAFFIC_ALL\")\n .template(ServiceTemplateArgs.builder()\n .volumes(ServiceTemplateVolumeArgs.builder()\n .name(\"a-volume\")\n .secret(ServiceTemplateVolumeSecretArgs.builder()\n .secret(secret.secretId())\n .defaultMode(292)\n .items(ServiceTemplateVolumeSecretItemArgs.builder()\n .version(\"1\")\n .path(\"my-secret\")\n .build())\n .build())\n .build())\n .containers(ServiceTemplateContainerArgs.builder()\n .image(\"us-docker.pkg.dev/cloudrun/container/hello\")\n .volumeMounts(ServiceTemplateContainerVolumeMountArgs.builder()\n .name(\"a-volume\")\n .mountPath(\"/secrets\")\n .build())\n .build())\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(secret_version_data)\n .build());\n\n final var project = OrganizationsFunctions.getProject();\n\n var secret_access = new SecretIamMember(\"secret-access\", SecretIamMemberArgs.builder()\n .secretId(secret.id())\n .role(\"roles/secretmanager.secretAccessor\")\n .member(String.format(\"serviceAccount:%s-compute@developer.gserviceaccount.com\", project.applyValue(getProjectResult -\u003e getProjectResult.number())))\n .build(), CustomResourceOptions.builder()\n .dependsOn(secret)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: gcp:cloudrunv2:Service\n properties:\n name: cloudrun-service\n location: us-central1\n deletionProtection: false\n ingress: INGRESS_TRAFFIC_ALL\n template:\n volumes:\n - name: a-volume\n secret:\n secret: ${secret.secretId}\n defaultMode: 292\n items:\n - version: '1'\n path: my-secret\n containers:\n - image: us-docker.pkg.dev/cloudrun/container/hello\n volumeMounts:\n - name: a-volume\n mountPath: /secrets\n options:\n dependsOn:\n - ${[\"secret-version-data\"]}\n secret:\n type: gcp:secretmanager:Secret\n properties:\n secretId: secret-1\n replication:\n auto: {}\n secret-version-data:\n type: gcp:secretmanager:SecretVersion\n properties:\n secret: ${secret.name}\n secretData: secret-data\n secret-access:\n type: gcp:secretmanager:SecretIamMember\n properties:\n secretId: ${secret.id}\n role: roles/secretmanager.secretAccessor\n member: serviceAccount:${project.number}-compute@developer.gserviceaccount.com\n options:\n dependsOn:\n - ${secret}\nvariables:\n project:\n fn::invoke:\n function: gcp:organizations:getProject\n arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Cloudrunv2 Service Multicontainer\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst _default = new gcp.cloudrunv2.Service(\"default\", {\n name: \"cloudrun-service\",\n location: \"us-central1\",\n deletionProtection: false,\n ingress: \"INGRESS_TRAFFIC_ALL\",\n template: {\n containers: [\n {\n name: \"hello-1\",\n ports: {\n containerPort: 8080,\n },\n image: \"us-docker.pkg.dev/cloudrun/container/hello\",\n dependsOns: [\"hello-2\"],\n volumeMounts: [{\n name: \"empty-dir-volume\",\n mountPath: \"/mnt\",\n }],\n },\n {\n name: \"hello-2\",\n image: \"us-docker.pkg.dev/cloudrun/container/hello\",\n envs: [{\n name: \"PORT\",\n value: \"8081\",\n }],\n startupProbe: {\n httpGet: {\n port: 8081,\n },\n },\n },\n ],\n volumes: [{\n name: \"empty-dir-volume\",\n emptyDir: {\n medium: \"MEMORY\",\n sizeLimit: \"256Mi\",\n },\n }],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\ndefault = gcp.cloudrunv2.Service(\"default\",\n name=\"cloudrun-service\",\n location=\"us-central1\",\n deletion_protection=False,\n ingress=\"INGRESS_TRAFFIC_ALL\",\n template={\n \"containers\": [\n {\n \"name\": \"hello-1\",\n \"ports\": {\n \"container_port\": 8080,\n },\n \"image\": \"us-docker.pkg.dev/cloudrun/container/hello\",\n \"depends_ons\": [\"hello-2\"],\n \"volume_mounts\": [{\n \"name\": \"empty-dir-volume\",\n \"mount_path\": \"/mnt\",\n }],\n },\n {\n \"name\": \"hello-2\",\n \"image\": \"us-docker.pkg.dev/cloudrun/container/hello\",\n \"envs\": [{\n \"name\": \"PORT\",\n \"value\": \"8081\",\n }],\n \"startup_probe\": {\n \"http_get\": {\n \"port\": 8081,\n },\n },\n },\n ],\n \"volumes\": [{\n \"name\": \"empty-dir-volume\",\n \"empty_dir\": {\n \"medium\": \"MEMORY\",\n \"size_limit\": \"256Mi\",\n },\n }],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = new Gcp.CloudRunV2.Service(\"default\", new()\n {\n Name = \"cloudrun-service\",\n Location = \"us-central1\",\n DeletionProtection = false,\n Ingress = \"INGRESS_TRAFFIC_ALL\",\n Template = new Gcp.CloudRunV2.Inputs.ServiceTemplateArgs\n {\n Containers = new[]\n {\n new Gcp.CloudRunV2.Inputs.ServiceTemplateContainerArgs\n {\n Name = \"hello-1\",\n Ports = new Gcp.CloudRunV2.Inputs.ServiceTemplateContainerPortsArgs\n {\n ContainerPort = 8080,\n },\n Image = \"us-docker.pkg.dev/cloudrun/container/hello\",\n DependsOns = new[]\n {\n \"hello-2\",\n },\n VolumeMounts = new[]\n {\n new Gcp.CloudRunV2.Inputs.ServiceTemplateContainerVolumeMountArgs\n {\n Name = \"empty-dir-volume\",\n MountPath = \"/mnt\",\n },\n },\n },\n new Gcp.CloudRunV2.Inputs.ServiceTemplateContainerArgs\n {\n Name = \"hello-2\",\n Image = \"us-docker.pkg.dev/cloudrun/container/hello\",\n Envs = new[]\n {\n new Gcp.CloudRunV2.Inputs.ServiceTemplateContainerEnvArgs\n {\n Name = \"PORT\",\n Value = \"8081\",\n },\n },\n StartupProbe = new Gcp.CloudRunV2.Inputs.ServiceTemplateContainerStartupProbeArgs\n {\n HttpGet = new Gcp.CloudRunV2.Inputs.ServiceTemplateContainerStartupProbeHttpGetArgs\n {\n Port = 8081,\n },\n },\n },\n },\n Volumes = new[]\n {\n new Gcp.CloudRunV2.Inputs.ServiceTemplateVolumeArgs\n {\n Name = \"empty-dir-volume\",\n EmptyDir = new Gcp.CloudRunV2.Inputs.ServiceTemplateVolumeEmptyDirArgs\n {\n Medium = \"MEMORY\",\n SizeLimit = \"256Mi\",\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/cloudrunv2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cloudrunv2.NewService(ctx, \"default\", \u0026cloudrunv2.ServiceArgs{\n\t\t\tName: pulumi.String(\"cloudrun-service\"),\n\t\t\tLocation: pulumi.String(\"us-central1\"),\n\t\t\tDeletionProtection: pulumi.Bool(false),\n\t\t\tIngress: pulumi.String(\"INGRESS_TRAFFIC_ALL\"),\n\t\t\tTemplate: \u0026cloudrunv2.ServiceTemplateArgs{\n\t\t\t\tContainers: cloudrunv2.ServiceTemplateContainerArray{\n\t\t\t\t\t\u0026cloudrunv2.ServiceTemplateContainerArgs{\n\t\t\t\t\t\tName: pulumi.String(\"hello-1\"),\n\t\t\t\t\t\tPorts: \u0026cloudrunv2.ServiceTemplateContainerPortsArgs{\n\t\t\t\t\t\t\tContainerPort: pulumi.Int(8080),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tImage: pulumi.String(\"us-docker.pkg.dev/cloudrun/container/hello\"),\n\t\t\t\t\t\tDependsOns: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"hello-2\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tVolumeMounts: cloudrunv2.ServiceTemplateContainerVolumeMountArray{\n\t\t\t\t\t\t\t\u0026cloudrunv2.ServiceTemplateContainerVolumeMountArgs{\n\t\t\t\t\t\t\t\tName: pulumi.String(\"empty-dir-volume\"),\n\t\t\t\t\t\t\t\tMountPath: pulumi.String(\"/mnt\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\t\u0026cloudrunv2.ServiceTemplateContainerArgs{\n\t\t\t\t\t\tName: pulumi.String(\"hello-2\"),\n\t\t\t\t\t\tImage: pulumi.String(\"us-docker.pkg.dev/cloudrun/container/hello\"),\n\t\t\t\t\t\tEnvs: cloudrunv2.ServiceTemplateContainerEnvArray{\n\t\t\t\t\t\t\t\u0026cloudrunv2.ServiceTemplateContainerEnvArgs{\n\t\t\t\t\t\t\t\tName: pulumi.String(\"PORT\"),\n\t\t\t\t\t\t\t\tValue: pulumi.String(\"8081\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\tStartupProbe: \u0026cloudrunv2.ServiceTemplateContainerStartupProbeArgs{\n\t\t\t\t\t\t\tHttpGet: \u0026cloudrunv2.ServiceTemplateContainerStartupProbeHttpGetArgs{\n\t\t\t\t\t\t\t\tPort: pulumi.Int(8081),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tVolumes: cloudrunv2.ServiceTemplateVolumeArray{\n\t\t\t\t\t\u0026cloudrunv2.ServiceTemplateVolumeArgs{\n\t\t\t\t\t\tName: pulumi.String(\"empty-dir-volume\"),\n\t\t\t\t\t\tEmptyDir: \u0026cloudrunv2.ServiceTemplateVolumeEmptyDirArgs{\n\t\t\t\t\t\t\tMedium: pulumi.String(\"MEMORY\"),\n\t\t\t\t\t\t\tSizeLimit: pulumi.String(\"256Mi\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.cloudrunv2.Service;\nimport com.pulumi.gcp.cloudrunv2.ServiceArgs;\nimport com.pulumi.gcp.cloudrunv2.inputs.ServiceTemplateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var default_ = new Service(\"default\", ServiceArgs.builder()\n .name(\"cloudrun-service\")\n .location(\"us-central1\")\n .deletionProtection(false)\n .ingress(\"INGRESS_TRAFFIC_ALL\")\n .template(ServiceTemplateArgs.builder()\n .containers( \n ServiceTemplateContainerArgs.builder()\n .name(\"hello-1\")\n .ports(ServiceTemplateContainerPortsArgs.builder()\n .containerPort(8080)\n .build())\n .image(\"us-docker.pkg.dev/cloudrun/container/hello\")\n .dependsOns(\"hello-2\")\n .volumeMounts(ServiceTemplateContainerVolumeMountArgs.builder()\n .name(\"empty-dir-volume\")\n .mountPath(\"/mnt\")\n .build())\n .build(),\n ServiceTemplateContainerArgs.builder()\n .name(\"hello-2\")\n .image(\"us-docker.pkg.dev/cloudrun/container/hello\")\n .envs(ServiceTemplateContainerEnvArgs.builder()\n .name(\"PORT\")\n .value(\"8081\")\n .build())\n .startupProbe(ServiceTemplateContainerStartupProbeArgs.builder()\n .httpGet(ServiceTemplateContainerStartupProbeHttpGetArgs.builder()\n .port(8081)\n .build())\n .build())\n .build())\n .volumes(ServiceTemplateVolumeArgs.builder()\n .name(\"empty-dir-volume\")\n .emptyDir(ServiceTemplateVolumeEmptyDirArgs.builder()\n .medium(\"MEMORY\")\n .sizeLimit(\"256Mi\")\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: gcp:cloudrunv2:Service\n properties:\n name: cloudrun-service\n location: us-central1\n deletionProtection: false\n ingress: INGRESS_TRAFFIC_ALL\n template:\n containers:\n - name: hello-1\n ports:\n containerPort: 8080\n image: us-docker.pkg.dev/cloudrun/container/hello\n dependsOns:\n - hello-2\n volumeMounts:\n - name: empty-dir-volume\n mountPath: /mnt\n - name: hello-2\n image: us-docker.pkg.dev/cloudrun/container/hello\n envs:\n - name: PORT\n value: '8081'\n startupProbe:\n httpGet:\n port: 8081\n volumes:\n - name: empty-dir-volume\n emptyDir:\n medium: MEMORY\n sizeLimit: 256Mi\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Cloudrunv2 Service Mount Gcs\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst defaultBucket = new gcp.storage.Bucket(\"default\", {\n name: \"cloudrun-service\",\n location: \"US\",\n});\nconst _default = new gcp.cloudrunv2.Service(\"default\", {\n name: \"cloudrun-service\",\n location: \"us-central1\",\n deletionProtection: false,\n template: {\n executionEnvironment: \"EXECUTION_ENVIRONMENT_GEN2\",\n containers: [{\n image: \"us-docker.pkg.dev/cloudrun/container/hello\",\n volumeMounts: [{\n name: \"bucket\",\n mountPath: \"/var/www\",\n }],\n }],\n volumes: [{\n name: \"bucket\",\n gcs: {\n bucket: defaultBucket.name,\n readOnly: false,\n },\n }],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\ndefault_bucket = gcp.storage.Bucket(\"default\",\n name=\"cloudrun-service\",\n location=\"US\")\ndefault = gcp.cloudrunv2.Service(\"default\",\n name=\"cloudrun-service\",\n location=\"us-central1\",\n deletion_protection=False,\n template={\n \"execution_environment\": \"EXECUTION_ENVIRONMENT_GEN2\",\n \"containers\": [{\n \"image\": \"us-docker.pkg.dev/cloudrun/container/hello\",\n \"volume_mounts\": [{\n \"name\": \"bucket\",\n \"mount_path\": \"/var/www\",\n }],\n }],\n \"volumes\": [{\n \"name\": \"bucket\",\n \"gcs\": {\n \"bucket\": default_bucket.name,\n \"read_only\": False,\n },\n }],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var defaultBucket = new Gcp.Storage.Bucket(\"default\", new()\n {\n Name = \"cloudrun-service\",\n Location = \"US\",\n });\n\n var @default = new Gcp.CloudRunV2.Service(\"default\", new()\n {\n Name = \"cloudrun-service\",\n Location = \"us-central1\",\n DeletionProtection = false,\n Template = new Gcp.CloudRunV2.Inputs.ServiceTemplateArgs\n {\n ExecutionEnvironment = \"EXECUTION_ENVIRONMENT_GEN2\",\n Containers = new[]\n {\n new Gcp.CloudRunV2.Inputs.ServiceTemplateContainerArgs\n {\n Image = \"us-docker.pkg.dev/cloudrun/container/hello\",\n VolumeMounts = new[]\n {\n new Gcp.CloudRunV2.Inputs.ServiceTemplateContainerVolumeMountArgs\n {\n Name = \"bucket\",\n MountPath = \"/var/www\",\n },\n },\n },\n },\n Volumes = new[]\n {\n new Gcp.CloudRunV2.Inputs.ServiceTemplateVolumeArgs\n {\n Name = \"bucket\",\n Gcs = new Gcp.CloudRunV2.Inputs.ServiceTemplateVolumeGcsArgs\n {\n Bucket = defaultBucket.Name,\n ReadOnly = false,\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/cloudrunv2\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/storage\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tdefaultBucket, err := storage.NewBucket(ctx, \"default\", \u0026storage.BucketArgs{\n\t\t\tName: pulumi.String(\"cloudrun-service\"),\n\t\t\tLocation: pulumi.String(\"US\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudrunv2.NewService(ctx, \"default\", \u0026cloudrunv2.ServiceArgs{\n\t\t\tName: pulumi.String(\"cloudrun-service\"),\n\t\t\tLocation: pulumi.String(\"us-central1\"),\n\t\t\tDeletionProtection: pulumi.Bool(false),\n\t\t\tTemplate: \u0026cloudrunv2.ServiceTemplateArgs{\n\t\t\t\tExecutionEnvironment: pulumi.String(\"EXECUTION_ENVIRONMENT_GEN2\"),\n\t\t\t\tContainers: cloudrunv2.ServiceTemplateContainerArray{\n\t\t\t\t\t\u0026cloudrunv2.ServiceTemplateContainerArgs{\n\t\t\t\t\t\tImage: pulumi.String(\"us-docker.pkg.dev/cloudrun/container/hello\"),\n\t\t\t\t\t\tVolumeMounts: cloudrunv2.ServiceTemplateContainerVolumeMountArray{\n\t\t\t\t\t\t\t\u0026cloudrunv2.ServiceTemplateContainerVolumeMountArgs{\n\t\t\t\t\t\t\t\tName: pulumi.String(\"bucket\"),\n\t\t\t\t\t\t\t\tMountPath: pulumi.String(\"/var/www\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tVolumes: cloudrunv2.ServiceTemplateVolumeArray{\n\t\t\t\t\t\u0026cloudrunv2.ServiceTemplateVolumeArgs{\n\t\t\t\t\t\tName: pulumi.String(\"bucket\"),\n\t\t\t\t\t\tGcs: \u0026cloudrunv2.ServiceTemplateVolumeGcsArgs{\n\t\t\t\t\t\t\tBucket: defaultBucket.Name,\n\t\t\t\t\t\t\tReadOnly: pulumi.Bool(false),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.storage.Bucket;\nimport com.pulumi.gcp.storage.BucketArgs;\nimport com.pulumi.gcp.cloudrunv2.Service;\nimport com.pulumi.gcp.cloudrunv2.ServiceArgs;\nimport com.pulumi.gcp.cloudrunv2.inputs.ServiceTemplateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var defaultBucket = new Bucket(\"defaultBucket\", BucketArgs.builder()\n .name(\"cloudrun-service\")\n .location(\"US\")\n .build());\n\n var default_ = new Service(\"default\", ServiceArgs.builder()\n .name(\"cloudrun-service\")\n .location(\"us-central1\")\n .deletionProtection(false)\n .template(ServiceTemplateArgs.builder()\n .executionEnvironment(\"EXECUTION_ENVIRONMENT_GEN2\")\n .containers(ServiceTemplateContainerArgs.builder()\n .image(\"us-docker.pkg.dev/cloudrun/container/hello\")\n .volumeMounts(ServiceTemplateContainerVolumeMountArgs.builder()\n .name(\"bucket\")\n .mountPath(\"/var/www\")\n .build())\n .build())\n .volumes(ServiceTemplateVolumeArgs.builder()\n .name(\"bucket\")\n .gcs(ServiceTemplateVolumeGcsArgs.builder()\n .bucket(defaultBucket.name())\n .readOnly(false)\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: gcp:cloudrunv2:Service\n properties:\n name: cloudrun-service\n location: us-central1\n deletionProtection: false\n template:\n executionEnvironment: EXECUTION_ENVIRONMENT_GEN2\n containers:\n - image: us-docker.pkg.dev/cloudrun/container/hello\n volumeMounts:\n - name: bucket\n mountPath: /var/www\n volumes:\n - name: bucket\n gcs:\n bucket: ${defaultBucket.name}\n readOnly: false\n defaultBucket:\n type: gcp:storage:Bucket\n name: default\n properties:\n name: cloudrun-service\n location: US\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Cloudrunv2 Service Mount Nfs\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst defaultInstance = new gcp.filestore.Instance(\"default\", {\n name: \"cloudrun-service\",\n location: \"us-central1-b\",\n tier: \"BASIC_HDD\",\n fileShares: {\n capacityGb: 1024,\n name: \"share1\",\n },\n networks: [{\n network: \"default\",\n modes: [\"MODE_IPV4\"],\n }],\n});\nconst _default = new gcp.cloudrunv2.Service(\"default\", {\n name: \"cloudrun-service\",\n location: \"us-central1\",\n deletionProtection: false,\n ingress: \"INGRESS_TRAFFIC_ALL\",\n template: {\n executionEnvironment: \"EXECUTION_ENVIRONMENT_GEN2\",\n containers: [{\n image: \"us-docker.pkg.dev/cloudrun/container/hello:latest\",\n volumeMounts: [{\n name: \"nfs\",\n mountPath: \"/mnt/nfs/filestore\",\n }],\n }],\n vpcAccess: {\n networkInterfaces: [{\n network: \"default\",\n subnetwork: \"default\",\n }],\n },\n volumes: [{\n name: \"nfs\",\n nfs: {\n server: defaultInstance.networks.apply(networks =\u003e networks[0].ipAddresses?.[0]),\n path: \"/share1\",\n readOnly: false,\n },\n }],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\ndefault_instance = gcp.filestore.Instance(\"default\",\n name=\"cloudrun-service\",\n location=\"us-central1-b\",\n tier=\"BASIC_HDD\",\n file_shares={\n \"capacity_gb\": 1024,\n \"name\": \"share1\",\n },\n networks=[{\n \"network\": \"default\",\n \"modes\": [\"MODE_IPV4\"],\n }])\ndefault = gcp.cloudrunv2.Service(\"default\",\n name=\"cloudrun-service\",\n location=\"us-central1\",\n deletion_protection=False,\n ingress=\"INGRESS_TRAFFIC_ALL\",\n template={\n \"execution_environment\": \"EXECUTION_ENVIRONMENT_GEN2\",\n \"containers\": [{\n \"image\": \"us-docker.pkg.dev/cloudrun/container/hello:latest\",\n \"volume_mounts\": [{\n \"name\": \"nfs\",\n \"mount_path\": \"/mnt/nfs/filestore\",\n }],\n }],\n \"vpc_access\": {\n \"network_interfaces\": [{\n \"network\": \"default\",\n \"subnetwork\": \"default\",\n }],\n },\n \"volumes\": [{\n \"name\": \"nfs\",\n \"nfs\": {\n \"server\": default_instance.networks[0].ip_addresses[0],\n \"path\": \"/share1\",\n \"read_only\": False,\n },\n }],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var defaultInstance = new Gcp.Filestore.Instance(\"default\", new()\n {\n Name = \"cloudrun-service\",\n Location = \"us-central1-b\",\n Tier = \"BASIC_HDD\",\n FileShares = new Gcp.Filestore.Inputs.InstanceFileSharesArgs\n {\n CapacityGb = 1024,\n Name = \"share1\",\n },\n Networks = new[]\n {\n new Gcp.Filestore.Inputs.InstanceNetworkArgs\n {\n Network = \"default\",\n Modes = new[]\n {\n \"MODE_IPV4\",\n },\n },\n },\n });\n\n var @default = new Gcp.CloudRunV2.Service(\"default\", new()\n {\n Name = \"cloudrun-service\",\n Location = \"us-central1\",\n DeletionProtection = false,\n Ingress = \"INGRESS_TRAFFIC_ALL\",\n Template = new Gcp.CloudRunV2.Inputs.ServiceTemplateArgs\n {\n ExecutionEnvironment = \"EXECUTION_ENVIRONMENT_GEN2\",\n Containers = new[]\n {\n new Gcp.CloudRunV2.Inputs.ServiceTemplateContainerArgs\n {\n Image = \"us-docker.pkg.dev/cloudrun/container/hello:latest\",\n VolumeMounts = new[]\n {\n new Gcp.CloudRunV2.Inputs.ServiceTemplateContainerVolumeMountArgs\n {\n Name = \"nfs\",\n MountPath = \"/mnt/nfs/filestore\",\n },\n },\n },\n },\n VpcAccess = new Gcp.CloudRunV2.Inputs.ServiceTemplateVpcAccessArgs\n {\n NetworkInterfaces = new[]\n {\n new Gcp.CloudRunV2.Inputs.ServiceTemplateVpcAccessNetworkInterfaceArgs\n {\n Network = \"default\",\n Subnetwork = \"default\",\n },\n },\n },\n Volumes = new[]\n {\n new Gcp.CloudRunV2.Inputs.ServiceTemplateVolumeArgs\n {\n Name = \"nfs\",\n Nfs = new Gcp.CloudRunV2.Inputs.ServiceTemplateVolumeNfsArgs\n {\n Server = defaultInstance.Networks.Apply(networks =\u003e networks[0].IpAddresses[0]),\n Path = \"/share1\",\n ReadOnly = false,\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/cloudrunv2\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/filestore\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tdefaultInstance, err := filestore.NewInstance(ctx, \"default\", \u0026filestore.InstanceArgs{\n\t\t\tName: pulumi.String(\"cloudrun-service\"),\n\t\t\tLocation: pulumi.String(\"us-central1-b\"),\n\t\t\tTier: pulumi.String(\"BASIC_HDD\"),\n\t\t\tFileShares: \u0026filestore.InstanceFileSharesArgs{\n\t\t\t\tCapacityGb: pulumi.Int(1024),\n\t\t\t\tName: pulumi.String(\"share1\"),\n\t\t\t},\n\t\t\tNetworks: filestore.InstanceNetworkArray{\n\t\t\t\t\u0026filestore.InstanceNetworkArgs{\n\t\t\t\t\tNetwork: pulumi.String(\"default\"),\n\t\t\t\t\tModes: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"MODE_IPV4\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudrunv2.NewService(ctx, \"default\", \u0026cloudrunv2.ServiceArgs{\n\t\t\tName: pulumi.String(\"cloudrun-service\"),\n\t\t\tLocation: pulumi.String(\"us-central1\"),\n\t\t\tDeletionProtection: pulumi.Bool(false),\n\t\t\tIngress: pulumi.String(\"INGRESS_TRAFFIC_ALL\"),\n\t\t\tTemplate: \u0026cloudrunv2.ServiceTemplateArgs{\n\t\t\t\tExecutionEnvironment: pulumi.String(\"EXECUTION_ENVIRONMENT_GEN2\"),\n\t\t\t\tContainers: cloudrunv2.ServiceTemplateContainerArray{\n\t\t\t\t\t\u0026cloudrunv2.ServiceTemplateContainerArgs{\n\t\t\t\t\t\tImage: pulumi.String(\"us-docker.pkg.dev/cloudrun/container/hello:latest\"),\n\t\t\t\t\t\tVolumeMounts: cloudrunv2.ServiceTemplateContainerVolumeMountArray{\n\t\t\t\t\t\t\t\u0026cloudrunv2.ServiceTemplateContainerVolumeMountArgs{\n\t\t\t\t\t\t\t\tName: pulumi.String(\"nfs\"),\n\t\t\t\t\t\t\t\tMountPath: pulumi.String(\"/mnt/nfs/filestore\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tVpcAccess: \u0026cloudrunv2.ServiceTemplateVpcAccessArgs{\n\t\t\t\t\tNetworkInterfaces: cloudrunv2.ServiceTemplateVpcAccessNetworkInterfaceArray{\n\t\t\t\t\t\t\u0026cloudrunv2.ServiceTemplateVpcAccessNetworkInterfaceArgs{\n\t\t\t\t\t\t\tNetwork: pulumi.String(\"default\"),\n\t\t\t\t\t\t\tSubnetwork: pulumi.String(\"default\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tVolumes: cloudrunv2.ServiceTemplateVolumeArray{\n\t\t\t\t\t\u0026cloudrunv2.ServiceTemplateVolumeArgs{\n\t\t\t\t\t\tName: pulumi.String(\"nfs\"),\n\t\t\t\t\t\tNfs: \u0026cloudrunv2.ServiceTemplateVolumeNfsArgs{\n\t\t\t\t\t\t\tServer: defaultInstance.Networks.ApplyT(func(networks []filestore.InstanceNetwork) (*string, error) {\n\t\t\t\t\t\t\t\treturn \u0026networks[0].IpAddresses[0], nil\n\t\t\t\t\t\t\t}).(pulumi.StringPtrOutput),\n\t\t\t\t\t\t\tPath: pulumi.String(\"/share1\"),\n\t\t\t\t\t\t\tReadOnly: pulumi.Bool(false),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.filestore.Instance;\nimport com.pulumi.gcp.filestore.InstanceArgs;\nimport com.pulumi.gcp.filestore.inputs.InstanceFileSharesArgs;\nimport com.pulumi.gcp.filestore.inputs.InstanceNetworkArgs;\nimport com.pulumi.gcp.cloudrunv2.Service;\nimport com.pulumi.gcp.cloudrunv2.ServiceArgs;\nimport com.pulumi.gcp.cloudrunv2.inputs.ServiceTemplateArgs;\nimport com.pulumi.gcp.cloudrunv2.inputs.ServiceTemplateVpcAccessArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var defaultInstance = new Instance(\"defaultInstance\", InstanceArgs.builder()\n .name(\"cloudrun-service\")\n .location(\"us-central1-b\")\n .tier(\"BASIC_HDD\")\n .fileShares(InstanceFileSharesArgs.builder()\n .capacityGb(1024)\n .name(\"share1\")\n .build())\n .networks(InstanceNetworkArgs.builder()\n .network(\"default\")\n .modes(\"MODE_IPV4\")\n .build())\n .build());\n\n var default_ = new Service(\"default\", ServiceArgs.builder()\n .name(\"cloudrun-service\")\n .location(\"us-central1\")\n .deletionProtection(false)\n .ingress(\"INGRESS_TRAFFIC_ALL\")\n .template(ServiceTemplateArgs.builder()\n .executionEnvironment(\"EXECUTION_ENVIRONMENT_GEN2\")\n .containers(ServiceTemplateContainerArgs.builder()\n .image(\"us-docker.pkg.dev/cloudrun/container/hello:latest\")\n .volumeMounts(ServiceTemplateContainerVolumeMountArgs.builder()\n .name(\"nfs\")\n .mountPath(\"/mnt/nfs/filestore\")\n .build())\n .build())\n .vpcAccess(ServiceTemplateVpcAccessArgs.builder()\n .networkInterfaces(ServiceTemplateVpcAccessNetworkInterfaceArgs.builder()\n .network(\"default\")\n .subnetwork(\"default\")\n .build())\n .build())\n .volumes(ServiceTemplateVolumeArgs.builder()\n .name(\"nfs\")\n .nfs(ServiceTemplateVolumeNfsArgs.builder()\n .server(defaultInstance.networks().applyValue(networks -\u003e networks[0].ipAddresses()[0]))\n .path(\"/share1\")\n .readOnly(false)\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: gcp:cloudrunv2:Service\n properties:\n name: cloudrun-service\n location: us-central1\n deletionProtection: false\n ingress: INGRESS_TRAFFIC_ALL\n template:\n executionEnvironment: EXECUTION_ENVIRONMENT_GEN2\n containers:\n - image: us-docker.pkg.dev/cloudrun/container/hello:latest\n volumeMounts:\n - name: nfs\n mountPath: /mnt/nfs/filestore\n vpcAccess:\n networkInterfaces:\n - network: default\n subnetwork: default\n volumes:\n - name: nfs\n nfs:\n server: ${defaultInstance.networks[0].ipAddresses[0]}\n path: /share1\n readOnly: false\n defaultInstance:\n type: gcp:filestore:Instance\n name: default\n properties:\n name: cloudrun-service\n location: us-central1-b\n tier: BASIC_HDD\n fileShares:\n capacityGb: 1024\n name: share1\n networks:\n - network: default\n modes:\n - MODE_IPV4\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Cloudrunv2 Service Mesh\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\nimport * as time from \"@pulumi/time\";\n\nconst mesh = new gcp.networkservices.Mesh(\"mesh\", {name: \"network-services-mesh\"});\nconst waitForMesh = new time.index.Sleep(\"wait_for_mesh\", {createDuration: \"1m\"}, {\n dependsOn: [mesh],\n});\nconst _default = new gcp.cloudrunv2.Service(\"default\", {\n name: \"cloudrun-service\",\n deletionProtection: false,\n location: \"us-central1\",\n launchStage: \"BETA\",\n template: {\n containers: [{\n image: \"us-docker.pkg.dev/cloudrun/container/hello\",\n }],\n serviceMesh: {\n mesh: mesh.id,\n },\n },\n}, {\n dependsOn: [waitForMesh],\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\nimport pulumi_time as time\n\nmesh = gcp.networkservices.Mesh(\"mesh\", name=\"network-services-mesh\")\nwait_for_mesh = time.index.Sleep(\"wait_for_mesh\", create_duration=1m,\nopts = pulumi.ResourceOptions(depends_on=[mesh]))\ndefault = gcp.cloudrunv2.Service(\"default\",\n name=\"cloudrun-service\",\n deletion_protection=False,\n location=\"us-central1\",\n launch_stage=\"BETA\",\n template={\n \"containers\": [{\n \"image\": \"us-docker.pkg.dev/cloudrun/container/hello\",\n }],\n \"service_mesh\": {\n \"mesh\": mesh.id,\n },\n },\n opts = pulumi.ResourceOptions(depends_on=[wait_for_mesh]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\nusing Time = Pulumi.Time;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var mesh = new Gcp.NetworkServices.Mesh(\"mesh\", new()\n {\n Name = \"network-services-mesh\",\n });\n\n var waitForMesh = new Time.Index.Sleep(\"wait_for_mesh\", new()\n {\n CreateDuration = \"1m\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n mesh,\n },\n });\n\n var @default = new Gcp.CloudRunV2.Service(\"default\", new()\n {\n Name = \"cloudrun-service\",\n DeletionProtection = false,\n Location = \"us-central1\",\n LaunchStage = \"BETA\",\n Template = new Gcp.CloudRunV2.Inputs.ServiceTemplateArgs\n {\n Containers = new[]\n {\n new Gcp.CloudRunV2.Inputs.ServiceTemplateContainerArgs\n {\n Image = \"us-docker.pkg.dev/cloudrun/container/hello\",\n },\n },\n ServiceMesh = new Gcp.CloudRunV2.Inputs.ServiceTemplateServiceMeshArgs\n {\n Mesh = mesh.Id,\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n waitForMesh,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/cloudrunv2\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networkservices\"\n\t\"github.com/pulumi/pulumi-time/sdk/go/time\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmesh, err := networkservices.NewMesh(ctx, \"mesh\", \u0026networkservices.MeshArgs{\n\t\t\tName: pulumi.String(\"network-services-mesh\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\twaitForMesh, err := time.NewSleep(ctx, \"wait_for_mesh\", \u0026time.SleepArgs{\n\t\t\tCreateDuration: \"1m\",\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tmesh,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudrunv2.NewService(ctx, \"default\", \u0026cloudrunv2.ServiceArgs{\n\t\t\tName: pulumi.String(\"cloudrun-service\"),\n\t\t\tDeletionProtection: pulumi.Bool(false),\n\t\t\tLocation: pulumi.String(\"us-central1\"),\n\t\t\tLaunchStage: pulumi.String(\"BETA\"),\n\t\t\tTemplate: \u0026cloudrunv2.ServiceTemplateArgs{\n\t\t\t\tContainers: cloudrunv2.ServiceTemplateContainerArray{\n\t\t\t\t\t\u0026cloudrunv2.ServiceTemplateContainerArgs{\n\t\t\t\t\t\tImage: pulumi.String(\"us-docker.pkg.dev/cloudrun/container/hello\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tServiceMesh: \u0026cloudrunv2.ServiceTemplateServiceMeshArgs{\n\t\t\t\t\tMesh: mesh.ID(),\n\t\t\t\t},\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\twaitForMesh,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.networkservices.Mesh;\nimport com.pulumi.gcp.networkservices.MeshArgs;\nimport com.pulumi.time.sleep;\nimport com.pulumi.time.SleepArgs;\nimport com.pulumi.gcp.cloudrunv2.Service;\nimport com.pulumi.gcp.cloudrunv2.ServiceArgs;\nimport com.pulumi.gcp.cloudrunv2.inputs.ServiceTemplateArgs;\nimport com.pulumi.gcp.cloudrunv2.inputs.ServiceTemplateServiceMeshArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var mesh = new Mesh(\"mesh\", MeshArgs.builder()\n .name(\"network-services-mesh\")\n .build());\n\n var waitForMesh = new Sleep(\"waitForMesh\", SleepArgs.builder()\n .createDuration(\"1m\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(mesh)\n .build());\n\n var default_ = new Service(\"default\", ServiceArgs.builder()\n .name(\"cloudrun-service\")\n .deletionProtection(false)\n .location(\"us-central1\")\n .launchStage(\"BETA\")\n .template(ServiceTemplateArgs.builder()\n .containers(ServiceTemplateContainerArgs.builder()\n .image(\"us-docker.pkg.dev/cloudrun/container/hello\")\n .build())\n .serviceMesh(ServiceTemplateServiceMeshArgs.builder()\n .mesh(mesh.id())\n .build())\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(waitForMesh)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: gcp:cloudrunv2:Service\n properties:\n name: cloudrun-service\n deletionProtection: false\n location: us-central1\n launchStage: BETA\n template:\n containers:\n - image: us-docker.pkg.dev/cloudrun/container/hello\n serviceMesh:\n mesh: ${mesh.id}\n options:\n dependsOn:\n - ${waitForMesh}\n waitForMesh:\n type: time:sleep\n name: wait_for_mesh\n properties:\n createDuration: 1m\n options:\n dependsOn:\n - ${mesh}\n mesh:\n type: gcp:networkservices:Mesh\n properties:\n name: network-services-mesh\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Cloudrunv2 Service Invokeriam\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst _default = new gcp.cloudrunv2.Service(\"default\", {\n name: \"cloudrun-service\",\n location: \"us-central1\",\n deletionProtection: false,\n invokerIamDisabled: true,\n description: \"The serving URL of this service will not perform any IAM check when invoked\",\n ingress: \"INGRESS_TRAFFIC_ALL\",\n template: {\n containers: [{\n image: \"us-docker.pkg.dev/cloudrun/container/hello\",\n }],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\ndefault = gcp.cloudrunv2.Service(\"default\",\n name=\"cloudrun-service\",\n location=\"us-central1\",\n deletion_protection=False,\n invoker_iam_disabled=True,\n description=\"The serving URL of this service will not perform any IAM check when invoked\",\n ingress=\"INGRESS_TRAFFIC_ALL\",\n template={\n \"containers\": [{\n \"image\": \"us-docker.pkg.dev/cloudrun/container/hello\",\n }],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = new Gcp.CloudRunV2.Service(\"default\", new()\n {\n Name = \"cloudrun-service\",\n Location = \"us-central1\",\n DeletionProtection = false,\n InvokerIamDisabled = true,\n Description = \"The serving URL of this service will not perform any IAM check when invoked\",\n Ingress = \"INGRESS_TRAFFIC_ALL\",\n Template = new Gcp.CloudRunV2.Inputs.ServiceTemplateArgs\n {\n Containers = new[]\n {\n new Gcp.CloudRunV2.Inputs.ServiceTemplateContainerArgs\n {\n Image = \"us-docker.pkg.dev/cloudrun/container/hello\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/cloudrunv2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cloudrunv2.NewService(ctx, \"default\", \u0026cloudrunv2.ServiceArgs{\n\t\t\tName: pulumi.String(\"cloudrun-service\"),\n\t\t\tLocation: pulumi.String(\"us-central1\"),\n\t\t\tDeletionProtection: pulumi.Bool(false),\n\t\t\tInvokerIamDisabled: pulumi.Bool(true),\n\t\t\tDescription: pulumi.String(\"The serving URL of this service will not perform any IAM check when invoked\"),\n\t\t\tIngress: pulumi.String(\"INGRESS_TRAFFIC_ALL\"),\n\t\t\tTemplate: \u0026cloudrunv2.ServiceTemplateArgs{\n\t\t\t\tContainers: cloudrunv2.ServiceTemplateContainerArray{\n\t\t\t\t\t\u0026cloudrunv2.ServiceTemplateContainerArgs{\n\t\t\t\t\t\tImage: pulumi.String(\"us-docker.pkg.dev/cloudrun/container/hello\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.cloudrunv2.Service;\nimport com.pulumi.gcp.cloudrunv2.ServiceArgs;\nimport com.pulumi.gcp.cloudrunv2.inputs.ServiceTemplateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var default_ = new Service(\"default\", ServiceArgs.builder()\n .name(\"cloudrun-service\")\n .location(\"us-central1\")\n .deletionProtection(false)\n .invokerIamDisabled(true)\n .description(\"The serving URL of this service will not perform any IAM check when invoked\")\n .ingress(\"INGRESS_TRAFFIC_ALL\")\n .template(ServiceTemplateArgs.builder()\n .containers(ServiceTemplateContainerArgs.builder()\n .image(\"us-docker.pkg.dev/cloudrun/container/hello\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: gcp:cloudrunv2:Service\n properties:\n name: cloudrun-service\n location: us-central1\n deletionProtection: false\n invokerIamDisabled: true\n description: The serving URL of this service will not perform any IAM check when invoked\n ingress: INGRESS_TRAFFIC_ALL\n template:\n containers:\n - image: us-docker.pkg.dev/cloudrun/container/hello\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Cloudrunv2 Service Function\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst project = gcp.organizations.getProject({});\nconst bucket = new gcp.storage.Bucket(\"bucket\", {\n name: project.then(project =\u003e `${project.projectId}-gcf-source`),\n location: \"US\",\n uniformBucketLevelAccess: true,\n});\nconst object = new gcp.storage.BucketObject(\"object\", {\n name: \"function-source.zip\",\n bucket: bucket.name,\n source: new pulumi.asset.FileAsset(\"function_source.zip\"),\n});\nconst cloudbuildServiceAccount = new gcp.serviceaccount.Account(\"cloudbuild_service_account\", {accountId: \"build-sa\"});\nconst actAs = new gcp.projects.IAMMember(\"act_as\", {\n project: project.then(project =\u003e project.projectId),\n role: \"roles/iam.serviceAccountUser\",\n member: pulumi.interpolate`serviceAccount:${cloudbuildServiceAccount.email}`,\n});\nconst logsWriter = new gcp.projects.IAMMember(\"logs_writer\", {\n project: project.then(project =\u003e project.projectId),\n role: \"roles/logging.logWriter\",\n member: pulumi.interpolate`serviceAccount:${cloudbuildServiceAccount.email}`,\n});\nconst _default = new gcp.cloudrunv2.Service(\"default\", {\n name: \"cloudrun-service\",\n location: \"us-central1\",\n deletionProtection: false,\n ingress: \"INGRESS_TRAFFIC_ALL\",\n template: {\n containers: [{\n image: \"us-docker.pkg.dev/cloudrun/container/hello\",\n }],\n },\n buildConfig: {\n sourceLocation: pulumi.interpolate`gs://${bucket.name}/${object.name}`,\n functionTarget: \"helloHttp\",\n imageUri: \"us-docker.pkg.dev/cloudrun/container/hello\",\n baseImage: \"us-central1-docker.pkg.dev/serverless-runtimes/google-22-full/runtimes/nodejs22\",\n enableAutomaticUpdates: true,\n workerPool: \"worker-pool\",\n environmentVariables: {\n FOO_KEY: \"FOO_VALUE\",\n BAR_KEY: \"BAR_VALUE\",\n },\n serviceAccount: cloudbuildServiceAccount.id,\n },\n}, {\n dependsOn: [\n actAs,\n logsWriter,\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nproject = gcp.organizations.get_project()\nbucket = gcp.storage.Bucket(\"bucket\",\n name=f\"{project.project_id}-gcf-source\",\n location=\"US\",\n uniform_bucket_level_access=True)\nobject = gcp.storage.BucketObject(\"object\",\n name=\"function-source.zip\",\n bucket=bucket.name,\n source=pulumi.FileAsset(\"function_source.zip\"))\ncloudbuild_service_account = gcp.serviceaccount.Account(\"cloudbuild_service_account\", account_id=\"build-sa\")\nact_as = gcp.projects.IAMMember(\"act_as\",\n project=project.project_id,\n role=\"roles/iam.serviceAccountUser\",\n member=cloudbuild_service_account.email.apply(lambda email: f\"serviceAccount:{email}\"))\nlogs_writer = gcp.projects.IAMMember(\"logs_writer\",\n project=project.project_id,\n role=\"roles/logging.logWriter\",\n member=cloudbuild_service_account.email.apply(lambda email: f\"serviceAccount:{email}\"))\ndefault = gcp.cloudrunv2.Service(\"default\",\n name=\"cloudrun-service\",\n location=\"us-central1\",\n deletion_protection=False,\n ingress=\"INGRESS_TRAFFIC_ALL\",\n template={\n \"containers\": [{\n \"image\": \"us-docker.pkg.dev/cloudrun/container/hello\",\n }],\n },\n build_config={\n \"source_location\": pulumi.Output.all(\n bucketName=bucket.name,\n objectName=object.name\n).apply(lambda resolved_outputs: f\"gs://{resolved_outputs['bucketName']}/{resolved_outputs['objectName']}\")\n,\n \"function_target\": \"helloHttp\",\n \"image_uri\": \"us-docker.pkg.dev/cloudrun/container/hello\",\n \"base_image\": \"us-central1-docker.pkg.dev/serverless-runtimes/google-22-full/runtimes/nodejs22\",\n \"enable_automatic_updates\": True,\n \"worker_pool\": \"worker-pool\",\n \"environment_variables\": {\n \"FOO_KEY\": \"FOO_VALUE\",\n \"BAR_KEY\": \"BAR_VALUE\",\n },\n \"service_account\": cloudbuild_service_account.id,\n },\n opts = pulumi.ResourceOptions(depends_on=[\n act_as,\n logs_writer,\n ]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var project = Gcp.Organizations.GetProject.Invoke();\n\n var bucket = new Gcp.Storage.Bucket(\"bucket\", new()\n {\n Name = $\"{project.Apply(getProjectResult =\u003e getProjectResult.ProjectId)}-gcf-source\",\n Location = \"US\",\n UniformBucketLevelAccess = true,\n });\n\n var @object = new Gcp.Storage.BucketObject(\"object\", new()\n {\n Name = \"function-source.zip\",\n Bucket = bucket.Name,\n Source = new FileAsset(\"function_source.zip\"),\n });\n\n var cloudbuildServiceAccount = new Gcp.ServiceAccount.Account(\"cloudbuild_service_account\", new()\n {\n AccountId = \"build-sa\",\n });\n\n var actAs = new Gcp.Projects.IAMMember(\"act_as\", new()\n {\n Project = project.Apply(getProjectResult =\u003e getProjectResult.ProjectId),\n Role = \"roles/iam.serviceAccountUser\",\n Member = cloudbuildServiceAccount.Email.Apply(email =\u003e $\"serviceAccount:{email}\"),\n });\n\n var logsWriter = new Gcp.Projects.IAMMember(\"logs_writer\", new()\n {\n Project = project.Apply(getProjectResult =\u003e getProjectResult.ProjectId),\n Role = \"roles/logging.logWriter\",\n Member = cloudbuildServiceAccount.Email.Apply(email =\u003e $\"serviceAccount:{email}\"),\n });\n\n var @default = new Gcp.CloudRunV2.Service(\"default\", new()\n {\n Name = \"cloudrun-service\",\n Location = \"us-central1\",\n DeletionProtection = false,\n Ingress = \"INGRESS_TRAFFIC_ALL\",\n Template = new Gcp.CloudRunV2.Inputs.ServiceTemplateArgs\n {\n Containers = new[]\n {\n new Gcp.CloudRunV2.Inputs.ServiceTemplateContainerArgs\n {\n Image = \"us-docker.pkg.dev/cloudrun/container/hello\",\n },\n },\n },\n BuildConfig = new Gcp.CloudRunV2.Inputs.ServiceBuildConfigArgs\n {\n SourceLocation = Output.Tuple(bucket.Name, @object.Name).Apply(values =\u003e\n {\n var bucketName = values.Item1;\n var objectName = values.Item2;\n return $\"gs://{bucketName}/{objectName}\";\n }),\n FunctionTarget = \"helloHttp\",\n ImageUri = \"us-docker.pkg.dev/cloudrun/container/hello\",\n BaseImage = \"us-central1-docker.pkg.dev/serverless-runtimes/google-22-full/runtimes/nodejs22\",\n EnableAutomaticUpdates = true,\n WorkerPool = \"worker-pool\",\n EnvironmentVariables = \n {\n { \"FOO_KEY\", \"FOO_VALUE\" },\n { \"BAR_KEY\", \"BAR_VALUE\" },\n },\n ServiceAccount = cloudbuildServiceAccount.Id,\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n actAs,\n logsWriter,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/cloudrunv2\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/projects\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/serviceaccount\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/storage\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tproject, err := organizations.LookupProject(ctx, \u0026organizations.LookupProjectArgs{}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tbucket, err := storage.NewBucket(ctx, \"bucket\", \u0026storage.BucketArgs{\n\t\t\tName: pulumi.Sprintf(\"%v-gcf-source\", project.ProjectId),\n\t\t\tLocation: pulumi.String(\"US\"),\n\t\t\tUniformBucketLevelAccess: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tobject, err := storage.NewBucketObject(ctx, \"object\", \u0026storage.BucketObjectArgs{\n\t\t\tName: pulumi.String(\"function-source.zip\"),\n\t\t\tBucket: bucket.Name,\n\t\t\tSource: pulumi.NewFileAsset(\"function_source.zip\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcloudbuildServiceAccount, err := serviceaccount.NewAccount(ctx, \"cloudbuild_service_account\", \u0026serviceaccount.AccountArgs{\n\t\t\tAccountId: pulumi.String(\"build-sa\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tactAs, err := projects.NewIAMMember(ctx, \"act_as\", \u0026projects.IAMMemberArgs{\n\t\t\tProject: pulumi.String(project.ProjectId),\n\t\t\tRole: pulumi.String(\"roles/iam.serviceAccountUser\"),\n\t\t\tMember: cloudbuildServiceAccount.Email.ApplyT(func(email string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"serviceAccount:%v\", email), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tlogsWriter, err := projects.NewIAMMember(ctx, \"logs_writer\", \u0026projects.IAMMemberArgs{\n\t\t\tProject: pulumi.String(project.ProjectId),\n\t\t\tRole: pulumi.String(\"roles/logging.logWriter\"),\n\t\t\tMember: cloudbuildServiceAccount.Email.ApplyT(func(email string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"serviceAccount:%v\", email), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudrunv2.NewService(ctx, \"default\", \u0026cloudrunv2.ServiceArgs{\n\t\t\tName: pulumi.String(\"cloudrun-service\"),\n\t\t\tLocation: pulumi.String(\"us-central1\"),\n\t\t\tDeletionProtection: pulumi.Bool(false),\n\t\t\tIngress: pulumi.String(\"INGRESS_TRAFFIC_ALL\"),\n\t\t\tTemplate: \u0026cloudrunv2.ServiceTemplateArgs{\n\t\t\t\tContainers: cloudrunv2.ServiceTemplateContainerArray{\n\t\t\t\t\t\u0026cloudrunv2.ServiceTemplateContainerArgs{\n\t\t\t\t\t\tImage: pulumi.String(\"us-docker.pkg.dev/cloudrun/container/hello\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tBuildConfig: \u0026cloudrunv2.ServiceBuildConfigArgs{\n\t\t\t\tSourceLocation: pulumi.All(bucket.Name, object.Name).ApplyT(func(_args []interface{}) (string, error) {\n\t\t\t\t\tbucketName := _args[0].(string)\n\t\t\t\t\tobjectName := _args[1].(string)\n\t\t\t\t\treturn fmt.Sprintf(\"gs://%v/%v\", bucketName, objectName), nil\n\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\tFunctionTarget: pulumi.String(\"helloHttp\"),\n\t\t\t\tImageUri: pulumi.String(\"us-docker.pkg.dev/cloudrun/container/hello\"),\n\t\t\t\tBaseImage: pulumi.String(\"us-central1-docker.pkg.dev/serverless-runtimes/google-22-full/runtimes/nodejs22\"),\n\t\t\t\tEnableAutomaticUpdates: pulumi.Bool(true),\n\t\t\t\tWorkerPool: pulumi.String(\"worker-pool\"),\n\t\t\t\tEnvironmentVariables: pulumi.StringMap{\n\t\t\t\t\t\"FOO_KEY\": pulumi.String(\"FOO_VALUE\"),\n\t\t\t\t\t\"BAR_KEY\": pulumi.String(\"BAR_VALUE\"),\n\t\t\t\t},\n\t\t\t\tServiceAccount: cloudbuildServiceAccount.ID(),\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tactAs,\n\t\t\tlogsWriter,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.organizations.OrganizationsFunctions;\nimport com.pulumi.gcp.organizations.inputs.GetProjectArgs;\nimport com.pulumi.gcp.storage.Bucket;\nimport com.pulumi.gcp.storage.BucketArgs;\nimport com.pulumi.gcp.storage.BucketObject;\nimport com.pulumi.gcp.storage.BucketObjectArgs;\nimport com.pulumi.gcp.serviceaccount.Account;\nimport com.pulumi.gcp.serviceaccount.AccountArgs;\nimport com.pulumi.gcp.projects.IAMMember;\nimport com.pulumi.gcp.projects.IAMMemberArgs;\nimport com.pulumi.gcp.cloudrunv2.Service;\nimport com.pulumi.gcp.cloudrunv2.ServiceArgs;\nimport com.pulumi.gcp.cloudrunv2.inputs.ServiceTemplateArgs;\nimport com.pulumi.gcp.cloudrunv2.inputs.ServiceBuildConfigArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport com.pulumi.asset.FileAsset;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var project = OrganizationsFunctions.getProject();\n\n var bucket = new Bucket(\"bucket\", BucketArgs.builder()\n .name(String.format(\"%s-gcf-source\", project.applyValue(getProjectResult -\u003e getProjectResult.projectId())))\n .location(\"US\")\n .uniformBucketLevelAccess(true)\n .build());\n\n var object = new BucketObject(\"object\", BucketObjectArgs.builder()\n .name(\"function-source.zip\")\n .bucket(bucket.name())\n .source(new FileAsset(\"function_source.zip\"))\n .build());\n\n var cloudbuildServiceAccount = new Account(\"cloudbuildServiceAccount\", AccountArgs.builder()\n .accountId(\"build-sa\")\n .build());\n\n var actAs = new IAMMember(\"actAs\", IAMMemberArgs.builder()\n .project(project.applyValue(getProjectResult -\u003e getProjectResult.projectId()))\n .role(\"roles/iam.serviceAccountUser\")\n .member(cloudbuildServiceAccount.email().applyValue(email -\u003e String.format(\"serviceAccount:%s\", email)))\n .build());\n\n var logsWriter = new IAMMember(\"logsWriter\", IAMMemberArgs.builder()\n .project(project.applyValue(getProjectResult -\u003e getProjectResult.projectId()))\n .role(\"roles/logging.logWriter\")\n .member(cloudbuildServiceAccount.email().applyValue(email -\u003e String.format(\"serviceAccount:%s\", email)))\n .build());\n\n var default_ = new Service(\"default\", ServiceArgs.builder()\n .name(\"cloudrun-service\")\n .location(\"us-central1\")\n .deletionProtection(false)\n .ingress(\"INGRESS_TRAFFIC_ALL\")\n .template(ServiceTemplateArgs.builder()\n .containers(ServiceTemplateContainerArgs.builder()\n .image(\"us-docker.pkg.dev/cloudrun/container/hello\")\n .build())\n .build())\n .buildConfig(ServiceBuildConfigArgs.builder()\n .sourceLocation(Output.tuple(bucket.name(), object.name()).applyValue(values -\u003e {\n var bucketName = values.t1;\n var objectName = values.t2;\n return String.format(\"gs://%s/%s\", bucketName,objectName);\n }))\n .functionTarget(\"helloHttp\")\n .imageUri(\"us-docker.pkg.dev/cloudrun/container/hello\")\n .baseImage(\"us-central1-docker.pkg.dev/serverless-runtimes/google-22-full/runtimes/nodejs22\")\n .enableAutomaticUpdates(true)\n .workerPool(\"worker-pool\")\n .environmentVariables(Map.ofEntries(\n Map.entry(\"FOO_KEY\", \"FOO_VALUE\"),\n Map.entry(\"BAR_KEY\", \"BAR_VALUE\")\n ))\n .serviceAccount(cloudbuildServiceAccount.id())\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn( \n actAs,\n logsWriter)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: gcp:cloudrunv2:Service\n properties:\n name: cloudrun-service\n location: us-central1\n deletionProtection: false\n ingress: INGRESS_TRAFFIC_ALL\n template:\n containers:\n - image: us-docker.pkg.dev/cloudrun/container/hello\n buildConfig:\n sourceLocation: gs://${bucket.name}/${object.name}\n functionTarget: helloHttp\n imageUri: us-docker.pkg.dev/cloudrun/container/hello\n baseImage: us-central1-docker.pkg.dev/serverless-runtimes/google-22-full/runtimes/nodejs22\n enableAutomaticUpdates: true\n workerPool: worker-pool\n environmentVariables:\n FOO_KEY: FOO_VALUE\n BAR_KEY: BAR_VALUE\n serviceAccount: ${cloudbuildServiceAccount.id}\n options:\n dependsOn:\n - ${actAs}\n - ${logsWriter}\n bucket:\n type: gcp:storage:Bucket\n properties:\n name: ${project.projectId}-gcf-source\n location: US\n uniformBucketLevelAccess: true\n object:\n type: gcp:storage:BucketObject\n properties:\n name: function-source.zip\n bucket: ${bucket.name}\n source:\n fn::FileAsset: function_source.zip\n cloudbuildServiceAccount:\n type: gcp:serviceaccount:Account\n name: cloudbuild_service_account\n properties:\n accountId: build-sa\n actAs:\n type: gcp:projects:IAMMember\n name: act_as\n properties:\n project: ${project.projectId}\n role: roles/iam.serviceAccountUser\n member: serviceAccount:${cloudbuildServiceAccount.email}\n logsWriter:\n type: gcp:projects:IAMMember\n name: logs_writer\n properties:\n project: ${project.projectId}\n role: roles/logging.logWriter\n member: serviceAccount:${cloudbuildServiceAccount.email}\nvariables:\n project:\n fn::invoke:\n function: gcp:organizations:getProject\n arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nService can be imported using any of these accepted formats:\n\n* `projects/{{project}}/locations/{{location}}/services/{{name}}`\n\n* `{{project}}/{{location}}/{{name}}`\n\n* `{{location}}/{{name}}`\n\nWhen using the `pulumi import` command, Service can be imported using one of the formats above. For example:\n\n```sh\n$ pulumi import gcp:cloudrunv2/service:Service default projects/{{project}}/locations/{{location}}/services/{{name}}\n```\n\n```sh\n$ pulumi import gcp:cloudrunv2/service:Service default {{project}}/{{location}}/{{name}}\n```\n\n```sh\n$ pulumi import gcp:cloudrunv2/service:Service default {{location}}/{{name}}\n```\n\n", "properties": { "annotations": { "type": "object", @@ -162778,6 +163955,10 @@ "$ref": "#/types/gcp:cloudrunv2/ServiceBinaryAuthorization:ServiceBinaryAuthorization", "description": "Settings for the Binary Authorization feature.\n" }, + "buildConfig": { + "$ref": "#/types/gcp:cloudrunv2/ServiceBuildConfig:ServiceBuildConfig", + "description": "Configuration for building a Cloud Run function.\n" + }, "client": { "type": "string", "description": "Arbitrary identifier for the API client.\n" @@ -162998,6 +164179,10 @@ "$ref": "#/types/gcp:cloudrunv2/ServiceBinaryAuthorization:ServiceBinaryAuthorization", "description": "Settings for the Binary Authorization feature.\n" }, + "buildConfig": { + "$ref": "#/types/gcp:cloudrunv2/ServiceBuildConfig:ServiceBuildConfig", + "description": "Configuration for building a Cloud Run function.\n" + }, "client": { "type": "string", "description": "Arbitrary identifier for the API client.\n" @@ -163091,6 +164276,10 @@ "$ref": "#/types/gcp:cloudrunv2/ServiceBinaryAuthorization:ServiceBinaryAuthorization", "description": "Settings for the Binary Authorization feature.\n" }, + "buildConfig": { + "$ref": "#/types/gcp:cloudrunv2/ServiceBuildConfig:ServiceBuildConfig", + "description": "Configuration for building a Cloud Run function.\n" + }, "client": { "type": "string", "description": "Arbitrary identifier for the API client.\n" @@ -164218,6 +165407,117 @@ "type": "object" } }, + "gcp:colab/runtime:Runtime": { + "description": "'A runtime is a Google-provisioned virtual machine (VM) that can run the code in your notebook (IPYNB file).'\n\n\nTo get more information about Runtime, see:\n\n* [API documentation](https://cloud.google.com/vertex-ai/docs/reference/rest/v1/projects.locations.notebookRuntimes)\n* How-to Guides\n * [Create a runtime](https://cloud.google.com/colab/docs/create-runtime)\n\n## Example Usage\n\n### Colab Runtime Basic\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst myTemplate = new gcp.colab.RuntimeTemplate(\"my_template\", {\n name: \"colab-runtime\",\n displayName: \"Runtime template basic\",\n location: \"us-central1\",\n machineSpec: {\n machineType: \"e2-standard-4\",\n },\n networkSpec: {\n enableInternetAccess: true,\n },\n});\nconst runtime = new gcp.colab.Runtime(\"runtime\", {\n name: \"colab-runtime\",\n location: \"us-central1\",\n notebookRuntimeTemplateRef: {\n notebookRuntimeTemplate: myTemplate.id,\n },\n displayName: \"Runtime basic\",\n runtimeUser: \"gterraformtestuser@gmail.com\",\n}, {\n dependsOn: [myTemplate],\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nmy_template = gcp.colab.RuntimeTemplate(\"my_template\",\n name=\"colab-runtime\",\n display_name=\"Runtime template basic\",\n location=\"us-central1\",\n machine_spec={\n \"machine_type\": \"e2-standard-4\",\n },\n network_spec={\n \"enable_internet_access\": True,\n })\nruntime = gcp.colab.Runtime(\"runtime\",\n name=\"colab-runtime\",\n location=\"us-central1\",\n notebook_runtime_template_ref={\n \"notebook_runtime_template\": my_template.id,\n },\n display_name=\"Runtime basic\",\n runtime_user=\"gterraformtestuser@gmail.com\",\n opts = pulumi.ResourceOptions(depends_on=[my_template]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var myTemplate = new Gcp.Colab.RuntimeTemplate(\"my_template\", new()\n {\n Name = \"colab-runtime\",\n DisplayName = \"Runtime template basic\",\n Location = \"us-central1\",\n MachineSpec = new Gcp.Colab.Inputs.RuntimeTemplateMachineSpecArgs\n {\n MachineType = \"e2-standard-4\",\n },\n NetworkSpec = new Gcp.Colab.Inputs.RuntimeTemplateNetworkSpecArgs\n {\n EnableInternetAccess = true,\n },\n });\n\n var runtime = new Gcp.Colab.Runtime(\"runtime\", new()\n {\n Name = \"colab-runtime\",\n Location = \"us-central1\",\n NotebookRuntimeTemplateRef = new Gcp.Colab.Inputs.RuntimeNotebookRuntimeTemplateRefArgs\n {\n NotebookRuntimeTemplate = myTemplate.Id,\n },\n DisplayName = \"Runtime basic\",\n RuntimeUser = \"gterraformtestuser@gmail.com\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n myTemplate,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/colab\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmyTemplate, err := colab.NewRuntimeTemplate(ctx, \"my_template\", \u0026colab.RuntimeTemplateArgs{\n\t\t\tName: pulumi.String(\"colab-runtime\"),\n\t\t\tDisplayName: pulumi.String(\"Runtime template basic\"),\n\t\t\tLocation: pulumi.String(\"us-central1\"),\n\t\t\tMachineSpec: \u0026colab.RuntimeTemplateMachineSpecArgs{\n\t\t\t\tMachineType: pulumi.String(\"e2-standard-4\"),\n\t\t\t},\n\t\t\tNetworkSpec: \u0026colab.RuntimeTemplateNetworkSpecArgs{\n\t\t\t\tEnableInternetAccess: pulumi.Bool(true),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = colab.NewRuntime(ctx, \"runtime\", \u0026colab.RuntimeArgs{\n\t\t\tName: pulumi.String(\"colab-runtime\"),\n\t\t\tLocation: pulumi.String(\"us-central1\"),\n\t\t\tNotebookRuntimeTemplateRef: \u0026colab.RuntimeNotebookRuntimeTemplateRefArgs{\n\t\t\t\tNotebookRuntimeTemplate: myTemplate.ID(),\n\t\t\t},\n\t\t\tDisplayName: pulumi.String(\"Runtime basic\"),\n\t\t\tRuntimeUser: pulumi.String(\"gterraformtestuser@gmail.com\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tmyTemplate,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.colab.RuntimeTemplate;\nimport com.pulumi.gcp.colab.RuntimeTemplateArgs;\nimport com.pulumi.gcp.colab.inputs.RuntimeTemplateMachineSpecArgs;\nimport com.pulumi.gcp.colab.inputs.RuntimeTemplateNetworkSpecArgs;\nimport com.pulumi.gcp.colab.Runtime;\nimport com.pulumi.gcp.colab.RuntimeArgs;\nimport com.pulumi.gcp.colab.inputs.RuntimeNotebookRuntimeTemplateRefArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var myTemplate = new RuntimeTemplate(\"myTemplate\", RuntimeTemplateArgs.builder()\n .name(\"colab-runtime\")\n .displayName(\"Runtime template basic\")\n .location(\"us-central1\")\n .machineSpec(RuntimeTemplateMachineSpecArgs.builder()\n .machineType(\"e2-standard-4\")\n .build())\n .networkSpec(RuntimeTemplateNetworkSpecArgs.builder()\n .enableInternetAccess(true)\n .build())\n .build());\n\n var runtime = new Runtime(\"runtime\", RuntimeArgs.builder()\n .name(\"colab-runtime\")\n .location(\"us-central1\")\n .notebookRuntimeTemplateRef(RuntimeNotebookRuntimeTemplateRefArgs.builder()\n .notebookRuntimeTemplate(myTemplate.id())\n .build())\n .displayName(\"Runtime basic\")\n .runtimeUser(\"gterraformtestuser@gmail.com\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(myTemplate)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n myTemplate:\n type: gcp:colab:RuntimeTemplate\n name: my_template\n properties:\n name: colab-runtime\n displayName: Runtime template basic\n location: us-central1\n machineSpec:\n machineType: e2-standard-4\n networkSpec:\n enableInternetAccess: true\n runtime:\n type: gcp:colab:Runtime\n properties:\n name: colab-runtime\n location: us-central1\n notebookRuntimeTemplateRef:\n notebookRuntimeTemplate: ${myTemplate.id}\n displayName: Runtime basic\n runtimeUser: gterraformtestuser@gmail.com\n options:\n dependsOn:\n - ${myTemplate}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Colab Runtime Full\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst myTemplate = new gcp.colab.RuntimeTemplate(\"my_template\", {\n name: \"colab-runtime\",\n displayName: \"Runtime template full\",\n location: \"us-central1\",\n description: \"Full runtime template\",\n machineSpec: {\n machineType: \"n1-standard-2\",\n acceleratorType: \"NVIDIA_TESLA_T4\",\n acceleratorCount: 1,\n },\n dataPersistentDiskSpec: {\n diskType: \"pd-standard\",\n diskSizeGb: \"200\",\n },\n networkSpec: {\n enableInternetAccess: true,\n },\n labels: {\n k: \"val\",\n },\n idleShutdownConfig: {\n idleTimeout: \"3600s\",\n },\n eucConfig: {\n eucDisabled: true,\n },\n shieldedVmConfig: {\n enableSecureBoot: true,\n },\n networkTags: [\n \"abc\",\n \"def\",\n ],\n encryptionSpec: {\n kmsKeyName: \"my-crypto-key\",\n },\n});\nconst runtime = new gcp.colab.Runtime(\"runtime\", {\n name: \"colab-runtime\",\n location: \"us-central1\",\n notebookRuntimeTemplateRef: {\n notebookRuntimeTemplate: myTemplate.id,\n },\n displayName: \"Runtime full\",\n runtimeUser: \"gterraformtestuser@gmail.com\",\n description: \"Full runtime\",\n}, {\n dependsOn: [myTemplate],\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nmy_template = gcp.colab.RuntimeTemplate(\"my_template\",\n name=\"colab-runtime\",\n display_name=\"Runtime template full\",\n location=\"us-central1\",\n description=\"Full runtime template\",\n machine_spec={\n \"machine_type\": \"n1-standard-2\",\n \"accelerator_type\": \"NVIDIA_TESLA_T4\",\n \"accelerator_count\": 1,\n },\n data_persistent_disk_spec={\n \"disk_type\": \"pd-standard\",\n \"disk_size_gb\": \"200\",\n },\n network_spec={\n \"enable_internet_access\": True,\n },\n labels={\n \"k\": \"val\",\n },\n idle_shutdown_config={\n \"idle_timeout\": \"3600s\",\n },\n euc_config={\n \"euc_disabled\": True,\n },\n shielded_vm_config={\n \"enable_secure_boot\": True,\n },\n network_tags=[\n \"abc\",\n \"def\",\n ],\n encryption_spec={\n \"kms_key_name\": \"my-crypto-key\",\n })\nruntime = gcp.colab.Runtime(\"runtime\",\n name=\"colab-runtime\",\n location=\"us-central1\",\n notebook_runtime_template_ref={\n \"notebook_runtime_template\": my_template.id,\n },\n display_name=\"Runtime full\",\n runtime_user=\"gterraformtestuser@gmail.com\",\n description=\"Full runtime\",\n opts = pulumi.ResourceOptions(depends_on=[my_template]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var myTemplate = new Gcp.Colab.RuntimeTemplate(\"my_template\", new()\n {\n Name = \"colab-runtime\",\n DisplayName = \"Runtime template full\",\n Location = \"us-central1\",\n Description = \"Full runtime template\",\n MachineSpec = new Gcp.Colab.Inputs.RuntimeTemplateMachineSpecArgs\n {\n MachineType = \"n1-standard-2\",\n AcceleratorType = \"NVIDIA_TESLA_T4\",\n AcceleratorCount = 1,\n },\n DataPersistentDiskSpec = new Gcp.Colab.Inputs.RuntimeTemplateDataPersistentDiskSpecArgs\n {\n DiskType = \"pd-standard\",\n DiskSizeGb = \"200\",\n },\n NetworkSpec = new Gcp.Colab.Inputs.RuntimeTemplateNetworkSpecArgs\n {\n EnableInternetAccess = true,\n },\n Labels = \n {\n { \"k\", \"val\" },\n },\n IdleShutdownConfig = new Gcp.Colab.Inputs.RuntimeTemplateIdleShutdownConfigArgs\n {\n IdleTimeout = \"3600s\",\n },\n EucConfig = new Gcp.Colab.Inputs.RuntimeTemplateEucConfigArgs\n {\n EucDisabled = true,\n },\n ShieldedVmConfig = new Gcp.Colab.Inputs.RuntimeTemplateShieldedVmConfigArgs\n {\n EnableSecureBoot = true,\n },\n NetworkTags = new[]\n {\n \"abc\",\n \"def\",\n },\n EncryptionSpec = new Gcp.Colab.Inputs.RuntimeTemplateEncryptionSpecArgs\n {\n KmsKeyName = \"my-crypto-key\",\n },\n });\n\n var runtime = new Gcp.Colab.Runtime(\"runtime\", new()\n {\n Name = \"colab-runtime\",\n Location = \"us-central1\",\n NotebookRuntimeTemplateRef = new Gcp.Colab.Inputs.RuntimeNotebookRuntimeTemplateRefArgs\n {\n NotebookRuntimeTemplate = myTemplate.Id,\n },\n DisplayName = \"Runtime full\",\n RuntimeUser = \"gterraformtestuser@gmail.com\",\n Description = \"Full runtime\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n myTemplate,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/colab\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmyTemplate, err := colab.NewRuntimeTemplate(ctx, \"my_template\", \u0026colab.RuntimeTemplateArgs{\n\t\t\tName: pulumi.String(\"colab-runtime\"),\n\t\t\tDisplayName: pulumi.String(\"Runtime template full\"),\n\t\t\tLocation: pulumi.String(\"us-central1\"),\n\t\t\tDescription: pulumi.String(\"Full runtime template\"),\n\t\t\tMachineSpec: \u0026colab.RuntimeTemplateMachineSpecArgs{\n\t\t\t\tMachineType: pulumi.String(\"n1-standard-2\"),\n\t\t\t\tAcceleratorType: pulumi.String(\"NVIDIA_TESLA_T4\"),\n\t\t\t\tAcceleratorCount: pulumi.Int(1),\n\t\t\t},\n\t\t\tDataPersistentDiskSpec: \u0026colab.RuntimeTemplateDataPersistentDiskSpecArgs{\n\t\t\t\tDiskType: pulumi.String(\"pd-standard\"),\n\t\t\t\tDiskSizeGb: pulumi.String(\"200\"),\n\t\t\t},\n\t\t\tNetworkSpec: \u0026colab.RuntimeTemplateNetworkSpecArgs{\n\t\t\t\tEnableInternetAccess: pulumi.Bool(true),\n\t\t\t},\n\t\t\tLabels: pulumi.StringMap{\n\t\t\t\t\"k\": pulumi.String(\"val\"),\n\t\t\t},\n\t\t\tIdleShutdownConfig: \u0026colab.RuntimeTemplateIdleShutdownConfigArgs{\n\t\t\t\tIdleTimeout: pulumi.String(\"3600s\"),\n\t\t\t},\n\t\t\tEucConfig: \u0026colab.RuntimeTemplateEucConfigArgs{\n\t\t\t\tEucDisabled: pulumi.Bool(true),\n\t\t\t},\n\t\t\tShieldedVmConfig: \u0026colab.RuntimeTemplateShieldedVmConfigArgs{\n\t\t\t\tEnableSecureBoot: pulumi.Bool(true),\n\t\t\t},\n\t\t\tNetworkTags: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"abc\"),\n\t\t\t\tpulumi.String(\"def\"),\n\t\t\t},\n\t\t\tEncryptionSpec: \u0026colab.RuntimeTemplateEncryptionSpecArgs{\n\t\t\t\tKmsKeyName: pulumi.String(\"my-crypto-key\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = colab.NewRuntime(ctx, \"runtime\", \u0026colab.RuntimeArgs{\n\t\t\tName: pulumi.String(\"colab-runtime\"),\n\t\t\tLocation: pulumi.String(\"us-central1\"),\n\t\t\tNotebookRuntimeTemplateRef: \u0026colab.RuntimeNotebookRuntimeTemplateRefArgs{\n\t\t\t\tNotebookRuntimeTemplate: myTemplate.ID(),\n\t\t\t},\n\t\t\tDisplayName: pulumi.String(\"Runtime full\"),\n\t\t\tRuntimeUser: pulumi.String(\"gterraformtestuser@gmail.com\"),\n\t\t\tDescription: pulumi.String(\"Full runtime\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tmyTemplate,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.colab.RuntimeTemplate;\nimport com.pulumi.gcp.colab.RuntimeTemplateArgs;\nimport com.pulumi.gcp.colab.inputs.RuntimeTemplateMachineSpecArgs;\nimport com.pulumi.gcp.colab.inputs.RuntimeTemplateDataPersistentDiskSpecArgs;\nimport com.pulumi.gcp.colab.inputs.RuntimeTemplateNetworkSpecArgs;\nimport com.pulumi.gcp.colab.inputs.RuntimeTemplateIdleShutdownConfigArgs;\nimport com.pulumi.gcp.colab.inputs.RuntimeTemplateEucConfigArgs;\nimport com.pulumi.gcp.colab.inputs.RuntimeTemplateShieldedVmConfigArgs;\nimport com.pulumi.gcp.colab.inputs.RuntimeTemplateEncryptionSpecArgs;\nimport com.pulumi.gcp.colab.Runtime;\nimport com.pulumi.gcp.colab.RuntimeArgs;\nimport com.pulumi.gcp.colab.inputs.RuntimeNotebookRuntimeTemplateRefArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var myTemplate = new RuntimeTemplate(\"myTemplate\", RuntimeTemplateArgs.builder()\n .name(\"colab-runtime\")\n .displayName(\"Runtime template full\")\n .location(\"us-central1\")\n .description(\"Full runtime template\")\n .machineSpec(RuntimeTemplateMachineSpecArgs.builder()\n .machineType(\"n1-standard-2\")\n .acceleratorType(\"NVIDIA_TESLA_T4\")\n .acceleratorCount(\"1\")\n .build())\n .dataPersistentDiskSpec(RuntimeTemplateDataPersistentDiskSpecArgs.builder()\n .diskType(\"pd-standard\")\n .diskSizeGb(200)\n .build())\n .networkSpec(RuntimeTemplateNetworkSpecArgs.builder()\n .enableInternetAccess(true)\n .build())\n .labels(Map.of(\"k\", \"val\"))\n .idleShutdownConfig(RuntimeTemplateIdleShutdownConfigArgs.builder()\n .idleTimeout(\"3600s\")\n .build())\n .eucConfig(RuntimeTemplateEucConfigArgs.builder()\n .eucDisabled(true)\n .build())\n .shieldedVmConfig(RuntimeTemplateShieldedVmConfigArgs.builder()\n .enableSecureBoot(true)\n .build())\n .networkTags( \n \"abc\",\n \"def\")\n .encryptionSpec(RuntimeTemplateEncryptionSpecArgs.builder()\n .kmsKeyName(\"my-crypto-key\")\n .build())\n .build());\n\n var runtime = new Runtime(\"runtime\", RuntimeArgs.builder()\n .name(\"colab-runtime\")\n .location(\"us-central1\")\n .notebookRuntimeTemplateRef(RuntimeNotebookRuntimeTemplateRefArgs.builder()\n .notebookRuntimeTemplate(myTemplate.id())\n .build())\n .displayName(\"Runtime full\")\n .runtimeUser(\"gterraformtestuser@gmail.com\")\n .description(\"Full runtime\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(myTemplate)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n myTemplate:\n type: gcp:colab:RuntimeTemplate\n name: my_template\n properties:\n name: colab-runtime\n displayName: Runtime template full\n location: us-central1\n description: Full runtime template\n machineSpec:\n machineType: n1-standard-2\n acceleratorType: NVIDIA_TESLA_T4\n acceleratorCount: '1'\n dataPersistentDiskSpec:\n diskType: pd-standard\n diskSizeGb: 200\n networkSpec:\n enableInternetAccess: true\n labels:\n k: val\n idleShutdownConfig:\n idleTimeout: 3600s\n eucConfig:\n eucDisabled: true\n shieldedVmConfig:\n enableSecureBoot: true\n networkTags:\n - abc\n - def\n encryptionSpec:\n kmsKeyName: my-crypto-key\n runtime:\n type: gcp:colab:Runtime\n properties:\n name: colab-runtime\n location: us-central1\n notebookRuntimeTemplateRef:\n notebookRuntimeTemplate: ${myTemplate.id}\n displayName: Runtime full\n runtimeUser: gterraformtestuser@gmail.com\n description: Full runtime\n options:\n dependsOn:\n - ${myTemplate}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nRuntime can be imported using any of these accepted formats:\n\n* `projects/{{project}}/locations/{{location}}/notebookRuntimes/{{name}}`\n\n* `{{project}}/{{location}}/{{name}}`\n\n* `{{location}}/{{name}}`\n\nWhen using the `pulumi import` command, Runtime can be imported using one of the formats above. For example:\n\n```sh\n$ pulumi import gcp:colab/runtime:Runtime default projects/{{project}}/locations/{{location}}/notebookRuntimes/{{name}}\n```\n\n```sh\n$ pulumi import gcp:colab/runtime:Runtime default {{project}}/{{location}}/{{name}}\n```\n\n```sh\n$ pulumi import gcp:colab/runtime:Runtime default {{location}}/{{name}}\n```\n\n", + "properties": { + "description": { + "type": "string", + "description": "The description of the Runtime.\n" + }, + "displayName": { + "type": "string", + "description": "Required. The display name of the Runtime.\n" + }, + "location": { + "type": "string", + "description": "The location for the resource: https://cloud.google.com/colab/docs/locations\n\n\n- - -\n" + }, + "name": { + "type": "string", + "description": "The resource name of the Runtime\n" + }, + "notebookRuntimeTemplateRef": { + "$ref": "#/types/gcp:colab/RuntimeNotebookRuntimeTemplateRef:RuntimeNotebookRuntimeTemplateRef", + "description": "'Runtime specific information used for NotebookRuntime creation.'\nStructure is documented below.\n" + }, + "project": { + "type": "string", + "description": "The ID of the project in which the resource belongs.\nIf it is not provided, the provider project is used.\n" + }, + "runtimeUser": { + "type": "string", + "description": "The user email of the NotebookRuntime.\n" + } + }, + "required": [ + "displayName", + "location", + "name", + "project", + "runtimeUser" + ], + "inputProperties": { + "description": { + "type": "string", + "description": "The description of the Runtime.\n" + }, + "displayName": { + "type": "string", + "description": "Required. The display name of the Runtime.\n" + }, + "location": { + "type": "string", + "description": "The location for the resource: https://cloud.google.com/colab/docs/locations\n\n\n- - -\n" + }, + "name": { + "type": "string", + "description": "The resource name of the Runtime\n" + }, + "notebookRuntimeTemplateRef": { + "$ref": "#/types/gcp:colab/RuntimeNotebookRuntimeTemplateRef:RuntimeNotebookRuntimeTemplateRef", + "description": "'Runtime specific information used for NotebookRuntime creation.'\nStructure is documented below.\n" + }, + "project": { + "type": "string", + "description": "The ID of the project in which the resource belongs.\nIf it is not provided, the provider project is used.\n", + "willReplaceOnChanges": true + }, + "runtimeUser": { + "type": "string", + "description": "The user email of the NotebookRuntime.\n" + } + }, + "requiredInputs": [ + "displayName", + "location", + "runtimeUser" + ], + "stateInputs": { + "description": "Input properties used for looking up and filtering Runtime resources.\n", + "properties": { + "description": { + "type": "string", + "description": "The description of the Runtime.\n" + }, + "displayName": { + "type": "string", + "description": "Required. The display name of the Runtime.\n" + }, + "location": { + "type": "string", + "description": "The location for the resource: https://cloud.google.com/colab/docs/locations\n\n\n- - -\n" + }, + "name": { + "type": "string", + "description": "The resource name of the Runtime\n" + }, + "notebookRuntimeTemplateRef": { + "$ref": "#/types/gcp:colab/RuntimeNotebookRuntimeTemplateRef:RuntimeNotebookRuntimeTemplateRef", + "description": "'Runtime specific information used for NotebookRuntime creation.'\nStructure is documented below.\n" + }, + "project": { + "type": "string", + "description": "The ID of the project in which the resource belongs.\nIf it is not provided, the provider project is used.\n", + "willReplaceOnChanges": true + }, + "runtimeUser": { + "type": "string", + "description": "The user email of the NotebookRuntime.\n" + } + }, + "type": "object" + } + }, "gcp:colab/runtimeTemplate:RuntimeTemplate": { "description": "'A runtime template is a VM configuration that specifies a machine type and other characteristics of the VM,\n as well as common settings such as the network and whether public internet access is enabled. When you create\n a runtime, its VM is created according to the specifications of a runtime template.'\n\n\nTo get more information about RuntimeTemplate, see:\n\n* [API documentation](https://cloud.google.com/vertex-ai/docs/reference/rest/v1/projects.locations.notebookRuntimeTemplates)\n* How-to Guides\n * [Create a runtime template](https://cloud.google.com/colab/docs/create-runtime-template)\n\n## Example Usage\n\n### Colab Runtime Template Basic\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst runtime_template = new gcp.colab.RuntimeTemplate(\"runtime-template\", {\n name: \"colab-runtime-template\",\n displayName: \"Runtime template basic\",\n location: \"us-central1\",\n machineSpec: {\n machineType: \"e2-standard-4\",\n },\n networkSpec: {\n enableInternetAccess: true,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nruntime_template = gcp.colab.RuntimeTemplate(\"runtime-template\",\n name=\"colab-runtime-template\",\n display_name=\"Runtime template basic\",\n location=\"us-central1\",\n machine_spec={\n \"machine_type\": \"e2-standard-4\",\n },\n network_spec={\n \"enable_internet_access\": True,\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var runtime_template = new Gcp.Colab.RuntimeTemplate(\"runtime-template\", new()\n {\n Name = \"colab-runtime-template\",\n DisplayName = \"Runtime template basic\",\n Location = \"us-central1\",\n MachineSpec = new Gcp.Colab.Inputs.RuntimeTemplateMachineSpecArgs\n {\n MachineType = \"e2-standard-4\",\n },\n NetworkSpec = new Gcp.Colab.Inputs.RuntimeTemplateNetworkSpecArgs\n {\n EnableInternetAccess = true,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/colab\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := colab.NewRuntimeTemplate(ctx, \"runtime-template\", \u0026colab.RuntimeTemplateArgs{\n\t\t\tName: pulumi.String(\"colab-runtime-template\"),\n\t\t\tDisplayName: pulumi.String(\"Runtime template basic\"),\n\t\t\tLocation: pulumi.String(\"us-central1\"),\n\t\t\tMachineSpec: \u0026colab.RuntimeTemplateMachineSpecArgs{\n\t\t\t\tMachineType: pulumi.String(\"e2-standard-4\"),\n\t\t\t},\n\t\t\tNetworkSpec: \u0026colab.RuntimeTemplateNetworkSpecArgs{\n\t\t\t\tEnableInternetAccess: pulumi.Bool(true),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.colab.RuntimeTemplate;\nimport com.pulumi.gcp.colab.RuntimeTemplateArgs;\nimport com.pulumi.gcp.colab.inputs.RuntimeTemplateMachineSpecArgs;\nimport com.pulumi.gcp.colab.inputs.RuntimeTemplateNetworkSpecArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var runtime_template = new RuntimeTemplate(\"runtime-template\", RuntimeTemplateArgs.builder()\n .name(\"colab-runtime-template\")\n .displayName(\"Runtime template basic\")\n .location(\"us-central1\")\n .machineSpec(RuntimeTemplateMachineSpecArgs.builder()\n .machineType(\"e2-standard-4\")\n .build())\n .networkSpec(RuntimeTemplateNetworkSpecArgs.builder()\n .enableInternetAccess(true)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n runtime-template:\n type: gcp:colab:RuntimeTemplate\n properties:\n name: colab-runtime-template\n displayName: Runtime template basic\n location: us-central1\n machineSpec:\n machineType: e2-standard-4\n networkSpec:\n enableInternetAccess: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Colab Runtime Template No Name\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst runtime_template = new gcp.colab.RuntimeTemplate(\"runtime-template\", {\n displayName: \"Runtime template no name\",\n location: \"us-central1\",\n machineSpec: {\n machineType: \"e2-standard-4\",\n },\n networkSpec: {\n enableInternetAccess: true,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nruntime_template = gcp.colab.RuntimeTemplate(\"runtime-template\",\n display_name=\"Runtime template no name\",\n location=\"us-central1\",\n machine_spec={\n \"machine_type\": \"e2-standard-4\",\n },\n network_spec={\n \"enable_internet_access\": True,\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var runtime_template = new Gcp.Colab.RuntimeTemplate(\"runtime-template\", new()\n {\n DisplayName = \"Runtime template no name\",\n Location = \"us-central1\",\n MachineSpec = new Gcp.Colab.Inputs.RuntimeTemplateMachineSpecArgs\n {\n MachineType = \"e2-standard-4\",\n },\n NetworkSpec = new Gcp.Colab.Inputs.RuntimeTemplateNetworkSpecArgs\n {\n EnableInternetAccess = true,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/colab\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := colab.NewRuntimeTemplate(ctx, \"runtime-template\", \u0026colab.RuntimeTemplateArgs{\n\t\t\tDisplayName: pulumi.String(\"Runtime template no name\"),\n\t\t\tLocation: pulumi.String(\"us-central1\"),\n\t\t\tMachineSpec: \u0026colab.RuntimeTemplateMachineSpecArgs{\n\t\t\t\tMachineType: pulumi.String(\"e2-standard-4\"),\n\t\t\t},\n\t\t\tNetworkSpec: \u0026colab.RuntimeTemplateNetworkSpecArgs{\n\t\t\t\tEnableInternetAccess: pulumi.Bool(true),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.colab.RuntimeTemplate;\nimport com.pulumi.gcp.colab.RuntimeTemplateArgs;\nimport com.pulumi.gcp.colab.inputs.RuntimeTemplateMachineSpecArgs;\nimport com.pulumi.gcp.colab.inputs.RuntimeTemplateNetworkSpecArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var runtime_template = new RuntimeTemplate(\"runtime-template\", RuntimeTemplateArgs.builder()\n .displayName(\"Runtime template no name\")\n .location(\"us-central1\")\n .machineSpec(RuntimeTemplateMachineSpecArgs.builder()\n .machineType(\"e2-standard-4\")\n .build())\n .networkSpec(RuntimeTemplateNetworkSpecArgs.builder()\n .enableInternetAccess(true)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n runtime-template:\n type: gcp:colab:RuntimeTemplate\n properties:\n displayName: Runtime template no name\n location: us-central1\n machineSpec:\n machineType: e2-standard-4\n networkSpec:\n enableInternetAccess: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Colab Runtime Template Full\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst myNetwork = new gcp.compute.Network(\"my_network\", {\n name: \"colab-test-default\",\n autoCreateSubnetworks: false,\n});\nconst mySubnetwork = new gcp.compute.Subnetwork(\"my_subnetwork\", {\n name: \"colab-test-default\",\n network: myNetwork.id,\n region: \"us-central1\",\n ipCidrRange: \"10.0.1.0/24\",\n});\nconst runtime_template = new gcp.colab.RuntimeTemplate(\"runtime-template\", {\n name: \"colab-runtime-template\",\n displayName: \"Runtime template full\",\n location: \"us-central1\",\n description: \"Full runtime template\",\n machineSpec: {\n machineType: \"n1-standard-2\",\n acceleratorType: \"NVIDIA_TESLA_T4\",\n acceleratorCount: 1,\n },\n dataPersistentDiskSpec: {\n diskType: \"pd-standard\",\n diskSizeGb: \"200\",\n },\n networkSpec: {\n enableInternetAccess: true,\n network: myNetwork.id,\n subnetwork: mySubnetwork.id,\n },\n labels: {\n k: \"val\",\n },\n idleShutdownConfig: {\n idleTimeout: \"3600s\",\n },\n eucConfig: {\n eucDisabled: true,\n },\n shieldedVmConfig: {\n enableSecureBoot: true,\n },\n networkTags: [\n \"abc\",\n \"def\",\n ],\n encryptionSpec: {\n kmsKeyName: \"my-crypto-key\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nmy_network = gcp.compute.Network(\"my_network\",\n name=\"colab-test-default\",\n auto_create_subnetworks=False)\nmy_subnetwork = gcp.compute.Subnetwork(\"my_subnetwork\",\n name=\"colab-test-default\",\n network=my_network.id,\n region=\"us-central1\",\n ip_cidr_range=\"10.0.1.0/24\")\nruntime_template = gcp.colab.RuntimeTemplate(\"runtime-template\",\n name=\"colab-runtime-template\",\n display_name=\"Runtime template full\",\n location=\"us-central1\",\n description=\"Full runtime template\",\n machine_spec={\n \"machine_type\": \"n1-standard-2\",\n \"accelerator_type\": \"NVIDIA_TESLA_T4\",\n \"accelerator_count\": 1,\n },\n data_persistent_disk_spec={\n \"disk_type\": \"pd-standard\",\n \"disk_size_gb\": \"200\",\n },\n network_spec={\n \"enable_internet_access\": True,\n \"network\": my_network.id,\n \"subnetwork\": my_subnetwork.id,\n },\n labels={\n \"k\": \"val\",\n },\n idle_shutdown_config={\n \"idle_timeout\": \"3600s\",\n },\n euc_config={\n \"euc_disabled\": True,\n },\n shielded_vm_config={\n \"enable_secure_boot\": True,\n },\n network_tags=[\n \"abc\",\n \"def\",\n ],\n encryption_spec={\n \"kms_key_name\": \"my-crypto-key\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var myNetwork = new Gcp.Compute.Network(\"my_network\", new()\n {\n Name = \"colab-test-default\",\n AutoCreateSubnetworks = false,\n });\n\n var mySubnetwork = new Gcp.Compute.Subnetwork(\"my_subnetwork\", new()\n {\n Name = \"colab-test-default\",\n Network = myNetwork.Id,\n Region = \"us-central1\",\n IpCidrRange = \"10.0.1.0/24\",\n });\n\n var runtime_template = new Gcp.Colab.RuntimeTemplate(\"runtime-template\", new()\n {\n Name = \"colab-runtime-template\",\n DisplayName = \"Runtime template full\",\n Location = \"us-central1\",\n Description = \"Full runtime template\",\n MachineSpec = new Gcp.Colab.Inputs.RuntimeTemplateMachineSpecArgs\n {\n MachineType = \"n1-standard-2\",\n AcceleratorType = \"NVIDIA_TESLA_T4\",\n AcceleratorCount = 1,\n },\n DataPersistentDiskSpec = new Gcp.Colab.Inputs.RuntimeTemplateDataPersistentDiskSpecArgs\n {\n DiskType = \"pd-standard\",\n DiskSizeGb = \"200\",\n },\n NetworkSpec = new Gcp.Colab.Inputs.RuntimeTemplateNetworkSpecArgs\n {\n EnableInternetAccess = true,\n Network = myNetwork.Id,\n Subnetwork = mySubnetwork.Id,\n },\n Labels = \n {\n { \"k\", \"val\" },\n },\n IdleShutdownConfig = new Gcp.Colab.Inputs.RuntimeTemplateIdleShutdownConfigArgs\n {\n IdleTimeout = \"3600s\",\n },\n EucConfig = new Gcp.Colab.Inputs.RuntimeTemplateEucConfigArgs\n {\n EucDisabled = true,\n },\n ShieldedVmConfig = new Gcp.Colab.Inputs.RuntimeTemplateShieldedVmConfigArgs\n {\n EnableSecureBoot = true,\n },\n NetworkTags = new[]\n {\n \"abc\",\n \"def\",\n },\n EncryptionSpec = new Gcp.Colab.Inputs.RuntimeTemplateEncryptionSpecArgs\n {\n KmsKeyName = \"my-crypto-key\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/colab\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmyNetwork, err := compute.NewNetwork(ctx, \"my_network\", \u0026compute.NetworkArgs{\n\t\t\tName: pulumi.String(\"colab-test-default\"),\n\t\t\tAutoCreateSubnetworks: pulumi.Bool(false),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmySubnetwork, err := compute.NewSubnetwork(ctx, \"my_subnetwork\", \u0026compute.SubnetworkArgs{\n\t\t\tName: pulumi.String(\"colab-test-default\"),\n\t\t\tNetwork: myNetwork.ID(),\n\t\t\tRegion: pulumi.String(\"us-central1\"),\n\t\t\tIpCidrRange: pulumi.String(\"10.0.1.0/24\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = colab.NewRuntimeTemplate(ctx, \"runtime-template\", \u0026colab.RuntimeTemplateArgs{\n\t\t\tName: pulumi.String(\"colab-runtime-template\"),\n\t\t\tDisplayName: pulumi.String(\"Runtime template full\"),\n\t\t\tLocation: pulumi.String(\"us-central1\"),\n\t\t\tDescription: pulumi.String(\"Full runtime template\"),\n\t\t\tMachineSpec: \u0026colab.RuntimeTemplateMachineSpecArgs{\n\t\t\t\tMachineType: pulumi.String(\"n1-standard-2\"),\n\t\t\t\tAcceleratorType: pulumi.String(\"NVIDIA_TESLA_T4\"),\n\t\t\t\tAcceleratorCount: pulumi.Int(1),\n\t\t\t},\n\t\t\tDataPersistentDiskSpec: \u0026colab.RuntimeTemplateDataPersistentDiskSpecArgs{\n\t\t\t\tDiskType: pulumi.String(\"pd-standard\"),\n\t\t\t\tDiskSizeGb: pulumi.String(\"200\"),\n\t\t\t},\n\t\t\tNetworkSpec: \u0026colab.RuntimeTemplateNetworkSpecArgs{\n\t\t\t\tEnableInternetAccess: pulumi.Bool(true),\n\t\t\t\tNetwork: myNetwork.ID(),\n\t\t\t\tSubnetwork: mySubnetwork.ID(),\n\t\t\t},\n\t\t\tLabels: pulumi.StringMap{\n\t\t\t\t\"k\": pulumi.String(\"val\"),\n\t\t\t},\n\t\t\tIdleShutdownConfig: \u0026colab.RuntimeTemplateIdleShutdownConfigArgs{\n\t\t\t\tIdleTimeout: pulumi.String(\"3600s\"),\n\t\t\t},\n\t\t\tEucConfig: \u0026colab.RuntimeTemplateEucConfigArgs{\n\t\t\t\tEucDisabled: pulumi.Bool(true),\n\t\t\t},\n\t\t\tShieldedVmConfig: \u0026colab.RuntimeTemplateShieldedVmConfigArgs{\n\t\t\t\tEnableSecureBoot: pulumi.Bool(true),\n\t\t\t},\n\t\t\tNetworkTags: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"abc\"),\n\t\t\t\tpulumi.String(\"def\"),\n\t\t\t},\n\t\t\tEncryptionSpec: \u0026colab.RuntimeTemplateEncryptionSpecArgs{\n\t\t\t\tKmsKeyName: pulumi.String(\"my-crypto-key\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.compute.Network;\nimport com.pulumi.gcp.compute.NetworkArgs;\nimport com.pulumi.gcp.compute.Subnetwork;\nimport com.pulumi.gcp.compute.SubnetworkArgs;\nimport com.pulumi.gcp.colab.RuntimeTemplate;\nimport com.pulumi.gcp.colab.RuntimeTemplateArgs;\nimport com.pulumi.gcp.colab.inputs.RuntimeTemplateMachineSpecArgs;\nimport com.pulumi.gcp.colab.inputs.RuntimeTemplateDataPersistentDiskSpecArgs;\nimport com.pulumi.gcp.colab.inputs.RuntimeTemplateNetworkSpecArgs;\nimport com.pulumi.gcp.colab.inputs.RuntimeTemplateIdleShutdownConfigArgs;\nimport com.pulumi.gcp.colab.inputs.RuntimeTemplateEucConfigArgs;\nimport com.pulumi.gcp.colab.inputs.RuntimeTemplateShieldedVmConfigArgs;\nimport com.pulumi.gcp.colab.inputs.RuntimeTemplateEncryptionSpecArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var myNetwork = new Network(\"myNetwork\", NetworkArgs.builder()\n .name(\"colab-test-default\")\n .autoCreateSubnetworks(false)\n .build());\n\n var mySubnetwork = new Subnetwork(\"mySubnetwork\", SubnetworkArgs.builder()\n .name(\"colab-test-default\")\n .network(myNetwork.id())\n .region(\"us-central1\")\n .ipCidrRange(\"10.0.1.0/24\")\n .build());\n\n var runtime_template = new RuntimeTemplate(\"runtime-template\", RuntimeTemplateArgs.builder()\n .name(\"colab-runtime-template\")\n .displayName(\"Runtime template full\")\n .location(\"us-central1\")\n .description(\"Full runtime template\")\n .machineSpec(RuntimeTemplateMachineSpecArgs.builder()\n .machineType(\"n1-standard-2\")\n .acceleratorType(\"NVIDIA_TESLA_T4\")\n .acceleratorCount(\"1\")\n .build())\n .dataPersistentDiskSpec(RuntimeTemplateDataPersistentDiskSpecArgs.builder()\n .diskType(\"pd-standard\")\n .diskSizeGb(200)\n .build())\n .networkSpec(RuntimeTemplateNetworkSpecArgs.builder()\n .enableInternetAccess(true)\n .network(myNetwork.id())\n .subnetwork(mySubnetwork.id())\n .build())\n .labels(Map.of(\"k\", \"val\"))\n .idleShutdownConfig(RuntimeTemplateIdleShutdownConfigArgs.builder()\n .idleTimeout(\"3600s\")\n .build())\n .eucConfig(RuntimeTemplateEucConfigArgs.builder()\n .eucDisabled(true)\n .build())\n .shieldedVmConfig(RuntimeTemplateShieldedVmConfigArgs.builder()\n .enableSecureBoot(true)\n .build())\n .networkTags( \n \"abc\",\n \"def\")\n .encryptionSpec(RuntimeTemplateEncryptionSpecArgs.builder()\n .kmsKeyName(\"my-crypto-key\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n myNetwork:\n type: gcp:compute:Network\n name: my_network\n properties:\n name: colab-test-default\n autoCreateSubnetworks: false\n mySubnetwork:\n type: gcp:compute:Subnetwork\n name: my_subnetwork\n properties:\n name: colab-test-default\n network: ${myNetwork.id}\n region: us-central1\n ipCidrRange: 10.0.1.0/24\n runtime-template:\n type: gcp:colab:RuntimeTemplate\n properties:\n name: colab-runtime-template\n displayName: Runtime template full\n location: us-central1\n description: Full runtime template\n machineSpec:\n machineType: n1-standard-2\n acceleratorType: NVIDIA_TESLA_T4\n acceleratorCount: '1'\n dataPersistentDiskSpec:\n diskType: pd-standard\n diskSizeGb: 200\n networkSpec:\n enableInternetAccess: true\n network: ${myNetwork.id}\n subnetwork: ${mySubnetwork.id}\n labels:\n k: val\n idleShutdownConfig:\n idleTimeout: 3600s\n eucConfig:\n eucDisabled: true\n shieldedVmConfig:\n enableSecureBoot: true\n networkTags:\n - abc\n - def\n encryptionSpec:\n kmsKeyName: my-crypto-key\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nRuntimeTemplate can be imported using any of these accepted formats:\n\n* `projects/{{project}}/locations/{{location}}/notebookRuntimeTemplates/{{name}}`\n\n* `{{project}}/{{location}}/{{name}}`\n\n* `{{location}}/{{name}}`\n\nWhen using the `pulumi import` command, RuntimeTemplate can be imported using one of the formats above. For example:\n\n```sh\n$ pulumi import gcp:colab/runtimeTemplate:RuntimeTemplate default projects/{{project}}/locations/{{location}}/notebookRuntimeTemplates/{{name}}\n```\n\n```sh\n$ pulumi import gcp:colab/runtimeTemplate:RuntimeTemplate default {{project}}/{{location}}/{{name}}\n```\n\n```sh\n$ pulumi import gcp:colab/runtimeTemplate:RuntimeTemplate default {{location}}/{{name}}\n```\n\n", "properties": { @@ -164492,6 +165792,329 @@ "type": "object" } }, + "gcp:colab/runtimeTemplateIamBinding:RuntimeTemplateIamBinding": { + "description": "Three different resources help you manage your IAM policy for Colab Enterprise RuntimeTemplate. Each of these resources serves a different use case:\n\n* `gcp.colab.RuntimeTemplateIamPolicy`: Authoritative. Sets the IAM policy for the runtimetemplate and replaces any existing policy already attached.\n* `gcp.colab.RuntimeTemplateIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the runtimetemplate are preserved.\n* `gcp.colab.RuntimeTemplateIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the runtimetemplate are preserved.\n\nA data source can be used to retrieve policy data in advent you do not need creation\n\n* `gcp.colab.RuntimeTemplateIamPolicy`: Retrieves the IAM policy for the runtimetemplate\n\n\u003e **Note:** `gcp.colab.RuntimeTemplateIamPolicy` **cannot** be used in conjunction with `gcp.colab.RuntimeTemplateIamBinding` and `gcp.colab.RuntimeTemplateIamMember` or they will fight over what your policy should be.\n\n\u003e **Note:** `gcp.colab.RuntimeTemplateIamBinding` resources **can be** used in conjunction with `gcp.colab.RuntimeTemplateIamMember` resources **only if** they do not grant privilege to the same role.\n\n\n\n## gcp.colab.RuntimeTemplateIamPolicy\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst admin = gcp.organizations.getIAMPolicy({\n bindings: [{\n role: \"roles/viewer\",\n members: [\"user:jane@example.com\"],\n }],\n});\nconst policy = new gcp.colab.RuntimeTemplateIamPolicy(\"policy\", {\n project: runtime_template.project,\n location: runtime_template.location,\n runtimeTemplate: runtime_template.name,\n policyData: admin.then(admin =\u003e admin.policyData),\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nadmin = gcp.organizations.get_iam_policy(bindings=[{\n \"role\": \"roles/viewer\",\n \"members\": [\"user:jane@example.com\"],\n}])\npolicy = gcp.colab.RuntimeTemplateIamPolicy(\"policy\",\n project=runtime_template[\"project\"],\n location=runtime_template[\"location\"],\n runtime_template=runtime_template[\"name\"],\n policy_data=admin.policy_data)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var admin = Gcp.Organizations.GetIAMPolicy.Invoke(new()\n {\n Bindings = new[]\n {\n new Gcp.Organizations.Inputs.GetIAMPolicyBindingInputArgs\n {\n Role = \"roles/viewer\",\n Members = new[]\n {\n \"user:jane@example.com\",\n },\n },\n },\n });\n\n var policy = new Gcp.Colab.RuntimeTemplateIamPolicy(\"policy\", new()\n {\n Project = runtime_template.Project,\n Location = runtime_template.Location,\n RuntimeTemplate = runtime_template.Name,\n PolicyData = admin.Apply(getIAMPolicyResult =\u003e getIAMPolicyResult.PolicyData),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/colab\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tadmin, err := organizations.LookupIAMPolicy(ctx, \u0026organizations.LookupIAMPolicyArgs{\n\t\t\tBindings: []organizations.GetIAMPolicyBinding{\n\t\t\t\t{\n\t\t\t\t\tRole: \"roles/viewer\",\n\t\t\t\t\tMembers: []string{\n\t\t\t\t\t\t\"user:jane@example.com\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = colab.NewRuntimeTemplateIamPolicy(ctx, \"policy\", \u0026colab.RuntimeTemplateIamPolicyArgs{\n\t\t\tProject: pulumi.Any(runtime_template.Project),\n\t\t\tLocation: pulumi.Any(runtime_template.Location),\n\t\t\tRuntimeTemplate: pulumi.Any(runtime_template.Name),\n\t\t\tPolicyData: pulumi.String(admin.PolicyData),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.organizations.OrganizationsFunctions;\nimport com.pulumi.gcp.organizations.inputs.GetIAMPolicyArgs;\nimport com.pulumi.gcp.colab.RuntimeTemplateIamPolicy;\nimport com.pulumi.gcp.colab.RuntimeTemplateIamPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var admin = OrganizationsFunctions.getIAMPolicy(GetIAMPolicyArgs.builder()\n .bindings(GetIAMPolicyBindingArgs.builder()\n .role(\"roles/viewer\")\n .members(\"user:jane@example.com\")\n .build())\n .build());\n\n var policy = new RuntimeTemplateIamPolicy(\"policy\", RuntimeTemplateIamPolicyArgs.builder()\n .project(runtime_template.project())\n .location(runtime_template.location())\n .runtimeTemplate(runtime_template.name())\n .policyData(admin.applyValue(getIAMPolicyResult -\u003e getIAMPolicyResult.policyData()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n policy:\n type: gcp:colab:RuntimeTemplateIamPolicy\n properties:\n project: ${[\"runtime-template\"].project}\n location: ${[\"runtime-template\"].location}\n runtimeTemplate: ${[\"runtime-template\"].name}\n policyData: ${admin.policyData}\nvariables:\n admin:\n fn::invoke:\n function: gcp:organizations:getIAMPolicy\n arguments:\n bindings:\n - role: roles/viewer\n members:\n - user:jane@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## gcp.colab.RuntimeTemplateIamBinding\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst binding = new gcp.colab.RuntimeTemplateIamBinding(\"binding\", {\n project: runtime_template.project,\n location: runtime_template.location,\n runtimeTemplate: runtime_template.name,\n role: \"roles/viewer\",\n members: [\"user:jane@example.com\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nbinding = gcp.colab.RuntimeTemplateIamBinding(\"binding\",\n project=runtime_template[\"project\"],\n location=runtime_template[\"location\"],\n runtime_template=runtime_template[\"name\"],\n role=\"roles/viewer\",\n members=[\"user:jane@example.com\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var binding = new Gcp.Colab.RuntimeTemplateIamBinding(\"binding\", new()\n {\n Project = runtime_template.Project,\n Location = runtime_template.Location,\n RuntimeTemplate = runtime_template.Name,\n Role = \"roles/viewer\",\n Members = new[]\n {\n \"user:jane@example.com\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/colab\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := colab.NewRuntimeTemplateIamBinding(ctx, \"binding\", \u0026colab.RuntimeTemplateIamBindingArgs{\n\t\t\tProject: pulumi.Any(runtime_template.Project),\n\t\t\tLocation: pulumi.Any(runtime_template.Location),\n\t\t\tRuntimeTemplate: pulumi.Any(runtime_template.Name),\n\t\t\tRole: pulumi.String(\"roles/viewer\"),\n\t\t\tMembers: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"user:jane@example.com\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.colab.RuntimeTemplateIamBinding;\nimport com.pulumi.gcp.colab.RuntimeTemplateIamBindingArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var binding = new RuntimeTemplateIamBinding(\"binding\", RuntimeTemplateIamBindingArgs.builder()\n .project(runtime_template.project())\n .location(runtime_template.location())\n .runtimeTemplate(runtime_template.name())\n .role(\"roles/viewer\")\n .members(\"user:jane@example.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n binding:\n type: gcp:colab:RuntimeTemplateIamBinding\n properties:\n project: ${[\"runtime-template\"].project}\n location: ${[\"runtime-template\"].location}\n runtimeTemplate: ${[\"runtime-template\"].name}\n role: roles/viewer\n members:\n - user:jane@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## gcp.colab.RuntimeTemplateIamMember\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst member = new gcp.colab.RuntimeTemplateIamMember(\"member\", {\n project: runtime_template.project,\n location: runtime_template.location,\n runtimeTemplate: runtime_template.name,\n role: \"roles/viewer\",\n member: \"user:jane@example.com\",\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nmember = gcp.colab.RuntimeTemplateIamMember(\"member\",\n project=runtime_template[\"project\"],\n location=runtime_template[\"location\"],\n runtime_template=runtime_template[\"name\"],\n role=\"roles/viewer\",\n member=\"user:jane@example.com\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var member = new Gcp.Colab.RuntimeTemplateIamMember(\"member\", new()\n {\n Project = runtime_template.Project,\n Location = runtime_template.Location,\n RuntimeTemplate = runtime_template.Name,\n Role = \"roles/viewer\",\n Member = \"user:jane@example.com\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/colab\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := colab.NewRuntimeTemplateIamMember(ctx, \"member\", \u0026colab.RuntimeTemplateIamMemberArgs{\n\t\t\tProject: pulumi.Any(runtime_template.Project),\n\t\t\tLocation: pulumi.Any(runtime_template.Location),\n\t\t\tRuntimeTemplate: pulumi.Any(runtime_template.Name),\n\t\t\tRole: pulumi.String(\"roles/viewer\"),\n\t\t\tMember: pulumi.String(\"user:jane@example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.colab.RuntimeTemplateIamMember;\nimport com.pulumi.gcp.colab.RuntimeTemplateIamMemberArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var member = new RuntimeTemplateIamMember(\"member\", RuntimeTemplateIamMemberArgs.builder()\n .project(runtime_template.project())\n .location(runtime_template.location())\n .runtimeTemplate(runtime_template.name())\n .role(\"roles/viewer\")\n .member(\"user:jane@example.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n member:\n type: gcp:colab:RuntimeTemplateIamMember\n properties:\n project: ${[\"runtime-template\"].project}\n location: ${[\"runtime-template\"].location}\n runtimeTemplate: ${[\"runtime-template\"].name}\n role: roles/viewer\n member: user:jane@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n\n## This resource supports User Project Overrides.\n\n-\n\n# IAM policy for Colab Enterprise RuntimeTemplate\nThree different resources help you manage your IAM policy for Colab Enterprise RuntimeTemplate. Each of these resources serves a different use case:\n\n* `gcp.colab.RuntimeTemplateIamPolicy`: Authoritative. Sets the IAM policy for the runtimetemplate and replaces any existing policy already attached.\n* `gcp.colab.RuntimeTemplateIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the runtimetemplate are preserved.\n* `gcp.colab.RuntimeTemplateIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the runtimetemplate are preserved.\n\nA data source can be used to retrieve policy data in advent you do not need creation\n\n* `gcp.colab.RuntimeTemplateIamPolicy`: Retrieves the IAM policy for the runtimetemplate\n\n\u003e **Note:** `gcp.colab.RuntimeTemplateIamPolicy` **cannot** be used in conjunction with `gcp.colab.RuntimeTemplateIamBinding` and `gcp.colab.RuntimeTemplateIamMember` or they will fight over what your policy should be.\n\n\u003e **Note:** `gcp.colab.RuntimeTemplateIamBinding` resources **can be** used in conjunction with `gcp.colab.RuntimeTemplateIamMember` resources **only if** they do not grant privilege to the same role.\n\n\n\n## gcp.colab.RuntimeTemplateIamPolicy\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst admin = gcp.organizations.getIAMPolicy({\n bindings: [{\n role: \"roles/viewer\",\n members: [\"user:jane@example.com\"],\n }],\n});\nconst policy = new gcp.colab.RuntimeTemplateIamPolicy(\"policy\", {\n project: runtime_template.project,\n location: runtime_template.location,\n runtimeTemplate: runtime_template.name,\n policyData: admin.then(admin =\u003e admin.policyData),\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nadmin = gcp.organizations.get_iam_policy(bindings=[{\n \"role\": \"roles/viewer\",\n \"members\": [\"user:jane@example.com\"],\n}])\npolicy = gcp.colab.RuntimeTemplateIamPolicy(\"policy\",\n project=runtime_template[\"project\"],\n location=runtime_template[\"location\"],\n runtime_template=runtime_template[\"name\"],\n policy_data=admin.policy_data)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var admin = Gcp.Organizations.GetIAMPolicy.Invoke(new()\n {\n Bindings = new[]\n {\n new Gcp.Organizations.Inputs.GetIAMPolicyBindingInputArgs\n {\n Role = \"roles/viewer\",\n Members = new[]\n {\n \"user:jane@example.com\",\n },\n },\n },\n });\n\n var policy = new Gcp.Colab.RuntimeTemplateIamPolicy(\"policy\", new()\n {\n Project = runtime_template.Project,\n Location = runtime_template.Location,\n RuntimeTemplate = runtime_template.Name,\n PolicyData = admin.Apply(getIAMPolicyResult =\u003e getIAMPolicyResult.PolicyData),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/colab\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tadmin, err := organizations.LookupIAMPolicy(ctx, \u0026organizations.LookupIAMPolicyArgs{\n\t\t\tBindings: []organizations.GetIAMPolicyBinding{\n\t\t\t\t{\n\t\t\t\t\tRole: \"roles/viewer\",\n\t\t\t\t\tMembers: []string{\n\t\t\t\t\t\t\"user:jane@example.com\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = colab.NewRuntimeTemplateIamPolicy(ctx, \"policy\", \u0026colab.RuntimeTemplateIamPolicyArgs{\n\t\t\tProject: pulumi.Any(runtime_template.Project),\n\t\t\tLocation: pulumi.Any(runtime_template.Location),\n\t\t\tRuntimeTemplate: pulumi.Any(runtime_template.Name),\n\t\t\tPolicyData: pulumi.String(admin.PolicyData),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.organizations.OrganizationsFunctions;\nimport com.pulumi.gcp.organizations.inputs.GetIAMPolicyArgs;\nimport com.pulumi.gcp.colab.RuntimeTemplateIamPolicy;\nimport com.pulumi.gcp.colab.RuntimeTemplateIamPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var admin = OrganizationsFunctions.getIAMPolicy(GetIAMPolicyArgs.builder()\n .bindings(GetIAMPolicyBindingArgs.builder()\n .role(\"roles/viewer\")\n .members(\"user:jane@example.com\")\n .build())\n .build());\n\n var policy = new RuntimeTemplateIamPolicy(\"policy\", RuntimeTemplateIamPolicyArgs.builder()\n .project(runtime_template.project())\n .location(runtime_template.location())\n .runtimeTemplate(runtime_template.name())\n .policyData(admin.applyValue(getIAMPolicyResult -\u003e getIAMPolicyResult.policyData()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n policy:\n type: gcp:colab:RuntimeTemplateIamPolicy\n properties:\n project: ${[\"runtime-template\"].project}\n location: ${[\"runtime-template\"].location}\n runtimeTemplate: ${[\"runtime-template\"].name}\n policyData: ${admin.policyData}\nvariables:\n admin:\n fn::invoke:\n function: gcp:organizations:getIAMPolicy\n arguments:\n bindings:\n - role: roles/viewer\n members:\n - user:jane@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## gcp.colab.RuntimeTemplateIamBinding\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst binding = new gcp.colab.RuntimeTemplateIamBinding(\"binding\", {\n project: runtime_template.project,\n location: runtime_template.location,\n runtimeTemplate: runtime_template.name,\n role: \"roles/viewer\",\n members: [\"user:jane@example.com\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nbinding = gcp.colab.RuntimeTemplateIamBinding(\"binding\",\n project=runtime_template[\"project\"],\n location=runtime_template[\"location\"],\n runtime_template=runtime_template[\"name\"],\n role=\"roles/viewer\",\n members=[\"user:jane@example.com\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var binding = new Gcp.Colab.RuntimeTemplateIamBinding(\"binding\", new()\n {\n Project = runtime_template.Project,\n Location = runtime_template.Location,\n RuntimeTemplate = runtime_template.Name,\n Role = \"roles/viewer\",\n Members = new[]\n {\n \"user:jane@example.com\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/colab\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := colab.NewRuntimeTemplateIamBinding(ctx, \"binding\", \u0026colab.RuntimeTemplateIamBindingArgs{\n\t\t\tProject: pulumi.Any(runtime_template.Project),\n\t\t\tLocation: pulumi.Any(runtime_template.Location),\n\t\t\tRuntimeTemplate: pulumi.Any(runtime_template.Name),\n\t\t\tRole: pulumi.String(\"roles/viewer\"),\n\t\t\tMembers: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"user:jane@example.com\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.colab.RuntimeTemplateIamBinding;\nimport com.pulumi.gcp.colab.RuntimeTemplateIamBindingArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var binding = new RuntimeTemplateIamBinding(\"binding\", RuntimeTemplateIamBindingArgs.builder()\n .project(runtime_template.project())\n .location(runtime_template.location())\n .runtimeTemplate(runtime_template.name())\n .role(\"roles/viewer\")\n .members(\"user:jane@example.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n binding:\n type: gcp:colab:RuntimeTemplateIamBinding\n properties:\n project: ${[\"runtime-template\"].project}\n location: ${[\"runtime-template\"].location}\n runtimeTemplate: ${[\"runtime-template\"].name}\n role: roles/viewer\n members:\n - user:jane@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## gcp.colab.RuntimeTemplateIamMember\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst member = new gcp.colab.RuntimeTemplateIamMember(\"member\", {\n project: runtime_template.project,\n location: runtime_template.location,\n runtimeTemplate: runtime_template.name,\n role: \"roles/viewer\",\n member: \"user:jane@example.com\",\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nmember = gcp.colab.RuntimeTemplateIamMember(\"member\",\n project=runtime_template[\"project\"],\n location=runtime_template[\"location\"],\n runtime_template=runtime_template[\"name\"],\n role=\"roles/viewer\",\n member=\"user:jane@example.com\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var member = new Gcp.Colab.RuntimeTemplateIamMember(\"member\", new()\n {\n Project = runtime_template.Project,\n Location = runtime_template.Location,\n RuntimeTemplate = runtime_template.Name,\n Role = \"roles/viewer\",\n Member = \"user:jane@example.com\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/colab\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := colab.NewRuntimeTemplateIamMember(ctx, \"member\", \u0026colab.RuntimeTemplateIamMemberArgs{\n\t\t\tProject: pulumi.Any(runtime_template.Project),\n\t\t\tLocation: pulumi.Any(runtime_template.Location),\n\t\t\tRuntimeTemplate: pulumi.Any(runtime_template.Name),\n\t\t\tRole: pulumi.String(\"roles/viewer\"),\n\t\t\tMember: pulumi.String(\"user:jane@example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.colab.RuntimeTemplateIamMember;\nimport com.pulumi.gcp.colab.RuntimeTemplateIamMemberArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var member = new RuntimeTemplateIamMember(\"member\", RuntimeTemplateIamMemberArgs.builder()\n .project(runtime_template.project())\n .location(runtime_template.location())\n .runtimeTemplate(runtime_template.name())\n .role(\"roles/viewer\")\n .member(\"user:jane@example.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n member:\n type: gcp:colab:RuntimeTemplateIamMember\n properties:\n project: ${[\"runtime-template\"].project}\n location: ${[\"runtime-template\"].location}\n runtimeTemplate: ${[\"runtime-template\"].name}\n role: roles/viewer\n member: user:jane@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nFor all import syntaxes, the \"resource in question\" can take any of the following forms:\n\n* projects/{{project}}/locations/{{location}}/notebookRuntimeTemplates/{{runtime_template}}\n\n* {{project}}/{{location}}/{{runtime_template}}\n\n* {{location}}/{{runtime_template}}\n\n* {{runtime_template}}\n\nAny variables not passed in the import command will be taken from the provider configuration.\n\nColab Enterprise runtimetemplate IAM resources can be imported using the resource identifiers, role, and member.\n\nIAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g.\n\n```sh\n$ pulumi import gcp:colab/runtimeTemplateIamBinding:RuntimeTemplateIamBinding editor \"projects/{{project}}/locations/{{location}}/notebookRuntimeTemplates/{{runtime_template}} roles/viewer user:jane@example.com\"\n```\n\nIAM binding imports use space-delimited identifiers: the resource in question and the role, e.g.\n\n```sh\n$ pulumi import gcp:colab/runtimeTemplateIamBinding:RuntimeTemplateIamBinding editor \"projects/{{project}}/locations/{{location}}/notebookRuntimeTemplates/{{runtime_template}} roles/viewer\"\n```\n\nIAM policy imports use the identifier of the resource in question, e.g.\n\n```sh\n$ pulumi import gcp:colab/runtimeTemplateIamBinding:RuntimeTemplateIamBinding editor projects/{{project}}/locations/{{location}}/notebookRuntimeTemplates/{{runtime_template}}\n```\n\n-\u003e **Custom Roles** If you're importing a IAM resource with a custom role, make sure to use the\n\n full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`.\n\n", + "properties": { + "condition": { + "$ref": "#/types/gcp:colab/RuntimeTemplateIamBindingCondition:RuntimeTemplateIamBindingCondition" + }, + "etag": { + "type": "string", + "description": "(Computed) The etag of the IAM policy.\n" + }, + "location": { + "type": "string", + "description": "The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified,\nthe value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no\nlocation is specified, it is taken from the provider configuration.\n" + }, + "members": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Identities that will be granted the privilege in `role`.\nEach entry can have one of the following values:\n* **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account.\n* **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account.\n* **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.\n* **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.\n* **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com.\n* **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.\n* **projectOwner:projectid**: Owners of the given project. For example, \"projectOwner:my-example-project\"\n* **projectEditor:projectid**: Editors of the given project. For example, \"projectEditor:my-example-project\"\n* **projectViewer:projectid**: Viewers of the given project. For example, \"projectViewer:my-example-project\"\n" + }, + "project": { + "type": "string", + "description": "The ID of the project in which the resource belongs.\nIf it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.\n" + }, + "role": { + "type": "string", + "description": "The role that should be applied. Only one\n`gcp.colab.RuntimeTemplateIamBinding` can be used per role. Note that custom roles must be of the format\n`[projects|organizations]/{parent-name}/roles/{role-name}`.\n" + }, + "runtimeTemplate": { + "type": "string", + "description": "Used to find the parent resource to bind the IAM policy to\n" + } + }, + "required": [ + "etag", + "location", + "members", + "project", + "role", + "runtimeTemplate" + ], + "inputProperties": { + "condition": { + "$ref": "#/types/gcp:colab/RuntimeTemplateIamBindingCondition:RuntimeTemplateIamBindingCondition", + "willReplaceOnChanges": true + }, + "location": { + "type": "string", + "description": "The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified,\nthe value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no\nlocation is specified, it is taken from the provider configuration.\n", + "willReplaceOnChanges": true + }, + "members": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Identities that will be granted the privilege in `role`.\nEach entry can have one of the following values:\n* **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account.\n* **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account.\n* **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.\n* **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.\n* **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com.\n* **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.\n* **projectOwner:projectid**: Owners of the given project. For example, \"projectOwner:my-example-project\"\n* **projectEditor:projectid**: Editors of the given project. For example, \"projectEditor:my-example-project\"\n* **projectViewer:projectid**: Viewers of the given project. For example, \"projectViewer:my-example-project\"\n" + }, + "project": { + "type": "string", + "description": "The ID of the project in which the resource belongs.\nIf it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.\n", + "willReplaceOnChanges": true + }, + "role": { + "type": "string", + "description": "The role that should be applied. Only one\n`gcp.colab.RuntimeTemplateIamBinding` can be used per role. Note that custom roles must be of the format\n`[projects|organizations]/{parent-name}/roles/{role-name}`.\n", + "willReplaceOnChanges": true + }, + "runtimeTemplate": { + "type": "string", + "description": "Used to find the parent resource to bind the IAM policy to\n", + "willReplaceOnChanges": true + } + }, + "requiredInputs": [ + "members", + "role", + "runtimeTemplate" + ], + "stateInputs": { + "description": "Input properties used for looking up and filtering RuntimeTemplateIamBinding resources.\n", + "properties": { + "condition": { + "$ref": "#/types/gcp:colab/RuntimeTemplateIamBindingCondition:RuntimeTemplateIamBindingCondition", + "willReplaceOnChanges": true + }, + "etag": { + "type": "string", + "description": "(Computed) The etag of the IAM policy.\n" + }, + "location": { + "type": "string", + "description": "The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified,\nthe value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no\nlocation is specified, it is taken from the provider configuration.\n", + "willReplaceOnChanges": true + }, + "members": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Identities that will be granted the privilege in `role`.\nEach entry can have one of the following values:\n* **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account.\n* **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account.\n* **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.\n* **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.\n* **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com.\n* **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.\n* **projectOwner:projectid**: Owners of the given project. For example, \"projectOwner:my-example-project\"\n* **projectEditor:projectid**: Editors of the given project. For example, \"projectEditor:my-example-project\"\n* **projectViewer:projectid**: Viewers of the given project. For example, \"projectViewer:my-example-project\"\n" + }, + "project": { + "type": "string", + "description": "The ID of the project in which the resource belongs.\nIf it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.\n", + "willReplaceOnChanges": true + }, + "role": { + "type": "string", + "description": "The role that should be applied. Only one\n`gcp.colab.RuntimeTemplateIamBinding` can be used per role. Note that custom roles must be of the format\n`[projects|organizations]/{parent-name}/roles/{role-name}`.\n", + "willReplaceOnChanges": true + }, + "runtimeTemplate": { + "type": "string", + "description": "Used to find the parent resource to bind the IAM policy to\n", + "willReplaceOnChanges": true + } + }, + "type": "object" + } + }, + "gcp:colab/runtimeTemplateIamMember:RuntimeTemplateIamMember": { + "description": "Three different resources help you manage your IAM policy for Colab Enterprise RuntimeTemplate. Each of these resources serves a different use case:\n\n* `gcp.colab.RuntimeTemplateIamPolicy`: Authoritative. Sets the IAM policy for the runtimetemplate and replaces any existing policy already attached.\n* `gcp.colab.RuntimeTemplateIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the runtimetemplate are preserved.\n* `gcp.colab.RuntimeTemplateIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the runtimetemplate are preserved.\n\nA data source can be used to retrieve policy data in advent you do not need creation\n\n* `gcp.colab.RuntimeTemplateIamPolicy`: Retrieves the IAM policy for the runtimetemplate\n\n\u003e **Note:** `gcp.colab.RuntimeTemplateIamPolicy` **cannot** be used in conjunction with `gcp.colab.RuntimeTemplateIamBinding` and `gcp.colab.RuntimeTemplateIamMember` or they will fight over what your policy should be.\n\n\u003e **Note:** `gcp.colab.RuntimeTemplateIamBinding` resources **can be** used in conjunction with `gcp.colab.RuntimeTemplateIamMember` resources **only if** they do not grant privilege to the same role.\n\n\n\n## gcp.colab.RuntimeTemplateIamPolicy\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst admin = gcp.organizations.getIAMPolicy({\n bindings: [{\n role: \"roles/viewer\",\n members: [\"user:jane@example.com\"],\n }],\n});\nconst policy = new gcp.colab.RuntimeTemplateIamPolicy(\"policy\", {\n project: runtime_template.project,\n location: runtime_template.location,\n runtimeTemplate: runtime_template.name,\n policyData: admin.then(admin =\u003e admin.policyData),\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nadmin = gcp.organizations.get_iam_policy(bindings=[{\n \"role\": \"roles/viewer\",\n \"members\": [\"user:jane@example.com\"],\n}])\npolicy = gcp.colab.RuntimeTemplateIamPolicy(\"policy\",\n project=runtime_template[\"project\"],\n location=runtime_template[\"location\"],\n runtime_template=runtime_template[\"name\"],\n policy_data=admin.policy_data)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var admin = Gcp.Organizations.GetIAMPolicy.Invoke(new()\n {\n Bindings = new[]\n {\n new Gcp.Organizations.Inputs.GetIAMPolicyBindingInputArgs\n {\n Role = \"roles/viewer\",\n Members = new[]\n {\n \"user:jane@example.com\",\n },\n },\n },\n });\n\n var policy = new Gcp.Colab.RuntimeTemplateIamPolicy(\"policy\", new()\n {\n Project = runtime_template.Project,\n Location = runtime_template.Location,\n RuntimeTemplate = runtime_template.Name,\n PolicyData = admin.Apply(getIAMPolicyResult =\u003e getIAMPolicyResult.PolicyData),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/colab\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tadmin, err := organizations.LookupIAMPolicy(ctx, \u0026organizations.LookupIAMPolicyArgs{\n\t\t\tBindings: []organizations.GetIAMPolicyBinding{\n\t\t\t\t{\n\t\t\t\t\tRole: \"roles/viewer\",\n\t\t\t\t\tMembers: []string{\n\t\t\t\t\t\t\"user:jane@example.com\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = colab.NewRuntimeTemplateIamPolicy(ctx, \"policy\", \u0026colab.RuntimeTemplateIamPolicyArgs{\n\t\t\tProject: pulumi.Any(runtime_template.Project),\n\t\t\tLocation: pulumi.Any(runtime_template.Location),\n\t\t\tRuntimeTemplate: pulumi.Any(runtime_template.Name),\n\t\t\tPolicyData: pulumi.String(admin.PolicyData),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.organizations.OrganizationsFunctions;\nimport com.pulumi.gcp.organizations.inputs.GetIAMPolicyArgs;\nimport com.pulumi.gcp.colab.RuntimeTemplateIamPolicy;\nimport com.pulumi.gcp.colab.RuntimeTemplateIamPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var admin = OrganizationsFunctions.getIAMPolicy(GetIAMPolicyArgs.builder()\n .bindings(GetIAMPolicyBindingArgs.builder()\n .role(\"roles/viewer\")\n .members(\"user:jane@example.com\")\n .build())\n .build());\n\n var policy = new RuntimeTemplateIamPolicy(\"policy\", RuntimeTemplateIamPolicyArgs.builder()\n .project(runtime_template.project())\n .location(runtime_template.location())\n .runtimeTemplate(runtime_template.name())\n .policyData(admin.applyValue(getIAMPolicyResult -\u003e getIAMPolicyResult.policyData()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n policy:\n type: gcp:colab:RuntimeTemplateIamPolicy\n properties:\n project: ${[\"runtime-template\"].project}\n location: ${[\"runtime-template\"].location}\n runtimeTemplate: ${[\"runtime-template\"].name}\n policyData: ${admin.policyData}\nvariables:\n admin:\n fn::invoke:\n function: gcp:organizations:getIAMPolicy\n arguments:\n bindings:\n - role: roles/viewer\n members:\n - user:jane@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## gcp.colab.RuntimeTemplateIamBinding\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst binding = new gcp.colab.RuntimeTemplateIamBinding(\"binding\", {\n project: runtime_template.project,\n location: runtime_template.location,\n runtimeTemplate: runtime_template.name,\n role: \"roles/viewer\",\n members: [\"user:jane@example.com\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nbinding = gcp.colab.RuntimeTemplateIamBinding(\"binding\",\n project=runtime_template[\"project\"],\n location=runtime_template[\"location\"],\n runtime_template=runtime_template[\"name\"],\n role=\"roles/viewer\",\n members=[\"user:jane@example.com\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var binding = new Gcp.Colab.RuntimeTemplateIamBinding(\"binding\", new()\n {\n Project = runtime_template.Project,\n Location = runtime_template.Location,\n RuntimeTemplate = runtime_template.Name,\n Role = \"roles/viewer\",\n Members = new[]\n {\n \"user:jane@example.com\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/colab\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := colab.NewRuntimeTemplateIamBinding(ctx, \"binding\", \u0026colab.RuntimeTemplateIamBindingArgs{\n\t\t\tProject: pulumi.Any(runtime_template.Project),\n\t\t\tLocation: pulumi.Any(runtime_template.Location),\n\t\t\tRuntimeTemplate: pulumi.Any(runtime_template.Name),\n\t\t\tRole: pulumi.String(\"roles/viewer\"),\n\t\t\tMembers: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"user:jane@example.com\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.colab.RuntimeTemplateIamBinding;\nimport com.pulumi.gcp.colab.RuntimeTemplateIamBindingArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var binding = new RuntimeTemplateIamBinding(\"binding\", RuntimeTemplateIamBindingArgs.builder()\n .project(runtime_template.project())\n .location(runtime_template.location())\n .runtimeTemplate(runtime_template.name())\n .role(\"roles/viewer\")\n .members(\"user:jane@example.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n binding:\n type: gcp:colab:RuntimeTemplateIamBinding\n properties:\n project: ${[\"runtime-template\"].project}\n location: ${[\"runtime-template\"].location}\n runtimeTemplate: ${[\"runtime-template\"].name}\n role: roles/viewer\n members:\n - user:jane@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## gcp.colab.RuntimeTemplateIamMember\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst member = new gcp.colab.RuntimeTemplateIamMember(\"member\", {\n project: runtime_template.project,\n location: runtime_template.location,\n runtimeTemplate: runtime_template.name,\n role: \"roles/viewer\",\n member: \"user:jane@example.com\",\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nmember = gcp.colab.RuntimeTemplateIamMember(\"member\",\n project=runtime_template[\"project\"],\n location=runtime_template[\"location\"],\n runtime_template=runtime_template[\"name\"],\n role=\"roles/viewer\",\n member=\"user:jane@example.com\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var member = new Gcp.Colab.RuntimeTemplateIamMember(\"member\", new()\n {\n Project = runtime_template.Project,\n Location = runtime_template.Location,\n RuntimeTemplate = runtime_template.Name,\n Role = \"roles/viewer\",\n Member = \"user:jane@example.com\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/colab\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := colab.NewRuntimeTemplateIamMember(ctx, \"member\", \u0026colab.RuntimeTemplateIamMemberArgs{\n\t\t\tProject: pulumi.Any(runtime_template.Project),\n\t\t\tLocation: pulumi.Any(runtime_template.Location),\n\t\t\tRuntimeTemplate: pulumi.Any(runtime_template.Name),\n\t\t\tRole: pulumi.String(\"roles/viewer\"),\n\t\t\tMember: pulumi.String(\"user:jane@example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.colab.RuntimeTemplateIamMember;\nimport com.pulumi.gcp.colab.RuntimeTemplateIamMemberArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var member = new RuntimeTemplateIamMember(\"member\", RuntimeTemplateIamMemberArgs.builder()\n .project(runtime_template.project())\n .location(runtime_template.location())\n .runtimeTemplate(runtime_template.name())\n .role(\"roles/viewer\")\n .member(\"user:jane@example.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n member:\n type: gcp:colab:RuntimeTemplateIamMember\n properties:\n project: ${[\"runtime-template\"].project}\n location: ${[\"runtime-template\"].location}\n runtimeTemplate: ${[\"runtime-template\"].name}\n role: roles/viewer\n member: user:jane@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n\n## This resource supports User Project Overrides.\n\n-\n\n# IAM policy for Colab Enterprise RuntimeTemplate\nThree different resources help you manage your IAM policy for Colab Enterprise RuntimeTemplate. Each of these resources serves a different use case:\n\n* `gcp.colab.RuntimeTemplateIamPolicy`: Authoritative. Sets the IAM policy for the runtimetemplate and replaces any existing policy already attached.\n* `gcp.colab.RuntimeTemplateIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the runtimetemplate are preserved.\n* `gcp.colab.RuntimeTemplateIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the runtimetemplate are preserved.\n\nA data source can be used to retrieve policy data in advent you do not need creation\n\n* `gcp.colab.RuntimeTemplateIamPolicy`: Retrieves the IAM policy for the runtimetemplate\n\n\u003e **Note:** `gcp.colab.RuntimeTemplateIamPolicy` **cannot** be used in conjunction with `gcp.colab.RuntimeTemplateIamBinding` and `gcp.colab.RuntimeTemplateIamMember` or they will fight over what your policy should be.\n\n\u003e **Note:** `gcp.colab.RuntimeTemplateIamBinding` resources **can be** used in conjunction with `gcp.colab.RuntimeTemplateIamMember` resources **only if** they do not grant privilege to the same role.\n\n\n\n## gcp.colab.RuntimeTemplateIamPolicy\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst admin = gcp.organizations.getIAMPolicy({\n bindings: [{\n role: \"roles/viewer\",\n members: [\"user:jane@example.com\"],\n }],\n});\nconst policy = new gcp.colab.RuntimeTemplateIamPolicy(\"policy\", {\n project: runtime_template.project,\n location: runtime_template.location,\n runtimeTemplate: runtime_template.name,\n policyData: admin.then(admin =\u003e admin.policyData),\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nadmin = gcp.organizations.get_iam_policy(bindings=[{\n \"role\": \"roles/viewer\",\n \"members\": [\"user:jane@example.com\"],\n}])\npolicy = gcp.colab.RuntimeTemplateIamPolicy(\"policy\",\n project=runtime_template[\"project\"],\n location=runtime_template[\"location\"],\n runtime_template=runtime_template[\"name\"],\n policy_data=admin.policy_data)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var admin = Gcp.Organizations.GetIAMPolicy.Invoke(new()\n {\n Bindings = new[]\n {\n new Gcp.Organizations.Inputs.GetIAMPolicyBindingInputArgs\n {\n Role = \"roles/viewer\",\n Members = new[]\n {\n \"user:jane@example.com\",\n },\n },\n },\n });\n\n var policy = new Gcp.Colab.RuntimeTemplateIamPolicy(\"policy\", new()\n {\n Project = runtime_template.Project,\n Location = runtime_template.Location,\n RuntimeTemplate = runtime_template.Name,\n PolicyData = admin.Apply(getIAMPolicyResult =\u003e getIAMPolicyResult.PolicyData),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/colab\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tadmin, err := organizations.LookupIAMPolicy(ctx, \u0026organizations.LookupIAMPolicyArgs{\n\t\t\tBindings: []organizations.GetIAMPolicyBinding{\n\t\t\t\t{\n\t\t\t\t\tRole: \"roles/viewer\",\n\t\t\t\t\tMembers: []string{\n\t\t\t\t\t\t\"user:jane@example.com\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = colab.NewRuntimeTemplateIamPolicy(ctx, \"policy\", \u0026colab.RuntimeTemplateIamPolicyArgs{\n\t\t\tProject: pulumi.Any(runtime_template.Project),\n\t\t\tLocation: pulumi.Any(runtime_template.Location),\n\t\t\tRuntimeTemplate: pulumi.Any(runtime_template.Name),\n\t\t\tPolicyData: pulumi.String(admin.PolicyData),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.organizations.OrganizationsFunctions;\nimport com.pulumi.gcp.organizations.inputs.GetIAMPolicyArgs;\nimport com.pulumi.gcp.colab.RuntimeTemplateIamPolicy;\nimport com.pulumi.gcp.colab.RuntimeTemplateIamPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var admin = OrganizationsFunctions.getIAMPolicy(GetIAMPolicyArgs.builder()\n .bindings(GetIAMPolicyBindingArgs.builder()\n .role(\"roles/viewer\")\n .members(\"user:jane@example.com\")\n .build())\n .build());\n\n var policy = new RuntimeTemplateIamPolicy(\"policy\", RuntimeTemplateIamPolicyArgs.builder()\n .project(runtime_template.project())\n .location(runtime_template.location())\n .runtimeTemplate(runtime_template.name())\n .policyData(admin.applyValue(getIAMPolicyResult -\u003e getIAMPolicyResult.policyData()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n policy:\n type: gcp:colab:RuntimeTemplateIamPolicy\n properties:\n project: ${[\"runtime-template\"].project}\n location: ${[\"runtime-template\"].location}\n runtimeTemplate: ${[\"runtime-template\"].name}\n policyData: ${admin.policyData}\nvariables:\n admin:\n fn::invoke:\n function: gcp:organizations:getIAMPolicy\n arguments:\n bindings:\n - role: roles/viewer\n members:\n - user:jane@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## gcp.colab.RuntimeTemplateIamBinding\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst binding = new gcp.colab.RuntimeTemplateIamBinding(\"binding\", {\n project: runtime_template.project,\n location: runtime_template.location,\n runtimeTemplate: runtime_template.name,\n role: \"roles/viewer\",\n members: [\"user:jane@example.com\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nbinding = gcp.colab.RuntimeTemplateIamBinding(\"binding\",\n project=runtime_template[\"project\"],\n location=runtime_template[\"location\"],\n runtime_template=runtime_template[\"name\"],\n role=\"roles/viewer\",\n members=[\"user:jane@example.com\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var binding = new Gcp.Colab.RuntimeTemplateIamBinding(\"binding\", new()\n {\n Project = runtime_template.Project,\n Location = runtime_template.Location,\n RuntimeTemplate = runtime_template.Name,\n Role = \"roles/viewer\",\n Members = new[]\n {\n \"user:jane@example.com\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/colab\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := colab.NewRuntimeTemplateIamBinding(ctx, \"binding\", \u0026colab.RuntimeTemplateIamBindingArgs{\n\t\t\tProject: pulumi.Any(runtime_template.Project),\n\t\t\tLocation: pulumi.Any(runtime_template.Location),\n\t\t\tRuntimeTemplate: pulumi.Any(runtime_template.Name),\n\t\t\tRole: pulumi.String(\"roles/viewer\"),\n\t\t\tMembers: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"user:jane@example.com\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.colab.RuntimeTemplateIamBinding;\nimport com.pulumi.gcp.colab.RuntimeTemplateIamBindingArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var binding = new RuntimeTemplateIamBinding(\"binding\", RuntimeTemplateIamBindingArgs.builder()\n .project(runtime_template.project())\n .location(runtime_template.location())\n .runtimeTemplate(runtime_template.name())\n .role(\"roles/viewer\")\n .members(\"user:jane@example.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n binding:\n type: gcp:colab:RuntimeTemplateIamBinding\n properties:\n project: ${[\"runtime-template\"].project}\n location: ${[\"runtime-template\"].location}\n runtimeTemplate: ${[\"runtime-template\"].name}\n role: roles/viewer\n members:\n - user:jane@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## gcp.colab.RuntimeTemplateIamMember\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst member = new gcp.colab.RuntimeTemplateIamMember(\"member\", {\n project: runtime_template.project,\n location: runtime_template.location,\n runtimeTemplate: runtime_template.name,\n role: \"roles/viewer\",\n member: \"user:jane@example.com\",\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nmember = gcp.colab.RuntimeTemplateIamMember(\"member\",\n project=runtime_template[\"project\"],\n location=runtime_template[\"location\"],\n runtime_template=runtime_template[\"name\"],\n role=\"roles/viewer\",\n member=\"user:jane@example.com\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var member = new Gcp.Colab.RuntimeTemplateIamMember(\"member\", new()\n {\n Project = runtime_template.Project,\n Location = runtime_template.Location,\n RuntimeTemplate = runtime_template.Name,\n Role = \"roles/viewer\",\n Member = \"user:jane@example.com\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/colab\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := colab.NewRuntimeTemplateIamMember(ctx, \"member\", \u0026colab.RuntimeTemplateIamMemberArgs{\n\t\t\tProject: pulumi.Any(runtime_template.Project),\n\t\t\tLocation: pulumi.Any(runtime_template.Location),\n\t\t\tRuntimeTemplate: pulumi.Any(runtime_template.Name),\n\t\t\tRole: pulumi.String(\"roles/viewer\"),\n\t\t\tMember: pulumi.String(\"user:jane@example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.colab.RuntimeTemplateIamMember;\nimport com.pulumi.gcp.colab.RuntimeTemplateIamMemberArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var member = new RuntimeTemplateIamMember(\"member\", RuntimeTemplateIamMemberArgs.builder()\n .project(runtime_template.project())\n .location(runtime_template.location())\n .runtimeTemplate(runtime_template.name())\n .role(\"roles/viewer\")\n .member(\"user:jane@example.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n member:\n type: gcp:colab:RuntimeTemplateIamMember\n properties:\n project: ${[\"runtime-template\"].project}\n location: ${[\"runtime-template\"].location}\n runtimeTemplate: ${[\"runtime-template\"].name}\n role: roles/viewer\n member: user:jane@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nFor all import syntaxes, the \"resource in question\" can take any of the following forms:\n\n* projects/{{project}}/locations/{{location}}/notebookRuntimeTemplates/{{runtime_template}}\n\n* {{project}}/{{location}}/{{runtime_template}}\n\n* {{location}}/{{runtime_template}}\n\n* {{runtime_template}}\n\nAny variables not passed in the import command will be taken from the provider configuration.\n\nColab Enterprise runtimetemplate IAM resources can be imported using the resource identifiers, role, and member.\n\nIAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g.\n\n```sh\n$ pulumi import gcp:colab/runtimeTemplateIamMember:RuntimeTemplateIamMember editor \"projects/{{project}}/locations/{{location}}/notebookRuntimeTemplates/{{runtime_template}} roles/viewer user:jane@example.com\"\n```\n\nIAM binding imports use space-delimited identifiers: the resource in question and the role, e.g.\n\n```sh\n$ pulumi import gcp:colab/runtimeTemplateIamMember:RuntimeTemplateIamMember editor \"projects/{{project}}/locations/{{location}}/notebookRuntimeTemplates/{{runtime_template}} roles/viewer\"\n```\n\nIAM policy imports use the identifier of the resource in question, e.g.\n\n```sh\n$ pulumi import gcp:colab/runtimeTemplateIamMember:RuntimeTemplateIamMember editor projects/{{project}}/locations/{{location}}/notebookRuntimeTemplates/{{runtime_template}}\n```\n\n-\u003e **Custom Roles** If you're importing a IAM resource with a custom role, make sure to use the\n\n full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`.\n\n", + "properties": { + "condition": { + "$ref": "#/types/gcp:colab/RuntimeTemplateIamMemberCondition:RuntimeTemplateIamMemberCondition" + }, + "etag": { + "type": "string", + "description": "(Computed) The etag of the IAM policy.\n" + }, + "location": { + "type": "string", + "description": "The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified,\nthe value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no\nlocation is specified, it is taken from the provider configuration.\n" + }, + "member": { + "type": "string", + "description": "Identities that will be granted the privilege in `role`.\nEach entry can have one of the following values:\n* **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account.\n* **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account.\n* **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.\n* **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.\n* **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com.\n* **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.\n* **projectOwner:projectid**: Owners of the given project. For example, \"projectOwner:my-example-project\"\n* **projectEditor:projectid**: Editors of the given project. For example, \"projectEditor:my-example-project\"\n* **projectViewer:projectid**: Viewers of the given project. For example, \"projectViewer:my-example-project\"\n" + }, + "project": { + "type": "string", + "description": "The ID of the project in which the resource belongs.\nIf it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.\n" + }, + "role": { + "type": "string", + "description": "The role that should be applied. Only one\n`gcp.colab.RuntimeTemplateIamBinding` can be used per role. Note that custom roles must be of the format\n`[projects|organizations]/{parent-name}/roles/{role-name}`.\n" + }, + "runtimeTemplate": { + "type": "string", + "description": "Used to find the parent resource to bind the IAM policy to\n" + } + }, + "required": [ + "etag", + "location", + "member", + "project", + "role", + "runtimeTemplate" + ], + "inputProperties": { + "condition": { + "$ref": "#/types/gcp:colab/RuntimeTemplateIamMemberCondition:RuntimeTemplateIamMemberCondition", + "willReplaceOnChanges": true + }, + "location": { + "type": "string", + "description": "The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified,\nthe value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no\nlocation is specified, it is taken from the provider configuration.\n", + "willReplaceOnChanges": true + }, + "member": { + "type": "string", + "description": "Identities that will be granted the privilege in `role`.\nEach entry can have one of the following values:\n* **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account.\n* **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account.\n* **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.\n* **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.\n* **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com.\n* **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.\n* **projectOwner:projectid**: Owners of the given project. For example, \"projectOwner:my-example-project\"\n* **projectEditor:projectid**: Editors of the given project. For example, \"projectEditor:my-example-project\"\n* **projectViewer:projectid**: Viewers of the given project. For example, \"projectViewer:my-example-project\"\n", + "willReplaceOnChanges": true + }, + "project": { + "type": "string", + "description": "The ID of the project in which the resource belongs.\nIf it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.\n", + "willReplaceOnChanges": true + }, + "role": { + "type": "string", + "description": "The role that should be applied. Only one\n`gcp.colab.RuntimeTemplateIamBinding` can be used per role. Note that custom roles must be of the format\n`[projects|organizations]/{parent-name}/roles/{role-name}`.\n", + "willReplaceOnChanges": true + }, + "runtimeTemplate": { + "type": "string", + "description": "Used to find the parent resource to bind the IAM policy to\n", + "willReplaceOnChanges": true + } + }, + "requiredInputs": [ + "member", + "role", + "runtimeTemplate" + ], + "stateInputs": { + "description": "Input properties used for looking up and filtering RuntimeTemplateIamMember resources.\n", + "properties": { + "condition": { + "$ref": "#/types/gcp:colab/RuntimeTemplateIamMemberCondition:RuntimeTemplateIamMemberCondition", + "willReplaceOnChanges": true + }, + "etag": { + "type": "string", + "description": "(Computed) The etag of the IAM policy.\n" + }, + "location": { + "type": "string", + "description": "The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified,\nthe value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no\nlocation is specified, it is taken from the provider configuration.\n", + "willReplaceOnChanges": true + }, + "member": { + "type": "string", + "description": "Identities that will be granted the privilege in `role`.\nEach entry can have one of the following values:\n* **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account.\n* **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account.\n* **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.\n* **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.\n* **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com.\n* **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.\n* **projectOwner:projectid**: Owners of the given project. For example, \"projectOwner:my-example-project\"\n* **projectEditor:projectid**: Editors of the given project. For example, \"projectEditor:my-example-project\"\n* **projectViewer:projectid**: Viewers of the given project. For example, \"projectViewer:my-example-project\"\n", + "willReplaceOnChanges": true + }, + "project": { + "type": "string", + "description": "The ID of the project in which the resource belongs.\nIf it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.\n", + "willReplaceOnChanges": true + }, + "role": { + "type": "string", + "description": "The role that should be applied. Only one\n`gcp.colab.RuntimeTemplateIamBinding` can be used per role. Note that custom roles must be of the format\n`[projects|organizations]/{parent-name}/roles/{role-name}`.\n", + "willReplaceOnChanges": true + }, + "runtimeTemplate": { + "type": "string", + "description": "Used to find the parent resource to bind the IAM policy to\n", + "willReplaceOnChanges": true + } + }, + "type": "object" + } + }, + "gcp:colab/runtimeTemplateIamPolicy:RuntimeTemplateIamPolicy": { + "description": "Three different resources help you manage your IAM policy for Colab Enterprise RuntimeTemplate. Each of these resources serves a different use case:\n\n* `gcp.colab.RuntimeTemplateIamPolicy`: Authoritative. Sets the IAM policy for the runtimetemplate and replaces any existing policy already attached.\n* `gcp.colab.RuntimeTemplateIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the runtimetemplate are preserved.\n* `gcp.colab.RuntimeTemplateIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the runtimetemplate are preserved.\n\nA data source can be used to retrieve policy data in advent you do not need creation\n\n* `gcp.colab.RuntimeTemplateIamPolicy`: Retrieves the IAM policy for the runtimetemplate\n\n\u003e **Note:** `gcp.colab.RuntimeTemplateIamPolicy` **cannot** be used in conjunction with `gcp.colab.RuntimeTemplateIamBinding` and `gcp.colab.RuntimeTemplateIamMember` or they will fight over what your policy should be.\n\n\u003e **Note:** `gcp.colab.RuntimeTemplateIamBinding` resources **can be** used in conjunction with `gcp.colab.RuntimeTemplateIamMember` resources **only if** they do not grant privilege to the same role.\n\n\n\n## gcp.colab.RuntimeTemplateIamPolicy\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst admin = gcp.organizations.getIAMPolicy({\n bindings: [{\n role: \"roles/viewer\",\n members: [\"user:jane@example.com\"],\n }],\n});\nconst policy = new gcp.colab.RuntimeTemplateIamPolicy(\"policy\", {\n project: runtime_template.project,\n location: runtime_template.location,\n runtimeTemplate: runtime_template.name,\n policyData: admin.then(admin =\u003e admin.policyData),\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nadmin = gcp.organizations.get_iam_policy(bindings=[{\n \"role\": \"roles/viewer\",\n \"members\": [\"user:jane@example.com\"],\n}])\npolicy = gcp.colab.RuntimeTemplateIamPolicy(\"policy\",\n project=runtime_template[\"project\"],\n location=runtime_template[\"location\"],\n runtime_template=runtime_template[\"name\"],\n policy_data=admin.policy_data)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var admin = Gcp.Organizations.GetIAMPolicy.Invoke(new()\n {\n Bindings = new[]\n {\n new Gcp.Organizations.Inputs.GetIAMPolicyBindingInputArgs\n {\n Role = \"roles/viewer\",\n Members = new[]\n {\n \"user:jane@example.com\",\n },\n },\n },\n });\n\n var policy = new Gcp.Colab.RuntimeTemplateIamPolicy(\"policy\", new()\n {\n Project = runtime_template.Project,\n Location = runtime_template.Location,\n RuntimeTemplate = runtime_template.Name,\n PolicyData = admin.Apply(getIAMPolicyResult =\u003e getIAMPolicyResult.PolicyData),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/colab\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tadmin, err := organizations.LookupIAMPolicy(ctx, \u0026organizations.LookupIAMPolicyArgs{\n\t\t\tBindings: []organizations.GetIAMPolicyBinding{\n\t\t\t\t{\n\t\t\t\t\tRole: \"roles/viewer\",\n\t\t\t\t\tMembers: []string{\n\t\t\t\t\t\t\"user:jane@example.com\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = colab.NewRuntimeTemplateIamPolicy(ctx, \"policy\", \u0026colab.RuntimeTemplateIamPolicyArgs{\n\t\t\tProject: pulumi.Any(runtime_template.Project),\n\t\t\tLocation: pulumi.Any(runtime_template.Location),\n\t\t\tRuntimeTemplate: pulumi.Any(runtime_template.Name),\n\t\t\tPolicyData: pulumi.String(admin.PolicyData),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.organizations.OrganizationsFunctions;\nimport com.pulumi.gcp.organizations.inputs.GetIAMPolicyArgs;\nimport com.pulumi.gcp.colab.RuntimeTemplateIamPolicy;\nimport com.pulumi.gcp.colab.RuntimeTemplateIamPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var admin = OrganizationsFunctions.getIAMPolicy(GetIAMPolicyArgs.builder()\n .bindings(GetIAMPolicyBindingArgs.builder()\n .role(\"roles/viewer\")\n .members(\"user:jane@example.com\")\n .build())\n .build());\n\n var policy = new RuntimeTemplateIamPolicy(\"policy\", RuntimeTemplateIamPolicyArgs.builder()\n .project(runtime_template.project())\n .location(runtime_template.location())\n .runtimeTemplate(runtime_template.name())\n .policyData(admin.applyValue(getIAMPolicyResult -\u003e getIAMPolicyResult.policyData()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n policy:\n type: gcp:colab:RuntimeTemplateIamPolicy\n properties:\n project: ${[\"runtime-template\"].project}\n location: ${[\"runtime-template\"].location}\n runtimeTemplate: ${[\"runtime-template\"].name}\n policyData: ${admin.policyData}\nvariables:\n admin:\n fn::invoke:\n function: gcp:organizations:getIAMPolicy\n arguments:\n bindings:\n - role: roles/viewer\n members:\n - user:jane@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## gcp.colab.RuntimeTemplateIamBinding\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst binding = new gcp.colab.RuntimeTemplateIamBinding(\"binding\", {\n project: runtime_template.project,\n location: runtime_template.location,\n runtimeTemplate: runtime_template.name,\n role: \"roles/viewer\",\n members: [\"user:jane@example.com\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nbinding = gcp.colab.RuntimeTemplateIamBinding(\"binding\",\n project=runtime_template[\"project\"],\n location=runtime_template[\"location\"],\n runtime_template=runtime_template[\"name\"],\n role=\"roles/viewer\",\n members=[\"user:jane@example.com\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var binding = new Gcp.Colab.RuntimeTemplateIamBinding(\"binding\", new()\n {\n Project = runtime_template.Project,\n Location = runtime_template.Location,\n RuntimeTemplate = runtime_template.Name,\n Role = \"roles/viewer\",\n Members = new[]\n {\n \"user:jane@example.com\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/colab\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := colab.NewRuntimeTemplateIamBinding(ctx, \"binding\", \u0026colab.RuntimeTemplateIamBindingArgs{\n\t\t\tProject: pulumi.Any(runtime_template.Project),\n\t\t\tLocation: pulumi.Any(runtime_template.Location),\n\t\t\tRuntimeTemplate: pulumi.Any(runtime_template.Name),\n\t\t\tRole: pulumi.String(\"roles/viewer\"),\n\t\t\tMembers: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"user:jane@example.com\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.colab.RuntimeTemplateIamBinding;\nimport com.pulumi.gcp.colab.RuntimeTemplateIamBindingArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var binding = new RuntimeTemplateIamBinding(\"binding\", RuntimeTemplateIamBindingArgs.builder()\n .project(runtime_template.project())\n .location(runtime_template.location())\n .runtimeTemplate(runtime_template.name())\n .role(\"roles/viewer\")\n .members(\"user:jane@example.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n binding:\n type: gcp:colab:RuntimeTemplateIamBinding\n properties:\n project: ${[\"runtime-template\"].project}\n location: ${[\"runtime-template\"].location}\n runtimeTemplate: ${[\"runtime-template\"].name}\n role: roles/viewer\n members:\n - user:jane@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## gcp.colab.RuntimeTemplateIamMember\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst member = new gcp.colab.RuntimeTemplateIamMember(\"member\", {\n project: runtime_template.project,\n location: runtime_template.location,\n runtimeTemplate: runtime_template.name,\n role: \"roles/viewer\",\n member: \"user:jane@example.com\",\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nmember = gcp.colab.RuntimeTemplateIamMember(\"member\",\n project=runtime_template[\"project\"],\n location=runtime_template[\"location\"],\n runtime_template=runtime_template[\"name\"],\n role=\"roles/viewer\",\n member=\"user:jane@example.com\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var member = new Gcp.Colab.RuntimeTemplateIamMember(\"member\", new()\n {\n Project = runtime_template.Project,\n Location = runtime_template.Location,\n RuntimeTemplate = runtime_template.Name,\n Role = \"roles/viewer\",\n Member = \"user:jane@example.com\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/colab\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := colab.NewRuntimeTemplateIamMember(ctx, \"member\", \u0026colab.RuntimeTemplateIamMemberArgs{\n\t\t\tProject: pulumi.Any(runtime_template.Project),\n\t\t\tLocation: pulumi.Any(runtime_template.Location),\n\t\t\tRuntimeTemplate: pulumi.Any(runtime_template.Name),\n\t\t\tRole: pulumi.String(\"roles/viewer\"),\n\t\t\tMember: pulumi.String(\"user:jane@example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.colab.RuntimeTemplateIamMember;\nimport com.pulumi.gcp.colab.RuntimeTemplateIamMemberArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var member = new RuntimeTemplateIamMember(\"member\", RuntimeTemplateIamMemberArgs.builder()\n .project(runtime_template.project())\n .location(runtime_template.location())\n .runtimeTemplate(runtime_template.name())\n .role(\"roles/viewer\")\n .member(\"user:jane@example.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n member:\n type: gcp:colab:RuntimeTemplateIamMember\n properties:\n project: ${[\"runtime-template\"].project}\n location: ${[\"runtime-template\"].location}\n runtimeTemplate: ${[\"runtime-template\"].name}\n role: roles/viewer\n member: user:jane@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n\n## This resource supports User Project Overrides.\n\n-\n\n# IAM policy for Colab Enterprise RuntimeTemplate\nThree different resources help you manage your IAM policy for Colab Enterprise RuntimeTemplate. Each of these resources serves a different use case:\n\n* `gcp.colab.RuntimeTemplateIamPolicy`: Authoritative. Sets the IAM policy for the runtimetemplate and replaces any existing policy already attached.\n* `gcp.colab.RuntimeTemplateIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the runtimetemplate are preserved.\n* `gcp.colab.RuntimeTemplateIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the runtimetemplate are preserved.\n\nA data source can be used to retrieve policy data in advent you do not need creation\n\n* `gcp.colab.RuntimeTemplateIamPolicy`: Retrieves the IAM policy for the runtimetemplate\n\n\u003e **Note:** `gcp.colab.RuntimeTemplateIamPolicy` **cannot** be used in conjunction with `gcp.colab.RuntimeTemplateIamBinding` and `gcp.colab.RuntimeTemplateIamMember` or they will fight over what your policy should be.\n\n\u003e **Note:** `gcp.colab.RuntimeTemplateIamBinding` resources **can be** used in conjunction with `gcp.colab.RuntimeTemplateIamMember` resources **only if** they do not grant privilege to the same role.\n\n\n\n## gcp.colab.RuntimeTemplateIamPolicy\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst admin = gcp.organizations.getIAMPolicy({\n bindings: [{\n role: \"roles/viewer\",\n members: [\"user:jane@example.com\"],\n }],\n});\nconst policy = new gcp.colab.RuntimeTemplateIamPolicy(\"policy\", {\n project: runtime_template.project,\n location: runtime_template.location,\n runtimeTemplate: runtime_template.name,\n policyData: admin.then(admin =\u003e admin.policyData),\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nadmin = gcp.organizations.get_iam_policy(bindings=[{\n \"role\": \"roles/viewer\",\n \"members\": [\"user:jane@example.com\"],\n}])\npolicy = gcp.colab.RuntimeTemplateIamPolicy(\"policy\",\n project=runtime_template[\"project\"],\n location=runtime_template[\"location\"],\n runtime_template=runtime_template[\"name\"],\n policy_data=admin.policy_data)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var admin = Gcp.Organizations.GetIAMPolicy.Invoke(new()\n {\n Bindings = new[]\n {\n new Gcp.Organizations.Inputs.GetIAMPolicyBindingInputArgs\n {\n Role = \"roles/viewer\",\n Members = new[]\n {\n \"user:jane@example.com\",\n },\n },\n },\n });\n\n var policy = new Gcp.Colab.RuntimeTemplateIamPolicy(\"policy\", new()\n {\n Project = runtime_template.Project,\n Location = runtime_template.Location,\n RuntimeTemplate = runtime_template.Name,\n PolicyData = admin.Apply(getIAMPolicyResult =\u003e getIAMPolicyResult.PolicyData),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/colab\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tadmin, err := organizations.LookupIAMPolicy(ctx, \u0026organizations.LookupIAMPolicyArgs{\n\t\t\tBindings: []organizations.GetIAMPolicyBinding{\n\t\t\t\t{\n\t\t\t\t\tRole: \"roles/viewer\",\n\t\t\t\t\tMembers: []string{\n\t\t\t\t\t\t\"user:jane@example.com\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = colab.NewRuntimeTemplateIamPolicy(ctx, \"policy\", \u0026colab.RuntimeTemplateIamPolicyArgs{\n\t\t\tProject: pulumi.Any(runtime_template.Project),\n\t\t\tLocation: pulumi.Any(runtime_template.Location),\n\t\t\tRuntimeTemplate: pulumi.Any(runtime_template.Name),\n\t\t\tPolicyData: pulumi.String(admin.PolicyData),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.organizations.OrganizationsFunctions;\nimport com.pulumi.gcp.organizations.inputs.GetIAMPolicyArgs;\nimport com.pulumi.gcp.colab.RuntimeTemplateIamPolicy;\nimport com.pulumi.gcp.colab.RuntimeTemplateIamPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var admin = OrganizationsFunctions.getIAMPolicy(GetIAMPolicyArgs.builder()\n .bindings(GetIAMPolicyBindingArgs.builder()\n .role(\"roles/viewer\")\n .members(\"user:jane@example.com\")\n .build())\n .build());\n\n var policy = new RuntimeTemplateIamPolicy(\"policy\", RuntimeTemplateIamPolicyArgs.builder()\n .project(runtime_template.project())\n .location(runtime_template.location())\n .runtimeTemplate(runtime_template.name())\n .policyData(admin.applyValue(getIAMPolicyResult -\u003e getIAMPolicyResult.policyData()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n policy:\n type: gcp:colab:RuntimeTemplateIamPolicy\n properties:\n project: ${[\"runtime-template\"].project}\n location: ${[\"runtime-template\"].location}\n runtimeTemplate: ${[\"runtime-template\"].name}\n policyData: ${admin.policyData}\nvariables:\n admin:\n fn::invoke:\n function: gcp:organizations:getIAMPolicy\n arguments:\n bindings:\n - role: roles/viewer\n members:\n - user:jane@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## gcp.colab.RuntimeTemplateIamBinding\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst binding = new gcp.colab.RuntimeTemplateIamBinding(\"binding\", {\n project: runtime_template.project,\n location: runtime_template.location,\n runtimeTemplate: runtime_template.name,\n role: \"roles/viewer\",\n members: [\"user:jane@example.com\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nbinding = gcp.colab.RuntimeTemplateIamBinding(\"binding\",\n project=runtime_template[\"project\"],\n location=runtime_template[\"location\"],\n runtime_template=runtime_template[\"name\"],\n role=\"roles/viewer\",\n members=[\"user:jane@example.com\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var binding = new Gcp.Colab.RuntimeTemplateIamBinding(\"binding\", new()\n {\n Project = runtime_template.Project,\n Location = runtime_template.Location,\n RuntimeTemplate = runtime_template.Name,\n Role = \"roles/viewer\",\n Members = new[]\n {\n \"user:jane@example.com\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/colab\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := colab.NewRuntimeTemplateIamBinding(ctx, \"binding\", \u0026colab.RuntimeTemplateIamBindingArgs{\n\t\t\tProject: pulumi.Any(runtime_template.Project),\n\t\t\tLocation: pulumi.Any(runtime_template.Location),\n\t\t\tRuntimeTemplate: pulumi.Any(runtime_template.Name),\n\t\t\tRole: pulumi.String(\"roles/viewer\"),\n\t\t\tMembers: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"user:jane@example.com\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.colab.RuntimeTemplateIamBinding;\nimport com.pulumi.gcp.colab.RuntimeTemplateIamBindingArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var binding = new RuntimeTemplateIamBinding(\"binding\", RuntimeTemplateIamBindingArgs.builder()\n .project(runtime_template.project())\n .location(runtime_template.location())\n .runtimeTemplate(runtime_template.name())\n .role(\"roles/viewer\")\n .members(\"user:jane@example.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n binding:\n type: gcp:colab:RuntimeTemplateIamBinding\n properties:\n project: ${[\"runtime-template\"].project}\n location: ${[\"runtime-template\"].location}\n runtimeTemplate: ${[\"runtime-template\"].name}\n role: roles/viewer\n members:\n - user:jane@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## gcp.colab.RuntimeTemplateIamMember\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst member = new gcp.colab.RuntimeTemplateIamMember(\"member\", {\n project: runtime_template.project,\n location: runtime_template.location,\n runtimeTemplate: runtime_template.name,\n role: \"roles/viewer\",\n member: \"user:jane@example.com\",\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nmember = gcp.colab.RuntimeTemplateIamMember(\"member\",\n project=runtime_template[\"project\"],\n location=runtime_template[\"location\"],\n runtime_template=runtime_template[\"name\"],\n role=\"roles/viewer\",\n member=\"user:jane@example.com\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var member = new Gcp.Colab.RuntimeTemplateIamMember(\"member\", new()\n {\n Project = runtime_template.Project,\n Location = runtime_template.Location,\n RuntimeTemplate = runtime_template.Name,\n Role = \"roles/viewer\",\n Member = \"user:jane@example.com\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/colab\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := colab.NewRuntimeTemplateIamMember(ctx, \"member\", \u0026colab.RuntimeTemplateIamMemberArgs{\n\t\t\tProject: pulumi.Any(runtime_template.Project),\n\t\t\tLocation: pulumi.Any(runtime_template.Location),\n\t\t\tRuntimeTemplate: pulumi.Any(runtime_template.Name),\n\t\t\tRole: pulumi.String(\"roles/viewer\"),\n\t\t\tMember: pulumi.String(\"user:jane@example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.colab.RuntimeTemplateIamMember;\nimport com.pulumi.gcp.colab.RuntimeTemplateIamMemberArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var member = new RuntimeTemplateIamMember(\"member\", RuntimeTemplateIamMemberArgs.builder()\n .project(runtime_template.project())\n .location(runtime_template.location())\n .runtimeTemplate(runtime_template.name())\n .role(\"roles/viewer\")\n .member(\"user:jane@example.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n member:\n type: gcp:colab:RuntimeTemplateIamMember\n properties:\n project: ${[\"runtime-template\"].project}\n location: ${[\"runtime-template\"].location}\n runtimeTemplate: ${[\"runtime-template\"].name}\n role: roles/viewer\n member: user:jane@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nFor all import syntaxes, the \"resource in question\" can take any of the following forms:\n\n* projects/{{project}}/locations/{{location}}/notebookRuntimeTemplates/{{runtime_template}}\n\n* {{project}}/{{location}}/{{runtime_template}}\n\n* {{location}}/{{runtime_template}}\n\n* {{runtime_template}}\n\nAny variables not passed in the import command will be taken from the provider configuration.\n\nColab Enterprise runtimetemplate IAM resources can be imported using the resource identifiers, role, and member.\n\nIAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g.\n\n```sh\n$ pulumi import gcp:colab/runtimeTemplateIamPolicy:RuntimeTemplateIamPolicy editor \"projects/{{project}}/locations/{{location}}/notebookRuntimeTemplates/{{runtime_template}} roles/viewer user:jane@example.com\"\n```\n\nIAM binding imports use space-delimited identifiers: the resource in question and the role, e.g.\n\n```sh\n$ pulumi import gcp:colab/runtimeTemplateIamPolicy:RuntimeTemplateIamPolicy editor \"projects/{{project}}/locations/{{location}}/notebookRuntimeTemplates/{{runtime_template}} roles/viewer\"\n```\n\nIAM policy imports use the identifier of the resource in question, e.g.\n\n```sh\n$ pulumi import gcp:colab/runtimeTemplateIamPolicy:RuntimeTemplateIamPolicy editor projects/{{project}}/locations/{{location}}/notebookRuntimeTemplates/{{runtime_template}}\n```\n\n-\u003e **Custom Roles** If you're importing a IAM resource with a custom role, make sure to use the\n\n full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`.\n\n", + "properties": { + "etag": { + "type": "string", + "description": "(Computed) The etag of the IAM policy.\n" + }, + "location": { + "type": "string", + "description": "The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified,\nthe value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no\nlocation is specified, it is taken from the provider configuration.\n" + }, + "policyData": { + "type": "string", + "description": "The policy data generated by\na `gcp.organizations.getIAMPolicy` data source.\n" + }, + "project": { + "type": "string", + "description": "The ID of the project in which the resource belongs.\nIf it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.\n" + }, + "runtimeTemplate": { + "type": "string", + "description": "Used to find the parent resource to bind the IAM policy to\n" + } + }, + "required": [ + "etag", + "location", + "policyData", + "project", + "runtimeTemplate" + ], + "inputProperties": { + "location": { + "type": "string", + "description": "The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified,\nthe value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no\nlocation is specified, it is taken from the provider configuration.\n", + "willReplaceOnChanges": true + }, + "policyData": { + "type": "string", + "description": "The policy data generated by\na `gcp.organizations.getIAMPolicy` data source.\n" + }, + "project": { + "type": "string", + "description": "The ID of the project in which the resource belongs.\nIf it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.\n", + "willReplaceOnChanges": true + }, + "runtimeTemplate": { + "type": "string", + "description": "Used to find the parent resource to bind the IAM policy to\n", + "willReplaceOnChanges": true + } + }, + "requiredInputs": [ + "policyData", + "runtimeTemplate" + ], + "stateInputs": { + "description": "Input properties used for looking up and filtering RuntimeTemplateIamPolicy resources.\n", + "properties": { + "etag": { + "type": "string", + "description": "(Computed) The etag of the IAM policy.\n" + }, + "location": { + "type": "string", + "description": "The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified,\nthe value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no\nlocation is specified, it is taken from the provider configuration.\n", + "willReplaceOnChanges": true + }, + "policyData": { + "type": "string", + "description": "The policy data generated by\na `gcp.organizations.getIAMPolicy` data source.\n" + }, + "project": { + "type": "string", + "description": "The ID of the project in which the resource belongs.\nIf it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.\n", + "willReplaceOnChanges": true + }, + "runtimeTemplate": { + "type": "string", + "description": "Used to find the parent resource to bind the IAM policy to\n", + "willReplaceOnChanges": true + } + }, + "type": "object" + } + }, "gcp:composer/environment:Environment": { "description": "\n\n## Import\n\nEnvironment can be imported using any of these accepted formats:\n\n* `projects/{{project}}/locations/{{region}}/environments/{{name}}`\n\n* `{{project}}/{{region}}/{{name}}`\n\n* `{{name}}`\n\nWhen using the `pulumi import` command, Environment can be imported using one of the formats above. For example:\n\n```sh\n$ pulumi import gcp:composer/environment:Environment default projects/{{project}}/locations/{{region}}/environments/{{name}}\n```\n\n```sh\n$ pulumi import gcp:composer/environment:Environment default {{project}}/{{region}}/{{name}}\n```\n\n```sh\n$ pulumi import gcp:composer/environment:Environment default {{name}}\n```\n\n", "properties": { @@ -168488,7 +170111,7 @@ } }, "gcp:compute/firewallPolicyRule:FirewallPolicyRule": { - "description": "Represents a rule that describes one or more match conditions along with the action to be taken when traffic matches this condition (allow or deny).\n\n\nTo get more information about FirewallPolicyRule, see:\n\n* [API documentation](https://cloud.google.com/compute/docs/reference/rest/v1/firewallPolicies/addRule)\n\n## Example Usage\n\n### Firewall Policy Rule\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst basicGlobalNetworksecurityAddressGroup = new gcp.networksecurity.AddressGroup(\"basic_global_networksecurity_address_group\", {\n name: \"address\",\n parent: \"organizations/123456789\",\n description: \"Sample global networksecurity_address_group\",\n location: \"global\",\n items: [\"208.80.154.224/32\"],\n type: \"IPV4\",\n capacity: 100,\n});\nconst folder = new gcp.organizations.Folder(\"folder\", {\n displayName: \"folder\",\n parent: \"organizations/123456789\",\n deletionProtection: false,\n});\nconst _default = new gcp.compute.FirewallPolicy(\"default\", {\n parent: folder.id,\n shortName: \"policy\",\n description: \"Resource created for Terraform acceptance testing\",\n});\nconst policyRule = new gcp.compute.FirewallPolicyRule(\"policy_rule\", {\n firewallPolicy: _default.name,\n description: \"Resource created for Terraform acceptance testing\",\n priority: 9000,\n enableLogging: true,\n action: \"allow\",\n direction: \"EGRESS\",\n disabled: false,\n match: {\n layer4Configs: [\n {\n ipProtocol: \"tcp\",\n ports: [\"8080\"],\n },\n {\n ipProtocol: \"udp\",\n ports: [\"22\"],\n },\n ],\n destIpRanges: [\"11.100.0.1/32\"],\n destFqdns: [],\n destRegionCodes: [\"US\"],\n destThreatIntelligences: [\"iplist-known-malicious-ips\"],\n srcAddressGroups: [],\n destAddressGroups: [basicGlobalNetworksecurityAddressGroup.id],\n },\n targetServiceAccounts: [\"my@service-account.com\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nbasic_global_networksecurity_address_group = gcp.networksecurity.AddressGroup(\"basic_global_networksecurity_address_group\",\n name=\"address\",\n parent=\"organizations/123456789\",\n description=\"Sample global networksecurity_address_group\",\n location=\"global\",\n items=[\"208.80.154.224/32\"],\n type=\"IPV4\",\n capacity=100)\nfolder = gcp.organizations.Folder(\"folder\",\n display_name=\"folder\",\n parent=\"organizations/123456789\",\n deletion_protection=False)\ndefault = gcp.compute.FirewallPolicy(\"default\",\n parent=folder.id,\n short_name=\"policy\",\n description=\"Resource created for Terraform acceptance testing\")\npolicy_rule = gcp.compute.FirewallPolicyRule(\"policy_rule\",\n firewall_policy=default.name,\n description=\"Resource created for Terraform acceptance testing\",\n priority=9000,\n enable_logging=True,\n action=\"allow\",\n direction=\"EGRESS\",\n disabled=False,\n match={\n \"layer4_configs\": [\n {\n \"ip_protocol\": \"tcp\",\n \"ports\": [\"8080\"],\n },\n {\n \"ip_protocol\": \"udp\",\n \"ports\": [\"22\"],\n },\n ],\n \"dest_ip_ranges\": [\"11.100.0.1/32\"],\n \"dest_fqdns\": [],\n \"dest_region_codes\": [\"US\"],\n \"dest_threat_intelligences\": [\"iplist-known-malicious-ips\"],\n \"src_address_groups\": [],\n \"dest_address_groups\": [basic_global_networksecurity_address_group.id],\n },\n target_service_accounts=[\"my@service-account.com\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var basicGlobalNetworksecurityAddressGroup = new Gcp.NetworkSecurity.AddressGroup(\"basic_global_networksecurity_address_group\", new()\n {\n Name = \"address\",\n Parent = \"organizations/123456789\",\n Description = \"Sample global networksecurity_address_group\",\n Location = \"global\",\n Items = new[]\n {\n \"208.80.154.224/32\",\n },\n Type = \"IPV4\",\n Capacity = 100,\n });\n\n var folder = new Gcp.Organizations.Folder(\"folder\", new()\n {\n DisplayName = \"folder\",\n Parent = \"organizations/123456789\",\n DeletionProtection = false,\n });\n\n var @default = new Gcp.Compute.FirewallPolicy(\"default\", new()\n {\n Parent = folder.Id,\n ShortName = \"policy\",\n Description = \"Resource created for Terraform acceptance testing\",\n });\n\n var policyRule = new Gcp.Compute.FirewallPolicyRule(\"policy_rule\", new()\n {\n FirewallPolicy = @default.Name,\n Description = \"Resource created for Terraform acceptance testing\",\n Priority = 9000,\n EnableLogging = true,\n Action = \"allow\",\n Direction = \"EGRESS\",\n Disabled = false,\n Match = new Gcp.Compute.Inputs.FirewallPolicyRuleMatchArgs\n {\n Layer4Configs = new[]\n {\n new Gcp.Compute.Inputs.FirewallPolicyRuleMatchLayer4ConfigArgs\n {\n IpProtocol = \"tcp\",\n Ports = new[]\n {\n \"8080\",\n },\n },\n new Gcp.Compute.Inputs.FirewallPolicyRuleMatchLayer4ConfigArgs\n {\n IpProtocol = \"udp\",\n Ports = new[]\n {\n \"22\",\n },\n },\n },\n DestIpRanges = new[]\n {\n \"11.100.0.1/32\",\n },\n DestFqdns = new() { },\n DestRegionCodes = new[]\n {\n \"US\",\n },\n DestThreatIntelligences = new[]\n {\n \"iplist-known-malicious-ips\",\n },\n SrcAddressGroups = new() { },\n DestAddressGroups = new[]\n {\n basicGlobalNetworksecurityAddressGroup.Id,\n },\n },\n TargetServiceAccounts = new[]\n {\n \"my@service-account.com\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tbasicGlobalNetworksecurityAddressGroup, err := networksecurity.NewAddressGroup(ctx, \"basic_global_networksecurity_address_group\", \u0026networksecurity.AddressGroupArgs{\n\t\t\tName: pulumi.String(\"address\"),\n\t\t\tParent: pulumi.String(\"organizations/123456789\"),\n\t\t\tDescription: pulumi.String(\"Sample global networksecurity_address_group\"),\n\t\t\tLocation: pulumi.String(\"global\"),\n\t\t\tItems: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"208.80.154.224/32\"),\n\t\t\t},\n\t\t\tType: pulumi.String(\"IPV4\"),\n\t\t\tCapacity: pulumi.Int(100),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfolder, err := organizations.NewFolder(ctx, \"folder\", \u0026organizations.FolderArgs{\n\t\t\tDisplayName: pulumi.String(\"folder\"),\n\t\t\tParent: pulumi.String(\"organizations/123456789\"),\n\t\t\tDeletionProtection: pulumi.Bool(false),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = compute.NewFirewallPolicy(ctx, \"default\", \u0026compute.FirewallPolicyArgs{\n\t\t\tParent: folder.ID(),\n\t\t\tShortName: pulumi.String(\"policy\"),\n\t\t\tDescription: pulumi.String(\"Resource created for Terraform acceptance testing\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = compute.NewFirewallPolicyRule(ctx, \"policy_rule\", \u0026compute.FirewallPolicyRuleArgs{\n\t\t\tFirewallPolicy: _default.Name,\n\t\t\tDescription: pulumi.String(\"Resource created for Terraform acceptance testing\"),\n\t\t\tPriority: pulumi.Int(9000),\n\t\t\tEnableLogging: pulumi.Bool(true),\n\t\t\tAction: pulumi.String(\"allow\"),\n\t\t\tDirection: pulumi.String(\"EGRESS\"),\n\t\t\tDisabled: pulumi.Bool(false),\n\t\t\tMatch: \u0026compute.FirewallPolicyRuleMatchArgs{\n\t\t\t\tLayer4Configs: compute.FirewallPolicyRuleMatchLayer4ConfigArray{\n\t\t\t\t\t\u0026compute.FirewallPolicyRuleMatchLayer4ConfigArgs{\n\t\t\t\t\t\tIpProtocol: pulumi.String(\"tcp\"),\n\t\t\t\t\t\tPorts: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"8080\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\t\u0026compute.FirewallPolicyRuleMatchLayer4ConfigArgs{\n\t\t\t\t\t\tIpProtocol: pulumi.String(\"udp\"),\n\t\t\t\t\t\tPorts: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"22\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tDestIpRanges: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"11.100.0.1/32\"),\n\t\t\t\t},\n\t\t\t\tDestFqdns: pulumi.StringArray{},\n\t\t\t\tDestRegionCodes: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"US\"),\n\t\t\t\t},\n\t\t\t\tDestThreatIntelligences: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"iplist-known-malicious-ips\"),\n\t\t\t\t},\n\t\t\t\tSrcAddressGroups: pulumi.StringArray{},\n\t\t\t\tDestAddressGroups: pulumi.StringArray{\n\t\t\t\t\tbasicGlobalNetworksecurityAddressGroup.ID(),\n\t\t\t\t},\n\t\t\t},\n\t\t\tTargetServiceAccounts: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"my@service-account.com\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.networksecurity.AddressGroup;\nimport com.pulumi.gcp.networksecurity.AddressGroupArgs;\nimport com.pulumi.gcp.organizations.Folder;\nimport com.pulumi.gcp.organizations.FolderArgs;\nimport com.pulumi.gcp.compute.FirewallPolicy;\nimport com.pulumi.gcp.compute.FirewallPolicyArgs;\nimport com.pulumi.gcp.compute.FirewallPolicyRule;\nimport com.pulumi.gcp.compute.FirewallPolicyRuleArgs;\nimport com.pulumi.gcp.compute.inputs.FirewallPolicyRuleMatchArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var basicGlobalNetworksecurityAddressGroup = new AddressGroup(\"basicGlobalNetworksecurityAddressGroup\", AddressGroupArgs.builder()\n .name(\"address\")\n .parent(\"organizations/123456789\")\n .description(\"Sample global networksecurity_address_group\")\n .location(\"global\")\n .items(\"208.80.154.224/32\")\n .type(\"IPV4\")\n .capacity(100)\n .build());\n\n var folder = new Folder(\"folder\", FolderArgs.builder()\n .displayName(\"folder\")\n .parent(\"organizations/123456789\")\n .deletionProtection(false)\n .build());\n\n var default_ = new FirewallPolicy(\"default\", FirewallPolicyArgs.builder()\n .parent(folder.id())\n .shortName(\"policy\")\n .description(\"Resource created for Terraform acceptance testing\")\n .build());\n\n var policyRule = new FirewallPolicyRule(\"policyRule\", FirewallPolicyRuleArgs.builder()\n .firewallPolicy(default_.name())\n .description(\"Resource created for Terraform acceptance testing\")\n .priority(9000)\n .enableLogging(true)\n .action(\"allow\")\n .direction(\"EGRESS\")\n .disabled(false)\n .match(FirewallPolicyRuleMatchArgs.builder()\n .layer4Configs( \n FirewallPolicyRuleMatchLayer4ConfigArgs.builder()\n .ipProtocol(\"tcp\")\n .ports(8080)\n .build(),\n FirewallPolicyRuleMatchLayer4ConfigArgs.builder()\n .ipProtocol(\"udp\")\n .ports(22)\n .build())\n .destIpRanges(\"11.100.0.1/32\")\n .destFqdns()\n .destRegionCodes(\"US\")\n .destThreatIntelligences(\"iplist-known-malicious-ips\")\n .srcAddressGroups()\n .destAddressGroups(basicGlobalNetworksecurityAddressGroup.id())\n .build())\n .targetServiceAccounts(\"my@service-account.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n basicGlobalNetworksecurityAddressGroup:\n type: gcp:networksecurity:AddressGroup\n name: basic_global_networksecurity_address_group\n properties:\n name: address\n parent: organizations/123456789\n description: Sample global networksecurity_address_group\n location: global\n items:\n - 208.80.154.224/32\n type: IPV4\n capacity: 100\n folder:\n type: gcp:organizations:Folder\n properties:\n displayName: folder\n parent: organizations/123456789\n deletionProtection: false\n default:\n type: gcp:compute:FirewallPolicy\n properties:\n parent: ${folder.id}\n shortName: policy\n description: Resource created for Terraform acceptance testing\n policyRule:\n type: gcp:compute:FirewallPolicyRule\n name: policy_rule\n properties:\n firewallPolicy: ${default.name}\n description: Resource created for Terraform acceptance testing\n priority: 9000\n enableLogging: true\n action: allow\n direction: EGRESS\n disabled: false\n match:\n layer4Configs:\n - ipProtocol: tcp\n ports:\n - 8080\n - ipProtocol: udp\n ports:\n - 22\n destIpRanges:\n - 11.100.0.1/32\n destFqdns: []\n destRegionCodes:\n - US\n destThreatIntelligences:\n - iplist-known-malicious-ips\n srcAddressGroups: []\n destAddressGroups:\n - ${basicGlobalNetworksecurityAddressGroup.id}\n targetServiceAccounts:\n - my@service-account.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nFirewallPolicyRule can be imported using any of these accepted formats:\n\n* `locations/global/firewallPolicies/{{firewall_policy}}/rules/{{priority}}`\n\n* `{{firewall_policy}}/{{priority}}`\n\nWhen using the `pulumi import` command, FirewallPolicyRule can be imported using one of the formats above. For example:\n\n```sh\n$ pulumi import gcp:compute/firewallPolicyRule:FirewallPolicyRule default locations/global/firewallPolicies/{{firewall_policy}}/rules/{{priority}}\n```\n\n```sh\n$ pulumi import gcp:compute/firewallPolicyRule:FirewallPolicyRule default {{firewall_policy}}/{{priority}}\n```\n\n", + "description": "Represents a rule that describes one or more match conditions along with the action to be taken when traffic matches this condition (allow or deny).\n\n\nTo get more information about FirewallPolicyRule, see:\n\n* [API documentation](https://cloud.google.com/compute/docs/reference/rest/v1/firewallPolicies/addRule)\n\n## Example Usage\n\n### Firewall Policy Rule\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst basicGlobalNetworksecurityAddressGroup = new gcp.networksecurity.AddressGroup(\"basic_global_networksecurity_address_group\", {\n name: \"address-group\",\n parent: \"organizations/123456789\",\n description: \"Sample global networksecurity_address_group\",\n location: \"global\",\n items: [\"208.80.154.224/32\"],\n type: \"IPV4\",\n capacity: 100,\n});\nconst folder = new gcp.organizations.Folder(\"folder\", {\n displayName: \"folder\",\n parent: \"organizations/123456789\",\n deletionProtection: false,\n});\nconst _default = new gcp.compute.FirewallPolicy(\"default\", {\n parent: folder.id,\n shortName: \"fw-policy\",\n description: \"Resource created for Terraform acceptance testing\",\n});\nconst primary = new gcp.compute.FirewallPolicyRule(\"primary\", {\n firewallPolicy: _default.name,\n description: \"Resource created for Terraform acceptance testing\",\n priority: 9000,\n enableLogging: true,\n action: \"allow\",\n direction: \"EGRESS\",\n disabled: false,\n targetServiceAccounts: [\"my@service-account.com\"],\n match: {\n destIpRanges: [\"11.100.0.1/32\"],\n destFqdns: [],\n destRegionCodes: [\"US\"],\n destThreatIntelligences: [\"iplist-known-malicious-ips\"],\n srcAddressGroups: [],\n destAddressGroups: [basicGlobalNetworksecurityAddressGroup.id],\n destNetworkScope: \"INTERNET\",\n layer4Configs: [\n {\n ipProtocol: \"tcp\",\n ports: [\"8080\"],\n },\n {\n ipProtocol: \"udp\",\n ports: [\"22\"],\n },\n ],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nbasic_global_networksecurity_address_group = gcp.networksecurity.AddressGroup(\"basic_global_networksecurity_address_group\",\n name=\"address-group\",\n parent=\"organizations/123456789\",\n description=\"Sample global networksecurity_address_group\",\n location=\"global\",\n items=[\"208.80.154.224/32\"],\n type=\"IPV4\",\n capacity=100)\nfolder = gcp.organizations.Folder(\"folder\",\n display_name=\"folder\",\n parent=\"organizations/123456789\",\n deletion_protection=False)\ndefault = gcp.compute.FirewallPolicy(\"default\",\n parent=folder.id,\n short_name=\"fw-policy\",\n description=\"Resource created for Terraform acceptance testing\")\nprimary = gcp.compute.FirewallPolicyRule(\"primary\",\n firewall_policy=default.name,\n description=\"Resource created for Terraform acceptance testing\",\n priority=9000,\n enable_logging=True,\n action=\"allow\",\n direction=\"EGRESS\",\n disabled=False,\n target_service_accounts=[\"my@service-account.com\"],\n match={\n \"dest_ip_ranges\": [\"11.100.0.1/32\"],\n \"dest_fqdns\": [],\n \"dest_region_codes\": [\"US\"],\n \"dest_threat_intelligences\": [\"iplist-known-malicious-ips\"],\n \"src_address_groups\": [],\n \"dest_address_groups\": [basic_global_networksecurity_address_group.id],\n \"dest_network_scope\": \"INTERNET\",\n \"layer4_configs\": [\n {\n \"ip_protocol\": \"tcp\",\n \"ports\": [\"8080\"],\n },\n {\n \"ip_protocol\": \"udp\",\n \"ports\": [\"22\"],\n },\n ],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var basicGlobalNetworksecurityAddressGroup = new Gcp.NetworkSecurity.AddressGroup(\"basic_global_networksecurity_address_group\", new()\n {\n Name = \"address-group\",\n Parent = \"organizations/123456789\",\n Description = \"Sample global networksecurity_address_group\",\n Location = \"global\",\n Items = new[]\n {\n \"208.80.154.224/32\",\n },\n Type = \"IPV4\",\n Capacity = 100,\n });\n\n var folder = new Gcp.Organizations.Folder(\"folder\", new()\n {\n DisplayName = \"folder\",\n Parent = \"organizations/123456789\",\n DeletionProtection = false,\n });\n\n var @default = new Gcp.Compute.FirewallPolicy(\"default\", new()\n {\n Parent = folder.Id,\n ShortName = \"fw-policy\",\n Description = \"Resource created for Terraform acceptance testing\",\n });\n\n var primary = new Gcp.Compute.FirewallPolicyRule(\"primary\", new()\n {\n FirewallPolicy = @default.Name,\n Description = \"Resource created for Terraform acceptance testing\",\n Priority = 9000,\n EnableLogging = true,\n Action = \"allow\",\n Direction = \"EGRESS\",\n Disabled = false,\n TargetServiceAccounts = new[]\n {\n \"my@service-account.com\",\n },\n Match = new Gcp.Compute.Inputs.FirewallPolicyRuleMatchArgs\n {\n DestIpRanges = new[]\n {\n \"11.100.0.1/32\",\n },\n DestFqdns = new() { },\n DestRegionCodes = new[]\n {\n \"US\",\n },\n DestThreatIntelligences = new[]\n {\n \"iplist-known-malicious-ips\",\n },\n SrcAddressGroups = new() { },\n DestAddressGroups = new[]\n {\n basicGlobalNetworksecurityAddressGroup.Id,\n },\n DestNetworkScope = \"INTERNET\",\n Layer4Configs = new[]\n {\n new Gcp.Compute.Inputs.FirewallPolicyRuleMatchLayer4ConfigArgs\n {\n IpProtocol = \"tcp\",\n Ports = new[]\n {\n \"8080\",\n },\n },\n new Gcp.Compute.Inputs.FirewallPolicyRuleMatchLayer4ConfigArgs\n {\n IpProtocol = \"udp\",\n Ports = new[]\n {\n \"22\",\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tbasicGlobalNetworksecurityAddressGroup, err := networksecurity.NewAddressGroup(ctx, \"basic_global_networksecurity_address_group\", \u0026networksecurity.AddressGroupArgs{\n\t\t\tName: pulumi.String(\"address-group\"),\n\t\t\tParent: pulumi.String(\"organizations/123456789\"),\n\t\t\tDescription: pulumi.String(\"Sample global networksecurity_address_group\"),\n\t\t\tLocation: pulumi.String(\"global\"),\n\t\t\tItems: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"208.80.154.224/32\"),\n\t\t\t},\n\t\t\tType: pulumi.String(\"IPV4\"),\n\t\t\tCapacity: pulumi.Int(100),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfolder, err := organizations.NewFolder(ctx, \"folder\", \u0026organizations.FolderArgs{\n\t\t\tDisplayName: pulumi.String(\"folder\"),\n\t\t\tParent: pulumi.String(\"organizations/123456789\"),\n\t\t\tDeletionProtection: pulumi.Bool(false),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = compute.NewFirewallPolicy(ctx, \"default\", \u0026compute.FirewallPolicyArgs{\n\t\t\tParent: folder.ID(),\n\t\t\tShortName: pulumi.String(\"fw-policy\"),\n\t\t\tDescription: pulumi.String(\"Resource created for Terraform acceptance testing\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = compute.NewFirewallPolicyRule(ctx, \"primary\", \u0026compute.FirewallPolicyRuleArgs{\n\t\t\tFirewallPolicy: _default.Name,\n\t\t\tDescription: pulumi.String(\"Resource created for Terraform acceptance testing\"),\n\t\t\tPriority: pulumi.Int(9000),\n\t\t\tEnableLogging: pulumi.Bool(true),\n\t\t\tAction: pulumi.String(\"allow\"),\n\t\t\tDirection: pulumi.String(\"EGRESS\"),\n\t\t\tDisabled: pulumi.Bool(false),\n\t\t\tTargetServiceAccounts: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"my@service-account.com\"),\n\t\t\t},\n\t\t\tMatch: \u0026compute.FirewallPolicyRuleMatchArgs{\n\t\t\t\tDestIpRanges: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"11.100.0.1/32\"),\n\t\t\t\t},\n\t\t\t\tDestFqdns: pulumi.StringArray{},\n\t\t\t\tDestRegionCodes: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"US\"),\n\t\t\t\t},\n\t\t\t\tDestThreatIntelligences: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"iplist-known-malicious-ips\"),\n\t\t\t\t},\n\t\t\t\tSrcAddressGroups: pulumi.StringArray{},\n\t\t\t\tDestAddressGroups: pulumi.StringArray{\n\t\t\t\t\tbasicGlobalNetworksecurityAddressGroup.ID(),\n\t\t\t\t},\n\t\t\t\tDestNetworkScope: pulumi.String(\"INTERNET\"),\n\t\t\t\tLayer4Configs: compute.FirewallPolicyRuleMatchLayer4ConfigArray{\n\t\t\t\t\t\u0026compute.FirewallPolicyRuleMatchLayer4ConfigArgs{\n\t\t\t\t\t\tIpProtocol: pulumi.String(\"tcp\"),\n\t\t\t\t\t\tPorts: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"8080\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\t\u0026compute.FirewallPolicyRuleMatchLayer4ConfigArgs{\n\t\t\t\t\t\tIpProtocol: pulumi.String(\"udp\"),\n\t\t\t\t\t\tPorts: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"22\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.networksecurity.AddressGroup;\nimport com.pulumi.gcp.networksecurity.AddressGroupArgs;\nimport com.pulumi.gcp.organizations.Folder;\nimport com.pulumi.gcp.organizations.FolderArgs;\nimport com.pulumi.gcp.compute.FirewallPolicy;\nimport com.pulumi.gcp.compute.FirewallPolicyArgs;\nimport com.pulumi.gcp.compute.FirewallPolicyRule;\nimport com.pulumi.gcp.compute.FirewallPolicyRuleArgs;\nimport com.pulumi.gcp.compute.inputs.FirewallPolicyRuleMatchArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var basicGlobalNetworksecurityAddressGroup = new AddressGroup(\"basicGlobalNetworksecurityAddressGroup\", AddressGroupArgs.builder()\n .name(\"address-group\")\n .parent(\"organizations/123456789\")\n .description(\"Sample global networksecurity_address_group\")\n .location(\"global\")\n .items(\"208.80.154.224/32\")\n .type(\"IPV4\")\n .capacity(100)\n .build());\n\n var folder = new Folder(\"folder\", FolderArgs.builder()\n .displayName(\"folder\")\n .parent(\"organizations/123456789\")\n .deletionProtection(false)\n .build());\n\n var default_ = new FirewallPolicy(\"default\", FirewallPolicyArgs.builder()\n .parent(folder.id())\n .shortName(\"fw-policy\")\n .description(\"Resource created for Terraform acceptance testing\")\n .build());\n\n var primary = new FirewallPolicyRule(\"primary\", FirewallPolicyRuleArgs.builder()\n .firewallPolicy(default_.name())\n .description(\"Resource created for Terraform acceptance testing\")\n .priority(9000)\n .enableLogging(true)\n .action(\"allow\")\n .direction(\"EGRESS\")\n .disabled(false)\n .targetServiceAccounts(\"my@service-account.com\")\n .match(FirewallPolicyRuleMatchArgs.builder()\n .destIpRanges(\"11.100.0.1/32\")\n .destFqdns()\n .destRegionCodes(\"US\")\n .destThreatIntelligences(\"iplist-known-malicious-ips\")\n .srcAddressGroups()\n .destAddressGroups(basicGlobalNetworksecurityAddressGroup.id())\n .destNetworkScope(\"INTERNET\")\n .layer4Configs( \n FirewallPolicyRuleMatchLayer4ConfigArgs.builder()\n .ipProtocol(\"tcp\")\n .ports(8080)\n .build(),\n FirewallPolicyRuleMatchLayer4ConfigArgs.builder()\n .ipProtocol(\"udp\")\n .ports(22)\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n basicGlobalNetworksecurityAddressGroup:\n type: gcp:networksecurity:AddressGroup\n name: basic_global_networksecurity_address_group\n properties:\n name: address-group\n parent: organizations/123456789\n description: Sample global networksecurity_address_group\n location: global\n items:\n - 208.80.154.224/32\n type: IPV4\n capacity: 100\n folder:\n type: gcp:organizations:Folder\n properties:\n displayName: folder\n parent: organizations/123456789\n deletionProtection: false\n default:\n type: gcp:compute:FirewallPolicy\n properties:\n parent: ${folder.id}\n shortName: fw-policy\n description: Resource created for Terraform acceptance testing\n primary:\n type: gcp:compute:FirewallPolicyRule\n properties:\n firewallPolicy: ${default.name}\n description: Resource created for Terraform acceptance testing\n priority: 9000\n enableLogging: true\n action: allow\n direction: EGRESS\n disabled: false\n targetServiceAccounts:\n - my@service-account.com\n match:\n destIpRanges:\n - 11.100.0.1/32\n destFqdns: []\n destRegionCodes:\n - US\n destThreatIntelligences:\n - iplist-known-malicious-ips\n srcAddressGroups: []\n destAddressGroups:\n - ${basicGlobalNetworksecurityAddressGroup.id}\n destNetworkScope: INTERNET\n layer4Configs:\n - ipProtocol: tcp\n ports:\n - 8080\n - ipProtocol: udp\n ports:\n - 22\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Firewall Policy Rule Network Scope\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst folder = new gcp.organizations.Folder(\"folder\", {\n displayName: \"folder\",\n parent: \"organizations/123456789\",\n deletionProtection: false,\n});\nconst _default = new gcp.compute.FirewallPolicy(\"default\", {\n parent: folder.id,\n shortName: \"fw-policy\",\n description: \"Firewall policy\",\n});\nconst network = new gcp.compute.Network(\"network\", {\n name: \"network\",\n autoCreateSubnetworks: false,\n});\nconst primary = new gcp.compute.FirewallPolicyRule(\"primary\", {\n firewallPolicy: _default.name,\n description: \"Firewall policy rule with network scope\",\n priority: 9000,\n action: \"allow\",\n direction: \"INGRESS\",\n disabled: false,\n match: {\n srcIpRanges: [\"11.100.0.1/32\"],\n srcNetworkScope: \"VPC_NETWORKS\",\n srcNetworks: [network.id],\n layer4Configs: [\n {\n ipProtocol: \"tcp\",\n ports: [\"8080\"],\n },\n {\n ipProtocol: \"udp\",\n ports: [\"22\"],\n },\n ],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nfolder = gcp.organizations.Folder(\"folder\",\n display_name=\"folder\",\n parent=\"organizations/123456789\",\n deletion_protection=False)\ndefault = gcp.compute.FirewallPolicy(\"default\",\n parent=folder.id,\n short_name=\"fw-policy\",\n description=\"Firewall policy\")\nnetwork = gcp.compute.Network(\"network\",\n name=\"network\",\n auto_create_subnetworks=False)\nprimary = gcp.compute.FirewallPolicyRule(\"primary\",\n firewall_policy=default.name,\n description=\"Firewall policy rule with network scope\",\n priority=9000,\n action=\"allow\",\n direction=\"INGRESS\",\n disabled=False,\n match={\n \"src_ip_ranges\": [\"11.100.0.1/32\"],\n \"src_network_scope\": \"VPC_NETWORKS\",\n \"src_networks\": [network.id],\n \"layer4_configs\": [\n {\n \"ip_protocol\": \"tcp\",\n \"ports\": [\"8080\"],\n },\n {\n \"ip_protocol\": \"udp\",\n \"ports\": [\"22\"],\n },\n ],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var folder = new Gcp.Organizations.Folder(\"folder\", new()\n {\n DisplayName = \"folder\",\n Parent = \"organizations/123456789\",\n DeletionProtection = false,\n });\n\n var @default = new Gcp.Compute.FirewallPolicy(\"default\", new()\n {\n Parent = folder.Id,\n ShortName = \"fw-policy\",\n Description = \"Firewall policy\",\n });\n\n var network = new Gcp.Compute.Network(\"network\", new()\n {\n Name = \"network\",\n AutoCreateSubnetworks = false,\n });\n\n var primary = new Gcp.Compute.FirewallPolicyRule(\"primary\", new()\n {\n FirewallPolicy = @default.Name,\n Description = \"Firewall policy rule with network scope\",\n Priority = 9000,\n Action = \"allow\",\n Direction = \"INGRESS\",\n Disabled = false,\n Match = new Gcp.Compute.Inputs.FirewallPolicyRuleMatchArgs\n {\n SrcIpRanges = new[]\n {\n \"11.100.0.1/32\",\n },\n SrcNetworkScope = \"VPC_NETWORKS\",\n SrcNetworks = new[]\n {\n network.Id,\n },\n Layer4Configs = new[]\n {\n new Gcp.Compute.Inputs.FirewallPolicyRuleMatchLayer4ConfigArgs\n {\n IpProtocol = \"tcp\",\n Ports = new[]\n {\n \"8080\",\n },\n },\n new Gcp.Compute.Inputs.FirewallPolicyRuleMatchLayer4ConfigArgs\n {\n IpProtocol = \"udp\",\n Ports = new[]\n {\n \"22\",\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfolder, err := organizations.NewFolder(ctx, \"folder\", \u0026organizations.FolderArgs{\n\t\t\tDisplayName: pulumi.String(\"folder\"),\n\t\t\tParent: pulumi.String(\"organizations/123456789\"),\n\t\t\tDeletionProtection: pulumi.Bool(false),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = compute.NewFirewallPolicy(ctx, \"default\", \u0026compute.FirewallPolicyArgs{\n\t\t\tParent: folder.ID(),\n\t\t\tShortName: pulumi.String(\"fw-policy\"),\n\t\t\tDescription: pulumi.String(\"Firewall policy\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tnetwork, err := compute.NewNetwork(ctx, \"network\", \u0026compute.NetworkArgs{\n\t\t\tName: pulumi.String(\"network\"),\n\t\t\tAutoCreateSubnetworks: pulumi.Bool(false),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = compute.NewFirewallPolicyRule(ctx, \"primary\", \u0026compute.FirewallPolicyRuleArgs{\n\t\t\tFirewallPolicy: _default.Name,\n\t\t\tDescription: pulumi.String(\"Firewall policy rule with network scope\"),\n\t\t\tPriority: pulumi.Int(9000),\n\t\t\tAction: pulumi.String(\"allow\"),\n\t\t\tDirection: pulumi.String(\"INGRESS\"),\n\t\t\tDisabled: pulumi.Bool(false),\n\t\t\tMatch: \u0026compute.FirewallPolicyRuleMatchArgs{\n\t\t\t\tSrcIpRanges: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"11.100.0.1/32\"),\n\t\t\t\t},\n\t\t\t\tSrcNetworkScope: pulumi.String(\"VPC_NETWORKS\"),\n\t\t\t\tSrcNetworks: pulumi.StringArray{\n\t\t\t\t\tnetwork.ID(),\n\t\t\t\t},\n\t\t\t\tLayer4Configs: compute.FirewallPolicyRuleMatchLayer4ConfigArray{\n\t\t\t\t\t\u0026compute.FirewallPolicyRuleMatchLayer4ConfigArgs{\n\t\t\t\t\t\tIpProtocol: pulumi.String(\"tcp\"),\n\t\t\t\t\t\tPorts: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"8080\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\t\u0026compute.FirewallPolicyRuleMatchLayer4ConfigArgs{\n\t\t\t\t\t\tIpProtocol: pulumi.String(\"udp\"),\n\t\t\t\t\t\tPorts: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"22\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.organizations.Folder;\nimport com.pulumi.gcp.organizations.FolderArgs;\nimport com.pulumi.gcp.compute.FirewallPolicy;\nimport com.pulumi.gcp.compute.FirewallPolicyArgs;\nimport com.pulumi.gcp.compute.Network;\nimport com.pulumi.gcp.compute.NetworkArgs;\nimport com.pulumi.gcp.compute.FirewallPolicyRule;\nimport com.pulumi.gcp.compute.FirewallPolicyRuleArgs;\nimport com.pulumi.gcp.compute.inputs.FirewallPolicyRuleMatchArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var folder = new Folder(\"folder\", FolderArgs.builder()\n .displayName(\"folder\")\n .parent(\"organizations/123456789\")\n .deletionProtection(false)\n .build());\n\n var default_ = new FirewallPolicy(\"default\", FirewallPolicyArgs.builder()\n .parent(folder.id())\n .shortName(\"fw-policy\")\n .description(\"Firewall policy\")\n .build());\n\n var network = new Network(\"network\", NetworkArgs.builder()\n .name(\"network\")\n .autoCreateSubnetworks(false)\n .build());\n\n var primary = new FirewallPolicyRule(\"primary\", FirewallPolicyRuleArgs.builder()\n .firewallPolicy(default_.name())\n .description(\"Firewall policy rule with network scope\")\n .priority(9000)\n .action(\"allow\")\n .direction(\"INGRESS\")\n .disabled(false)\n .match(FirewallPolicyRuleMatchArgs.builder()\n .srcIpRanges(\"11.100.0.1/32\")\n .srcNetworkScope(\"VPC_NETWORKS\")\n .srcNetworks(network.id())\n .layer4Configs( \n FirewallPolicyRuleMatchLayer4ConfigArgs.builder()\n .ipProtocol(\"tcp\")\n .ports(8080)\n .build(),\n FirewallPolicyRuleMatchLayer4ConfigArgs.builder()\n .ipProtocol(\"udp\")\n .ports(22)\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n folder:\n type: gcp:organizations:Folder\n properties:\n displayName: folder\n parent: organizations/123456789\n deletionProtection: false\n default:\n type: gcp:compute:FirewallPolicy\n properties:\n parent: ${folder.id}\n shortName: fw-policy\n description: Firewall policy\n primary:\n type: gcp:compute:FirewallPolicyRule\n properties:\n firewallPolicy: ${default.name}\n description: Firewall policy rule with network scope\n priority: 9000\n action: allow\n direction: INGRESS\n disabled: false\n match:\n srcIpRanges:\n - 11.100.0.1/32\n srcNetworkScope: VPC_NETWORKS\n srcNetworks:\n - ${network.id}\n layer4Configs:\n - ipProtocol: tcp\n ports:\n - 8080\n - ipProtocol: udp\n ports:\n - 22\n network:\n type: gcp:compute:Network\n properties:\n name: network\n autoCreateSubnetworks: false\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nFirewallPolicyRule can be imported using any of these accepted formats:\n\n* `locations/global/firewallPolicies/{{firewall_policy}}/rules/{{priority}}`\n\n* `{{firewall_policy}}/{{priority}}`\n\nWhen using the `pulumi import` command, FirewallPolicyRule can be imported using one of the formats above. For example:\n\n```sh\n$ pulumi import gcp:compute/firewallPolicyRule:FirewallPolicyRule default locations/global/firewallPolicies/{{firewall_policy}}/rules/{{priority}}\n```\n\n```sh\n$ pulumi import gcp:compute/firewallPolicyRule:FirewallPolicyRule default {{firewall_policy}}/{{priority}}\n```\n\n", "properties": { "action": { "type": "string", @@ -168708,7 +170331,7 @@ } }, "gcp:compute/firewallPolicyWithRules:FirewallPolicyWithRules": { - "description": "## Example Usage\n\n### Compute Firewall Policy With Rules Full\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst project = gcp.organizations.getProject({});\nconst addressGroup1 = new gcp.networksecurity.AddressGroup(\"address_group_1\", {\n name: \"tf-address-group\",\n parent: \"organizations/123456789\",\n description: \"Global address group\",\n location: \"global\",\n items: [\"208.80.154.224/32\"],\n type: \"IPV4\",\n capacity: 100,\n});\nconst securityProfile1 = new gcp.networksecurity.SecurityProfile(\"security_profile_1\", {\n name: \"tf-security-profile\",\n type: \"THREAT_PREVENTION\",\n parent: \"organizations/123456789\",\n location: \"global\",\n});\nconst securityProfileGroup1 = new gcp.networksecurity.SecurityProfileGroup(\"security_profile_group_1\", {\n name: \"tf-security-profile-group\",\n parent: \"organizations/123456789\",\n description: \"my description\",\n threatPreventionProfile: securityProfile1.id,\n});\nconst firewall_policy_with_rules = new gcp.compute.FirewallPolicyWithRules(\"firewall-policy-with-rules\", {\n shortName: \"tf-fw-org-policy-with-rules\",\n description: \"Terraform test\",\n parent: \"organizations/123456789\",\n rules: [\n {\n description: \"tcp rule\",\n priority: 1000,\n enableLogging: true,\n action: \"allow\",\n direction: \"EGRESS\",\n match: {\n layer4Configs: [{\n ipProtocol: \"tcp\",\n ports: [\n \"8080\",\n \"7070\",\n ],\n }],\n destIpRanges: [\"11.100.0.1/32\"],\n destFqdns: [\n \"www.yyy.com\",\n \"www.zzz.com\",\n ],\n destRegionCodes: [\n \"HK\",\n \"IN\",\n ],\n destThreatIntelligences: [\n \"iplist-search-engines-crawlers\",\n \"iplist-tor-exit-nodes\",\n ],\n destAddressGroups: [addressGroup1.id],\n },\n targetResources: [project.then(project =\u003e `https://www.googleapis.com/compute/beta/projects/${project.name}/global/networks/default`)],\n },\n {\n description: \"udp rule\",\n priority: 2000,\n enableLogging: false,\n action: \"deny\",\n direction: \"INGRESS\",\n match: {\n layer4Configs: [{\n ipProtocol: \"udp\",\n }],\n srcIpRanges: [\"0.0.0.0/0\"],\n srcFqdns: [\n \"www.abc.com\",\n \"www.def.com\",\n ],\n srcRegionCodes: [\n \"US\",\n \"CA\",\n ],\n srcThreatIntelligences: [\n \"iplist-known-malicious-ips\",\n \"iplist-public-clouds\",\n ],\n srcAddressGroups: [addressGroup1.id],\n },\n disabled: true,\n },\n {\n description: \"security profile group rule\",\n ruleName: \"tcp rule\",\n priority: 3000,\n enableLogging: false,\n action: \"apply_security_profile_group\",\n direction: \"INGRESS\",\n match: {\n layer4Configs: [{\n ipProtocol: \"tcp\",\n }],\n srcIpRanges: [\"0.0.0.0/0\"],\n },\n targetServiceAccounts: [\"test@google.com\"],\n securityProfileGroup: pulumi.interpolate`//networksecurity.googleapis.com/${securityProfileGroup1.id}`,\n tlsInspect: true,\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nproject = gcp.organizations.get_project()\naddress_group1 = gcp.networksecurity.AddressGroup(\"address_group_1\",\n name=\"tf-address-group\",\n parent=\"organizations/123456789\",\n description=\"Global address group\",\n location=\"global\",\n items=[\"208.80.154.224/32\"],\n type=\"IPV4\",\n capacity=100)\nsecurity_profile1 = gcp.networksecurity.SecurityProfile(\"security_profile_1\",\n name=\"tf-security-profile\",\n type=\"THREAT_PREVENTION\",\n parent=\"organizations/123456789\",\n location=\"global\")\nsecurity_profile_group1 = gcp.networksecurity.SecurityProfileGroup(\"security_profile_group_1\",\n name=\"tf-security-profile-group\",\n parent=\"organizations/123456789\",\n description=\"my description\",\n threat_prevention_profile=security_profile1.id)\nfirewall_policy_with_rules = gcp.compute.FirewallPolicyWithRules(\"firewall-policy-with-rules\",\n short_name=\"tf-fw-org-policy-with-rules\",\n description=\"Terraform test\",\n parent=\"organizations/123456789\",\n rules=[\n {\n \"description\": \"tcp rule\",\n \"priority\": 1000,\n \"enable_logging\": True,\n \"action\": \"allow\",\n \"direction\": \"EGRESS\",\n \"match\": {\n \"layer4_configs\": [{\n \"ip_protocol\": \"tcp\",\n \"ports\": [\n \"8080\",\n \"7070\",\n ],\n }],\n \"dest_ip_ranges\": [\"11.100.0.1/32\"],\n \"dest_fqdns\": [\n \"www.yyy.com\",\n \"www.zzz.com\",\n ],\n \"dest_region_codes\": [\n \"HK\",\n \"IN\",\n ],\n \"dest_threat_intelligences\": [\n \"iplist-search-engines-crawlers\",\n \"iplist-tor-exit-nodes\",\n ],\n \"dest_address_groups\": [address_group1.id],\n },\n \"target_resources\": [f\"https://www.googleapis.com/compute/beta/projects/{project.name}/global/networks/default\"],\n },\n {\n \"description\": \"udp rule\",\n \"priority\": 2000,\n \"enable_logging\": False,\n \"action\": \"deny\",\n \"direction\": \"INGRESS\",\n \"match\": {\n \"layer4_configs\": [{\n \"ip_protocol\": \"udp\",\n }],\n \"src_ip_ranges\": [\"0.0.0.0/0\"],\n \"src_fqdns\": [\n \"www.abc.com\",\n \"www.def.com\",\n ],\n \"src_region_codes\": [\n \"US\",\n \"CA\",\n ],\n \"src_threat_intelligences\": [\n \"iplist-known-malicious-ips\",\n \"iplist-public-clouds\",\n ],\n \"src_address_groups\": [address_group1.id],\n },\n \"disabled\": True,\n },\n {\n \"description\": \"security profile group rule\",\n \"rule_name\": \"tcp rule\",\n \"priority\": 3000,\n \"enable_logging\": False,\n \"action\": \"apply_security_profile_group\",\n \"direction\": \"INGRESS\",\n \"match\": {\n \"layer4_configs\": [{\n \"ip_protocol\": \"tcp\",\n }],\n \"src_ip_ranges\": [\"0.0.0.0/0\"],\n },\n \"target_service_accounts\": [\"test@google.com\"],\n \"security_profile_group\": security_profile_group1.id.apply(lambda id: f\"//networksecurity.googleapis.com/{id}\"),\n \"tls_inspect\": True,\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var project = Gcp.Organizations.GetProject.Invoke();\n\n var addressGroup1 = new Gcp.NetworkSecurity.AddressGroup(\"address_group_1\", new()\n {\n Name = \"tf-address-group\",\n Parent = \"organizations/123456789\",\n Description = \"Global address group\",\n Location = \"global\",\n Items = new[]\n {\n \"208.80.154.224/32\",\n },\n Type = \"IPV4\",\n Capacity = 100,\n });\n\n var securityProfile1 = new Gcp.NetworkSecurity.SecurityProfile(\"security_profile_1\", new()\n {\n Name = \"tf-security-profile\",\n Type = \"THREAT_PREVENTION\",\n Parent = \"organizations/123456789\",\n Location = \"global\",\n });\n\n var securityProfileGroup1 = new Gcp.NetworkSecurity.SecurityProfileGroup(\"security_profile_group_1\", new()\n {\n Name = \"tf-security-profile-group\",\n Parent = \"organizations/123456789\",\n Description = \"my description\",\n ThreatPreventionProfile = securityProfile1.Id,\n });\n\n var firewall_policy_with_rules = new Gcp.Compute.FirewallPolicyWithRules(\"firewall-policy-with-rules\", new()\n {\n ShortName = \"tf-fw-org-policy-with-rules\",\n Description = \"Terraform test\",\n Parent = \"organizations/123456789\",\n Rules = new[]\n {\n new Gcp.Compute.Inputs.FirewallPolicyWithRulesRuleArgs\n {\n Description = \"tcp rule\",\n Priority = 1000,\n EnableLogging = true,\n Action = \"allow\",\n Direction = \"EGRESS\",\n Match = new Gcp.Compute.Inputs.FirewallPolicyWithRulesRuleMatchArgs\n {\n Layer4Configs = new[]\n {\n new Gcp.Compute.Inputs.FirewallPolicyWithRulesRuleMatchLayer4ConfigArgs\n {\n IpProtocol = \"tcp\",\n Ports = new[]\n {\n \"8080\",\n \"7070\",\n },\n },\n },\n DestIpRanges = new[]\n {\n \"11.100.0.1/32\",\n },\n DestFqdns = new[]\n {\n \"www.yyy.com\",\n \"www.zzz.com\",\n },\n DestRegionCodes = new[]\n {\n \"HK\",\n \"IN\",\n },\n DestThreatIntelligences = new[]\n {\n \"iplist-search-engines-crawlers\",\n \"iplist-tor-exit-nodes\",\n },\n DestAddressGroups = new[]\n {\n addressGroup1.Id,\n },\n },\n TargetResources = new[]\n {\n $\"https://www.googleapis.com/compute/beta/projects/{project.Apply(getProjectResult =\u003e getProjectResult.Name)}/global/networks/default\",\n },\n },\n new Gcp.Compute.Inputs.FirewallPolicyWithRulesRuleArgs\n {\n Description = \"udp rule\",\n Priority = 2000,\n EnableLogging = false,\n Action = \"deny\",\n Direction = \"INGRESS\",\n Match = new Gcp.Compute.Inputs.FirewallPolicyWithRulesRuleMatchArgs\n {\n Layer4Configs = new[]\n {\n new Gcp.Compute.Inputs.FirewallPolicyWithRulesRuleMatchLayer4ConfigArgs\n {\n IpProtocol = \"udp\",\n },\n },\n SrcIpRanges = new[]\n {\n \"0.0.0.0/0\",\n },\n SrcFqdns = new[]\n {\n \"www.abc.com\",\n \"www.def.com\",\n },\n SrcRegionCodes = new[]\n {\n \"US\",\n \"CA\",\n },\n SrcThreatIntelligences = new[]\n {\n \"iplist-known-malicious-ips\",\n \"iplist-public-clouds\",\n },\n SrcAddressGroups = new[]\n {\n addressGroup1.Id,\n },\n },\n Disabled = true,\n },\n new Gcp.Compute.Inputs.FirewallPolicyWithRulesRuleArgs\n {\n Description = \"security profile group rule\",\n RuleName = \"tcp rule\",\n Priority = 3000,\n EnableLogging = false,\n Action = \"apply_security_profile_group\",\n Direction = \"INGRESS\",\n Match = new Gcp.Compute.Inputs.FirewallPolicyWithRulesRuleMatchArgs\n {\n Layer4Configs = new[]\n {\n new Gcp.Compute.Inputs.FirewallPolicyWithRulesRuleMatchLayer4ConfigArgs\n {\n IpProtocol = \"tcp\",\n },\n },\n SrcIpRanges = new[]\n {\n \"0.0.0.0/0\",\n },\n },\n TargetServiceAccounts = new[]\n {\n \"test@google.com\",\n },\n SecurityProfileGroup = securityProfileGroup1.Id.Apply(id =\u003e $\"//networksecurity.googleapis.com/{id}\"),\n TlsInspect = true,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tproject, err := organizations.LookupProject(ctx, \u0026organizations.LookupProjectArgs{}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\taddressGroup1, err := networksecurity.NewAddressGroup(ctx, \"address_group_1\", \u0026networksecurity.AddressGroupArgs{\n\t\t\tName: pulumi.String(\"tf-address-group\"),\n\t\t\tParent: pulumi.String(\"organizations/123456789\"),\n\t\t\tDescription: pulumi.String(\"Global address group\"),\n\t\t\tLocation: pulumi.String(\"global\"),\n\t\t\tItems: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"208.80.154.224/32\"),\n\t\t\t},\n\t\t\tType: pulumi.String(\"IPV4\"),\n\t\t\tCapacity: pulumi.Int(100),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tsecurityProfile1, err := networksecurity.NewSecurityProfile(ctx, \"security_profile_1\", \u0026networksecurity.SecurityProfileArgs{\n\t\t\tName: pulumi.String(\"tf-security-profile\"),\n\t\t\tType: pulumi.String(\"THREAT_PREVENTION\"),\n\t\t\tParent: pulumi.String(\"organizations/123456789\"),\n\t\t\tLocation: pulumi.String(\"global\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tsecurityProfileGroup1, err := networksecurity.NewSecurityProfileGroup(ctx, \"security_profile_group_1\", \u0026networksecurity.SecurityProfileGroupArgs{\n\t\t\tName: pulumi.String(\"tf-security-profile-group\"),\n\t\t\tParent: pulumi.String(\"organizations/123456789\"),\n\t\t\tDescription: pulumi.String(\"my description\"),\n\t\t\tThreatPreventionProfile: securityProfile1.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = compute.NewFirewallPolicyWithRules(ctx, \"firewall-policy-with-rules\", \u0026compute.FirewallPolicyWithRulesArgs{\n\t\t\tShortName: pulumi.String(\"tf-fw-org-policy-with-rules\"),\n\t\t\tDescription: pulumi.String(\"Terraform test\"),\n\t\t\tParent: pulumi.String(\"organizations/123456789\"),\n\t\t\tRules: compute.FirewallPolicyWithRulesRuleArray{\n\t\t\t\t\u0026compute.FirewallPolicyWithRulesRuleArgs{\n\t\t\t\t\tDescription: pulumi.String(\"tcp rule\"),\n\t\t\t\t\tPriority: pulumi.Int(1000),\n\t\t\t\t\tEnableLogging: pulumi.Bool(true),\n\t\t\t\t\tAction: pulumi.String(\"allow\"),\n\t\t\t\t\tDirection: pulumi.String(\"EGRESS\"),\n\t\t\t\t\tMatch: \u0026compute.FirewallPolicyWithRulesRuleMatchArgs{\n\t\t\t\t\t\tLayer4Configs: compute.FirewallPolicyWithRulesRuleMatchLayer4ConfigArray{\n\t\t\t\t\t\t\t\u0026compute.FirewallPolicyWithRulesRuleMatchLayer4ConfigArgs{\n\t\t\t\t\t\t\t\tIpProtocol: pulumi.String(\"tcp\"),\n\t\t\t\t\t\t\t\tPorts: pulumi.StringArray{\n\t\t\t\t\t\t\t\t\tpulumi.String(\"8080\"),\n\t\t\t\t\t\t\t\t\tpulumi.String(\"7070\"),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\tDestIpRanges: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"11.100.0.1/32\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tDestFqdns: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"www.yyy.com\"),\n\t\t\t\t\t\t\tpulumi.String(\"www.zzz.com\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tDestRegionCodes: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"HK\"),\n\t\t\t\t\t\t\tpulumi.String(\"IN\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tDestThreatIntelligences: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"iplist-search-engines-crawlers\"),\n\t\t\t\t\t\t\tpulumi.String(\"iplist-tor-exit-nodes\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tDestAddressGroups: pulumi.StringArray{\n\t\t\t\t\t\t\taddressGroup1.ID(),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tTargetResources: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.Sprintf(\"https://www.googleapis.com/compute/beta/projects/%v/global/networks/default\", project.Name),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026compute.FirewallPolicyWithRulesRuleArgs{\n\t\t\t\t\tDescription: pulumi.String(\"udp rule\"),\n\t\t\t\t\tPriority: pulumi.Int(2000),\n\t\t\t\t\tEnableLogging: pulumi.Bool(false),\n\t\t\t\t\tAction: pulumi.String(\"deny\"),\n\t\t\t\t\tDirection: pulumi.String(\"INGRESS\"),\n\t\t\t\t\tMatch: \u0026compute.FirewallPolicyWithRulesRuleMatchArgs{\n\t\t\t\t\t\tLayer4Configs: compute.FirewallPolicyWithRulesRuleMatchLayer4ConfigArray{\n\t\t\t\t\t\t\t\u0026compute.FirewallPolicyWithRulesRuleMatchLayer4ConfigArgs{\n\t\t\t\t\t\t\t\tIpProtocol: pulumi.String(\"udp\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\tSrcIpRanges: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"0.0.0.0/0\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tSrcFqdns: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"www.abc.com\"),\n\t\t\t\t\t\t\tpulumi.String(\"www.def.com\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tSrcRegionCodes: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"US\"),\n\t\t\t\t\t\t\tpulumi.String(\"CA\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tSrcThreatIntelligences: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"iplist-known-malicious-ips\"),\n\t\t\t\t\t\t\tpulumi.String(\"iplist-public-clouds\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tSrcAddressGroups: pulumi.StringArray{\n\t\t\t\t\t\t\taddressGroup1.ID(),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tDisabled: pulumi.Bool(true),\n\t\t\t\t},\n\t\t\t\t\u0026compute.FirewallPolicyWithRulesRuleArgs{\n\t\t\t\t\tDescription: pulumi.String(\"security profile group rule\"),\n\t\t\t\t\tRuleName: pulumi.String(\"tcp rule\"),\n\t\t\t\t\tPriority: pulumi.Int(3000),\n\t\t\t\t\tEnableLogging: pulumi.Bool(false),\n\t\t\t\t\tAction: pulumi.String(\"apply_security_profile_group\"),\n\t\t\t\t\tDirection: pulumi.String(\"INGRESS\"),\n\t\t\t\t\tMatch: \u0026compute.FirewallPolicyWithRulesRuleMatchArgs{\n\t\t\t\t\t\tLayer4Configs: compute.FirewallPolicyWithRulesRuleMatchLayer4ConfigArray{\n\t\t\t\t\t\t\t\u0026compute.FirewallPolicyWithRulesRuleMatchLayer4ConfigArgs{\n\t\t\t\t\t\t\t\tIpProtocol: pulumi.String(\"tcp\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\tSrcIpRanges: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"0.0.0.0/0\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tTargetServiceAccounts: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"test@google.com\"),\n\t\t\t\t\t},\n\t\t\t\t\tSecurityProfileGroup: securityProfileGroup1.ID().ApplyT(func(id string) (string, error) {\n\t\t\t\t\t\treturn fmt.Sprintf(\"//networksecurity.googleapis.com/%v\", id), nil\n\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\tTlsInspect: pulumi.Bool(true),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.organizations.OrganizationsFunctions;\nimport com.pulumi.gcp.organizations.inputs.GetProjectArgs;\nimport com.pulumi.gcp.networksecurity.AddressGroup;\nimport com.pulumi.gcp.networksecurity.AddressGroupArgs;\nimport com.pulumi.gcp.networksecurity.SecurityProfile;\nimport com.pulumi.gcp.networksecurity.SecurityProfileArgs;\nimport com.pulumi.gcp.networksecurity.SecurityProfileGroup;\nimport com.pulumi.gcp.networksecurity.SecurityProfileGroupArgs;\nimport com.pulumi.gcp.compute.FirewallPolicyWithRules;\nimport com.pulumi.gcp.compute.FirewallPolicyWithRulesArgs;\nimport com.pulumi.gcp.compute.inputs.FirewallPolicyWithRulesRuleArgs;\nimport com.pulumi.gcp.compute.inputs.FirewallPolicyWithRulesRuleMatchArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var project = OrganizationsFunctions.getProject();\n\n var addressGroup1 = new AddressGroup(\"addressGroup1\", AddressGroupArgs.builder()\n .name(\"tf-address-group\")\n .parent(\"organizations/123456789\")\n .description(\"Global address group\")\n .location(\"global\")\n .items(\"208.80.154.224/32\")\n .type(\"IPV4\")\n .capacity(100)\n .build());\n\n var securityProfile1 = new SecurityProfile(\"securityProfile1\", SecurityProfileArgs.builder()\n .name(\"tf-security-profile\")\n .type(\"THREAT_PREVENTION\")\n .parent(\"organizations/123456789\")\n .location(\"global\")\n .build());\n\n var securityProfileGroup1 = new SecurityProfileGroup(\"securityProfileGroup1\", SecurityProfileGroupArgs.builder()\n .name(\"tf-security-profile-group\")\n .parent(\"organizations/123456789\")\n .description(\"my description\")\n .threatPreventionProfile(securityProfile1.id())\n .build());\n\n var firewall_policy_with_rules = new FirewallPolicyWithRules(\"firewall-policy-with-rules\", FirewallPolicyWithRulesArgs.builder()\n .shortName(\"tf-fw-org-policy-with-rules\")\n .description(\"Terraform test\")\n .parent(\"organizations/123456789\")\n .rules( \n FirewallPolicyWithRulesRuleArgs.builder()\n .description(\"tcp rule\")\n .priority(1000)\n .enableLogging(true)\n .action(\"allow\")\n .direction(\"EGRESS\")\n .match(FirewallPolicyWithRulesRuleMatchArgs.builder()\n .layer4Configs(FirewallPolicyWithRulesRuleMatchLayer4ConfigArgs.builder()\n .ipProtocol(\"tcp\")\n .ports( \n 8080,\n 7070)\n .build())\n .destIpRanges(\"11.100.0.1/32\")\n .destFqdns( \n \"www.yyy.com\",\n \"www.zzz.com\")\n .destRegionCodes( \n \"HK\",\n \"IN\")\n .destThreatIntelligences( \n \"iplist-search-engines-crawlers\",\n \"iplist-tor-exit-nodes\")\n .destAddressGroups(addressGroup1.id())\n .build())\n .targetResources(String.format(\"https://www.googleapis.com/compute/beta/projects/%s/global/networks/default\", project.applyValue(getProjectResult -\u003e getProjectResult.name())))\n .build(),\n FirewallPolicyWithRulesRuleArgs.builder()\n .description(\"udp rule\")\n .priority(2000)\n .enableLogging(false)\n .action(\"deny\")\n .direction(\"INGRESS\")\n .match(FirewallPolicyWithRulesRuleMatchArgs.builder()\n .layer4Configs(FirewallPolicyWithRulesRuleMatchLayer4ConfigArgs.builder()\n .ipProtocol(\"udp\")\n .build())\n .srcIpRanges(\"0.0.0.0/0\")\n .srcFqdns( \n \"www.abc.com\",\n \"www.def.com\")\n .srcRegionCodes( \n \"US\",\n \"CA\")\n .srcThreatIntelligences( \n \"iplist-known-malicious-ips\",\n \"iplist-public-clouds\")\n .srcAddressGroups(addressGroup1.id())\n .build())\n .disabled(true)\n .build(),\n FirewallPolicyWithRulesRuleArgs.builder()\n .description(\"security profile group rule\")\n .ruleName(\"tcp rule\")\n .priority(3000)\n .enableLogging(false)\n .action(\"apply_security_profile_group\")\n .direction(\"INGRESS\")\n .match(FirewallPolicyWithRulesRuleMatchArgs.builder()\n .layer4Configs(FirewallPolicyWithRulesRuleMatchLayer4ConfigArgs.builder()\n .ipProtocol(\"tcp\")\n .build())\n .srcIpRanges(\"0.0.0.0/0\")\n .build())\n .targetServiceAccounts(\"test@google.com\")\n .securityProfileGroup(securityProfileGroup1.id().applyValue(id -\u003e String.format(\"//networksecurity.googleapis.com/%s\", id)))\n .tlsInspect(true)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n firewall-policy-with-rules:\n type: gcp:compute:FirewallPolicyWithRules\n properties:\n shortName: tf-fw-org-policy-with-rules\n description: Terraform test\n parent: organizations/123456789\n rules:\n - description: tcp rule\n priority: 1000\n enableLogging: true\n action: allow\n direction: EGRESS\n match:\n layer4Configs:\n - ipProtocol: tcp\n ports:\n - 8080\n - 7070\n destIpRanges:\n - 11.100.0.1/32\n destFqdns:\n - www.yyy.com\n - www.zzz.com\n destRegionCodes:\n - HK\n - IN\n destThreatIntelligences:\n - iplist-search-engines-crawlers\n - iplist-tor-exit-nodes\n destAddressGroups:\n - ${addressGroup1.id}\n targetResources:\n - https://www.googleapis.com/compute/beta/projects/${project.name}/global/networks/default\n - description: udp rule\n priority: 2000\n enableLogging: false\n action: deny\n direction: INGRESS\n match:\n layer4Configs:\n - ipProtocol: udp\n srcIpRanges:\n - 0.0.0.0/0\n srcFqdns:\n - www.abc.com\n - www.def.com\n srcRegionCodes:\n - US\n - CA\n srcThreatIntelligences:\n - iplist-known-malicious-ips\n - iplist-public-clouds\n srcAddressGroups:\n - ${addressGroup1.id}\n disabled: true\n - description: security profile group rule\n ruleName: tcp rule\n priority: 3000\n enableLogging: false\n action: apply_security_profile_group\n direction: INGRESS\n match:\n layer4Configs:\n - ipProtocol: tcp\n srcIpRanges:\n - 0.0.0.0/0\n targetServiceAccounts:\n - test@google.com\n securityProfileGroup: //networksecurity.googleapis.com/${securityProfileGroup1.id}\n tlsInspect: true\n addressGroup1:\n type: gcp:networksecurity:AddressGroup\n name: address_group_1\n properties:\n name: tf-address-group\n parent: organizations/123456789\n description: Global address group\n location: global\n items:\n - 208.80.154.224/32\n type: IPV4\n capacity: 100\n securityProfileGroup1:\n type: gcp:networksecurity:SecurityProfileGroup\n name: security_profile_group_1\n properties:\n name: tf-security-profile-group\n parent: organizations/123456789\n description: my description\n threatPreventionProfile: ${securityProfile1.id}\n securityProfile1:\n type: gcp:networksecurity:SecurityProfile\n name: security_profile_1\n properties:\n name: tf-security-profile\n type: THREAT_PREVENTION\n parent: organizations/123456789\n location: global\nvariables:\n project:\n fn::invoke:\n function: gcp:organizations:getProject\n arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nFirewallPolicyWithRules can be imported using any of these accepted formats:\n\n* `locations/global/firewallPolicies/{{policy_id}}`\n\n* `{{policy_id}}`\n\nWhen using the `pulumi import` command, FirewallPolicyWithRules can be imported using one of the formats above. For example:\n\n```sh\n$ pulumi import gcp:compute/firewallPolicyWithRules:FirewallPolicyWithRules default locations/global/firewallPolicies/{{policy_id}}\n```\n\n```sh\n$ pulumi import gcp:compute/firewallPolicyWithRules:FirewallPolicyWithRules default {{policy_id}}\n```\n\n", + "description": "## Example Usage\n\n### Compute Firewall Policy With Rules Full\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst project = gcp.organizations.getProject({});\nconst addressGroup1 = new gcp.networksecurity.AddressGroup(\"address_group_1\", {\n name: \"address-group\",\n parent: \"organizations/123456789\",\n description: \"Global address group\",\n location: \"global\",\n items: [\"208.80.154.224/32\"],\n type: \"IPV4\",\n capacity: 100,\n});\nconst securityProfile1 = new gcp.networksecurity.SecurityProfile(\"security_profile_1\", {\n name: \"sp\",\n type: \"THREAT_PREVENTION\",\n parent: \"organizations/123456789\",\n location: \"global\",\n});\nconst securityProfileGroup1 = new gcp.networksecurity.SecurityProfileGroup(\"security_profile_group_1\", {\n name: \"spg\",\n parent: \"organizations/123456789\",\n description: \"my description\",\n threatPreventionProfile: securityProfile1.id,\n});\nconst network = new gcp.compute.Network(\"network\", {\n name: \"network\",\n autoCreateSubnetworks: false,\n});\nconst primary = new gcp.compute.FirewallPolicyWithRules(\"primary\", {\n shortName: \"fw-policy\",\n description: \"Terraform test\",\n parent: \"organizations/123456789\",\n rules: [\n {\n description: \"tcp rule\",\n priority: 1000,\n enableLogging: true,\n action: \"allow\",\n direction: \"EGRESS\",\n targetResources: [project.then(project =\u003e `https://www.googleapis.com/compute/beta/projects/${project.name}/global/networks/default`)],\n match: {\n destIpRanges: [\"11.100.0.1/32\"],\n destFqdns: [\n \"www.yyy.com\",\n \"www.zzz.com\",\n ],\n destRegionCodes: [\n \"HK\",\n \"IN\",\n ],\n destThreatIntelligences: [\n \"iplist-search-engines-crawlers\",\n \"iplist-tor-exit-nodes\",\n ],\n destAddressGroups: [addressGroup1.id],\n layer4Configs: [{\n ipProtocol: \"tcp\",\n ports: [\n \"8080\",\n \"7070\",\n ],\n }],\n },\n },\n {\n description: \"udp rule\",\n priority: 2000,\n enableLogging: false,\n action: \"deny\",\n direction: \"INGRESS\",\n disabled: true,\n match: {\n srcIpRanges: [\"0.0.0.0/0\"],\n srcFqdns: [\n \"www.abc.com\",\n \"www.def.com\",\n ],\n srcRegionCodes: [\n \"US\",\n \"CA\",\n ],\n srcThreatIntelligences: [\n \"iplist-known-malicious-ips\",\n \"iplist-public-clouds\",\n ],\n srcAddressGroups: [addressGroup1.id],\n layer4Configs: [{\n ipProtocol: \"udp\",\n }],\n },\n },\n {\n description: \"security profile group rule\",\n ruleName: \"tcp rule\",\n priority: 3000,\n enableLogging: false,\n action: \"apply_security_profile_group\",\n direction: \"INGRESS\",\n targetServiceAccounts: [\"test@google.com\"],\n securityProfileGroup: pulumi.interpolate`//networksecurity.googleapis.com/${securityProfileGroup1.id}`,\n tlsInspect: true,\n match: {\n srcIpRanges: [\"0.0.0.0/0\"],\n layer4Configs: [{\n ipProtocol: \"tcp\",\n }],\n },\n },\n {\n description: \"network scope rule 1\",\n ruleName: \"network scope 1\",\n priority: 4000,\n enableLogging: false,\n action: \"allow\",\n direction: \"INGRESS\",\n match: {\n srcIpRanges: [\"11.100.0.1/32\"],\n srcNetworkScope: \"VPC_NETWORKS\",\n srcNetworks: [network.id],\n layer4Configs: [{\n ipProtocol: \"tcp\",\n ports: [\"8080\"],\n }],\n },\n },\n {\n description: \"network scope rule 2\",\n ruleName: \"network scope 2\",\n priority: 5000,\n enableLogging: false,\n action: \"allow\",\n direction: \"EGRESS\",\n match: {\n destIpRanges: [\"0.0.0.0/0\"],\n destNetworkScope: \"INTERNET\",\n layer4Configs: [{\n ipProtocol: \"tcp\",\n ports: [\"8080\"],\n }],\n },\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nproject = gcp.organizations.get_project()\naddress_group1 = gcp.networksecurity.AddressGroup(\"address_group_1\",\n name=\"address-group\",\n parent=\"organizations/123456789\",\n description=\"Global address group\",\n location=\"global\",\n items=[\"208.80.154.224/32\"],\n type=\"IPV4\",\n capacity=100)\nsecurity_profile1 = gcp.networksecurity.SecurityProfile(\"security_profile_1\",\n name=\"sp\",\n type=\"THREAT_PREVENTION\",\n parent=\"organizations/123456789\",\n location=\"global\")\nsecurity_profile_group1 = gcp.networksecurity.SecurityProfileGroup(\"security_profile_group_1\",\n name=\"spg\",\n parent=\"organizations/123456789\",\n description=\"my description\",\n threat_prevention_profile=security_profile1.id)\nnetwork = gcp.compute.Network(\"network\",\n name=\"network\",\n auto_create_subnetworks=False)\nprimary = gcp.compute.FirewallPolicyWithRules(\"primary\",\n short_name=\"fw-policy\",\n description=\"Terraform test\",\n parent=\"organizations/123456789\",\n rules=[\n {\n \"description\": \"tcp rule\",\n \"priority\": 1000,\n \"enable_logging\": True,\n \"action\": \"allow\",\n \"direction\": \"EGRESS\",\n \"target_resources\": [f\"https://www.googleapis.com/compute/beta/projects/{project.name}/global/networks/default\"],\n \"match\": {\n \"dest_ip_ranges\": [\"11.100.0.1/32\"],\n \"dest_fqdns\": [\n \"www.yyy.com\",\n \"www.zzz.com\",\n ],\n \"dest_region_codes\": [\n \"HK\",\n \"IN\",\n ],\n \"dest_threat_intelligences\": [\n \"iplist-search-engines-crawlers\",\n \"iplist-tor-exit-nodes\",\n ],\n \"dest_address_groups\": [address_group1.id],\n \"layer4_configs\": [{\n \"ip_protocol\": \"tcp\",\n \"ports\": [\n \"8080\",\n \"7070\",\n ],\n }],\n },\n },\n {\n \"description\": \"udp rule\",\n \"priority\": 2000,\n \"enable_logging\": False,\n \"action\": \"deny\",\n \"direction\": \"INGRESS\",\n \"disabled\": True,\n \"match\": {\n \"src_ip_ranges\": [\"0.0.0.0/0\"],\n \"src_fqdns\": [\n \"www.abc.com\",\n \"www.def.com\",\n ],\n \"src_region_codes\": [\n \"US\",\n \"CA\",\n ],\n \"src_threat_intelligences\": [\n \"iplist-known-malicious-ips\",\n \"iplist-public-clouds\",\n ],\n \"src_address_groups\": [address_group1.id],\n \"layer4_configs\": [{\n \"ip_protocol\": \"udp\",\n }],\n },\n },\n {\n \"description\": \"security profile group rule\",\n \"rule_name\": \"tcp rule\",\n \"priority\": 3000,\n \"enable_logging\": False,\n \"action\": \"apply_security_profile_group\",\n \"direction\": \"INGRESS\",\n \"target_service_accounts\": [\"test@google.com\"],\n \"security_profile_group\": security_profile_group1.id.apply(lambda id: f\"//networksecurity.googleapis.com/{id}\"),\n \"tls_inspect\": True,\n \"match\": {\n \"src_ip_ranges\": [\"0.0.0.0/0\"],\n \"layer4_configs\": [{\n \"ip_protocol\": \"tcp\",\n }],\n },\n },\n {\n \"description\": \"network scope rule 1\",\n \"rule_name\": \"network scope 1\",\n \"priority\": 4000,\n \"enable_logging\": False,\n \"action\": \"allow\",\n \"direction\": \"INGRESS\",\n \"match\": {\n \"src_ip_ranges\": [\"11.100.0.1/32\"],\n \"src_network_scope\": \"VPC_NETWORKS\",\n \"src_networks\": [network.id],\n \"layer4_configs\": [{\n \"ip_protocol\": \"tcp\",\n \"ports\": [\"8080\"],\n }],\n },\n },\n {\n \"description\": \"network scope rule 2\",\n \"rule_name\": \"network scope 2\",\n \"priority\": 5000,\n \"enable_logging\": False,\n \"action\": \"allow\",\n \"direction\": \"EGRESS\",\n \"match\": {\n \"dest_ip_ranges\": [\"0.0.0.0/0\"],\n \"dest_network_scope\": \"INTERNET\",\n \"layer4_configs\": [{\n \"ip_protocol\": \"tcp\",\n \"ports\": [\"8080\"],\n }],\n },\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var project = Gcp.Organizations.GetProject.Invoke();\n\n var addressGroup1 = new Gcp.NetworkSecurity.AddressGroup(\"address_group_1\", new()\n {\n Name = \"address-group\",\n Parent = \"organizations/123456789\",\n Description = \"Global address group\",\n Location = \"global\",\n Items = new[]\n {\n \"208.80.154.224/32\",\n },\n Type = \"IPV4\",\n Capacity = 100,\n });\n\n var securityProfile1 = new Gcp.NetworkSecurity.SecurityProfile(\"security_profile_1\", new()\n {\n Name = \"sp\",\n Type = \"THREAT_PREVENTION\",\n Parent = \"organizations/123456789\",\n Location = \"global\",\n });\n\n var securityProfileGroup1 = new Gcp.NetworkSecurity.SecurityProfileGroup(\"security_profile_group_1\", new()\n {\n Name = \"spg\",\n Parent = \"organizations/123456789\",\n Description = \"my description\",\n ThreatPreventionProfile = securityProfile1.Id,\n });\n\n var network = new Gcp.Compute.Network(\"network\", new()\n {\n Name = \"network\",\n AutoCreateSubnetworks = false,\n });\n\n var primary = new Gcp.Compute.FirewallPolicyWithRules(\"primary\", new()\n {\n ShortName = \"fw-policy\",\n Description = \"Terraform test\",\n Parent = \"organizations/123456789\",\n Rules = new[]\n {\n new Gcp.Compute.Inputs.FirewallPolicyWithRulesRuleArgs\n {\n Description = \"tcp rule\",\n Priority = 1000,\n EnableLogging = true,\n Action = \"allow\",\n Direction = \"EGRESS\",\n TargetResources = new[]\n {\n $\"https://www.googleapis.com/compute/beta/projects/{project.Apply(getProjectResult =\u003e getProjectResult.Name)}/global/networks/default\",\n },\n Match = new Gcp.Compute.Inputs.FirewallPolicyWithRulesRuleMatchArgs\n {\n DestIpRanges = new[]\n {\n \"11.100.0.1/32\",\n },\n DestFqdns = new[]\n {\n \"www.yyy.com\",\n \"www.zzz.com\",\n },\n DestRegionCodes = new[]\n {\n \"HK\",\n \"IN\",\n },\n DestThreatIntelligences = new[]\n {\n \"iplist-search-engines-crawlers\",\n \"iplist-tor-exit-nodes\",\n },\n DestAddressGroups = new[]\n {\n addressGroup1.Id,\n },\n Layer4Configs = new[]\n {\n new Gcp.Compute.Inputs.FirewallPolicyWithRulesRuleMatchLayer4ConfigArgs\n {\n IpProtocol = \"tcp\",\n Ports = new[]\n {\n \"8080\",\n \"7070\",\n },\n },\n },\n },\n },\n new Gcp.Compute.Inputs.FirewallPolicyWithRulesRuleArgs\n {\n Description = \"udp rule\",\n Priority = 2000,\n EnableLogging = false,\n Action = \"deny\",\n Direction = \"INGRESS\",\n Disabled = true,\n Match = new Gcp.Compute.Inputs.FirewallPolicyWithRulesRuleMatchArgs\n {\n SrcIpRanges = new[]\n {\n \"0.0.0.0/0\",\n },\n SrcFqdns = new[]\n {\n \"www.abc.com\",\n \"www.def.com\",\n },\n SrcRegionCodes = new[]\n {\n \"US\",\n \"CA\",\n },\n SrcThreatIntelligences = new[]\n {\n \"iplist-known-malicious-ips\",\n \"iplist-public-clouds\",\n },\n SrcAddressGroups = new[]\n {\n addressGroup1.Id,\n },\n Layer4Configs = new[]\n {\n new Gcp.Compute.Inputs.FirewallPolicyWithRulesRuleMatchLayer4ConfigArgs\n {\n IpProtocol = \"udp\",\n },\n },\n },\n },\n new Gcp.Compute.Inputs.FirewallPolicyWithRulesRuleArgs\n {\n Description = \"security profile group rule\",\n RuleName = \"tcp rule\",\n Priority = 3000,\n EnableLogging = false,\n Action = \"apply_security_profile_group\",\n Direction = \"INGRESS\",\n TargetServiceAccounts = new[]\n {\n \"test@google.com\",\n },\n SecurityProfileGroup = securityProfileGroup1.Id.Apply(id =\u003e $\"//networksecurity.googleapis.com/{id}\"),\n TlsInspect = true,\n Match = new Gcp.Compute.Inputs.FirewallPolicyWithRulesRuleMatchArgs\n {\n SrcIpRanges = new[]\n {\n \"0.0.0.0/0\",\n },\n Layer4Configs = new[]\n {\n new Gcp.Compute.Inputs.FirewallPolicyWithRulesRuleMatchLayer4ConfigArgs\n {\n IpProtocol = \"tcp\",\n },\n },\n },\n },\n new Gcp.Compute.Inputs.FirewallPolicyWithRulesRuleArgs\n {\n Description = \"network scope rule 1\",\n RuleName = \"network scope 1\",\n Priority = 4000,\n EnableLogging = false,\n Action = \"allow\",\n Direction = \"INGRESS\",\n Match = new Gcp.Compute.Inputs.FirewallPolicyWithRulesRuleMatchArgs\n {\n SrcIpRanges = new[]\n {\n \"11.100.0.1/32\",\n },\n SrcNetworkScope = \"VPC_NETWORKS\",\n SrcNetworks = new[]\n {\n network.Id,\n },\n Layer4Configs = new[]\n {\n new Gcp.Compute.Inputs.FirewallPolicyWithRulesRuleMatchLayer4ConfigArgs\n {\n IpProtocol = \"tcp\",\n Ports = new[]\n {\n \"8080\",\n },\n },\n },\n },\n },\n new Gcp.Compute.Inputs.FirewallPolicyWithRulesRuleArgs\n {\n Description = \"network scope rule 2\",\n RuleName = \"network scope 2\",\n Priority = 5000,\n EnableLogging = false,\n Action = \"allow\",\n Direction = \"EGRESS\",\n Match = new Gcp.Compute.Inputs.FirewallPolicyWithRulesRuleMatchArgs\n {\n DestIpRanges = new[]\n {\n \"0.0.0.0/0\",\n },\n DestNetworkScope = \"INTERNET\",\n Layer4Configs = new[]\n {\n new Gcp.Compute.Inputs.FirewallPolicyWithRulesRuleMatchLayer4ConfigArgs\n {\n IpProtocol = \"tcp\",\n Ports = new[]\n {\n \"8080\",\n },\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tproject, err := organizations.LookupProject(ctx, \u0026organizations.LookupProjectArgs{}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\taddressGroup1, err := networksecurity.NewAddressGroup(ctx, \"address_group_1\", \u0026networksecurity.AddressGroupArgs{\n\t\t\tName: pulumi.String(\"address-group\"),\n\t\t\tParent: pulumi.String(\"organizations/123456789\"),\n\t\t\tDescription: pulumi.String(\"Global address group\"),\n\t\t\tLocation: pulumi.String(\"global\"),\n\t\t\tItems: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"208.80.154.224/32\"),\n\t\t\t},\n\t\t\tType: pulumi.String(\"IPV4\"),\n\t\t\tCapacity: pulumi.Int(100),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tsecurityProfile1, err := networksecurity.NewSecurityProfile(ctx, \"security_profile_1\", \u0026networksecurity.SecurityProfileArgs{\n\t\t\tName: pulumi.String(\"sp\"),\n\t\t\tType: pulumi.String(\"THREAT_PREVENTION\"),\n\t\t\tParent: pulumi.String(\"organizations/123456789\"),\n\t\t\tLocation: pulumi.String(\"global\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tsecurityProfileGroup1, err := networksecurity.NewSecurityProfileGroup(ctx, \"security_profile_group_1\", \u0026networksecurity.SecurityProfileGroupArgs{\n\t\t\tName: pulumi.String(\"spg\"),\n\t\t\tParent: pulumi.String(\"organizations/123456789\"),\n\t\t\tDescription: pulumi.String(\"my description\"),\n\t\t\tThreatPreventionProfile: securityProfile1.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tnetwork, err := compute.NewNetwork(ctx, \"network\", \u0026compute.NetworkArgs{\n\t\t\tName: pulumi.String(\"network\"),\n\t\t\tAutoCreateSubnetworks: pulumi.Bool(false),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = compute.NewFirewallPolicyWithRules(ctx, \"primary\", \u0026compute.FirewallPolicyWithRulesArgs{\n\t\t\tShortName: pulumi.String(\"fw-policy\"),\n\t\t\tDescription: pulumi.String(\"Terraform test\"),\n\t\t\tParent: pulumi.String(\"organizations/123456789\"),\n\t\t\tRules: compute.FirewallPolicyWithRulesRuleArray{\n\t\t\t\t\u0026compute.FirewallPolicyWithRulesRuleArgs{\n\t\t\t\t\tDescription: pulumi.String(\"tcp rule\"),\n\t\t\t\t\tPriority: pulumi.Int(1000),\n\t\t\t\t\tEnableLogging: pulumi.Bool(true),\n\t\t\t\t\tAction: pulumi.String(\"allow\"),\n\t\t\t\t\tDirection: pulumi.String(\"EGRESS\"),\n\t\t\t\t\tTargetResources: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.Sprintf(\"https://www.googleapis.com/compute/beta/projects/%v/global/networks/default\", project.Name),\n\t\t\t\t\t},\n\t\t\t\t\tMatch: \u0026compute.FirewallPolicyWithRulesRuleMatchArgs{\n\t\t\t\t\t\tDestIpRanges: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"11.100.0.1/32\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tDestFqdns: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"www.yyy.com\"),\n\t\t\t\t\t\t\tpulumi.String(\"www.zzz.com\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tDestRegionCodes: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"HK\"),\n\t\t\t\t\t\t\tpulumi.String(\"IN\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tDestThreatIntelligences: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"iplist-search-engines-crawlers\"),\n\t\t\t\t\t\t\tpulumi.String(\"iplist-tor-exit-nodes\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tDestAddressGroups: pulumi.StringArray{\n\t\t\t\t\t\t\taddressGroup1.ID(),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tLayer4Configs: compute.FirewallPolicyWithRulesRuleMatchLayer4ConfigArray{\n\t\t\t\t\t\t\t\u0026compute.FirewallPolicyWithRulesRuleMatchLayer4ConfigArgs{\n\t\t\t\t\t\t\t\tIpProtocol: pulumi.String(\"tcp\"),\n\t\t\t\t\t\t\t\tPorts: pulumi.StringArray{\n\t\t\t\t\t\t\t\t\tpulumi.String(\"8080\"),\n\t\t\t\t\t\t\t\t\tpulumi.String(\"7070\"),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026compute.FirewallPolicyWithRulesRuleArgs{\n\t\t\t\t\tDescription: pulumi.String(\"udp rule\"),\n\t\t\t\t\tPriority: pulumi.Int(2000),\n\t\t\t\t\tEnableLogging: pulumi.Bool(false),\n\t\t\t\t\tAction: pulumi.String(\"deny\"),\n\t\t\t\t\tDirection: pulumi.String(\"INGRESS\"),\n\t\t\t\t\tDisabled: pulumi.Bool(true),\n\t\t\t\t\tMatch: \u0026compute.FirewallPolicyWithRulesRuleMatchArgs{\n\t\t\t\t\t\tSrcIpRanges: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"0.0.0.0/0\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tSrcFqdns: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"www.abc.com\"),\n\t\t\t\t\t\t\tpulumi.String(\"www.def.com\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tSrcRegionCodes: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"US\"),\n\t\t\t\t\t\t\tpulumi.String(\"CA\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tSrcThreatIntelligences: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"iplist-known-malicious-ips\"),\n\t\t\t\t\t\t\tpulumi.String(\"iplist-public-clouds\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tSrcAddressGroups: pulumi.StringArray{\n\t\t\t\t\t\t\taddressGroup1.ID(),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tLayer4Configs: compute.FirewallPolicyWithRulesRuleMatchLayer4ConfigArray{\n\t\t\t\t\t\t\t\u0026compute.FirewallPolicyWithRulesRuleMatchLayer4ConfigArgs{\n\t\t\t\t\t\t\t\tIpProtocol: pulumi.String(\"udp\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026compute.FirewallPolicyWithRulesRuleArgs{\n\t\t\t\t\tDescription: pulumi.String(\"security profile group rule\"),\n\t\t\t\t\tRuleName: pulumi.String(\"tcp rule\"),\n\t\t\t\t\tPriority: pulumi.Int(3000),\n\t\t\t\t\tEnableLogging: pulumi.Bool(false),\n\t\t\t\t\tAction: pulumi.String(\"apply_security_profile_group\"),\n\t\t\t\t\tDirection: pulumi.String(\"INGRESS\"),\n\t\t\t\t\tTargetServiceAccounts: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"test@google.com\"),\n\t\t\t\t\t},\n\t\t\t\t\tSecurityProfileGroup: securityProfileGroup1.ID().ApplyT(func(id string) (string, error) {\n\t\t\t\t\t\treturn fmt.Sprintf(\"//networksecurity.googleapis.com/%v\", id), nil\n\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\tTlsInspect: pulumi.Bool(true),\n\t\t\t\t\tMatch: \u0026compute.FirewallPolicyWithRulesRuleMatchArgs{\n\t\t\t\t\t\tSrcIpRanges: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"0.0.0.0/0\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tLayer4Configs: compute.FirewallPolicyWithRulesRuleMatchLayer4ConfigArray{\n\t\t\t\t\t\t\t\u0026compute.FirewallPolicyWithRulesRuleMatchLayer4ConfigArgs{\n\t\t\t\t\t\t\t\tIpProtocol: pulumi.String(\"tcp\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026compute.FirewallPolicyWithRulesRuleArgs{\n\t\t\t\t\tDescription: pulumi.String(\"network scope rule 1\"),\n\t\t\t\t\tRuleName: pulumi.String(\"network scope 1\"),\n\t\t\t\t\tPriority: pulumi.Int(4000),\n\t\t\t\t\tEnableLogging: pulumi.Bool(false),\n\t\t\t\t\tAction: pulumi.String(\"allow\"),\n\t\t\t\t\tDirection: pulumi.String(\"INGRESS\"),\n\t\t\t\t\tMatch: \u0026compute.FirewallPolicyWithRulesRuleMatchArgs{\n\t\t\t\t\t\tSrcIpRanges: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"11.100.0.1/32\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tSrcNetworkScope: pulumi.String(\"VPC_NETWORKS\"),\n\t\t\t\t\t\tSrcNetworks: pulumi.StringArray{\n\t\t\t\t\t\t\tnetwork.ID(),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tLayer4Configs: compute.FirewallPolicyWithRulesRuleMatchLayer4ConfigArray{\n\t\t\t\t\t\t\t\u0026compute.FirewallPolicyWithRulesRuleMatchLayer4ConfigArgs{\n\t\t\t\t\t\t\t\tIpProtocol: pulumi.String(\"tcp\"),\n\t\t\t\t\t\t\t\tPorts: pulumi.StringArray{\n\t\t\t\t\t\t\t\t\tpulumi.String(\"8080\"),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026compute.FirewallPolicyWithRulesRuleArgs{\n\t\t\t\t\tDescription: pulumi.String(\"network scope rule 2\"),\n\t\t\t\t\tRuleName: pulumi.String(\"network scope 2\"),\n\t\t\t\t\tPriority: pulumi.Int(5000),\n\t\t\t\t\tEnableLogging: pulumi.Bool(false),\n\t\t\t\t\tAction: pulumi.String(\"allow\"),\n\t\t\t\t\tDirection: pulumi.String(\"EGRESS\"),\n\t\t\t\t\tMatch: \u0026compute.FirewallPolicyWithRulesRuleMatchArgs{\n\t\t\t\t\t\tDestIpRanges: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"0.0.0.0/0\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tDestNetworkScope: pulumi.String(\"INTERNET\"),\n\t\t\t\t\t\tLayer4Configs: compute.FirewallPolicyWithRulesRuleMatchLayer4ConfigArray{\n\t\t\t\t\t\t\t\u0026compute.FirewallPolicyWithRulesRuleMatchLayer4ConfigArgs{\n\t\t\t\t\t\t\t\tIpProtocol: pulumi.String(\"tcp\"),\n\t\t\t\t\t\t\t\tPorts: pulumi.StringArray{\n\t\t\t\t\t\t\t\t\tpulumi.String(\"8080\"),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.organizations.OrganizationsFunctions;\nimport com.pulumi.gcp.organizations.inputs.GetProjectArgs;\nimport com.pulumi.gcp.networksecurity.AddressGroup;\nimport com.pulumi.gcp.networksecurity.AddressGroupArgs;\nimport com.pulumi.gcp.networksecurity.SecurityProfile;\nimport com.pulumi.gcp.networksecurity.SecurityProfileArgs;\nimport com.pulumi.gcp.networksecurity.SecurityProfileGroup;\nimport com.pulumi.gcp.networksecurity.SecurityProfileGroupArgs;\nimport com.pulumi.gcp.compute.Network;\nimport com.pulumi.gcp.compute.NetworkArgs;\nimport com.pulumi.gcp.compute.FirewallPolicyWithRules;\nimport com.pulumi.gcp.compute.FirewallPolicyWithRulesArgs;\nimport com.pulumi.gcp.compute.inputs.FirewallPolicyWithRulesRuleArgs;\nimport com.pulumi.gcp.compute.inputs.FirewallPolicyWithRulesRuleMatchArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var project = OrganizationsFunctions.getProject();\n\n var addressGroup1 = new AddressGroup(\"addressGroup1\", AddressGroupArgs.builder()\n .name(\"address-group\")\n .parent(\"organizations/123456789\")\n .description(\"Global address group\")\n .location(\"global\")\n .items(\"208.80.154.224/32\")\n .type(\"IPV4\")\n .capacity(100)\n .build());\n\n var securityProfile1 = new SecurityProfile(\"securityProfile1\", SecurityProfileArgs.builder()\n .name(\"sp\")\n .type(\"THREAT_PREVENTION\")\n .parent(\"organizations/123456789\")\n .location(\"global\")\n .build());\n\n var securityProfileGroup1 = new SecurityProfileGroup(\"securityProfileGroup1\", SecurityProfileGroupArgs.builder()\n .name(\"spg\")\n .parent(\"organizations/123456789\")\n .description(\"my description\")\n .threatPreventionProfile(securityProfile1.id())\n .build());\n\n var network = new Network(\"network\", NetworkArgs.builder()\n .name(\"network\")\n .autoCreateSubnetworks(false)\n .build());\n\n var primary = new FirewallPolicyWithRules(\"primary\", FirewallPolicyWithRulesArgs.builder()\n .shortName(\"fw-policy\")\n .description(\"Terraform test\")\n .parent(\"organizations/123456789\")\n .rules( \n FirewallPolicyWithRulesRuleArgs.builder()\n .description(\"tcp rule\")\n .priority(1000)\n .enableLogging(true)\n .action(\"allow\")\n .direction(\"EGRESS\")\n .targetResources(String.format(\"https://www.googleapis.com/compute/beta/projects/%s/global/networks/default\", project.applyValue(getProjectResult -\u003e getProjectResult.name())))\n .match(FirewallPolicyWithRulesRuleMatchArgs.builder()\n .destIpRanges(\"11.100.0.1/32\")\n .destFqdns( \n \"www.yyy.com\",\n \"www.zzz.com\")\n .destRegionCodes( \n \"HK\",\n \"IN\")\n .destThreatIntelligences( \n \"iplist-search-engines-crawlers\",\n \"iplist-tor-exit-nodes\")\n .destAddressGroups(addressGroup1.id())\n .layer4Configs(FirewallPolicyWithRulesRuleMatchLayer4ConfigArgs.builder()\n .ipProtocol(\"tcp\")\n .ports( \n 8080,\n 7070)\n .build())\n .build())\n .build(),\n FirewallPolicyWithRulesRuleArgs.builder()\n .description(\"udp rule\")\n .priority(2000)\n .enableLogging(false)\n .action(\"deny\")\n .direction(\"INGRESS\")\n .disabled(true)\n .match(FirewallPolicyWithRulesRuleMatchArgs.builder()\n .srcIpRanges(\"0.0.0.0/0\")\n .srcFqdns( \n \"www.abc.com\",\n \"www.def.com\")\n .srcRegionCodes( \n \"US\",\n \"CA\")\n .srcThreatIntelligences( \n \"iplist-known-malicious-ips\",\n \"iplist-public-clouds\")\n .srcAddressGroups(addressGroup1.id())\n .layer4Configs(FirewallPolicyWithRulesRuleMatchLayer4ConfigArgs.builder()\n .ipProtocol(\"udp\")\n .build())\n .build())\n .build(),\n FirewallPolicyWithRulesRuleArgs.builder()\n .description(\"security profile group rule\")\n .ruleName(\"tcp rule\")\n .priority(3000)\n .enableLogging(false)\n .action(\"apply_security_profile_group\")\n .direction(\"INGRESS\")\n .targetServiceAccounts(\"test@google.com\")\n .securityProfileGroup(securityProfileGroup1.id().applyValue(id -\u003e String.format(\"//networksecurity.googleapis.com/%s\", id)))\n .tlsInspect(true)\n .match(FirewallPolicyWithRulesRuleMatchArgs.builder()\n .srcIpRanges(\"0.0.0.0/0\")\n .layer4Configs(FirewallPolicyWithRulesRuleMatchLayer4ConfigArgs.builder()\n .ipProtocol(\"tcp\")\n .build())\n .build())\n .build(),\n FirewallPolicyWithRulesRuleArgs.builder()\n .description(\"network scope rule 1\")\n .ruleName(\"network scope 1\")\n .priority(4000)\n .enableLogging(false)\n .action(\"allow\")\n .direction(\"INGRESS\")\n .match(FirewallPolicyWithRulesRuleMatchArgs.builder()\n .srcIpRanges(\"11.100.0.1/32\")\n .srcNetworkScope(\"VPC_NETWORKS\")\n .srcNetworks(network.id())\n .layer4Configs(FirewallPolicyWithRulesRuleMatchLayer4ConfigArgs.builder()\n .ipProtocol(\"tcp\")\n .ports(8080)\n .build())\n .build())\n .build(),\n FirewallPolicyWithRulesRuleArgs.builder()\n .description(\"network scope rule 2\")\n .ruleName(\"network scope 2\")\n .priority(5000)\n .enableLogging(false)\n .action(\"allow\")\n .direction(\"EGRESS\")\n .match(FirewallPolicyWithRulesRuleMatchArgs.builder()\n .destIpRanges(\"0.0.0.0/0\")\n .destNetworkScope(\"INTERNET\")\n .layer4Configs(FirewallPolicyWithRulesRuleMatchLayer4ConfigArgs.builder()\n .ipProtocol(\"tcp\")\n .ports(8080)\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n primary:\n type: gcp:compute:FirewallPolicyWithRules\n properties:\n shortName: fw-policy\n description: Terraform test\n parent: organizations/123456789\n rules:\n - description: tcp rule\n priority: 1000\n enableLogging: true\n action: allow\n direction: EGRESS\n targetResources:\n - https://www.googleapis.com/compute/beta/projects/${project.name}/global/networks/default\n match:\n destIpRanges:\n - 11.100.0.1/32\n destFqdns:\n - www.yyy.com\n - www.zzz.com\n destRegionCodes:\n - HK\n - IN\n destThreatIntelligences:\n - iplist-search-engines-crawlers\n - iplist-tor-exit-nodes\n destAddressGroups:\n - ${addressGroup1.id}\n layer4Configs:\n - ipProtocol: tcp\n ports:\n - 8080\n - 7070\n - description: udp rule\n priority: 2000\n enableLogging: false\n action: deny\n direction: INGRESS\n disabled: true\n match:\n srcIpRanges:\n - 0.0.0.0/0\n srcFqdns:\n - www.abc.com\n - www.def.com\n srcRegionCodes:\n - US\n - CA\n srcThreatIntelligences:\n - iplist-known-malicious-ips\n - iplist-public-clouds\n srcAddressGroups:\n - ${addressGroup1.id}\n layer4Configs:\n - ipProtocol: udp\n - description: security profile group rule\n ruleName: tcp rule\n priority: 3000\n enableLogging: false\n action: apply_security_profile_group\n direction: INGRESS\n targetServiceAccounts:\n - test@google.com\n securityProfileGroup: //networksecurity.googleapis.com/${securityProfileGroup1.id}\n tlsInspect: true\n match:\n srcIpRanges:\n - 0.0.0.0/0\n layer4Configs:\n - ipProtocol: tcp\n - description: network scope rule 1\n ruleName: network scope 1\n priority: 4000\n enableLogging: false\n action: allow\n direction: INGRESS\n match:\n srcIpRanges:\n - 11.100.0.1/32\n srcNetworkScope: VPC_NETWORKS\n srcNetworks:\n - ${network.id}\n layer4Configs:\n - ipProtocol: tcp\n ports:\n - 8080\n - description: network scope rule 2\n ruleName: network scope 2\n priority: 5000\n enableLogging: false\n action: allow\n direction: EGRESS\n match:\n destIpRanges:\n - 0.0.0.0/0\n destNetworkScope: INTERNET\n layer4Configs:\n - ipProtocol: tcp\n ports:\n - 8080\n addressGroup1:\n type: gcp:networksecurity:AddressGroup\n name: address_group_1\n properties:\n name: address-group\n parent: organizations/123456789\n description: Global address group\n location: global\n items:\n - 208.80.154.224/32\n type: IPV4\n capacity: 100\n securityProfileGroup1:\n type: gcp:networksecurity:SecurityProfileGroup\n name: security_profile_group_1\n properties:\n name: spg\n parent: organizations/123456789\n description: my description\n threatPreventionProfile: ${securityProfile1.id}\n securityProfile1:\n type: gcp:networksecurity:SecurityProfile\n name: security_profile_1\n properties:\n name: sp\n type: THREAT_PREVENTION\n parent: organizations/123456789\n location: global\n network:\n type: gcp:compute:Network\n properties:\n name: network\n autoCreateSubnetworks: false\nvariables:\n project:\n fn::invoke:\n function: gcp:organizations:getProject\n arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nFirewallPolicyWithRules can be imported using any of these accepted formats:\n\n* `locations/global/firewallPolicies/{{policy_id}}`\n\n* `{{policy_id}}`\n\nWhen using the `pulumi import` command, FirewallPolicyWithRules can be imported using one of the formats above. For example:\n\n```sh\n$ pulumi import gcp:compute/firewallPolicyWithRules:FirewallPolicyWithRules default locations/global/firewallPolicies/{{policy_id}}\n```\n\n```sh\n$ pulumi import gcp:compute/firewallPolicyWithRules:FirewallPolicyWithRules default {{policy_id}}\n```\n\n", "properties": { "creationTimestamp": { "type": "string", @@ -175109,6 +176732,287 @@ "type": "object" } }, + "gcp:compute/instanceTemplateIamBinding:InstanceTemplateIamBinding": { + "description": "Three different resources help you manage your IAM policy for Compute Engine InstanceTemplate. Each of these resources serves a different use case:\n\n* `gcp.compute.InstanceTemplateIamPolicy`: Authoritative. Sets the IAM policy for the instancetemplate and replaces any existing policy already attached.\n* `gcp.compute.InstanceTemplateIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the instancetemplate are preserved.\n* `gcp.compute.InstanceTemplateIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the instancetemplate are preserved.\n\nA data source can be used to retrieve policy data in advent you do not need creation\n\n* `gcp.compute.InstanceTemplateIamPolicy`: Retrieves the IAM policy for the instancetemplate\n\n\u003e **Note:** `gcp.compute.InstanceTemplateIamPolicy` **cannot** be used in conjunction with `gcp.compute.InstanceTemplateIamBinding` and `gcp.compute.InstanceTemplateIamMember` or they will fight over what your policy should be.\n\n\u003e **Note:** `gcp.compute.InstanceTemplateIamBinding` resources **can be** used in conjunction with `gcp.compute.InstanceTemplateIamMember` resources **only if** they do not grant privilege to the same role.\n\n\u003e **Note:** This resource supports IAM Conditions but they have some known limitations which can be found [here](https://cloud.google.com/iam/docs/conditions-overview#limitations). Please review this article if you are having issues with IAM Conditions.\n\n\n## gcp.compute.InstanceTemplateIamPolicy\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst admin = gcp.organizations.getIAMPolicy({\n bindings: [{\n role: \"roles/compute.instanceAdmin\",\n members: [\"user:jane@example.com\"],\n }],\n});\nconst policy = new gcp.compute.InstanceTemplateIamPolicy(\"policy\", {\n project: _default.project,\n name: _default.name,\n policyData: admin.then(admin =\u003e admin.policyData),\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nadmin = gcp.organizations.get_iam_policy(bindings=[{\n \"role\": \"roles/compute.instanceAdmin\",\n \"members\": [\"user:jane@example.com\"],\n}])\npolicy = gcp.compute.InstanceTemplateIamPolicy(\"policy\",\n project=default[\"project\"],\n name=default[\"name\"],\n policy_data=admin.policy_data)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var admin = Gcp.Organizations.GetIAMPolicy.Invoke(new()\n {\n Bindings = new[]\n {\n new Gcp.Organizations.Inputs.GetIAMPolicyBindingInputArgs\n {\n Role = \"roles/compute.instanceAdmin\",\n Members = new[]\n {\n \"user:jane@example.com\",\n },\n },\n },\n });\n\n var policy = new Gcp.Compute.InstanceTemplateIamPolicy(\"policy\", new()\n {\n Project = @default.Project,\n Name = @default.Name,\n PolicyData = admin.Apply(getIAMPolicyResult =\u003e getIAMPolicyResult.PolicyData),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tadmin, err := organizations.LookupIAMPolicy(ctx, \u0026organizations.LookupIAMPolicyArgs{\n\t\t\tBindings: []organizations.GetIAMPolicyBinding{\n\t\t\t\t{\n\t\t\t\t\tRole: \"roles/compute.instanceAdmin\",\n\t\t\t\t\tMembers: []string{\n\t\t\t\t\t\t\"user:jane@example.com\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = compute.NewInstanceTemplateIamPolicy(ctx, \"policy\", \u0026compute.InstanceTemplateIamPolicyArgs{\n\t\t\tProject: pulumi.Any(_default.Project),\n\t\t\tName: pulumi.Any(_default.Name),\n\t\t\tPolicyData: pulumi.String(admin.PolicyData),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.organizations.OrganizationsFunctions;\nimport com.pulumi.gcp.organizations.inputs.GetIAMPolicyArgs;\nimport com.pulumi.gcp.compute.InstanceTemplateIamPolicy;\nimport com.pulumi.gcp.compute.InstanceTemplateIamPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var admin = OrganizationsFunctions.getIAMPolicy(GetIAMPolicyArgs.builder()\n .bindings(GetIAMPolicyBindingArgs.builder()\n .role(\"roles/compute.instanceAdmin\")\n .members(\"user:jane@example.com\")\n .build())\n .build());\n\n var policy = new InstanceTemplateIamPolicy(\"policy\", InstanceTemplateIamPolicyArgs.builder()\n .project(default_.project())\n .name(default_.name())\n .policyData(admin.applyValue(getIAMPolicyResult -\u003e getIAMPolicyResult.policyData()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n policy:\n type: gcp:compute:InstanceTemplateIamPolicy\n properties:\n project: ${default.project}\n name: ${default.name}\n policyData: ${admin.policyData}\nvariables:\n admin:\n fn::invoke:\n function: gcp:organizations:getIAMPolicy\n arguments:\n bindings:\n - role: roles/compute.instanceAdmin\n members:\n - user:jane@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nWith IAM Conditions:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst admin = gcp.organizations.getIAMPolicy({\n bindings: [{\n role: \"roles/compute.instanceAdmin\",\n members: [\"user:jane@example.com\"],\n condition: {\n title: \"expires_after_2019_12_31\",\n description: \"Expiring at midnight of 2019-12-31\",\n expression: \"request.time \u003c timestamp(\\\"2020-01-01T00:00:00Z\\\")\",\n },\n }],\n});\nconst policy = new gcp.compute.InstanceTemplateIamPolicy(\"policy\", {\n project: _default.project,\n name: _default.name,\n policyData: admin.then(admin =\u003e admin.policyData),\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nadmin = gcp.organizations.get_iam_policy(bindings=[{\n \"role\": \"roles/compute.instanceAdmin\",\n \"members\": [\"user:jane@example.com\"],\n \"condition\": {\n \"title\": \"expires_after_2019_12_31\",\n \"description\": \"Expiring at midnight of 2019-12-31\",\n \"expression\": \"request.time \u003c timestamp(\\\"2020-01-01T00:00:00Z\\\")\",\n },\n}])\npolicy = gcp.compute.InstanceTemplateIamPolicy(\"policy\",\n project=default[\"project\"],\n name=default[\"name\"],\n policy_data=admin.policy_data)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var admin = Gcp.Organizations.GetIAMPolicy.Invoke(new()\n {\n Bindings = new[]\n {\n new Gcp.Organizations.Inputs.GetIAMPolicyBindingInputArgs\n {\n Role = \"roles/compute.instanceAdmin\",\n Members = new[]\n {\n \"user:jane@example.com\",\n },\n Condition = new Gcp.Organizations.Inputs.GetIAMPolicyBindingConditionInputArgs\n {\n Title = \"expires_after_2019_12_31\",\n Description = \"Expiring at midnight of 2019-12-31\",\n Expression = \"request.time \u003c timestamp(\\\"2020-01-01T00:00:00Z\\\")\",\n },\n },\n },\n });\n\n var policy = new Gcp.Compute.InstanceTemplateIamPolicy(\"policy\", new()\n {\n Project = @default.Project,\n Name = @default.Name,\n PolicyData = admin.Apply(getIAMPolicyResult =\u003e getIAMPolicyResult.PolicyData),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tadmin, err := organizations.LookupIAMPolicy(ctx, \u0026organizations.LookupIAMPolicyArgs{\n\t\t\tBindings: []organizations.GetIAMPolicyBinding{\n\t\t\t\t{\n\t\t\t\t\tRole: \"roles/compute.instanceAdmin\",\n\t\t\t\t\tMembers: []string{\n\t\t\t\t\t\t\"user:jane@example.com\",\n\t\t\t\t\t},\n\t\t\t\t\tCondition: {\n\t\t\t\t\t\tTitle: \"expires_after_2019_12_31\",\n\t\t\t\t\t\tDescription: pulumi.StringRef(\"Expiring at midnight of 2019-12-31\"),\n\t\t\t\t\t\tExpression: \"request.time \u003c timestamp(\\\"2020-01-01T00:00:00Z\\\")\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = compute.NewInstanceTemplateIamPolicy(ctx, \"policy\", \u0026compute.InstanceTemplateIamPolicyArgs{\n\t\t\tProject: pulumi.Any(_default.Project),\n\t\t\tName: pulumi.Any(_default.Name),\n\t\t\tPolicyData: pulumi.String(admin.PolicyData),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.organizations.OrganizationsFunctions;\nimport com.pulumi.gcp.organizations.inputs.GetIAMPolicyArgs;\nimport com.pulumi.gcp.compute.InstanceTemplateIamPolicy;\nimport com.pulumi.gcp.compute.InstanceTemplateIamPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var admin = OrganizationsFunctions.getIAMPolicy(GetIAMPolicyArgs.builder()\n .bindings(GetIAMPolicyBindingArgs.builder()\n .role(\"roles/compute.instanceAdmin\")\n .members(\"user:jane@example.com\")\n .condition(GetIAMPolicyBindingConditionArgs.builder()\n .title(\"expires_after_2019_12_31\")\n .description(\"Expiring at midnight of 2019-12-31\")\n .expression(\"request.time \u003c timestamp(\\\"2020-01-01T00:00:00Z\\\")\")\n .build())\n .build())\n .build());\n\n var policy = new InstanceTemplateIamPolicy(\"policy\", InstanceTemplateIamPolicyArgs.builder()\n .project(default_.project())\n .name(default_.name())\n .policyData(admin.applyValue(getIAMPolicyResult -\u003e getIAMPolicyResult.policyData()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n policy:\n type: gcp:compute:InstanceTemplateIamPolicy\n properties:\n project: ${default.project}\n name: ${default.name}\n policyData: ${admin.policyData}\nvariables:\n admin:\n fn::invoke:\n function: gcp:organizations:getIAMPolicy\n arguments:\n bindings:\n - role: roles/compute.instanceAdmin\n members:\n - user:jane@example.com\n condition:\n title: expires_after_2019_12_31\n description: Expiring at midnight of 2019-12-31\n expression: request.time \u003c timestamp(\"2020-01-01T00:00:00Z\")\n```\n\u003c!--End PulumiCodeChooser --\u003e\n## gcp.compute.InstanceTemplateIamBinding\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst binding = new gcp.compute.InstanceTemplateIamBinding(\"binding\", {\n project: _default.project,\n name: _default.name,\n role: \"roles/compute.instanceAdmin\",\n members: [\"user:jane@example.com\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nbinding = gcp.compute.InstanceTemplateIamBinding(\"binding\",\n project=default[\"project\"],\n name=default[\"name\"],\n role=\"roles/compute.instanceAdmin\",\n members=[\"user:jane@example.com\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var binding = new Gcp.Compute.InstanceTemplateIamBinding(\"binding\", new()\n {\n Project = @default.Project,\n Name = @default.Name,\n Role = \"roles/compute.instanceAdmin\",\n Members = new[]\n {\n \"user:jane@example.com\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := compute.NewInstanceTemplateIamBinding(ctx, \"binding\", \u0026compute.InstanceTemplateIamBindingArgs{\n\t\t\tProject: pulumi.Any(_default.Project),\n\t\t\tName: pulumi.Any(_default.Name),\n\t\t\tRole: pulumi.String(\"roles/compute.instanceAdmin\"),\n\t\t\tMembers: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"user:jane@example.com\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.compute.InstanceTemplateIamBinding;\nimport com.pulumi.gcp.compute.InstanceTemplateIamBindingArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var binding = new InstanceTemplateIamBinding(\"binding\", InstanceTemplateIamBindingArgs.builder()\n .project(default_.project())\n .name(default_.name())\n .role(\"roles/compute.instanceAdmin\")\n .members(\"user:jane@example.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n binding:\n type: gcp:compute:InstanceTemplateIamBinding\n properties:\n project: ${default.project}\n name: ${default.name}\n role: roles/compute.instanceAdmin\n members:\n - user:jane@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nWith IAM Conditions:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst binding = new gcp.compute.InstanceTemplateIamBinding(\"binding\", {\n project: _default.project,\n name: _default.name,\n role: \"roles/compute.instanceAdmin\",\n members: [\"user:jane@example.com\"],\n condition: {\n title: \"expires_after_2019_12_31\",\n description: \"Expiring at midnight of 2019-12-31\",\n expression: \"request.time \u003c timestamp(\\\"2020-01-01T00:00:00Z\\\")\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nbinding = gcp.compute.InstanceTemplateIamBinding(\"binding\",\n project=default[\"project\"],\n name=default[\"name\"],\n role=\"roles/compute.instanceAdmin\",\n members=[\"user:jane@example.com\"],\n condition={\n \"title\": \"expires_after_2019_12_31\",\n \"description\": \"Expiring at midnight of 2019-12-31\",\n \"expression\": \"request.time \u003c timestamp(\\\"2020-01-01T00:00:00Z\\\")\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var binding = new Gcp.Compute.InstanceTemplateIamBinding(\"binding\", new()\n {\n Project = @default.Project,\n Name = @default.Name,\n Role = \"roles/compute.instanceAdmin\",\n Members = new[]\n {\n \"user:jane@example.com\",\n },\n Condition = new Gcp.Compute.Inputs.InstanceTemplateIamBindingConditionArgs\n {\n Title = \"expires_after_2019_12_31\",\n Description = \"Expiring at midnight of 2019-12-31\",\n Expression = \"request.time \u003c timestamp(\\\"2020-01-01T00:00:00Z\\\")\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := compute.NewInstanceTemplateIamBinding(ctx, \"binding\", \u0026compute.InstanceTemplateIamBindingArgs{\n\t\t\tProject: pulumi.Any(_default.Project),\n\t\t\tName: pulumi.Any(_default.Name),\n\t\t\tRole: pulumi.String(\"roles/compute.instanceAdmin\"),\n\t\t\tMembers: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"user:jane@example.com\"),\n\t\t\t},\n\t\t\tCondition: \u0026compute.InstanceTemplateIamBindingConditionArgs{\n\t\t\t\tTitle: pulumi.String(\"expires_after_2019_12_31\"),\n\t\t\t\tDescription: pulumi.String(\"Expiring at midnight of 2019-12-31\"),\n\t\t\t\tExpression: pulumi.String(\"request.time \u003c timestamp(\\\"2020-01-01T00:00:00Z\\\")\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.compute.InstanceTemplateIamBinding;\nimport com.pulumi.gcp.compute.InstanceTemplateIamBindingArgs;\nimport com.pulumi.gcp.compute.inputs.InstanceTemplateIamBindingConditionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var binding = new InstanceTemplateIamBinding(\"binding\", InstanceTemplateIamBindingArgs.builder()\n .project(default_.project())\n .name(default_.name())\n .role(\"roles/compute.instanceAdmin\")\n .members(\"user:jane@example.com\")\n .condition(InstanceTemplateIamBindingConditionArgs.builder()\n .title(\"expires_after_2019_12_31\")\n .description(\"Expiring at midnight of 2019-12-31\")\n .expression(\"request.time \u003c timestamp(\\\"2020-01-01T00:00:00Z\\\")\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n binding:\n type: gcp:compute:InstanceTemplateIamBinding\n properties:\n project: ${default.project}\n name: ${default.name}\n role: roles/compute.instanceAdmin\n members:\n - user:jane@example.com\n condition:\n title: expires_after_2019_12_31\n description: Expiring at midnight of 2019-12-31\n expression: request.time \u003c timestamp(\"2020-01-01T00:00:00Z\")\n```\n\u003c!--End PulumiCodeChooser --\u003e\n## gcp.compute.InstanceTemplateIamMember\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst member = new gcp.compute.InstanceTemplateIamMember(\"member\", {\n project: _default.project,\n name: _default.name,\n role: \"roles/compute.instanceAdmin\",\n member: \"user:jane@example.com\",\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nmember = gcp.compute.InstanceTemplateIamMember(\"member\",\n project=default[\"project\"],\n name=default[\"name\"],\n role=\"roles/compute.instanceAdmin\",\n member=\"user:jane@example.com\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var member = new Gcp.Compute.InstanceTemplateIamMember(\"member\", new()\n {\n Project = @default.Project,\n Name = @default.Name,\n Role = \"roles/compute.instanceAdmin\",\n Member = \"user:jane@example.com\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := compute.NewInstanceTemplateIamMember(ctx, \"member\", \u0026compute.InstanceTemplateIamMemberArgs{\n\t\t\tProject: pulumi.Any(_default.Project),\n\t\t\tName: pulumi.Any(_default.Name),\n\t\t\tRole: pulumi.String(\"roles/compute.instanceAdmin\"),\n\t\t\tMember: pulumi.String(\"user:jane@example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.compute.InstanceTemplateIamMember;\nimport com.pulumi.gcp.compute.InstanceTemplateIamMemberArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var member = new InstanceTemplateIamMember(\"member\", InstanceTemplateIamMemberArgs.builder()\n .project(default_.project())\n .name(default_.name())\n .role(\"roles/compute.instanceAdmin\")\n .member(\"user:jane@example.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n member:\n type: gcp:compute:InstanceTemplateIamMember\n properties:\n project: ${default.project}\n name: ${default.name}\n role: roles/compute.instanceAdmin\n member: user:jane@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nWith IAM Conditions:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst member = new gcp.compute.InstanceTemplateIamMember(\"member\", {\n project: _default.project,\n name: _default.name,\n role: \"roles/compute.instanceAdmin\",\n member: \"user:jane@example.com\",\n condition: {\n title: \"expires_after_2019_12_31\",\n description: \"Expiring at midnight of 2019-12-31\",\n expression: \"request.time \u003c timestamp(\\\"2020-01-01T00:00:00Z\\\")\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nmember = gcp.compute.InstanceTemplateIamMember(\"member\",\n project=default[\"project\"],\n name=default[\"name\"],\n role=\"roles/compute.instanceAdmin\",\n member=\"user:jane@example.com\",\n condition={\n \"title\": \"expires_after_2019_12_31\",\n \"description\": \"Expiring at midnight of 2019-12-31\",\n \"expression\": \"request.time \u003c timestamp(\\\"2020-01-01T00:00:00Z\\\")\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var member = new Gcp.Compute.InstanceTemplateIamMember(\"member\", new()\n {\n Project = @default.Project,\n Name = @default.Name,\n Role = \"roles/compute.instanceAdmin\",\n Member = \"user:jane@example.com\",\n Condition = new Gcp.Compute.Inputs.InstanceTemplateIamMemberConditionArgs\n {\n Title = \"expires_after_2019_12_31\",\n Description = \"Expiring at midnight of 2019-12-31\",\n Expression = \"request.time \u003c timestamp(\\\"2020-01-01T00:00:00Z\\\")\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := compute.NewInstanceTemplateIamMember(ctx, \"member\", \u0026compute.InstanceTemplateIamMemberArgs{\n\t\t\tProject: pulumi.Any(_default.Project),\n\t\t\tName: pulumi.Any(_default.Name),\n\t\t\tRole: pulumi.String(\"roles/compute.instanceAdmin\"),\n\t\t\tMember: pulumi.String(\"user:jane@example.com\"),\n\t\t\tCondition: \u0026compute.InstanceTemplateIamMemberConditionArgs{\n\t\t\t\tTitle: pulumi.String(\"expires_after_2019_12_31\"),\n\t\t\t\tDescription: pulumi.String(\"Expiring at midnight of 2019-12-31\"),\n\t\t\t\tExpression: pulumi.String(\"request.time \u003c timestamp(\\\"2020-01-01T00:00:00Z\\\")\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.compute.InstanceTemplateIamMember;\nimport com.pulumi.gcp.compute.InstanceTemplateIamMemberArgs;\nimport com.pulumi.gcp.compute.inputs.InstanceTemplateIamMemberConditionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var member = new InstanceTemplateIamMember(\"member\", InstanceTemplateIamMemberArgs.builder()\n .project(default_.project())\n .name(default_.name())\n .role(\"roles/compute.instanceAdmin\")\n .member(\"user:jane@example.com\")\n .condition(InstanceTemplateIamMemberConditionArgs.builder()\n .title(\"expires_after_2019_12_31\")\n .description(\"Expiring at midnight of 2019-12-31\")\n .expression(\"request.time \u003c timestamp(\\\"2020-01-01T00:00:00Z\\\")\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n member:\n type: gcp:compute:InstanceTemplateIamMember\n properties:\n project: ${default.project}\n name: ${default.name}\n role: roles/compute.instanceAdmin\n member: user:jane@example.com\n condition:\n title: expires_after_2019_12_31\n description: Expiring at midnight of 2019-12-31\n expression: request.time \u003c timestamp(\"2020-01-01T00:00:00Z\")\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## This resource supports User Project Overrides.\n\n-\n\n# IAM policy for Compute Engine InstanceTemplate\nThree different resources help you manage your IAM policy for Compute Engine InstanceTemplate. Each of these resources serves a different use case:\n\n* `gcp.compute.InstanceTemplateIamPolicy`: Authoritative. Sets the IAM policy for the instancetemplate and replaces any existing policy already attached.\n* `gcp.compute.InstanceTemplateIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the instancetemplate are preserved.\n* `gcp.compute.InstanceTemplateIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the instancetemplate are preserved.\n\nA data source can be used to retrieve policy data in advent you do not need creation\n\n* `gcp.compute.InstanceTemplateIamPolicy`: Retrieves the IAM policy for the instancetemplate\n\n\u003e **Note:** `gcp.compute.InstanceTemplateIamPolicy` **cannot** be used in conjunction with `gcp.compute.InstanceTemplateIamBinding` and `gcp.compute.InstanceTemplateIamMember` or they will fight over what your policy should be.\n\n\u003e **Note:** `gcp.compute.InstanceTemplateIamBinding` resources **can be** used in conjunction with `gcp.compute.InstanceTemplateIamMember` resources **only if** they do not grant privilege to the same role.\n\n\u003e **Note:** This resource supports IAM Conditions but they have some known limitations which can be found [here](https://cloud.google.com/iam/docs/conditions-overview#limitations). Please review this article if you are having issues with IAM Conditions.\n\n\n## gcp.compute.InstanceTemplateIamPolicy\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst admin = gcp.organizations.getIAMPolicy({\n bindings: [{\n role: \"roles/compute.instanceAdmin\",\n members: [\"user:jane@example.com\"],\n }],\n});\nconst policy = new gcp.compute.InstanceTemplateIamPolicy(\"policy\", {\n project: _default.project,\n name: _default.name,\n policyData: admin.then(admin =\u003e admin.policyData),\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nadmin = gcp.organizations.get_iam_policy(bindings=[{\n \"role\": \"roles/compute.instanceAdmin\",\n \"members\": [\"user:jane@example.com\"],\n}])\npolicy = gcp.compute.InstanceTemplateIamPolicy(\"policy\",\n project=default[\"project\"],\n name=default[\"name\"],\n policy_data=admin.policy_data)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var admin = Gcp.Organizations.GetIAMPolicy.Invoke(new()\n {\n Bindings = new[]\n {\n new Gcp.Organizations.Inputs.GetIAMPolicyBindingInputArgs\n {\n Role = \"roles/compute.instanceAdmin\",\n Members = new[]\n {\n \"user:jane@example.com\",\n },\n },\n },\n });\n\n var policy = new Gcp.Compute.InstanceTemplateIamPolicy(\"policy\", new()\n {\n Project = @default.Project,\n Name = @default.Name,\n PolicyData = admin.Apply(getIAMPolicyResult =\u003e getIAMPolicyResult.PolicyData),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tadmin, err := organizations.LookupIAMPolicy(ctx, \u0026organizations.LookupIAMPolicyArgs{\n\t\t\tBindings: []organizations.GetIAMPolicyBinding{\n\t\t\t\t{\n\t\t\t\t\tRole: \"roles/compute.instanceAdmin\",\n\t\t\t\t\tMembers: []string{\n\t\t\t\t\t\t\"user:jane@example.com\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = compute.NewInstanceTemplateIamPolicy(ctx, \"policy\", \u0026compute.InstanceTemplateIamPolicyArgs{\n\t\t\tProject: pulumi.Any(_default.Project),\n\t\t\tName: pulumi.Any(_default.Name),\n\t\t\tPolicyData: pulumi.String(admin.PolicyData),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.organizations.OrganizationsFunctions;\nimport com.pulumi.gcp.organizations.inputs.GetIAMPolicyArgs;\nimport com.pulumi.gcp.compute.InstanceTemplateIamPolicy;\nimport com.pulumi.gcp.compute.InstanceTemplateIamPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var admin = OrganizationsFunctions.getIAMPolicy(GetIAMPolicyArgs.builder()\n .bindings(GetIAMPolicyBindingArgs.builder()\n .role(\"roles/compute.instanceAdmin\")\n .members(\"user:jane@example.com\")\n .build())\n .build());\n\n var policy = new InstanceTemplateIamPolicy(\"policy\", InstanceTemplateIamPolicyArgs.builder()\n .project(default_.project())\n .name(default_.name())\n .policyData(admin.applyValue(getIAMPolicyResult -\u003e getIAMPolicyResult.policyData()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n policy:\n type: gcp:compute:InstanceTemplateIamPolicy\n properties:\n project: ${default.project}\n name: ${default.name}\n policyData: ${admin.policyData}\nvariables:\n admin:\n fn::invoke:\n function: gcp:organizations:getIAMPolicy\n arguments:\n bindings:\n - role: roles/compute.instanceAdmin\n members:\n - user:jane@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nWith IAM Conditions:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst admin = gcp.organizations.getIAMPolicy({\n bindings: [{\n role: \"roles/compute.instanceAdmin\",\n members: [\"user:jane@example.com\"],\n condition: {\n title: \"expires_after_2019_12_31\",\n description: \"Expiring at midnight of 2019-12-31\",\n expression: \"request.time \u003c timestamp(\\\"2020-01-01T00:00:00Z\\\")\",\n },\n }],\n});\nconst policy = new gcp.compute.InstanceTemplateIamPolicy(\"policy\", {\n project: _default.project,\n name: _default.name,\n policyData: admin.then(admin =\u003e admin.policyData),\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nadmin = gcp.organizations.get_iam_policy(bindings=[{\n \"role\": \"roles/compute.instanceAdmin\",\n \"members\": [\"user:jane@example.com\"],\n \"condition\": {\n \"title\": \"expires_after_2019_12_31\",\n \"description\": \"Expiring at midnight of 2019-12-31\",\n \"expression\": \"request.time \u003c timestamp(\\\"2020-01-01T00:00:00Z\\\")\",\n },\n}])\npolicy = gcp.compute.InstanceTemplateIamPolicy(\"policy\",\n project=default[\"project\"],\n name=default[\"name\"],\n policy_data=admin.policy_data)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var admin = Gcp.Organizations.GetIAMPolicy.Invoke(new()\n {\n Bindings = new[]\n {\n new Gcp.Organizations.Inputs.GetIAMPolicyBindingInputArgs\n {\n Role = \"roles/compute.instanceAdmin\",\n Members = new[]\n {\n \"user:jane@example.com\",\n },\n Condition = new Gcp.Organizations.Inputs.GetIAMPolicyBindingConditionInputArgs\n {\n Title = \"expires_after_2019_12_31\",\n Description = \"Expiring at midnight of 2019-12-31\",\n Expression = \"request.time \u003c timestamp(\\\"2020-01-01T00:00:00Z\\\")\",\n },\n },\n },\n });\n\n var policy = new Gcp.Compute.InstanceTemplateIamPolicy(\"policy\", new()\n {\n Project = @default.Project,\n Name = @default.Name,\n PolicyData = admin.Apply(getIAMPolicyResult =\u003e getIAMPolicyResult.PolicyData),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tadmin, err := organizations.LookupIAMPolicy(ctx, \u0026organizations.LookupIAMPolicyArgs{\n\t\t\tBindings: []organizations.GetIAMPolicyBinding{\n\t\t\t\t{\n\t\t\t\t\tRole: \"roles/compute.instanceAdmin\",\n\t\t\t\t\tMembers: []string{\n\t\t\t\t\t\t\"user:jane@example.com\",\n\t\t\t\t\t},\n\t\t\t\t\tCondition: {\n\t\t\t\t\t\tTitle: \"expires_after_2019_12_31\",\n\t\t\t\t\t\tDescription: pulumi.StringRef(\"Expiring at midnight of 2019-12-31\"),\n\t\t\t\t\t\tExpression: \"request.time \u003c timestamp(\\\"2020-01-01T00:00:00Z\\\")\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = compute.NewInstanceTemplateIamPolicy(ctx, \"policy\", \u0026compute.InstanceTemplateIamPolicyArgs{\n\t\t\tProject: pulumi.Any(_default.Project),\n\t\t\tName: pulumi.Any(_default.Name),\n\t\t\tPolicyData: pulumi.String(admin.PolicyData),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.organizations.OrganizationsFunctions;\nimport com.pulumi.gcp.organizations.inputs.GetIAMPolicyArgs;\nimport com.pulumi.gcp.compute.InstanceTemplateIamPolicy;\nimport com.pulumi.gcp.compute.InstanceTemplateIamPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var admin = OrganizationsFunctions.getIAMPolicy(GetIAMPolicyArgs.builder()\n .bindings(GetIAMPolicyBindingArgs.builder()\n .role(\"roles/compute.instanceAdmin\")\n .members(\"user:jane@example.com\")\n .condition(GetIAMPolicyBindingConditionArgs.builder()\n .title(\"expires_after_2019_12_31\")\n .description(\"Expiring at midnight of 2019-12-31\")\n .expression(\"request.time \u003c timestamp(\\\"2020-01-01T00:00:00Z\\\")\")\n .build())\n .build())\n .build());\n\n var policy = new InstanceTemplateIamPolicy(\"policy\", InstanceTemplateIamPolicyArgs.builder()\n .project(default_.project())\n .name(default_.name())\n .policyData(admin.applyValue(getIAMPolicyResult -\u003e getIAMPolicyResult.policyData()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n policy:\n type: gcp:compute:InstanceTemplateIamPolicy\n properties:\n project: ${default.project}\n name: ${default.name}\n policyData: ${admin.policyData}\nvariables:\n admin:\n fn::invoke:\n function: gcp:organizations:getIAMPolicy\n arguments:\n bindings:\n - role: roles/compute.instanceAdmin\n members:\n - user:jane@example.com\n condition:\n title: expires_after_2019_12_31\n description: Expiring at midnight of 2019-12-31\n expression: request.time \u003c timestamp(\"2020-01-01T00:00:00Z\")\n```\n\u003c!--End PulumiCodeChooser --\u003e\n## gcp.compute.InstanceTemplateIamBinding\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst binding = new gcp.compute.InstanceTemplateIamBinding(\"binding\", {\n project: _default.project,\n name: _default.name,\n role: \"roles/compute.instanceAdmin\",\n members: [\"user:jane@example.com\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nbinding = gcp.compute.InstanceTemplateIamBinding(\"binding\",\n project=default[\"project\"],\n name=default[\"name\"],\n role=\"roles/compute.instanceAdmin\",\n members=[\"user:jane@example.com\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var binding = new Gcp.Compute.InstanceTemplateIamBinding(\"binding\", new()\n {\n Project = @default.Project,\n Name = @default.Name,\n Role = \"roles/compute.instanceAdmin\",\n Members = new[]\n {\n \"user:jane@example.com\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := compute.NewInstanceTemplateIamBinding(ctx, \"binding\", \u0026compute.InstanceTemplateIamBindingArgs{\n\t\t\tProject: pulumi.Any(_default.Project),\n\t\t\tName: pulumi.Any(_default.Name),\n\t\t\tRole: pulumi.String(\"roles/compute.instanceAdmin\"),\n\t\t\tMembers: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"user:jane@example.com\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.compute.InstanceTemplateIamBinding;\nimport com.pulumi.gcp.compute.InstanceTemplateIamBindingArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var binding = new InstanceTemplateIamBinding(\"binding\", InstanceTemplateIamBindingArgs.builder()\n .project(default_.project())\n .name(default_.name())\n .role(\"roles/compute.instanceAdmin\")\n .members(\"user:jane@example.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n binding:\n type: gcp:compute:InstanceTemplateIamBinding\n properties:\n project: ${default.project}\n name: ${default.name}\n role: roles/compute.instanceAdmin\n members:\n - user:jane@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nWith IAM Conditions:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst binding = new gcp.compute.InstanceTemplateIamBinding(\"binding\", {\n project: _default.project,\n name: _default.name,\n role: \"roles/compute.instanceAdmin\",\n members: [\"user:jane@example.com\"],\n condition: {\n title: \"expires_after_2019_12_31\",\n description: \"Expiring at midnight of 2019-12-31\",\n expression: \"request.time \u003c timestamp(\\\"2020-01-01T00:00:00Z\\\")\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nbinding = gcp.compute.InstanceTemplateIamBinding(\"binding\",\n project=default[\"project\"],\n name=default[\"name\"],\n role=\"roles/compute.instanceAdmin\",\n members=[\"user:jane@example.com\"],\n condition={\n \"title\": \"expires_after_2019_12_31\",\n \"description\": \"Expiring at midnight of 2019-12-31\",\n \"expression\": \"request.time \u003c timestamp(\\\"2020-01-01T00:00:00Z\\\")\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var binding = new Gcp.Compute.InstanceTemplateIamBinding(\"binding\", new()\n {\n Project = @default.Project,\n Name = @default.Name,\n Role = \"roles/compute.instanceAdmin\",\n Members = new[]\n {\n \"user:jane@example.com\",\n },\n Condition = new Gcp.Compute.Inputs.InstanceTemplateIamBindingConditionArgs\n {\n Title = \"expires_after_2019_12_31\",\n Description = \"Expiring at midnight of 2019-12-31\",\n Expression = \"request.time \u003c timestamp(\\\"2020-01-01T00:00:00Z\\\")\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := compute.NewInstanceTemplateIamBinding(ctx, \"binding\", \u0026compute.InstanceTemplateIamBindingArgs{\n\t\t\tProject: pulumi.Any(_default.Project),\n\t\t\tName: pulumi.Any(_default.Name),\n\t\t\tRole: pulumi.String(\"roles/compute.instanceAdmin\"),\n\t\t\tMembers: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"user:jane@example.com\"),\n\t\t\t},\n\t\t\tCondition: \u0026compute.InstanceTemplateIamBindingConditionArgs{\n\t\t\t\tTitle: pulumi.String(\"expires_after_2019_12_31\"),\n\t\t\t\tDescription: pulumi.String(\"Expiring at midnight of 2019-12-31\"),\n\t\t\t\tExpression: pulumi.String(\"request.time \u003c timestamp(\\\"2020-01-01T00:00:00Z\\\")\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.compute.InstanceTemplateIamBinding;\nimport com.pulumi.gcp.compute.InstanceTemplateIamBindingArgs;\nimport com.pulumi.gcp.compute.inputs.InstanceTemplateIamBindingConditionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var binding = new InstanceTemplateIamBinding(\"binding\", InstanceTemplateIamBindingArgs.builder()\n .project(default_.project())\n .name(default_.name())\n .role(\"roles/compute.instanceAdmin\")\n .members(\"user:jane@example.com\")\n .condition(InstanceTemplateIamBindingConditionArgs.builder()\n .title(\"expires_after_2019_12_31\")\n .description(\"Expiring at midnight of 2019-12-31\")\n .expression(\"request.time \u003c timestamp(\\\"2020-01-01T00:00:00Z\\\")\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n binding:\n type: gcp:compute:InstanceTemplateIamBinding\n properties:\n project: ${default.project}\n name: ${default.name}\n role: roles/compute.instanceAdmin\n members:\n - user:jane@example.com\n condition:\n title: expires_after_2019_12_31\n description: Expiring at midnight of 2019-12-31\n expression: request.time \u003c timestamp(\"2020-01-01T00:00:00Z\")\n```\n\u003c!--End PulumiCodeChooser --\u003e\n## gcp.compute.InstanceTemplateIamMember\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst member = new gcp.compute.InstanceTemplateIamMember(\"member\", {\n project: _default.project,\n name: _default.name,\n role: \"roles/compute.instanceAdmin\",\n member: \"user:jane@example.com\",\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nmember = gcp.compute.InstanceTemplateIamMember(\"member\",\n project=default[\"project\"],\n name=default[\"name\"],\n role=\"roles/compute.instanceAdmin\",\n member=\"user:jane@example.com\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var member = new Gcp.Compute.InstanceTemplateIamMember(\"member\", new()\n {\n Project = @default.Project,\n Name = @default.Name,\n Role = \"roles/compute.instanceAdmin\",\n Member = \"user:jane@example.com\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := compute.NewInstanceTemplateIamMember(ctx, \"member\", \u0026compute.InstanceTemplateIamMemberArgs{\n\t\t\tProject: pulumi.Any(_default.Project),\n\t\t\tName: pulumi.Any(_default.Name),\n\t\t\tRole: pulumi.String(\"roles/compute.instanceAdmin\"),\n\t\t\tMember: pulumi.String(\"user:jane@example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.compute.InstanceTemplateIamMember;\nimport com.pulumi.gcp.compute.InstanceTemplateIamMemberArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var member = new InstanceTemplateIamMember(\"member\", InstanceTemplateIamMemberArgs.builder()\n .project(default_.project())\n .name(default_.name())\n .role(\"roles/compute.instanceAdmin\")\n .member(\"user:jane@example.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n member:\n type: gcp:compute:InstanceTemplateIamMember\n properties:\n project: ${default.project}\n name: ${default.name}\n role: roles/compute.instanceAdmin\n member: user:jane@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nWith IAM Conditions:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst member = new gcp.compute.InstanceTemplateIamMember(\"member\", {\n project: _default.project,\n name: _default.name,\n role: \"roles/compute.instanceAdmin\",\n member: \"user:jane@example.com\",\n condition: {\n title: \"expires_after_2019_12_31\",\n description: \"Expiring at midnight of 2019-12-31\",\n expression: \"request.time \u003c timestamp(\\\"2020-01-01T00:00:00Z\\\")\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nmember = gcp.compute.InstanceTemplateIamMember(\"member\",\n project=default[\"project\"],\n name=default[\"name\"],\n role=\"roles/compute.instanceAdmin\",\n member=\"user:jane@example.com\",\n condition={\n \"title\": \"expires_after_2019_12_31\",\n \"description\": \"Expiring at midnight of 2019-12-31\",\n \"expression\": \"request.time \u003c timestamp(\\\"2020-01-01T00:00:00Z\\\")\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var member = new Gcp.Compute.InstanceTemplateIamMember(\"member\", new()\n {\n Project = @default.Project,\n Name = @default.Name,\n Role = \"roles/compute.instanceAdmin\",\n Member = \"user:jane@example.com\",\n Condition = new Gcp.Compute.Inputs.InstanceTemplateIamMemberConditionArgs\n {\n Title = \"expires_after_2019_12_31\",\n Description = \"Expiring at midnight of 2019-12-31\",\n Expression = \"request.time \u003c timestamp(\\\"2020-01-01T00:00:00Z\\\")\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := compute.NewInstanceTemplateIamMember(ctx, \"member\", \u0026compute.InstanceTemplateIamMemberArgs{\n\t\t\tProject: pulumi.Any(_default.Project),\n\t\t\tName: pulumi.Any(_default.Name),\n\t\t\tRole: pulumi.String(\"roles/compute.instanceAdmin\"),\n\t\t\tMember: pulumi.String(\"user:jane@example.com\"),\n\t\t\tCondition: \u0026compute.InstanceTemplateIamMemberConditionArgs{\n\t\t\t\tTitle: pulumi.String(\"expires_after_2019_12_31\"),\n\t\t\t\tDescription: pulumi.String(\"Expiring at midnight of 2019-12-31\"),\n\t\t\t\tExpression: pulumi.String(\"request.time \u003c timestamp(\\\"2020-01-01T00:00:00Z\\\")\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.compute.InstanceTemplateIamMember;\nimport com.pulumi.gcp.compute.InstanceTemplateIamMemberArgs;\nimport com.pulumi.gcp.compute.inputs.InstanceTemplateIamMemberConditionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var member = new InstanceTemplateIamMember(\"member\", InstanceTemplateIamMemberArgs.builder()\n .project(default_.project())\n .name(default_.name())\n .role(\"roles/compute.instanceAdmin\")\n .member(\"user:jane@example.com\")\n .condition(InstanceTemplateIamMemberConditionArgs.builder()\n .title(\"expires_after_2019_12_31\")\n .description(\"Expiring at midnight of 2019-12-31\")\n .expression(\"request.time \u003c timestamp(\\\"2020-01-01T00:00:00Z\\\")\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n member:\n type: gcp:compute:InstanceTemplateIamMember\n properties:\n project: ${default.project}\n name: ${default.name}\n role: roles/compute.instanceAdmin\n member: user:jane@example.com\n condition:\n title: expires_after_2019_12_31\n description: Expiring at midnight of 2019-12-31\n expression: request.time \u003c timestamp(\"2020-01-01T00:00:00Z\")\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nFor all import syntaxes, the \"resource in question\" can take any of the following forms:\n\n* projects/{{project}}/global/instanceTemplates/{{name}}\n\n* {{project}}/{{name}}\n\n* {{name}}\n\nAny variables not passed in the import command will be taken from the provider configuration.\n\nCompute Engine instancetemplate IAM resources can be imported using the resource identifiers, role, and member.\n\nIAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g.\n\n```sh\n$ pulumi import gcp:compute/instanceTemplateIamBinding:InstanceTemplateIamBinding editor \"projects/{{project}}/global/instanceTemplates/{{instance_template}} roles/compute.instanceAdmin user:jane@example.com\"\n```\n\nIAM binding imports use space-delimited identifiers: the resource in question and the role, e.g.\n\n```sh\n$ pulumi import gcp:compute/instanceTemplateIamBinding:InstanceTemplateIamBinding editor \"projects/{{project}}/global/instanceTemplates/{{instance_template}} roles/compute.instanceAdmin\"\n```\n\nIAM policy imports use the identifier of the resource in question, e.g.\n\n```sh\n$ pulumi import gcp:compute/instanceTemplateIamBinding:InstanceTemplateIamBinding editor projects/{{project}}/global/instanceTemplates/{{instance_template}}\n```\n\n-\u003e **Custom Roles** If you're importing a IAM resource with a custom role, make sure to use the\n\n full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`.\n\n", + "properties": { + "condition": { + "$ref": "#/types/gcp:compute/InstanceTemplateIamBindingCondition:InstanceTemplateIamBindingCondition", + "description": "An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding.\nStructure is documented below.\n" + }, + "etag": { + "type": "string", + "description": "(Computed) The etag of the IAM policy.\n" + }, + "members": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Identities that will be granted the privilege in `role`.\nEach entry can have one of the following values:\n* **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account.\n* **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account.\n* **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.\n* **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.\n* **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com.\n* **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.\n* **projectOwner:projectid**: Owners of the given project. For example, \"projectOwner:my-example-project\"\n* **projectEditor:projectid**: Editors of the given project. For example, \"projectEditor:my-example-project\"\n* **projectViewer:projectid**: Viewers of the given project. For example, \"projectViewer:my-example-project\"\n" + }, + "name": { + "type": "string", + "description": "Used to find the parent resource to bind the IAM policy to\n" + }, + "project": { + "type": "string", + "description": "The ID of the project in which the resource belongs.\nIf it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.\n" + }, + "role": { + "type": "string", + "description": "The role that should be applied. Only one\n`gcp.compute.InstanceTemplateIamBinding` can be used per role. Note that custom roles must be of the format\n`[projects|organizations]/{parent-name}/roles/{role-name}`.\n" + } + }, + "required": [ + "etag", + "members", + "name", + "project", + "role" + ], + "inputProperties": { + "condition": { + "$ref": "#/types/gcp:compute/InstanceTemplateIamBindingCondition:InstanceTemplateIamBindingCondition", + "description": "An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding.\nStructure is documented below.\n", + "willReplaceOnChanges": true + }, + "members": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Identities that will be granted the privilege in `role`.\nEach entry can have one of the following values:\n* **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account.\n* **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account.\n* **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.\n* **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.\n* **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com.\n* **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.\n* **projectOwner:projectid**: Owners of the given project. For example, \"projectOwner:my-example-project\"\n* **projectEditor:projectid**: Editors of the given project. For example, \"projectEditor:my-example-project\"\n* **projectViewer:projectid**: Viewers of the given project. For example, \"projectViewer:my-example-project\"\n" + }, + "name": { + "type": "string", + "description": "Used to find the parent resource to bind the IAM policy to\n", + "willReplaceOnChanges": true + }, + "project": { + "type": "string", + "description": "The ID of the project in which the resource belongs.\nIf it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.\n", + "willReplaceOnChanges": true + }, + "role": { + "type": "string", + "description": "The role that should be applied. Only one\n`gcp.compute.InstanceTemplateIamBinding` can be used per role. Note that custom roles must be of the format\n`[projects|organizations]/{parent-name}/roles/{role-name}`.\n", + "willReplaceOnChanges": true + } + }, + "requiredInputs": [ + "members", + "role" + ], + "stateInputs": { + "description": "Input properties used for looking up and filtering InstanceTemplateIamBinding resources.\n", + "properties": { + "condition": { + "$ref": "#/types/gcp:compute/InstanceTemplateIamBindingCondition:InstanceTemplateIamBindingCondition", + "description": "An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding.\nStructure is documented below.\n", + "willReplaceOnChanges": true + }, + "etag": { + "type": "string", + "description": "(Computed) The etag of the IAM policy.\n" + }, + "members": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Identities that will be granted the privilege in `role`.\nEach entry can have one of the following values:\n* **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account.\n* **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account.\n* **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.\n* **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.\n* **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com.\n* **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.\n* **projectOwner:projectid**: Owners of the given project. For example, \"projectOwner:my-example-project\"\n* **projectEditor:projectid**: Editors of the given project. For example, \"projectEditor:my-example-project\"\n* **projectViewer:projectid**: Viewers of the given project. For example, \"projectViewer:my-example-project\"\n" + }, + "name": { + "type": "string", + "description": "Used to find the parent resource to bind the IAM policy to\n", + "willReplaceOnChanges": true + }, + "project": { + "type": "string", + "description": "The ID of the project in which the resource belongs.\nIf it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.\n", + "willReplaceOnChanges": true + }, + "role": { + "type": "string", + "description": "The role that should be applied. Only one\n`gcp.compute.InstanceTemplateIamBinding` can be used per role. Note that custom roles must be of the format\n`[projects|organizations]/{parent-name}/roles/{role-name}`.\n", + "willReplaceOnChanges": true + } + }, + "type": "object" + } + }, + "gcp:compute/instanceTemplateIamMember:InstanceTemplateIamMember": { + "description": "Three different resources help you manage your IAM policy for Compute Engine InstanceTemplate. Each of these resources serves a different use case:\n\n* `gcp.compute.InstanceTemplateIamPolicy`: Authoritative. Sets the IAM policy for the instancetemplate and replaces any existing policy already attached.\n* `gcp.compute.InstanceTemplateIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the instancetemplate are preserved.\n* `gcp.compute.InstanceTemplateIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the instancetemplate are preserved.\n\nA data source can be used to retrieve policy data in advent you do not need creation\n\n* `gcp.compute.InstanceTemplateIamPolicy`: Retrieves the IAM policy for the instancetemplate\n\n\u003e **Note:** `gcp.compute.InstanceTemplateIamPolicy` **cannot** be used in conjunction with `gcp.compute.InstanceTemplateIamBinding` and `gcp.compute.InstanceTemplateIamMember` or they will fight over what your policy should be.\n\n\u003e **Note:** `gcp.compute.InstanceTemplateIamBinding` resources **can be** used in conjunction with `gcp.compute.InstanceTemplateIamMember` resources **only if** they do not grant privilege to the same role.\n\n\u003e **Note:** This resource supports IAM Conditions but they have some known limitations which can be found [here](https://cloud.google.com/iam/docs/conditions-overview#limitations). Please review this article if you are having issues with IAM Conditions.\n\n\n## gcp.compute.InstanceTemplateIamPolicy\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst admin = gcp.organizations.getIAMPolicy({\n bindings: [{\n role: \"roles/compute.instanceAdmin\",\n members: [\"user:jane@example.com\"],\n }],\n});\nconst policy = new gcp.compute.InstanceTemplateIamPolicy(\"policy\", {\n project: _default.project,\n name: _default.name,\n policyData: admin.then(admin =\u003e admin.policyData),\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nadmin = gcp.organizations.get_iam_policy(bindings=[{\n \"role\": \"roles/compute.instanceAdmin\",\n \"members\": [\"user:jane@example.com\"],\n}])\npolicy = gcp.compute.InstanceTemplateIamPolicy(\"policy\",\n project=default[\"project\"],\n name=default[\"name\"],\n policy_data=admin.policy_data)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var admin = Gcp.Organizations.GetIAMPolicy.Invoke(new()\n {\n Bindings = new[]\n {\n new Gcp.Organizations.Inputs.GetIAMPolicyBindingInputArgs\n {\n Role = \"roles/compute.instanceAdmin\",\n Members = new[]\n {\n \"user:jane@example.com\",\n },\n },\n },\n });\n\n var policy = new Gcp.Compute.InstanceTemplateIamPolicy(\"policy\", new()\n {\n Project = @default.Project,\n Name = @default.Name,\n PolicyData = admin.Apply(getIAMPolicyResult =\u003e getIAMPolicyResult.PolicyData),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tadmin, err := organizations.LookupIAMPolicy(ctx, \u0026organizations.LookupIAMPolicyArgs{\n\t\t\tBindings: []organizations.GetIAMPolicyBinding{\n\t\t\t\t{\n\t\t\t\t\tRole: \"roles/compute.instanceAdmin\",\n\t\t\t\t\tMembers: []string{\n\t\t\t\t\t\t\"user:jane@example.com\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = compute.NewInstanceTemplateIamPolicy(ctx, \"policy\", \u0026compute.InstanceTemplateIamPolicyArgs{\n\t\t\tProject: pulumi.Any(_default.Project),\n\t\t\tName: pulumi.Any(_default.Name),\n\t\t\tPolicyData: pulumi.String(admin.PolicyData),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.organizations.OrganizationsFunctions;\nimport com.pulumi.gcp.organizations.inputs.GetIAMPolicyArgs;\nimport com.pulumi.gcp.compute.InstanceTemplateIamPolicy;\nimport com.pulumi.gcp.compute.InstanceTemplateIamPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var admin = OrganizationsFunctions.getIAMPolicy(GetIAMPolicyArgs.builder()\n .bindings(GetIAMPolicyBindingArgs.builder()\n .role(\"roles/compute.instanceAdmin\")\n .members(\"user:jane@example.com\")\n .build())\n .build());\n\n var policy = new InstanceTemplateIamPolicy(\"policy\", InstanceTemplateIamPolicyArgs.builder()\n .project(default_.project())\n .name(default_.name())\n .policyData(admin.applyValue(getIAMPolicyResult -\u003e getIAMPolicyResult.policyData()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n policy:\n type: gcp:compute:InstanceTemplateIamPolicy\n properties:\n project: ${default.project}\n name: ${default.name}\n policyData: ${admin.policyData}\nvariables:\n admin:\n fn::invoke:\n function: gcp:organizations:getIAMPolicy\n arguments:\n bindings:\n - role: roles/compute.instanceAdmin\n members:\n - user:jane@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nWith IAM Conditions:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst admin = gcp.organizations.getIAMPolicy({\n bindings: [{\n role: \"roles/compute.instanceAdmin\",\n members: [\"user:jane@example.com\"],\n condition: {\n title: \"expires_after_2019_12_31\",\n description: \"Expiring at midnight of 2019-12-31\",\n expression: \"request.time \u003c timestamp(\\\"2020-01-01T00:00:00Z\\\")\",\n },\n }],\n});\nconst policy = new gcp.compute.InstanceTemplateIamPolicy(\"policy\", {\n project: _default.project,\n name: _default.name,\n policyData: admin.then(admin =\u003e admin.policyData),\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nadmin = gcp.organizations.get_iam_policy(bindings=[{\n \"role\": \"roles/compute.instanceAdmin\",\n \"members\": [\"user:jane@example.com\"],\n \"condition\": {\n \"title\": \"expires_after_2019_12_31\",\n \"description\": \"Expiring at midnight of 2019-12-31\",\n \"expression\": \"request.time \u003c timestamp(\\\"2020-01-01T00:00:00Z\\\")\",\n },\n}])\npolicy = gcp.compute.InstanceTemplateIamPolicy(\"policy\",\n project=default[\"project\"],\n name=default[\"name\"],\n policy_data=admin.policy_data)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var admin = Gcp.Organizations.GetIAMPolicy.Invoke(new()\n {\n Bindings = new[]\n {\n new Gcp.Organizations.Inputs.GetIAMPolicyBindingInputArgs\n {\n Role = \"roles/compute.instanceAdmin\",\n Members = new[]\n {\n \"user:jane@example.com\",\n },\n Condition = new Gcp.Organizations.Inputs.GetIAMPolicyBindingConditionInputArgs\n {\n Title = \"expires_after_2019_12_31\",\n Description = \"Expiring at midnight of 2019-12-31\",\n Expression = \"request.time \u003c timestamp(\\\"2020-01-01T00:00:00Z\\\")\",\n },\n },\n },\n });\n\n var policy = new Gcp.Compute.InstanceTemplateIamPolicy(\"policy\", new()\n {\n Project = @default.Project,\n Name = @default.Name,\n PolicyData = admin.Apply(getIAMPolicyResult =\u003e getIAMPolicyResult.PolicyData),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tadmin, err := organizations.LookupIAMPolicy(ctx, \u0026organizations.LookupIAMPolicyArgs{\n\t\t\tBindings: []organizations.GetIAMPolicyBinding{\n\t\t\t\t{\n\t\t\t\t\tRole: \"roles/compute.instanceAdmin\",\n\t\t\t\t\tMembers: []string{\n\t\t\t\t\t\t\"user:jane@example.com\",\n\t\t\t\t\t},\n\t\t\t\t\tCondition: {\n\t\t\t\t\t\tTitle: \"expires_after_2019_12_31\",\n\t\t\t\t\t\tDescription: pulumi.StringRef(\"Expiring at midnight of 2019-12-31\"),\n\t\t\t\t\t\tExpression: \"request.time \u003c timestamp(\\\"2020-01-01T00:00:00Z\\\")\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = compute.NewInstanceTemplateIamPolicy(ctx, \"policy\", \u0026compute.InstanceTemplateIamPolicyArgs{\n\t\t\tProject: pulumi.Any(_default.Project),\n\t\t\tName: pulumi.Any(_default.Name),\n\t\t\tPolicyData: pulumi.String(admin.PolicyData),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.organizations.OrganizationsFunctions;\nimport com.pulumi.gcp.organizations.inputs.GetIAMPolicyArgs;\nimport com.pulumi.gcp.compute.InstanceTemplateIamPolicy;\nimport com.pulumi.gcp.compute.InstanceTemplateIamPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var admin = OrganizationsFunctions.getIAMPolicy(GetIAMPolicyArgs.builder()\n .bindings(GetIAMPolicyBindingArgs.builder()\n .role(\"roles/compute.instanceAdmin\")\n .members(\"user:jane@example.com\")\n .condition(GetIAMPolicyBindingConditionArgs.builder()\n .title(\"expires_after_2019_12_31\")\n .description(\"Expiring at midnight of 2019-12-31\")\n .expression(\"request.time \u003c timestamp(\\\"2020-01-01T00:00:00Z\\\")\")\n .build())\n .build())\n .build());\n\n var policy = new InstanceTemplateIamPolicy(\"policy\", InstanceTemplateIamPolicyArgs.builder()\n .project(default_.project())\n .name(default_.name())\n .policyData(admin.applyValue(getIAMPolicyResult -\u003e getIAMPolicyResult.policyData()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n policy:\n type: gcp:compute:InstanceTemplateIamPolicy\n properties:\n project: ${default.project}\n name: ${default.name}\n policyData: ${admin.policyData}\nvariables:\n admin:\n fn::invoke:\n function: gcp:organizations:getIAMPolicy\n arguments:\n bindings:\n - role: roles/compute.instanceAdmin\n members:\n - user:jane@example.com\n condition:\n title: expires_after_2019_12_31\n description: Expiring at midnight of 2019-12-31\n expression: request.time \u003c timestamp(\"2020-01-01T00:00:00Z\")\n```\n\u003c!--End PulumiCodeChooser --\u003e\n## gcp.compute.InstanceTemplateIamBinding\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst binding = new gcp.compute.InstanceTemplateIamBinding(\"binding\", {\n project: _default.project,\n name: _default.name,\n role: \"roles/compute.instanceAdmin\",\n members: [\"user:jane@example.com\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nbinding = gcp.compute.InstanceTemplateIamBinding(\"binding\",\n project=default[\"project\"],\n name=default[\"name\"],\n role=\"roles/compute.instanceAdmin\",\n members=[\"user:jane@example.com\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var binding = new Gcp.Compute.InstanceTemplateIamBinding(\"binding\", new()\n {\n Project = @default.Project,\n Name = @default.Name,\n Role = \"roles/compute.instanceAdmin\",\n Members = new[]\n {\n \"user:jane@example.com\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := compute.NewInstanceTemplateIamBinding(ctx, \"binding\", \u0026compute.InstanceTemplateIamBindingArgs{\n\t\t\tProject: pulumi.Any(_default.Project),\n\t\t\tName: pulumi.Any(_default.Name),\n\t\t\tRole: pulumi.String(\"roles/compute.instanceAdmin\"),\n\t\t\tMembers: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"user:jane@example.com\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.compute.InstanceTemplateIamBinding;\nimport com.pulumi.gcp.compute.InstanceTemplateIamBindingArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var binding = new InstanceTemplateIamBinding(\"binding\", InstanceTemplateIamBindingArgs.builder()\n .project(default_.project())\n .name(default_.name())\n .role(\"roles/compute.instanceAdmin\")\n .members(\"user:jane@example.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n binding:\n type: gcp:compute:InstanceTemplateIamBinding\n properties:\n project: ${default.project}\n name: ${default.name}\n role: roles/compute.instanceAdmin\n members:\n - user:jane@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nWith IAM Conditions:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst binding = new gcp.compute.InstanceTemplateIamBinding(\"binding\", {\n project: _default.project,\n name: _default.name,\n role: \"roles/compute.instanceAdmin\",\n members: [\"user:jane@example.com\"],\n condition: {\n title: \"expires_after_2019_12_31\",\n description: \"Expiring at midnight of 2019-12-31\",\n expression: \"request.time \u003c timestamp(\\\"2020-01-01T00:00:00Z\\\")\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nbinding = gcp.compute.InstanceTemplateIamBinding(\"binding\",\n project=default[\"project\"],\n name=default[\"name\"],\n role=\"roles/compute.instanceAdmin\",\n members=[\"user:jane@example.com\"],\n condition={\n \"title\": \"expires_after_2019_12_31\",\n \"description\": \"Expiring at midnight of 2019-12-31\",\n \"expression\": \"request.time \u003c timestamp(\\\"2020-01-01T00:00:00Z\\\")\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var binding = new Gcp.Compute.InstanceTemplateIamBinding(\"binding\", new()\n {\n Project = @default.Project,\n Name = @default.Name,\n Role = \"roles/compute.instanceAdmin\",\n Members = new[]\n {\n \"user:jane@example.com\",\n },\n Condition = new Gcp.Compute.Inputs.InstanceTemplateIamBindingConditionArgs\n {\n Title = \"expires_after_2019_12_31\",\n Description = \"Expiring at midnight of 2019-12-31\",\n Expression = \"request.time \u003c timestamp(\\\"2020-01-01T00:00:00Z\\\")\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := compute.NewInstanceTemplateIamBinding(ctx, \"binding\", \u0026compute.InstanceTemplateIamBindingArgs{\n\t\t\tProject: pulumi.Any(_default.Project),\n\t\t\tName: pulumi.Any(_default.Name),\n\t\t\tRole: pulumi.String(\"roles/compute.instanceAdmin\"),\n\t\t\tMembers: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"user:jane@example.com\"),\n\t\t\t},\n\t\t\tCondition: \u0026compute.InstanceTemplateIamBindingConditionArgs{\n\t\t\t\tTitle: pulumi.String(\"expires_after_2019_12_31\"),\n\t\t\t\tDescription: pulumi.String(\"Expiring at midnight of 2019-12-31\"),\n\t\t\t\tExpression: pulumi.String(\"request.time \u003c timestamp(\\\"2020-01-01T00:00:00Z\\\")\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.compute.InstanceTemplateIamBinding;\nimport com.pulumi.gcp.compute.InstanceTemplateIamBindingArgs;\nimport com.pulumi.gcp.compute.inputs.InstanceTemplateIamBindingConditionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var binding = new InstanceTemplateIamBinding(\"binding\", InstanceTemplateIamBindingArgs.builder()\n .project(default_.project())\n .name(default_.name())\n .role(\"roles/compute.instanceAdmin\")\n .members(\"user:jane@example.com\")\n .condition(InstanceTemplateIamBindingConditionArgs.builder()\n .title(\"expires_after_2019_12_31\")\n .description(\"Expiring at midnight of 2019-12-31\")\n .expression(\"request.time \u003c timestamp(\\\"2020-01-01T00:00:00Z\\\")\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n binding:\n type: gcp:compute:InstanceTemplateIamBinding\n properties:\n project: ${default.project}\n name: ${default.name}\n role: roles/compute.instanceAdmin\n members:\n - user:jane@example.com\n condition:\n title: expires_after_2019_12_31\n description: Expiring at midnight of 2019-12-31\n expression: request.time \u003c timestamp(\"2020-01-01T00:00:00Z\")\n```\n\u003c!--End PulumiCodeChooser --\u003e\n## gcp.compute.InstanceTemplateIamMember\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst member = new gcp.compute.InstanceTemplateIamMember(\"member\", {\n project: _default.project,\n name: _default.name,\n role: \"roles/compute.instanceAdmin\",\n member: \"user:jane@example.com\",\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nmember = gcp.compute.InstanceTemplateIamMember(\"member\",\n project=default[\"project\"],\n name=default[\"name\"],\n role=\"roles/compute.instanceAdmin\",\n member=\"user:jane@example.com\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var member = new Gcp.Compute.InstanceTemplateIamMember(\"member\", new()\n {\n Project = @default.Project,\n Name = @default.Name,\n Role = \"roles/compute.instanceAdmin\",\n Member = \"user:jane@example.com\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := compute.NewInstanceTemplateIamMember(ctx, \"member\", \u0026compute.InstanceTemplateIamMemberArgs{\n\t\t\tProject: pulumi.Any(_default.Project),\n\t\t\tName: pulumi.Any(_default.Name),\n\t\t\tRole: pulumi.String(\"roles/compute.instanceAdmin\"),\n\t\t\tMember: pulumi.String(\"user:jane@example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.compute.InstanceTemplateIamMember;\nimport com.pulumi.gcp.compute.InstanceTemplateIamMemberArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var member = new InstanceTemplateIamMember(\"member\", InstanceTemplateIamMemberArgs.builder()\n .project(default_.project())\n .name(default_.name())\n .role(\"roles/compute.instanceAdmin\")\n .member(\"user:jane@example.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n member:\n type: gcp:compute:InstanceTemplateIamMember\n properties:\n project: ${default.project}\n name: ${default.name}\n role: roles/compute.instanceAdmin\n member: user:jane@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nWith IAM Conditions:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst member = new gcp.compute.InstanceTemplateIamMember(\"member\", {\n project: _default.project,\n name: _default.name,\n role: \"roles/compute.instanceAdmin\",\n member: \"user:jane@example.com\",\n condition: {\n title: \"expires_after_2019_12_31\",\n description: \"Expiring at midnight of 2019-12-31\",\n expression: \"request.time \u003c timestamp(\\\"2020-01-01T00:00:00Z\\\")\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nmember = gcp.compute.InstanceTemplateIamMember(\"member\",\n project=default[\"project\"],\n name=default[\"name\"],\n role=\"roles/compute.instanceAdmin\",\n member=\"user:jane@example.com\",\n condition={\n \"title\": \"expires_after_2019_12_31\",\n \"description\": \"Expiring at midnight of 2019-12-31\",\n \"expression\": \"request.time \u003c timestamp(\\\"2020-01-01T00:00:00Z\\\")\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var member = new Gcp.Compute.InstanceTemplateIamMember(\"member\", new()\n {\n Project = @default.Project,\n Name = @default.Name,\n Role = \"roles/compute.instanceAdmin\",\n Member = \"user:jane@example.com\",\n Condition = new Gcp.Compute.Inputs.InstanceTemplateIamMemberConditionArgs\n {\n Title = \"expires_after_2019_12_31\",\n Description = \"Expiring at midnight of 2019-12-31\",\n Expression = \"request.time \u003c timestamp(\\\"2020-01-01T00:00:00Z\\\")\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := compute.NewInstanceTemplateIamMember(ctx, \"member\", \u0026compute.InstanceTemplateIamMemberArgs{\n\t\t\tProject: pulumi.Any(_default.Project),\n\t\t\tName: pulumi.Any(_default.Name),\n\t\t\tRole: pulumi.String(\"roles/compute.instanceAdmin\"),\n\t\t\tMember: pulumi.String(\"user:jane@example.com\"),\n\t\t\tCondition: \u0026compute.InstanceTemplateIamMemberConditionArgs{\n\t\t\t\tTitle: pulumi.String(\"expires_after_2019_12_31\"),\n\t\t\t\tDescription: pulumi.String(\"Expiring at midnight of 2019-12-31\"),\n\t\t\t\tExpression: pulumi.String(\"request.time \u003c timestamp(\\\"2020-01-01T00:00:00Z\\\")\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.compute.InstanceTemplateIamMember;\nimport com.pulumi.gcp.compute.InstanceTemplateIamMemberArgs;\nimport com.pulumi.gcp.compute.inputs.InstanceTemplateIamMemberConditionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var member = new InstanceTemplateIamMember(\"member\", InstanceTemplateIamMemberArgs.builder()\n .project(default_.project())\n .name(default_.name())\n .role(\"roles/compute.instanceAdmin\")\n .member(\"user:jane@example.com\")\n .condition(InstanceTemplateIamMemberConditionArgs.builder()\n .title(\"expires_after_2019_12_31\")\n .description(\"Expiring at midnight of 2019-12-31\")\n .expression(\"request.time \u003c timestamp(\\\"2020-01-01T00:00:00Z\\\")\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n member:\n type: gcp:compute:InstanceTemplateIamMember\n properties:\n project: ${default.project}\n name: ${default.name}\n role: roles/compute.instanceAdmin\n member: user:jane@example.com\n condition:\n title: expires_after_2019_12_31\n description: Expiring at midnight of 2019-12-31\n expression: request.time \u003c timestamp(\"2020-01-01T00:00:00Z\")\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## This resource supports User Project Overrides.\n\n-\n\n# IAM policy for Compute Engine InstanceTemplate\nThree different resources help you manage your IAM policy for Compute Engine InstanceTemplate. Each of these resources serves a different use case:\n\n* `gcp.compute.InstanceTemplateIamPolicy`: Authoritative. Sets the IAM policy for the instancetemplate and replaces any existing policy already attached.\n* `gcp.compute.InstanceTemplateIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the instancetemplate are preserved.\n* `gcp.compute.InstanceTemplateIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the instancetemplate are preserved.\n\nA data source can be used to retrieve policy data in advent you do not need creation\n\n* `gcp.compute.InstanceTemplateIamPolicy`: Retrieves the IAM policy for the instancetemplate\n\n\u003e **Note:** `gcp.compute.InstanceTemplateIamPolicy` **cannot** be used in conjunction with `gcp.compute.InstanceTemplateIamBinding` and `gcp.compute.InstanceTemplateIamMember` or they will fight over what your policy should be.\n\n\u003e **Note:** `gcp.compute.InstanceTemplateIamBinding` resources **can be** used in conjunction with `gcp.compute.InstanceTemplateIamMember` resources **only if** they do not grant privilege to the same role.\n\n\u003e **Note:** This resource supports IAM Conditions but they have some known limitations which can be found [here](https://cloud.google.com/iam/docs/conditions-overview#limitations). Please review this article if you are having issues with IAM Conditions.\n\n\n## gcp.compute.InstanceTemplateIamPolicy\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst admin = gcp.organizations.getIAMPolicy({\n bindings: [{\n role: \"roles/compute.instanceAdmin\",\n members: [\"user:jane@example.com\"],\n }],\n});\nconst policy = new gcp.compute.InstanceTemplateIamPolicy(\"policy\", {\n project: _default.project,\n name: _default.name,\n policyData: admin.then(admin =\u003e admin.policyData),\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nadmin = gcp.organizations.get_iam_policy(bindings=[{\n \"role\": \"roles/compute.instanceAdmin\",\n \"members\": [\"user:jane@example.com\"],\n}])\npolicy = gcp.compute.InstanceTemplateIamPolicy(\"policy\",\n project=default[\"project\"],\n name=default[\"name\"],\n policy_data=admin.policy_data)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var admin = Gcp.Organizations.GetIAMPolicy.Invoke(new()\n {\n Bindings = new[]\n {\n new Gcp.Organizations.Inputs.GetIAMPolicyBindingInputArgs\n {\n Role = \"roles/compute.instanceAdmin\",\n Members = new[]\n {\n \"user:jane@example.com\",\n },\n },\n },\n });\n\n var policy = new Gcp.Compute.InstanceTemplateIamPolicy(\"policy\", new()\n {\n Project = @default.Project,\n Name = @default.Name,\n PolicyData = admin.Apply(getIAMPolicyResult =\u003e getIAMPolicyResult.PolicyData),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tadmin, err := organizations.LookupIAMPolicy(ctx, \u0026organizations.LookupIAMPolicyArgs{\n\t\t\tBindings: []organizations.GetIAMPolicyBinding{\n\t\t\t\t{\n\t\t\t\t\tRole: \"roles/compute.instanceAdmin\",\n\t\t\t\t\tMembers: []string{\n\t\t\t\t\t\t\"user:jane@example.com\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = compute.NewInstanceTemplateIamPolicy(ctx, \"policy\", \u0026compute.InstanceTemplateIamPolicyArgs{\n\t\t\tProject: pulumi.Any(_default.Project),\n\t\t\tName: pulumi.Any(_default.Name),\n\t\t\tPolicyData: pulumi.String(admin.PolicyData),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.organizations.OrganizationsFunctions;\nimport com.pulumi.gcp.organizations.inputs.GetIAMPolicyArgs;\nimport com.pulumi.gcp.compute.InstanceTemplateIamPolicy;\nimport com.pulumi.gcp.compute.InstanceTemplateIamPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var admin = OrganizationsFunctions.getIAMPolicy(GetIAMPolicyArgs.builder()\n .bindings(GetIAMPolicyBindingArgs.builder()\n .role(\"roles/compute.instanceAdmin\")\n .members(\"user:jane@example.com\")\n .build())\n .build());\n\n var policy = new InstanceTemplateIamPolicy(\"policy\", InstanceTemplateIamPolicyArgs.builder()\n .project(default_.project())\n .name(default_.name())\n .policyData(admin.applyValue(getIAMPolicyResult -\u003e getIAMPolicyResult.policyData()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n policy:\n type: gcp:compute:InstanceTemplateIamPolicy\n properties:\n project: ${default.project}\n name: ${default.name}\n policyData: ${admin.policyData}\nvariables:\n admin:\n fn::invoke:\n function: gcp:organizations:getIAMPolicy\n arguments:\n bindings:\n - role: roles/compute.instanceAdmin\n members:\n - user:jane@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nWith IAM Conditions:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst admin = gcp.organizations.getIAMPolicy({\n bindings: [{\n role: \"roles/compute.instanceAdmin\",\n members: [\"user:jane@example.com\"],\n condition: {\n title: \"expires_after_2019_12_31\",\n description: \"Expiring at midnight of 2019-12-31\",\n expression: \"request.time \u003c timestamp(\\\"2020-01-01T00:00:00Z\\\")\",\n },\n }],\n});\nconst policy = new gcp.compute.InstanceTemplateIamPolicy(\"policy\", {\n project: _default.project,\n name: _default.name,\n policyData: admin.then(admin =\u003e admin.policyData),\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nadmin = gcp.organizations.get_iam_policy(bindings=[{\n \"role\": \"roles/compute.instanceAdmin\",\n \"members\": [\"user:jane@example.com\"],\n \"condition\": {\n \"title\": \"expires_after_2019_12_31\",\n \"description\": \"Expiring at midnight of 2019-12-31\",\n \"expression\": \"request.time \u003c timestamp(\\\"2020-01-01T00:00:00Z\\\")\",\n },\n}])\npolicy = gcp.compute.InstanceTemplateIamPolicy(\"policy\",\n project=default[\"project\"],\n name=default[\"name\"],\n policy_data=admin.policy_data)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var admin = Gcp.Organizations.GetIAMPolicy.Invoke(new()\n {\n Bindings = new[]\n {\n new Gcp.Organizations.Inputs.GetIAMPolicyBindingInputArgs\n {\n Role = \"roles/compute.instanceAdmin\",\n Members = new[]\n {\n \"user:jane@example.com\",\n },\n Condition = new Gcp.Organizations.Inputs.GetIAMPolicyBindingConditionInputArgs\n {\n Title = \"expires_after_2019_12_31\",\n Description = \"Expiring at midnight of 2019-12-31\",\n Expression = \"request.time \u003c timestamp(\\\"2020-01-01T00:00:00Z\\\")\",\n },\n },\n },\n });\n\n var policy = new Gcp.Compute.InstanceTemplateIamPolicy(\"policy\", new()\n {\n Project = @default.Project,\n Name = @default.Name,\n PolicyData = admin.Apply(getIAMPolicyResult =\u003e getIAMPolicyResult.PolicyData),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tadmin, err := organizations.LookupIAMPolicy(ctx, \u0026organizations.LookupIAMPolicyArgs{\n\t\t\tBindings: []organizations.GetIAMPolicyBinding{\n\t\t\t\t{\n\t\t\t\t\tRole: \"roles/compute.instanceAdmin\",\n\t\t\t\t\tMembers: []string{\n\t\t\t\t\t\t\"user:jane@example.com\",\n\t\t\t\t\t},\n\t\t\t\t\tCondition: {\n\t\t\t\t\t\tTitle: \"expires_after_2019_12_31\",\n\t\t\t\t\t\tDescription: pulumi.StringRef(\"Expiring at midnight of 2019-12-31\"),\n\t\t\t\t\t\tExpression: \"request.time \u003c timestamp(\\\"2020-01-01T00:00:00Z\\\")\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = compute.NewInstanceTemplateIamPolicy(ctx, \"policy\", \u0026compute.InstanceTemplateIamPolicyArgs{\n\t\t\tProject: pulumi.Any(_default.Project),\n\t\t\tName: pulumi.Any(_default.Name),\n\t\t\tPolicyData: pulumi.String(admin.PolicyData),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.organizations.OrganizationsFunctions;\nimport com.pulumi.gcp.organizations.inputs.GetIAMPolicyArgs;\nimport com.pulumi.gcp.compute.InstanceTemplateIamPolicy;\nimport com.pulumi.gcp.compute.InstanceTemplateIamPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var admin = OrganizationsFunctions.getIAMPolicy(GetIAMPolicyArgs.builder()\n .bindings(GetIAMPolicyBindingArgs.builder()\n .role(\"roles/compute.instanceAdmin\")\n .members(\"user:jane@example.com\")\n .condition(GetIAMPolicyBindingConditionArgs.builder()\n .title(\"expires_after_2019_12_31\")\n .description(\"Expiring at midnight of 2019-12-31\")\n .expression(\"request.time \u003c timestamp(\\\"2020-01-01T00:00:00Z\\\")\")\n .build())\n .build())\n .build());\n\n var policy = new InstanceTemplateIamPolicy(\"policy\", InstanceTemplateIamPolicyArgs.builder()\n .project(default_.project())\n .name(default_.name())\n .policyData(admin.applyValue(getIAMPolicyResult -\u003e getIAMPolicyResult.policyData()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n policy:\n type: gcp:compute:InstanceTemplateIamPolicy\n properties:\n project: ${default.project}\n name: ${default.name}\n policyData: ${admin.policyData}\nvariables:\n admin:\n fn::invoke:\n function: gcp:organizations:getIAMPolicy\n arguments:\n bindings:\n - role: roles/compute.instanceAdmin\n members:\n - user:jane@example.com\n condition:\n title: expires_after_2019_12_31\n description: Expiring at midnight of 2019-12-31\n expression: request.time \u003c timestamp(\"2020-01-01T00:00:00Z\")\n```\n\u003c!--End PulumiCodeChooser --\u003e\n## gcp.compute.InstanceTemplateIamBinding\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst binding = new gcp.compute.InstanceTemplateIamBinding(\"binding\", {\n project: _default.project,\n name: _default.name,\n role: \"roles/compute.instanceAdmin\",\n members: [\"user:jane@example.com\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nbinding = gcp.compute.InstanceTemplateIamBinding(\"binding\",\n project=default[\"project\"],\n name=default[\"name\"],\n role=\"roles/compute.instanceAdmin\",\n members=[\"user:jane@example.com\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var binding = new Gcp.Compute.InstanceTemplateIamBinding(\"binding\", new()\n {\n Project = @default.Project,\n Name = @default.Name,\n Role = \"roles/compute.instanceAdmin\",\n Members = new[]\n {\n \"user:jane@example.com\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := compute.NewInstanceTemplateIamBinding(ctx, \"binding\", \u0026compute.InstanceTemplateIamBindingArgs{\n\t\t\tProject: pulumi.Any(_default.Project),\n\t\t\tName: pulumi.Any(_default.Name),\n\t\t\tRole: pulumi.String(\"roles/compute.instanceAdmin\"),\n\t\t\tMembers: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"user:jane@example.com\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.compute.InstanceTemplateIamBinding;\nimport com.pulumi.gcp.compute.InstanceTemplateIamBindingArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var binding = new InstanceTemplateIamBinding(\"binding\", InstanceTemplateIamBindingArgs.builder()\n .project(default_.project())\n .name(default_.name())\n .role(\"roles/compute.instanceAdmin\")\n .members(\"user:jane@example.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n binding:\n type: gcp:compute:InstanceTemplateIamBinding\n properties:\n project: ${default.project}\n name: ${default.name}\n role: roles/compute.instanceAdmin\n members:\n - user:jane@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nWith IAM Conditions:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst binding = new gcp.compute.InstanceTemplateIamBinding(\"binding\", {\n project: _default.project,\n name: _default.name,\n role: \"roles/compute.instanceAdmin\",\n members: [\"user:jane@example.com\"],\n condition: {\n title: \"expires_after_2019_12_31\",\n description: \"Expiring at midnight of 2019-12-31\",\n expression: \"request.time \u003c timestamp(\\\"2020-01-01T00:00:00Z\\\")\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nbinding = gcp.compute.InstanceTemplateIamBinding(\"binding\",\n project=default[\"project\"],\n name=default[\"name\"],\n role=\"roles/compute.instanceAdmin\",\n members=[\"user:jane@example.com\"],\n condition={\n \"title\": \"expires_after_2019_12_31\",\n \"description\": \"Expiring at midnight of 2019-12-31\",\n \"expression\": \"request.time \u003c timestamp(\\\"2020-01-01T00:00:00Z\\\")\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var binding = new Gcp.Compute.InstanceTemplateIamBinding(\"binding\", new()\n {\n Project = @default.Project,\n Name = @default.Name,\n Role = \"roles/compute.instanceAdmin\",\n Members = new[]\n {\n \"user:jane@example.com\",\n },\n Condition = new Gcp.Compute.Inputs.InstanceTemplateIamBindingConditionArgs\n {\n Title = \"expires_after_2019_12_31\",\n Description = \"Expiring at midnight of 2019-12-31\",\n Expression = \"request.time \u003c timestamp(\\\"2020-01-01T00:00:00Z\\\")\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := compute.NewInstanceTemplateIamBinding(ctx, \"binding\", \u0026compute.InstanceTemplateIamBindingArgs{\n\t\t\tProject: pulumi.Any(_default.Project),\n\t\t\tName: pulumi.Any(_default.Name),\n\t\t\tRole: pulumi.String(\"roles/compute.instanceAdmin\"),\n\t\t\tMembers: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"user:jane@example.com\"),\n\t\t\t},\n\t\t\tCondition: \u0026compute.InstanceTemplateIamBindingConditionArgs{\n\t\t\t\tTitle: pulumi.String(\"expires_after_2019_12_31\"),\n\t\t\t\tDescription: pulumi.String(\"Expiring at midnight of 2019-12-31\"),\n\t\t\t\tExpression: pulumi.String(\"request.time \u003c timestamp(\\\"2020-01-01T00:00:00Z\\\")\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.compute.InstanceTemplateIamBinding;\nimport com.pulumi.gcp.compute.InstanceTemplateIamBindingArgs;\nimport com.pulumi.gcp.compute.inputs.InstanceTemplateIamBindingConditionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var binding = new InstanceTemplateIamBinding(\"binding\", InstanceTemplateIamBindingArgs.builder()\n .project(default_.project())\n .name(default_.name())\n .role(\"roles/compute.instanceAdmin\")\n .members(\"user:jane@example.com\")\n .condition(InstanceTemplateIamBindingConditionArgs.builder()\n .title(\"expires_after_2019_12_31\")\n .description(\"Expiring at midnight of 2019-12-31\")\n .expression(\"request.time \u003c timestamp(\\\"2020-01-01T00:00:00Z\\\")\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n binding:\n type: gcp:compute:InstanceTemplateIamBinding\n properties:\n project: ${default.project}\n name: ${default.name}\n role: roles/compute.instanceAdmin\n members:\n - user:jane@example.com\n condition:\n title: expires_after_2019_12_31\n description: Expiring at midnight of 2019-12-31\n expression: request.time \u003c timestamp(\"2020-01-01T00:00:00Z\")\n```\n\u003c!--End PulumiCodeChooser --\u003e\n## gcp.compute.InstanceTemplateIamMember\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst member = new gcp.compute.InstanceTemplateIamMember(\"member\", {\n project: _default.project,\n name: _default.name,\n role: \"roles/compute.instanceAdmin\",\n member: \"user:jane@example.com\",\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nmember = gcp.compute.InstanceTemplateIamMember(\"member\",\n project=default[\"project\"],\n name=default[\"name\"],\n role=\"roles/compute.instanceAdmin\",\n member=\"user:jane@example.com\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var member = new Gcp.Compute.InstanceTemplateIamMember(\"member\", new()\n {\n Project = @default.Project,\n Name = @default.Name,\n Role = \"roles/compute.instanceAdmin\",\n Member = \"user:jane@example.com\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := compute.NewInstanceTemplateIamMember(ctx, \"member\", \u0026compute.InstanceTemplateIamMemberArgs{\n\t\t\tProject: pulumi.Any(_default.Project),\n\t\t\tName: pulumi.Any(_default.Name),\n\t\t\tRole: pulumi.String(\"roles/compute.instanceAdmin\"),\n\t\t\tMember: pulumi.String(\"user:jane@example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.compute.InstanceTemplateIamMember;\nimport com.pulumi.gcp.compute.InstanceTemplateIamMemberArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var member = new InstanceTemplateIamMember(\"member\", InstanceTemplateIamMemberArgs.builder()\n .project(default_.project())\n .name(default_.name())\n .role(\"roles/compute.instanceAdmin\")\n .member(\"user:jane@example.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n member:\n type: gcp:compute:InstanceTemplateIamMember\n properties:\n project: ${default.project}\n name: ${default.name}\n role: roles/compute.instanceAdmin\n member: user:jane@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nWith IAM Conditions:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst member = new gcp.compute.InstanceTemplateIamMember(\"member\", {\n project: _default.project,\n name: _default.name,\n role: \"roles/compute.instanceAdmin\",\n member: \"user:jane@example.com\",\n condition: {\n title: \"expires_after_2019_12_31\",\n description: \"Expiring at midnight of 2019-12-31\",\n expression: \"request.time \u003c timestamp(\\\"2020-01-01T00:00:00Z\\\")\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nmember = gcp.compute.InstanceTemplateIamMember(\"member\",\n project=default[\"project\"],\n name=default[\"name\"],\n role=\"roles/compute.instanceAdmin\",\n member=\"user:jane@example.com\",\n condition={\n \"title\": \"expires_after_2019_12_31\",\n \"description\": \"Expiring at midnight of 2019-12-31\",\n \"expression\": \"request.time \u003c timestamp(\\\"2020-01-01T00:00:00Z\\\")\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var member = new Gcp.Compute.InstanceTemplateIamMember(\"member\", new()\n {\n Project = @default.Project,\n Name = @default.Name,\n Role = \"roles/compute.instanceAdmin\",\n Member = \"user:jane@example.com\",\n Condition = new Gcp.Compute.Inputs.InstanceTemplateIamMemberConditionArgs\n {\n Title = \"expires_after_2019_12_31\",\n Description = \"Expiring at midnight of 2019-12-31\",\n Expression = \"request.time \u003c timestamp(\\\"2020-01-01T00:00:00Z\\\")\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := compute.NewInstanceTemplateIamMember(ctx, \"member\", \u0026compute.InstanceTemplateIamMemberArgs{\n\t\t\tProject: pulumi.Any(_default.Project),\n\t\t\tName: pulumi.Any(_default.Name),\n\t\t\tRole: pulumi.String(\"roles/compute.instanceAdmin\"),\n\t\t\tMember: pulumi.String(\"user:jane@example.com\"),\n\t\t\tCondition: \u0026compute.InstanceTemplateIamMemberConditionArgs{\n\t\t\t\tTitle: pulumi.String(\"expires_after_2019_12_31\"),\n\t\t\t\tDescription: pulumi.String(\"Expiring at midnight of 2019-12-31\"),\n\t\t\t\tExpression: pulumi.String(\"request.time \u003c timestamp(\\\"2020-01-01T00:00:00Z\\\")\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.compute.InstanceTemplateIamMember;\nimport com.pulumi.gcp.compute.InstanceTemplateIamMemberArgs;\nimport com.pulumi.gcp.compute.inputs.InstanceTemplateIamMemberConditionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var member = new InstanceTemplateIamMember(\"member\", InstanceTemplateIamMemberArgs.builder()\n .project(default_.project())\n .name(default_.name())\n .role(\"roles/compute.instanceAdmin\")\n .member(\"user:jane@example.com\")\n .condition(InstanceTemplateIamMemberConditionArgs.builder()\n .title(\"expires_after_2019_12_31\")\n .description(\"Expiring at midnight of 2019-12-31\")\n .expression(\"request.time \u003c timestamp(\\\"2020-01-01T00:00:00Z\\\")\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n member:\n type: gcp:compute:InstanceTemplateIamMember\n properties:\n project: ${default.project}\n name: ${default.name}\n role: roles/compute.instanceAdmin\n member: user:jane@example.com\n condition:\n title: expires_after_2019_12_31\n description: Expiring at midnight of 2019-12-31\n expression: request.time \u003c timestamp(\"2020-01-01T00:00:00Z\")\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nFor all import syntaxes, the \"resource in question\" can take any of the following forms:\n\n* projects/{{project}}/global/instanceTemplates/{{name}}\n\n* {{project}}/{{name}}\n\n* {{name}}\n\nAny variables not passed in the import command will be taken from the provider configuration.\n\nCompute Engine instancetemplate IAM resources can be imported using the resource identifiers, role, and member.\n\nIAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g.\n\n```sh\n$ pulumi import gcp:compute/instanceTemplateIamMember:InstanceTemplateIamMember editor \"projects/{{project}}/global/instanceTemplates/{{instance_template}} roles/compute.instanceAdmin user:jane@example.com\"\n```\n\nIAM binding imports use space-delimited identifiers: the resource in question and the role, e.g.\n\n```sh\n$ pulumi import gcp:compute/instanceTemplateIamMember:InstanceTemplateIamMember editor \"projects/{{project}}/global/instanceTemplates/{{instance_template}} roles/compute.instanceAdmin\"\n```\n\nIAM policy imports use the identifier of the resource in question, e.g.\n\n```sh\n$ pulumi import gcp:compute/instanceTemplateIamMember:InstanceTemplateIamMember editor projects/{{project}}/global/instanceTemplates/{{instance_template}}\n```\n\n-\u003e **Custom Roles** If you're importing a IAM resource with a custom role, make sure to use the\n\n full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`.\n\n", + "properties": { + "condition": { + "$ref": "#/types/gcp:compute/InstanceTemplateIamMemberCondition:InstanceTemplateIamMemberCondition", + "description": "An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding.\nStructure is documented below.\n" + }, + "etag": { + "type": "string", + "description": "(Computed) The etag of the IAM policy.\n" + }, + "member": { + "type": "string", + "description": "Identities that will be granted the privilege in `role`.\nEach entry can have one of the following values:\n* **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account.\n* **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account.\n* **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.\n* **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.\n* **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com.\n* **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.\n* **projectOwner:projectid**: Owners of the given project. For example, \"projectOwner:my-example-project\"\n* **projectEditor:projectid**: Editors of the given project. For example, \"projectEditor:my-example-project\"\n* **projectViewer:projectid**: Viewers of the given project. For example, \"projectViewer:my-example-project\"\n" + }, + "name": { + "type": "string", + "description": "Used to find the parent resource to bind the IAM policy to\n" + }, + "project": { + "type": "string", + "description": "The ID of the project in which the resource belongs.\nIf it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.\n" + }, + "role": { + "type": "string", + "description": "The role that should be applied. Only one\n`gcp.compute.InstanceTemplateIamBinding` can be used per role. Note that custom roles must be of the format\n`[projects|organizations]/{parent-name}/roles/{role-name}`.\n" + } + }, + "required": [ + "etag", + "member", + "name", + "project", + "role" + ], + "inputProperties": { + "condition": { + "$ref": "#/types/gcp:compute/InstanceTemplateIamMemberCondition:InstanceTemplateIamMemberCondition", + "description": "An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding.\nStructure is documented below.\n", + "willReplaceOnChanges": true + }, + "member": { + "type": "string", + "description": "Identities that will be granted the privilege in `role`.\nEach entry can have one of the following values:\n* **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account.\n* **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account.\n* **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.\n* **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.\n* **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com.\n* **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.\n* **projectOwner:projectid**: Owners of the given project. For example, \"projectOwner:my-example-project\"\n* **projectEditor:projectid**: Editors of the given project. For example, \"projectEditor:my-example-project\"\n* **projectViewer:projectid**: Viewers of the given project. For example, \"projectViewer:my-example-project\"\n", + "willReplaceOnChanges": true + }, + "name": { + "type": "string", + "description": "Used to find the parent resource to bind the IAM policy to\n", + "willReplaceOnChanges": true + }, + "project": { + "type": "string", + "description": "The ID of the project in which the resource belongs.\nIf it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.\n", + "willReplaceOnChanges": true + }, + "role": { + "type": "string", + "description": "The role that should be applied. Only one\n`gcp.compute.InstanceTemplateIamBinding` can be used per role. Note that custom roles must be of the format\n`[projects|organizations]/{parent-name}/roles/{role-name}`.\n", + "willReplaceOnChanges": true + } + }, + "requiredInputs": [ + "member", + "role" + ], + "stateInputs": { + "description": "Input properties used for looking up and filtering InstanceTemplateIamMember resources.\n", + "properties": { + "condition": { + "$ref": "#/types/gcp:compute/InstanceTemplateIamMemberCondition:InstanceTemplateIamMemberCondition", + "description": "An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding.\nStructure is documented below.\n", + "willReplaceOnChanges": true + }, + "etag": { + "type": "string", + "description": "(Computed) The etag of the IAM policy.\n" + }, + "member": { + "type": "string", + "description": "Identities that will be granted the privilege in `role`.\nEach entry can have one of the following values:\n* **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account.\n* **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account.\n* **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.\n* **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.\n* **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com.\n* **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.\n* **projectOwner:projectid**: Owners of the given project. For example, \"projectOwner:my-example-project\"\n* **projectEditor:projectid**: Editors of the given project. For example, \"projectEditor:my-example-project\"\n* **projectViewer:projectid**: Viewers of the given project. For example, \"projectViewer:my-example-project\"\n", + "willReplaceOnChanges": true + }, + "name": { + "type": "string", + "description": "Used to find the parent resource to bind the IAM policy to\n", + "willReplaceOnChanges": true + }, + "project": { + "type": "string", + "description": "The ID of the project in which the resource belongs.\nIf it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.\n", + "willReplaceOnChanges": true + }, + "role": { + "type": "string", + "description": "The role that should be applied. Only one\n`gcp.compute.InstanceTemplateIamBinding` can be used per role. Note that custom roles must be of the format\n`[projects|organizations]/{parent-name}/roles/{role-name}`.\n", + "willReplaceOnChanges": true + } + }, + "type": "object" + } + }, + "gcp:compute/instanceTemplateIamPolicy:InstanceTemplateIamPolicy": { + "description": "Three different resources help you manage your IAM policy for Compute Engine InstanceTemplate. Each of these resources serves a different use case:\n\n* `gcp.compute.InstanceTemplateIamPolicy`: Authoritative. Sets the IAM policy for the instancetemplate and replaces any existing policy already attached.\n* `gcp.compute.InstanceTemplateIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the instancetemplate are preserved.\n* `gcp.compute.InstanceTemplateIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the instancetemplate are preserved.\n\nA data source can be used to retrieve policy data in advent you do not need creation\n\n* `gcp.compute.InstanceTemplateIamPolicy`: Retrieves the IAM policy for the instancetemplate\n\n\u003e **Note:** `gcp.compute.InstanceTemplateIamPolicy` **cannot** be used in conjunction with `gcp.compute.InstanceTemplateIamBinding` and `gcp.compute.InstanceTemplateIamMember` or they will fight over what your policy should be.\n\n\u003e **Note:** `gcp.compute.InstanceTemplateIamBinding` resources **can be** used in conjunction with `gcp.compute.InstanceTemplateIamMember` resources **only if** they do not grant privilege to the same role.\n\n\u003e **Note:** This resource supports IAM Conditions but they have some known limitations which can be found [here](https://cloud.google.com/iam/docs/conditions-overview#limitations). Please review this article if you are having issues with IAM Conditions.\n\n\n## gcp.compute.InstanceTemplateIamPolicy\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst admin = gcp.organizations.getIAMPolicy({\n bindings: [{\n role: \"roles/compute.instanceAdmin\",\n members: [\"user:jane@example.com\"],\n }],\n});\nconst policy = new gcp.compute.InstanceTemplateIamPolicy(\"policy\", {\n project: _default.project,\n name: _default.name,\n policyData: admin.then(admin =\u003e admin.policyData),\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nadmin = gcp.organizations.get_iam_policy(bindings=[{\n \"role\": \"roles/compute.instanceAdmin\",\n \"members\": [\"user:jane@example.com\"],\n}])\npolicy = gcp.compute.InstanceTemplateIamPolicy(\"policy\",\n project=default[\"project\"],\n name=default[\"name\"],\n policy_data=admin.policy_data)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var admin = Gcp.Organizations.GetIAMPolicy.Invoke(new()\n {\n Bindings = new[]\n {\n new Gcp.Organizations.Inputs.GetIAMPolicyBindingInputArgs\n {\n Role = \"roles/compute.instanceAdmin\",\n Members = new[]\n {\n \"user:jane@example.com\",\n },\n },\n },\n });\n\n var policy = new Gcp.Compute.InstanceTemplateIamPolicy(\"policy\", new()\n {\n Project = @default.Project,\n Name = @default.Name,\n PolicyData = admin.Apply(getIAMPolicyResult =\u003e getIAMPolicyResult.PolicyData),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tadmin, err := organizations.LookupIAMPolicy(ctx, \u0026organizations.LookupIAMPolicyArgs{\n\t\t\tBindings: []organizations.GetIAMPolicyBinding{\n\t\t\t\t{\n\t\t\t\t\tRole: \"roles/compute.instanceAdmin\",\n\t\t\t\t\tMembers: []string{\n\t\t\t\t\t\t\"user:jane@example.com\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = compute.NewInstanceTemplateIamPolicy(ctx, \"policy\", \u0026compute.InstanceTemplateIamPolicyArgs{\n\t\t\tProject: pulumi.Any(_default.Project),\n\t\t\tName: pulumi.Any(_default.Name),\n\t\t\tPolicyData: pulumi.String(admin.PolicyData),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.organizations.OrganizationsFunctions;\nimport com.pulumi.gcp.organizations.inputs.GetIAMPolicyArgs;\nimport com.pulumi.gcp.compute.InstanceTemplateIamPolicy;\nimport com.pulumi.gcp.compute.InstanceTemplateIamPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var admin = OrganizationsFunctions.getIAMPolicy(GetIAMPolicyArgs.builder()\n .bindings(GetIAMPolicyBindingArgs.builder()\n .role(\"roles/compute.instanceAdmin\")\n .members(\"user:jane@example.com\")\n .build())\n .build());\n\n var policy = new InstanceTemplateIamPolicy(\"policy\", InstanceTemplateIamPolicyArgs.builder()\n .project(default_.project())\n .name(default_.name())\n .policyData(admin.applyValue(getIAMPolicyResult -\u003e getIAMPolicyResult.policyData()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n policy:\n type: gcp:compute:InstanceTemplateIamPolicy\n properties:\n project: ${default.project}\n name: ${default.name}\n policyData: ${admin.policyData}\nvariables:\n admin:\n fn::invoke:\n function: gcp:organizations:getIAMPolicy\n arguments:\n bindings:\n - role: roles/compute.instanceAdmin\n members:\n - user:jane@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nWith IAM Conditions:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst admin = gcp.organizations.getIAMPolicy({\n bindings: [{\n role: \"roles/compute.instanceAdmin\",\n members: [\"user:jane@example.com\"],\n condition: {\n title: \"expires_after_2019_12_31\",\n description: \"Expiring at midnight of 2019-12-31\",\n expression: \"request.time \u003c timestamp(\\\"2020-01-01T00:00:00Z\\\")\",\n },\n }],\n});\nconst policy = new gcp.compute.InstanceTemplateIamPolicy(\"policy\", {\n project: _default.project,\n name: _default.name,\n policyData: admin.then(admin =\u003e admin.policyData),\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nadmin = gcp.organizations.get_iam_policy(bindings=[{\n \"role\": \"roles/compute.instanceAdmin\",\n \"members\": [\"user:jane@example.com\"],\n \"condition\": {\n \"title\": \"expires_after_2019_12_31\",\n \"description\": \"Expiring at midnight of 2019-12-31\",\n \"expression\": \"request.time \u003c timestamp(\\\"2020-01-01T00:00:00Z\\\")\",\n },\n}])\npolicy = gcp.compute.InstanceTemplateIamPolicy(\"policy\",\n project=default[\"project\"],\n name=default[\"name\"],\n policy_data=admin.policy_data)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var admin = Gcp.Organizations.GetIAMPolicy.Invoke(new()\n {\n Bindings = new[]\n {\n new Gcp.Organizations.Inputs.GetIAMPolicyBindingInputArgs\n {\n Role = \"roles/compute.instanceAdmin\",\n Members = new[]\n {\n \"user:jane@example.com\",\n },\n Condition = new Gcp.Organizations.Inputs.GetIAMPolicyBindingConditionInputArgs\n {\n Title = \"expires_after_2019_12_31\",\n Description = \"Expiring at midnight of 2019-12-31\",\n Expression = \"request.time \u003c timestamp(\\\"2020-01-01T00:00:00Z\\\")\",\n },\n },\n },\n });\n\n var policy = new Gcp.Compute.InstanceTemplateIamPolicy(\"policy\", new()\n {\n Project = @default.Project,\n Name = @default.Name,\n PolicyData = admin.Apply(getIAMPolicyResult =\u003e getIAMPolicyResult.PolicyData),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tadmin, err := organizations.LookupIAMPolicy(ctx, \u0026organizations.LookupIAMPolicyArgs{\n\t\t\tBindings: []organizations.GetIAMPolicyBinding{\n\t\t\t\t{\n\t\t\t\t\tRole: \"roles/compute.instanceAdmin\",\n\t\t\t\t\tMembers: []string{\n\t\t\t\t\t\t\"user:jane@example.com\",\n\t\t\t\t\t},\n\t\t\t\t\tCondition: {\n\t\t\t\t\t\tTitle: \"expires_after_2019_12_31\",\n\t\t\t\t\t\tDescription: pulumi.StringRef(\"Expiring at midnight of 2019-12-31\"),\n\t\t\t\t\t\tExpression: \"request.time \u003c timestamp(\\\"2020-01-01T00:00:00Z\\\")\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = compute.NewInstanceTemplateIamPolicy(ctx, \"policy\", \u0026compute.InstanceTemplateIamPolicyArgs{\n\t\t\tProject: pulumi.Any(_default.Project),\n\t\t\tName: pulumi.Any(_default.Name),\n\t\t\tPolicyData: pulumi.String(admin.PolicyData),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.organizations.OrganizationsFunctions;\nimport com.pulumi.gcp.organizations.inputs.GetIAMPolicyArgs;\nimport com.pulumi.gcp.compute.InstanceTemplateIamPolicy;\nimport com.pulumi.gcp.compute.InstanceTemplateIamPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var admin = OrganizationsFunctions.getIAMPolicy(GetIAMPolicyArgs.builder()\n .bindings(GetIAMPolicyBindingArgs.builder()\n .role(\"roles/compute.instanceAdmin\")\n .members(\"user:jane@example.com\")\n .condition(GetIAMPolicyBindingConditionArgs.builder()\n .title(\"expires_after_2019_12_31\")\n .description(\"Expiring at midnight of 2019-12-31\")\n .expression(\"request.time \u003c timestamp(\\\"2020-01-01T00:00:00Z\\\")\")\n .build())\n .build())\n .build());\n\n var policy = new InstanceTemplateIamPolicy(\"policy\", InstanceTemplateIamPolicyArgs.builder()\n .project(default_.project())\n .name(default_.name())\n .policyData(admin.applyValue(getIAMPolicyResult -\u003e getIAMPolicyResult.policyData()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n policy:\n type: gcp:compute:InstanceTemplateIamPolicy\n properties:\n project: ${default.project}\n name: ${default.name}\n policyData: ${admin.policyData}\nvariables:\n admin:\n fn::invoke:\n function: gcp:organizations:getIAMPolicy\n arguments:\n bindings:\n - role: roles/compute.instanceAdmin\n members:\n - user:jane@example.com\n condition:\n title: expires_after_2019_12_31\n description: Expiring at midnight of 2019-12-31\n expression: request.time \u003c timestamp(\"2020-01-01T00:00:00Z\")\n```\n\u003c!--End PulumiCodeChooser --\u003e\n## gcp.compute.InstanceTemplateIamBinding\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst binding = new gcp.compute.InstanceTemplateIamBinding(\"binding\", {\n project: _default.project,\n name: _default.name,\n role: \"roles/compute.instanceAdmin\",\n members: [\"user:jane@example.com\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nbinding = gcp.compute.InstanceTemplateIamBinding(\"binding\",\n project=default[\"project\"],\n name=default[\"name\"],\n role=\"roles/compute.instanceAdmin\",\n members=[\"user:jane@example.com\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var binding = new Gcp.Compute.InstanceTemplateIamBinding(\"binding\", new()\n {\n Project = @default.Project,\n Name = @default.Name,\n Role = \"roles/compute.instanceAdmin\",\n Members = new[]\n {\n \"user:jane@example.com\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := compute.NewInstanceTemplateIamBinding(ctx, \"binding\", \u0026compute.InstanceTemplateIamBindingArgs{\n\t\t\tProject: pulumi.Any(_default.Project),\n\t\t\tName: pulumi.Any(_default.Name),\n\t\t\tRole: pulumi.String(\"roles/compute.instanceAdmin\"),\n\t\t\tMembers: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"user:jane@example.com\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.compute.InstanceTemplateIamBinding;\nimport com.pulumi.gcp.compute.InstanceTemplateIamBindingArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var binding = new InstanceTemplateIamBinding(\"binding\", InstanceTemplateIamBindingArgs.builder()\n .project(default_.project())\n .name(default_.name())\n .role(\"roles/compute.instanceAdmin\")\n .members(\"user:jane@example.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n binding:\n type: gcp:compute:InstanceTemplateIamBinding\n properties:\n project: ${default.project}\n name: ${default.name}\n role: roles/compute.instanceAdmin\n members:\n - user:jane@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nWith IAM Conditions:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst binding = new gcp.compute.InstanceTemplateIamBinding(\"binding\", {\n project: _default.project,\n name: _default.name,\n role: \"roles/compute.instanceAdmin\",\n members: [\"user:jane@example.com\"],\n condition: {\n title: \"expires_after_2019_12_31\",\n description: \"Expiring at midnight of 2019-12-31\",\n expression: \"request.time \u003c timestamp(\\\"2020-01-01T00:00:00Z\\\")\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nbinding = gcp.compute.InstanceTemplateIamBinding(\"binding\",\n project=default[\"project\"],\n name=default[\"name\"],\n role=\"roles/compute.instanceAdmin\",\n members=[\"user:jane@example.com\"],\n condition={\n \"title\": \"expires_after_2019_12_31\",\n \"description\": \"Expiring at midnight of 2019-12-31\",\n \"expression\": \"request.time \u003c timestamp(\\\"2020-01-01T00:00:00Z\\\")\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var binding = new Gcp.Compute.InstanceTemplateIamBinding(\"binding\", new()\n {\n Project = @default.Project,\n Name = @default.Name,\n Role = \"roles/compute.instanceAdmin\",\n Members = new[]\n {\n \"user:jane@example.com\",\n },\n Condition = new Gcp.Compute.Inputs.InstanceTemplateIamBindingConditionArgs\n {\n Title = \"expires_after_2019_12_31\",\n Description = \"Expiring at midnight of 2019-12-31\",\n Expression = \"request.time \u003c timestamp(\\\"2020-01-01T00:00:00Z\\\")\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := compute.NewInstanceTemplateIamBinding(ctx, \"binding\", \u0026compute.InstanceTemplateIamBindingArgs{\n\t\t\tProject: pulumi.Any(_default.Project),\n\t\t\tName: pulumi.Any(_default.Name),\n\t\t\tRole: pulumi.String(\"roles/compute.instanceAdmin\"),\n\t\t\tMembers: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"user:jane@example.com\"),\n\t\t\t},\n\t\t\tCondition: \u0026compute.InstanceTemplateIamBindingConditionArgs{\n\t\t\t\tTitle: pulumi.String(\"expires_after_2019_12_31\"),\n\t\t\t\tDescription: pulumi.String(\"Expiring at midnight of 2019-12-31\"),\n\t\t\t\tExpression: pulumi.String(\"request.time \u003c timestamp(\\\"2020-01-01T00:00:00Z\\\")\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.compute.InstanceTemplateIamBinding;\nimport com.pulumi.gcp.compute.InstanceTemplateIamBindingArgs;\nimport com.pulumi.gcp.compute.inputs.InstanceTemplateIamBindingConditionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var binding = new InstanceTemplateIamBinding(\"binding\", InstanceTemplateIamBindingArgs.builder()\n .project(default_.project())\n .name(default_.name())\n .role(\"roles/compute.instanceAdmin\")\n .members(\"user:jane@example.com\")\n .condition(InstanceTemplateIamBindingConditionArgs.builder()\n .title(\"expires_after_2019_12_31\")\n .description(\"Expiring at midnight of 2019-12-31\")\n .expression(\"request.time \u003c timestamp(\\\"2020-01-01T00:00:00Z\\\")\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n binding:\n type: gcp:compute:InstanceTemplateIamBinding\n properties:\n project: ${default.project}\n name: ${default.name}\n role: roles/compute.instanceAdmin\n members:\n - user:jane@example.com\n condition:\n title: expires_after_2019_12_31\n description: Expiring at midnight of 2019-12-31\n expression: request.time \u003c timestamp(\"2020-01-01T00:00:00Z\")\n```\n\u003c!--End PulumiCodeChooser --\u003e\n## gcp.compute.InstanceTemplateIamMember\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst member = new gcp.compute.InstanceTemplateIamMember(\"member\", {\n project: _default.project,\n name: _default.name,\n role: \"roles/compute.instanceAdmin\",\n member: \"user:jane@example.com\",\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nmember = gcp.compute.InstanceTemplateIamMember(\"member\",\n project=default[\"project\"],\n name=default[\"name\"],\n role=\"roles/compute.instanceAdmin\",\n member=\"user:jane@example.com\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var member = new Gcp.Compute.InstanceTemplateIamMember(\"member\", new()\n {\n Project = @default.Project,\n Name = @default.Name,\n Role = \"roles/compute.instanceAdmin\",\n Member = \"user:jane@example.com\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := compute.NewInstanceTemplateIamMember(ctx, \"member\", \u0026compute.InstanceTemplateIamMemberArgs{\n\t\t\tProject: pulumi.Any(_default.Project),\n\t\t\tName: pulumi.Any(_default.Name),\n\t\t\tRole: pulumi.String(\"roles/compute.instanceAdmin\"),\n\t\t\tMember: pulumi.String(\"user:jane@example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.compute.InstanceTemplateIamMember;\nimport com.pulumi.gcp.compute.InstanceTemplateIamMemberArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var member = new InstanceTemplateIamMember(\"member\", InstanceTemplateIamMemberArgs.builder()\n .project(default_.project())\n .name(default_.name())\n .role(\"roles/compute.instanceAdmin\")\n .member(\"user:jane@example.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n member:\n type: gcp:compute:InstanceTemplateIamMember\n properties:\n project: ${default.project}\n name: ${default.name}\n role: roles/compute.instanceAdmin\n member: user:jane@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nWith IAM Conditions:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst member = new gcp.compute.InstanceTemplateIamMember(\"member\", {\n project: _default.project,\n name: _default.name,\n role: \"roles/compute.instanceAdmin\",\n member: \"user:jane@example.com\",\n condition: {\n title: \"expires_after_2019_12_31\",\n description: \"Expiring at midnight of 2019-12-31\",\n expression: \"request.time \u003c timestamp(\\\"2020-01-01T00:00:00Z\\\")\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nmember = gcp.compute.InstanceTemplateIamMember(\"member\",\n project=default[\"project\"],\n name=default[\"name\"],\n role=\"roles/compute.instanceAdmin\",\n member=\"user:jane@example.com\",\n condition={\n \"title\": \"expires_after_2019_12_31\",\n \"description\": \"Expiring at midnight of 2019-12-31\",\n \"expression\": \"request.time \u003c timestamp(\\\"2020-01-01T00:00:00Z\\\")\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var member = new Gcp.Compute.InstanceTemplateIamMember(\"member\", new()\n {\n Project = @default.Project,\n Name = @default.Name,\n Role = \"roles/compute.instanceAdmin\",\n Member = \"user:jane@example.com\",\n Condition = new Gcp.Compute.Inputs.InstanceTemplateIamMemberConditionArgs\n {\n Title = \"expires_after_2019_12_31\",\n Description = \"Expiring at midnight of 2019-12-31\",\n Expression = \"request.time \u003c timestamp(\\\"2020-01-01T00:00:00Z\\\")\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := compute.NewInstanceTemplateIamMember(ctx, \"member\", \u0026compute.InstanceTemplateIamMemberArgs{\n\t\t\tProject: pulumi.Any(_default.Project),\n\t\t\tName: pulumi.Any(_default.Name),\n\t\t\tRole: pulumi.String(\"roles/compute.instanceAdmin\"),\n\t\t\tMember: pulumi.String(\"user:jane@example.com\"),\n\t\t\tCondition: \u0026compute.InstanceTemplateIamMemberConditionArgs{\n\t\t\t\tTitle: pulumi.String(\"expires_after_2019_12_31\"),\n\t\t\t\tDescription: pulumi.String(\"Expiring at midnight of 2019-12-31\"),\n\t\t\t\tExpression: pulumi.String(\"request.time \u003c timestamp(\\\"2020-01-01T00:00:00Z\\\")\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.compute.InstanceTemplateIamMember;\nimport com.pulumi.gcp.compute.InstanceTemplateIamMemberArgs;\nimport com.pulumi.gcp.compute.inputs.InstanceTemplateIamMemberConditionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var member = new InstanceTemplateIamMember(\"member\", InstanceTemplateIamMemberArgs.builder()\n .project(default_.project())\n .name(default_.name())\n .role(\"roles/compute.instanceAdmin\")\n .member(\"user:jane@example.com\")\n .condition(InstanceTemplateIamMemberConditionArgs.builder()\n .title(\"expires_after_2019_12_31\")\n .description(\"Expiring at midnight of 2019-12-31\")\n .expression(\"request.time \u003c timestamp(\\\"2020-01-01T00:00:00Z\\\")\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n member:\n type: gcp:compute:InstanceTemplateIamMember\n properties:\n project: ${default.project}\n name: ${default.name}\n role: roles/compute.instanceAdmin\n member: user:jane@example.com\n condition:\n title: expires_after_2019_12_31\n description: Expiring at midnight of 2019-12-31\n expression: request.time \u003c timestamp(\"2020-01-01T00:00:00Z\")\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## This resource supports User Project Overrides.\n\n-\n\n# IAM policy for Compute Engine InstanceTemplate\nThree different resources help you manage your IAM policy for Compute Engine InstanceTemplate. Each of these resources serves a different use case:\n\n* `gcp.compute.InstanceTemplateIamPolicy`: Authoritative. Sets the IAM policy for the instancetemplate and replaces any existing policy already attached.\n* `gcp.compute.InstanceTemplateIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the instancetemplate are preserved.\n* `gcp.compute.InstanceTemplateIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the instancetemplate are preserved.\n\nA data source can be used to retrieve policy data in advent you do not need creation\n\n* `gcp.compute.InstanceTemplateIamPolicy`: Retrieves the IAM policy for the instancetemplate\n\n\u003e **Note:** `gcp.compute.InstanceTemplateIamPolicy` **cannot** be used in conjunction with `gcp.compute.InstanceTemplateIamBinding` and `gcp.compute.InstanceTemplateIamMember` or they will fight over what your policy should be.\n\n\u003e **Note:** `gcp.compute.InstanceTemplateIamBinding` resources **can be** used in conjunction with `gcp.compute.InstanceTemplateIamMember` resources **only if** they do not grant privilege to the same role.\n\n\u003e **Note:** This resource supports IAM Conditions but they have some known limitations which can be found [here](https://cloud.google.com/iam/docs/conditions-overview#limitations). Please review this article if you are having issues with IAM Conditions.\n\n\n## gcp.compute.InstanceTemplateIamPolicy\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst admin = gcp.organizations.getIAMPolicy({\n bindings: [{\n role: \"roles/compute.instanceAdmin\",\n members: [\"user:jane@example.com\"],\n }],\n});\nconst policy = new gcp.compute.InstanceTemplateIamPolicy(\"policy\", {\n project: _default.project,\n name: _default.name,\n policyData: admin.then(admin =\u003e admin.policyData),\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nadmin = gcp.organizations.get_iam_policy(bindings=[{\n \"role\": \"roles/compute.instanceAdmin\",\n \"members\": [\"user:jane@example.com\"],\n}])\npolicy = gcp.compute.InstanceTemplateIamPolicy(\"policy\",\n project=default[\"project\"],\n name=default[\"name\"],\n policy_data=admin.policy_data)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var admin = Gcp.Organizations.GetIAMPolicy.Invoke(new()\n {\n Bindings = new[]\n {\n new Gcp.Organizations.Inputs.GetIAMPolicyBindingInputArgs\n {\n Role = \"roles/compute.instanceAdmin\",\n Members = new[]\n {\n \"user:jane@example.com\",\n },\n },\n },\n });\n\n var policy = new Gcp.Compute.InstanceTemplateIamPolicy(\"policy\", new()\n {\n Project = @default.Project,\n Name = @default.Name,\n PolicyData = admin.Apply(getIAMPolicyResult =\u003e getIAMPolicyResult.PolicyData),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tadmin, err := organizations.LookupIAMPolicy(ctx, \u0026organizations.LookupIAMPolicyArgs{\n\t\t\tBindings: []organizations.GetIAMPolicyBinding{\n\t\t\t\t{\n\t\t\t\t\tRole: \"roles/compute.instanceAdmin\",\n\t\t\t\t\tMembers: []string{\n\t\t\t\t\t\t\"user:jane@example.com\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = compute.NewInstanceTemplateIamPolicy(ctx, \"policy\", \u0026compute.InstanceTemplateIamPolicyArgs{\n\t\t\tProject: pulumi.Any(_default.Project),\n\t\t\tName: pulumi.Any(_default.Name),\n\t\t\tPolicyData: pulumi.String(admin.PolicyData),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.organizations.OrganizationsFunctions;\nimport com.pulumi.gcp.organizations.inputs.GetIAMPolicyArgs;\nimport com.pulumi.gcp.compute.InstanceTemplateIamPolicy;\nimport com.pulumi.gcp.compute.InstanceTemplateIamPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var admin = OrganizationsFunctions.getIAMPolicy(GetIAMPolicyArgs.builder()\n .bindings(GetIAMPolicyBindingArgs.builder()\n .role(\"roles/compute.instanceAdmin\")\n .members(\"user:jane@example.com\")\n .build())\n .build());\n\n var policy = new InstanceTemplateIamPolicy(\"policy\", InstanceTemplateIamPolicyArgs.builder()\n .project(default_.project())\n .name(default_.name())\n .policyData(admin.applyValue(getIAMPolicyResult -\u003e getIAMPolicyResult.policyData()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n policy:\n type: gcp:compute:InstanceTemplateIamPolicy\n properties:\n project: ${default.project}\n name: ${default.name}\n policyData: ${admin.policyData}\nvariables:\n admin:\n fn::invoke:\n function: gcp:organizations:getIAMPolicy\n arguments:\n bindings:\n - role: roles/compute.instanceAdmin\n members:\n - user:jane@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nWith IAM Conditions:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst admin = gcp.organizations.getIAMPolicy({\n bindings: [{\n role: \"roles/compute.instanceAdmin\",\n members: [\"user:jane@example.com\"],\n condition: {\n title: \"expires_after_2019_12_31\",\n description: \"Expiring at midnight of 2019-12-31\",\n expression: \"request.time \u003c timestamp(\\\"2020-01-01T00:00:00Z\\\")\",\n },\n }],\n});\nconst policy = new gcp.compute.InstanceTemplateIamPolicy(\"policy\", {\n project: _default.project,\n name: _default.name,\n policyData: admin.then(admin =\u003e admin.policyData),\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nadmin = gcp.organizations.get_iam_policy(bindings=[{\n \"role\": \"roles/compute.instanceAdmin\",\n \"members\": [\"user:jane@example.com\"],\n \"condition\": {\n \"title\": \"expires_after_2019_12_31\",\n \"description\": \"Expiring at midnight of 2019-12-31\",\n \"expression\": \"request.time \u003c timestamp(\\\"2020-01-01T00:00:00Z\\\")\",\n },\n}])\npolicy = gcp.compute.InstanceTemplateIamPolicy(\"policy\",\n project=default[\"project\"],\n name=default[\"name\"],\n policy_data=admin.policy_data)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var admin = Gcp.Organizations.GetIAMPolicy.Invoke(new()\n {\n Bindings = new[]\n {\n new Gcp.Organizations.Inputs.GetIAMPolicyBindingInputArgs\n {\n Role = \"roles/compute.instanceAdmin\",\n Members = new[]\n {\n \"user:jane@example.com\",\n },\n Condition = new Gcp.Organizations.Inputs.GetIAMPolicyBindingConditionInputArgs\n {\n Title = \"expires_after_2019_12_31\",\n Description = \"Expiring at midnight of 2019-12-31\",\n Expression = \"request.time \u003c timestamp(\\\"2020-01-01T00:00:00Z\\\")\",\n },\n },\n },\n });\n\n var policy = new Gcp.Compute.InstanceTemplateIamPolicy(\"policy\", new()\n {\n Project = @default.Project,\n Name = @default.Name,\n PolicyData = admin.Apply(getIAMPolicyResult =\u003e getIAMPolicyResult.PolicyData),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tadmin, err := organizations.LookupIAMPolicy(ctx, \u0026organizations.LookupIAMPolicyArgs{\n\t\t\tBindings: []organizations.GetIAMPolicyBinding{\n\t\t\t\t{\n\t\t\t\t\tRole: \"roles/compute.instanceAdmin\",\n\t\t\t\t\tMembers: []string{\n\t\t\t\t\t\t\"user:jane@example.com\",\n\t\t\t\t\t},\n\t\t\t\t\tCondition: {\n\t\t\t\t\t\tTitle: \"expires_after_2019_12_31\",\n\t\t\t\t\t\tDescription: pulumi.StringRef(\"Expiring at midnight of 2019-12-31\"),\n\t\t\t\t\t\tExpression: \"request.time \u003c timestamp(\\\"2020-01-01T00:00:00Z\\\")\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = compute.NewInstanceTemplateIamPolicy(ctx, \"policy\", \u0026compute.InstanceTemplateIamPolicyArgs{\n\t\t\tProject: pulumi.Any(_default.Project),\n\t\t\tName: pulumi.Any(_default.Name),\n\t\t\tPolicyData: pulumi.String(admin.PolicyData),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.organizations.OrganizationsFunctions;\nimport com.pulumi.gcp.organizations.inputs.GetIAMPolicyArgs;\nimport com.pulumi.gcp.compute.InstanceTemplateIamPolicy;\nimport com.pulumi.gcp.compute.InstanceTemplateIamPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var admin = OrganizationsFunctions.getIAMPolicy(GetIAMPolicyArgs.builder()\n .bindings(GetIAMPolicyBindingArgs.builder()\n .role(\"roles/compute.instanceAdmin\")\n .members(\"user:jane@example.com\")\n .condition(GetIAMPolicyBindingConditionArgs.builder()\n .title(\"expires_after_2019_12_31\")\n .description(\"Expiring at midnight of 2019-12-31\")\n .expression(\"request.time \u003c timestamp(\\\"2020-01-01T00:00:00Z\\\")\")\n .build())\n .build())\n .build());\n\n var policy = new InstanceTemplateIamPolicy(\"policy\", InstanceTemplateIamPolicyArgs.builder()\n .project(default_.project())\n .name(default_.name())\n .policyData(admin.applyValue(getIAMPolicyResult -\u003e getIAMPolicyResult.policyData()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n policy:\n type: gcp:compute:InstanceTemplateIamPolicy\n properties:\n project: ${default.project}\n name: ${default.name}\n policyData: ${admin.policyData}\nvariables:\n admin:\n fn::invoke:\n function: gcp:organizations:getIAMPolicy\n arguments:\n bindings:\n - role: roles/compute.instanceAdmin\n members:\n - user:jane@example.com\n condition:\n title: expires_after_2019_12_31\n description: Expiring at midnight of 2019-12-31\n expression: request.time \u003c timestamp(\"2020-01-01T00:00:00Z\")\n```\n\u003c!--End PulumiCodeChooser --\u003e\n## gcp.compute.InstanceTemplateIamBinding\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst binding = new gcp.compute.InstanceTemplateIamBinding(\"binding\", {\n project: _default.project,\n name: _default.name,\n role: \"roles/compute.instanceAdmin\",\n members: [\"user:jane@example.com\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nbinding = gcp.compute.InstanceTemplateIamBinding(\"binding\",\n project=default[\"project\"],\n name=default[\"name\"],\n role=\"roles/compute.instanceAdmin\",\n members=[\"user:jane@example.com\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var binding = new Gcp.Compute.InstanceTemplateIamBinding(\"binding\", new()\n {\n Project = @default.Project,\n Name = @default.Name,\n Role = \"roles/compute.instanceAdmin\",\n Members = new[]\n {\n \"user:jane@example.com\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := compute.NewInstanceTemplateIamBinding(ctx, \"binding\", \u0026compute.InstanceTemplateIamBindingArgs{\n\t\t\tProject: pulumi.Any(_default.Project),\n\t\t\tName: pulumi.Any(_default.Name),\n\t\t\tRole: pulumi.String(\"roles/compute.instanceAdmin\"),\n\t\t\tMembers: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"user:jane@example.com\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.compute.InstanceTemplateIamBinding;\nimport com.pulumi.gcp.compute.InstanceTemplateIamBindingArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var binding = new InstanceTemplateIamBinding(\"binding\", InstanceTemplateIamBindingArgs.builder()\n .project(default_.project())\n .name(default_.name())\n .role(\"roles/compute.instanceAdmin\")\n .members(\"user:jane@example.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n binding:\n type: gcp:compute:InstanceTemplateIamBinding\n properties:\n project: ${default.project}\n name: ${default.name}\n role: roles/compute.instanceAdmin\n members:\n - user:jane@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nWith IAM Conditions:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst binding = new gcp.compute.InstanceTemplateIamBinding(\"binding\", {\n project: _default.project,\n name: _default.name,\n role: \"roles/compute.instanceAdmin\",\n members: [\"user:jane@example.com\"],\n condition: {\n title: \"expires_after_2019_12_31\",\n description: \"Expiring at midnight of 2019-12-31\",\n expression: \"request.time \u003c timestamp(\\\"2020-01-01T00:00:00Z\\\")\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nbinding = gcp.compute.InstanceTemplateIamBinding(\"binding\",\n project=default[\"project\"],\n name=default[\"name\"],\n role=\"roles/compute.instanceAdmin\",\n members=[\"user:jane@example.com\"],\n condition={\n \"title\": \"expires_after_2019_12_31\",\n \"description\": \"Expiring at midnight of 2019-12-31\",\n \"expression\": \"request.time \u003c timestamp(\\\"2020-01-01T00:00:00Z\\\")\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var binding = new Gcp.Compute.InstanceTemplateIamBinding(\"binding\", new()\n {\n Project = @default.Project,\n Name = @default.Name,\n Role = \"roles/compute.instanceAdmin\",\n Members = new[]\n {\n \"user:jane@example.com\",\n },\n Condition = new Gcp.Compute.Inputs.InstanceTemplateIamBindingConditionArgs\n {\n Title = \"expires_after_2019_12_31\",\n Description = \"Expiring at midnight of 2019-12-31\",\n Expression = \"request.time \u003c timestamp(\\\"2020-01-01T00:00:00Z\\\")\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := compute.NewInstanceTemplateIamBinding(ctx, \"binding\", \u0026compute.InstanceTemplateIamBindingArgs{\n\t\t\tProject: pulumi.Any(_default.Project),\n\t\t\tName: pulumi.Any(_default.Name),\n\t\t\tRole: pulumi.String(\"roles/compute.instanceAdmin\"),\n\t\t\tMembers: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"user:jane@example.com\"),\n\t\t\t},\n\t\t\tCondition: \u0026compute.InstanceTemplateIamBindingConditionArgs{\n\t\t\t\tTitle: pulumi.String(\"expires_after_2019_12_31\"),\n\t\t\t\tDescription: pulumi.String(\"Expiring at midnight of 2019-12-31\"),\n\t\t\t\tExpression: pulumi.String(\"request.time \u003c timestamp(\\\"2020-01-01T00:00:00Z\\\")\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.compute.InstanceTemplateIamBinding;\nimport com.pulumi.gcp.compute.InstanceTemplateIamBindingArgs;\nimport com.pulumi.gcp.compute.inputs.InstanceTemplateIamBindingConditionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var binding = new InstanceTemplateIamBinding(\"binding\", InstanceTemplateIamBindingArgs.builder()\n .project(default_.project())\n .name(default_.name())\n .role(\"roles/compute.instanceAdmin\")\n .members(\"user:jane@example.com\")\n .condition(InstanceTemplateIamBindingConditionArgs.builder()\n .title(\"expires_after_2019_12_31\")\n .description(\"Expiring at midnight of 2019-12-31\")\n .expression(\"request.time \u003c timestamp(\\\"2020-01-01T00:00:00Z\\\")\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n binding:\n type: gcp:compute:InstanceTemplateIamBinding\n properties:\n project: ${default.project}\n name: ${default.name}\n role: roles/compute.instanceAdmin\n members:\n - user:jane@example.com\n condition:\n title: expires_after_2019_12_31\n description: Expiring at midnight of 2019-12-31\n expression: request.time \u003c timestamp(\"2020-01-01T00:00:00Z\")\n```\n\u003c!--End PulumiCodeChooser --\u003e\n## gcp.compute.InstanceTemplateIamMember\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst member = new gcp.compute.InstanceTemplateIamMember(\"member\", {\n project: _default.project,\n name: _default.name,\n role: \"roles/compute.instanceAdmin\",\n member: \"user:jane@example.com\",\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nmember = gcp.compute.InstanceTemplateIamMember(\"member\",\n project=default[\"project\"],\n name=default[\"name\"],\n role=\"roles/compute.instanceAdmin\",\n member=\"user:jane@example.com\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var member = new Gcp.Compute.InstanceTemplateIamMember(\"member\", new()\n {\n Project = @default.Project,\n Name = @default.Name,\n Role = \"roles/compute.instanceAdmin\",\n Member = \"user:jane@example.com\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := compute.NewInstanceTemplateIamMember(ctx, \"member\", \u0026compute.InstanceTemplateIamMemberArgs{\n\t\t\tProject: pulumi.Any(_default.Project),\n\t\t\tName: pulumi.Any(_default.Name),\n\t\t\tRole: pulumi.String(\"roles/compute.instanceAdmin\"),\n\t\t\tMember: pulumi.String(\"user:jane@example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.compute.InstanceTemplateIamMember;\nimport com.pulumi.gcp.compute.InstanceTemplateIamMemberArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var member = new InstanceTemplateIamMember(\"member\", InstanceTemplateIamMemberArgs.builder()\n .project(default_.project())\n .name(default_.name())\n .role(\"roles/compute.instanceAdmin\")\n .member(\"user:jane@example.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n member:\n type: gcp:compute:InstanceTemplateIamMember\n properties:\n project: ${default.project}\n name: ${default.name}\n role: roles/compute.instanceAdmin\n member: user:jane@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nWith IAM Conditions:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst member = new gcp.compute.InstanceTemplateIamMember(\"member\", {\n project: _default.project,\n name: _default.name,\n role: \"roles/compute.instanceAdmin\",\n member: \"user:jane@example.com\",\n condition: {\n title: \"expires_after_2019_12_31\",\n description: \"Expiring at midnight of 2019-12-31\",\n expression: \"request.time \u003c timestamp(\\\"2020-01-01T00:00:00Z\\\")\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nmember = gcp.compute.InstanceTemplateIamMember(\"member\",\n project=default[\"project\"],\n name=default[\"name\"],\n role=\"roles/compute.instanceAdmin\",\n member=\"user:jane@example.com\",\n condition={\n \"title\": \"expires_after_2019_12_31\",\n \"description\": \"Expiring at midnight of 2019-12-31\",\n \"expression\": \"request.time \u003c timestamp(\\\"2020-01-01T00:00:00Z\\\")\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var member = new Gcp.Compute.InstanceTemplateIamMember(\"member\", new()\n {\n Project = @default.Project,\n Name = @default.Name,\n Role = \"roles/compute.instanceAdmin\",\n Member = \"user:jane@example.com\",\n Condition = new Gcp.Compute.Inputs.InstanceTemplateIamMemberConditionArgs\n {\n Title = \"expires_after_2019_12_31\",\n Description = \"Expiring at midnight of 2019-12-31\",\n Expression = \"request.time \u003c timestamp(\\\"2020-01-01T00:00:00Z\\\")\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := compute.NewInstanceTemplateIamMember(ctx, \"member\", \u0026compute.InstanceTemplateIamMemberArgs{\n\t\t\tProject: pulumi.Any(_default.Project),\n\t\t\tName: pulumi.Any(_default.Name),\n\t\t\tRole: pulumi.String(\"roles/compute.instanceAdmin\"),\n\t\t\tMember: pulumi.String(\"user:jane@example.com\"),\n\t\t\tCondition: \u0026compute.InstanceTemplateIamMemberConditionArgs{\n\t\t\t\tTitle: pulumi.String(\"expires_after_2019_12_31\"),\n\t\t\t\tDescription: pulumi.String(\"Expiring at midnight of 2019-12-31\"),\n\t\t\t\tExpression: pulumi.String(\"request.time \u003c timestamp(\\\"2020-01-01T00:00:00Z\\\")\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.compute.InstanceTemplateIamMember;\nimport com.pulumi.gcp.compute.InstanceTemplateIamMemberArgs;\nimport com.pulumi.gcp.compute.inputs.InstanceTemplateIamMemberConditionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var member = new InstanceTemplateIamMember(\"member\", InstanceTemplateIamMemberArgs.builder()\n .project(default_.project())\n .name(default_.name())\n .role(\"roles/compute.instanceAdmin\")\n .member(\"user:jane@example.com\")\n .condition(InstanceTemplateIamMemberConditionArgs.builder()\n .title(\"expires_after_2019_12_31\")\n .description(\"Expiring at midnight of 2019-12-31\")\n .expression(\"request.time \u003c timestamp(\\\"2020-01-01T00:00:00Z\\\")\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n member:\n type: gcp:compute:InstanceTemplateIamMember\n properties:\n project: ${default.project}\n name: ${default.name}\n role: roles/compute.instanceAdmin\n member: user:jane@example.com\n condition:\n title: expires_after_2019_12_31\n description: Expiring at midnight of 2019-12-31\n expression: request.time \u003c timestamp(\"2020-01-01T00:00:00Z\")\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nFor all import syntaxes, the \"resource in question\" can take any of the following forms:\n\n* projects/{{project}}/global/instanceTemplates/{{name}}\n\n* {{project}}/{{name}}\n\n* {{name}}\n\nAny variables not passed in the import command will be taken from the provider configuration.\n\nCompute Engine instancetemplate IAM resources can be imported using the resource identifiers, role, and member.\n\nIAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g.\n\n```sh\n$ pulumi import gcp:compute/instanceTemplateIamPolicy:InstanceTemplateIamPolicy editor \"projects/{{project}}/global/instanceTemplates/{{instance_template}} roles/compute.instanceAdmin user:jane@example.com\"\n```\n\nIAM binding imports use space-delimited identifiers: the resource in question and the role, e.g.\n\n```sh\n$ pulumi import gcp:compute/instanceTemplateIamPolicy:InstanceTemplateIamPolicy editor \"projects/{{project}}/global/instanceTemplates/{{instance_template}} roles/compute.instanceAdmin\"\n```\n\nIAM policy imports use the identifier of the resource in question, e.g.\n\n```sh\n$ pulumi import gcp:compute/instanceTemplateIamPolicy:InstanceTemplateIamPolicy editor projects/{{project}}/global/instanceTemplates/{{instance_template}}\n```\n\n-\u003e **Custom Roles** If you're importing a IAM resource with a custom role, make sure to use the\n\n full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`.\n\n", + "properties": { + "etag": { + "type": "string", + "description": "(Computed) The etag of the IAM policy.\n" + }, + "name": { + "type": "string", + "description": "Used to find the parent resource to bind the IAM policy to\n" + }, + "policyData": { + "type": "string", + "description": "The policy data generated by\na `gcp.organizations.getIAMPolicy` data source.\n" + }, + "project": { + "type": "string", + "description": "The ID of the project in which the resource belongs.\nIf it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.\n" + } + }, + "required": [ + "etag", + "name", + "policyData", + "project" + ], + "inputProperties": { + "name": { + "type": "string", + "description": "Used to find the parent resource to bind the IAM policy to\n", + "willReplaceOnChanges": true + }, + "policyData": { + "type": "string", + "description": "The policy data generated by\na `gcp.organizations.getIAMPolicy` data source.\n" + }, + "project": { + "type": "string", + "description": "The ID of the project in which the resource belongs.\nIf it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.\n", + "willReplaceOnChanges": true + } + }, + "requiredInputs": [ + "policyData" + ], + "stateInputs": { + "description": "Input properties used for looking up and filtering InstanceTemplateIamPolicy resources.\n", + "properties": { + "etag": { + "type": "string", + "description": "(Computed) The etag of the IAM policy.\n" + }, + "name": { + "type": "string", + "description": "Used to find the parent resource to bind the IAM policy to\n", + "willReplaceOnChanges": true + }, + "policyData": { + "type": "string", + "description": "The policy data generated by\na `gcp.organizations.getIAMPolicy` data source.\n" + }, + "project": { + "type": "string", + "description": "The ID of the project in which the resource belongs.\nIf it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.\n", + "willReplaceOnChanges": true + } + }, + "type": "object" + } + }, "gcp:compute/interconnect:Interconnect": { "description": "Represents an Interconnect resource. The Interconnect resource is a dedicated connection between\nGoogle's network and your on-premises network.\n\n\nTo get more information about Interconnect, see:\n\n* [API documentation](https://cloud.google.com/compute/docs/reference/rest/v1/interconnects)\n* How-to Guides\n * [Create a Dedicated Interconnect](https://cloud.google.com/network-connectivity/docs/interconnect/concepts/dedicated-overview)\n\n## Example Usage\n\n### Compute Interconnect Basic\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst project = gcp.organizations.getProject({});\nconst example_interconnect = new gcp.compute.Interconnect(\"example-interconnect\", {\n name: \"example-interconnect\",\n customerName: \"example_customer\",\n interconnectType: \"DEDICATED\",\n linkType: \"LINK_TYPE_ETHERNET_10G_LR\",\n location: project.then(project =\u003e `https://www.googleapis.com/compute/v1/projects/${project.name}/global/interconnectLocations/iad-zone1-1`),\n requestedLinkCount: 1,\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nproject = gcp.organizations.get_project()\nexample_interconnect = gcp.compute.Interconnect(\"example-interconnect\",\n name=\"example-interconnect\",\n customer_name=\"example_customer\",\n interconnect_type=\"DEDICATED\",\n link_type=\"LINK_TYPE_ETHERNET_10G_LR\",\n location=f\"https://www.googleapis.com/compute/v1/projects/{project.name}/global/interconnectLocations/iad-zone1-1\",\n requested_link_count=1)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var project = Gcp.Organizations.GetProject.Invoke();\n\n var example_interconnect = new Gcp.Compute.Interconnect(\"example-interconnect\", new()\n {\n Name = \"example-interconnect\",\n CustomerName = \"example_customer\",\n InterconnectType = \"DEDICATED\",\n LinkType = \"LINK_TYPE_ETHERNET_10G_LR\",\n Location = $\"https://www.googleapis.com/compute/v1/projects/{project.Apply(getProjectResult =\u003e getProjectResult.Name)}/global/interconnectLocations/iad-zone1-1\",\n RequestedLinkCount = 1,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tproject, err := organizations.LookupProject(ctx, \u0026organizations.LookupProjectArgs{}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = compute.NewInterconnect(ctx, \"example-interconnect\", \u0026compute.InterconnectArgs{\n\t\t\tName: pulumi.String(\"example-interconnect\"),\n\t\t\tCustomerName: pulumi.String(\"example_customer\"),\n\t\t\tInterconnectType: pulumi.String(\"DEDICATED\"),\n\t\t\tLinkType: pulumi.String(\"LINK_TYPE_ETHERNET_10G_LR\"),\n\t\t\tLocation: pulumi.Sprintf(\"https://www.googleapis.com/compute/v1/projects/%v/global/interconnectLocations/iad-zone1-1\", project.Name),\n\t\t\tRequestedLinkCount: pulumi.Int(1),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.organizations.OrganizationsFunctions;\nimport com.pulumi.gcp.organizations.inputs.GetProjectArgs;\nimport com.pulumi.gcp.compute.Interconnect;\nimport com.pulumi.gcp.compute.InterconnectArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var project = OrganizationsFunctions.getProject();\n\n var example_interconnect = new Interconnect(\"example-interconnect\", InterconnectArgs.builder()\n .name(\"example-interconnect\")\n .customerName(\"example_customer\")\n .interconnectType(\"DEDICATED\")\n .linkType(\"LINK_TYPE_ETHERNET_10G_LR\")\n .location(String.format(\"https://www.googleapis.com/compute/v1/projects/%s/global/interconnectLocations/iad-zone1-1\", project.applyValue(getProjectResult -\u003e getProjectResult.name())))\n .requestedLinkCount(1)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example-interconnect:\n type: gcp:compute:Interconnect\n properties:\n name: example-interconnect\n customerName: example_customer\n interconnectType: DEDICATED\n linkType: LINK_TYPE_ETHERNET_10G_LR\n location: https://www.googleapis.com/compute/v1/projects/${project.name}/global/interconnectLocations/iad-zone1-1\n requestedLinkCount: 1\nvariables:\n project:\n fn::invoke:\n function: gcp:organizations:getProject\n arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nInterconnect can be imported using any of these accepted formats:\n\n* `projects/{{project}}/global/interconnects/{{name}}`\n\n* `{{project}}/{{name}}`\n\n* `{{name}}`\n\nWhen using the `pulumi import` command, Interconnect can be imported using one of the formats above. For example:\n\n```sh\n$ pulumi import gcp:compute/interconnect:Interconnect default projects/{{project}}/global/interconnects/{{name}}\n```\n\n```sh\n$ pulumi import gcp:compute/interconnect:Interconnect default {{project}}/{{name}}\n```\n\n```sh\n$ pulumi import gcp:compute/interconnect:Interconnect default {{name}}\n```\n\n", "properties": { @@ -175526,7 +177430,7 @@ } }, "gcp:compute/interconnectAttachment:InterconnectAttachment": { - "description": "Represents an InterconnectAttachment (VLAN attachment) resource. For more\ninformation, see Creating VLAN Attachments.\n\n\n\n## Example Usage\n\n### Interconnect Attachment Basic\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst foobarNetwork = new gcp.compute.Network(\"foobar\", {\n name: \"network-1\",\n autoCreateSubnetworks: false,\n});\nconst foobar = new gcp.compute.Router(\"foobar\", {\n name: \"router-1\",\n network: foobarNetwork.name,\n bgp: {\n asn: 16550,\n },\n});\nconst onPrem = new gcp.compute.InterconnectAttachment(\"on_prem\", {\n name: \"on-prem-attachment\",\n edgeAvailabilityDomain: \"AVAILABILITY_DOMAIN_1\",\n type: \"PARTNER\",\n router: foobar.id,\n mtu: \"1500\",\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nfoobar_network = gcp.compute.Network(\"foobar\",\n name=\"network-1\",\n auto_create_subnetworks=False)\nfoobar = gcp.compute.Router(\"foobar\",\n name=\"router-1\",\n network=foobar_network.name,\n bgp={\n \"asn\": 16550,\n })\non_prem = gcp.compute.InterconnectAttachment(\"on_prem\",\n name=\"on-prem-attachment\",\n edge_availability_domain=\"AVAILABILITY_DOMAIN_1\",\n type=\"PARTNER\",\n router=foobar.id,\n mtu=\"1500\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var foobarNetwork = new Gcp.Compute.Network(\"foobar\", new()\n {\n Name = \"network-1\",\n AutoCreateSubnetworks = false,\n });\n\n var foobar = new Gcp.Compute.Router(\"foobar\", new()\n {\n Name = \"router-1\",\n Network = foobarNetwork.Name,\n Bgp = new Gcp.Compute.Inputs.RouterBgpArgs\n {\n Asn = 16550,\n },\n });\n\n var onPrem = new Gcp.Compute.InterconnectAttachment(\"on_prem\", new()\n {\n Name = \"on-prem-attachment\",\n EdgeAvailabilityDomain = \"AVAILABILITY_DOMAIN_1\",\n Type = \"PARTNER\",\n Router = foobar.Id,\n Mtu = \"1500\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfoobarNetwork, err := compute.NewNetwork(ctx, \"foobar\", \u0026compute.NetworkArgs{\n\t\t\tName: pulumi.String(\"network-1\"),\n\t\t\tAutoCreateSubnetworks: pulumi.Bool(false),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfoobar, err := compute.NewRouter(ctx, \"foobar\", \u0026compute.RouterArgs{\n\t\t\tName: pulumi.String(\"router-1\"),\n\t\t\tNetwork: foobarNetwork.Name,\n\t\t\tBgp: \u0026compute.RouterBgpArgs{\n\t\t\t\tAsn: pulumi.Int(16550),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = compute.NewInterconnectAttachment(ctx, \"on_prem\", \u0026compute.InterconnectAttachmentArgs{\n\t\t\tName: pulumi.String(\"on-prem-attachment\"),\n\t\t\tEdgeAvailabilityDomain: pulumi.String(\"AVAILABILITY_DOMAIN_1\"),\n\t\t\tType: pulumi.String(\"PARTNER\"),\n\t\t\tRouter: foobar.ID(),\n\t\t\tMtu: pulumi.String(\"1500\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.compute.Network;\nimport com.pulumi.gcp.compute.NetworkArgs;\nimport com.pulumi.gcp.compute.Router;\nimport com.pulumi.gcp.compute.RouterArgs;\nimport com.pulumi.gcp.compute.inputs.RouterBgpArgs;\nimport com.pulumi.gcp.compute.InterconnectAttachment;\nimport com.pulumi.gcp.compute.InterconnectAttachmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var foobarNetwork = new Network(\"foobarNetwork\", NetworkArgs.builder()\n .name(\"network-1\")\n .autoCreateSubnetworks(false)\n .build());\n\n var foobar = new Router(\"foobar\", RouterArgs.builder()\n .name(\"router-1\")\n .network(foobarNetwork.name())\n .bgp(RouterBgpArgs.builder()\n .asn(16550)\n .build())\n .build());\n\n var onPrem = new InterconnectAttachment(\"onPrem\", InterconnectAttachmentArgs.builder()\n .name(\"on-prem-attachment\")\n .edgeAvailabilityDomain(\"AVAILABILITY_DOMAIN_1\")\n .type(\"PARTNER\")\n .router(foobar.id())\n .mtu(1500)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n onPrem:\n type: gcp:compute:InterconnectAttachment\n name: on_prem\n properties:\n name: on-prem-attachment\n edgeAvailabilityDomain: AVAILABILITY_DOMAIN_1\n type: PARTNER\n router: ${foobar.id}\n mtu: 1500\n foobar:\n type: gcp:compute:Router\n properties:\n name: router-1\n network: ${foobarNetwork.name}\n bgp:\n asn: 16550\n foobarNetwork:\n type: gcp:compute:Network\n name: foobar\n properties:\n name: network-1\n autoCreateSubnetworks: false\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Compute Interconnect Attachment Ipsec Encryption\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst network = new gcp.compute.Network(\"network\", {\n name: \"test-network\",\n autoCreateSubnetworks: false,\n});\nconst address = new gcp.compute.Address(\"address\", {\n name: \"test-address\",\n addressType: \"INTERNAL\",\n purpose: \"IPSEC_INTERCONNECT\",\n address: \"192.168.1.0\",\n prefixLength: 29,\n network: network.selfLink,\n});\nconst router = new gcp.compute.Router(\"router\", {\n name: \"test-router\",\n network: network.name,\n encryptedInterconnectRouter: true,\n bgp: {\n asn: 16550,\n },\n});\nconst ipsec_encrypted_interconnect_attachment = new gcp.compute.InterconnectAttachment(\"ipsec-encrypted-interconnect-attachment\", {\n name: \"test-interconnect-attachment\",\n edgeAvailabilityDomain: \"AVAILABILITY_DOMAIN_1\",\n type: \"PARTNER\",\n router: router.id,\n encryption: \"IPSEC\",\n ipsecInternalAddresses: [address.selfLink],\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nnetwork = gcp.compute.Network(\"network\",\n name=\"test-network\",\n auto_create_subnetworks=False)\naddress = gcp.compute.Address(\"address\",\n name=\"test-address\",\n address_type=\"INTERNAL\",\n purpose=\"IPSEC_INTERCONNECT\",\n address=\"192.168.1.0\",\n prefix_length=29,\n network=network.self_link)\nrouter = gcp.compute.Router(\"router\",\n name=\"test-router\",\n network=network.name,\n encrypted_interconnect_router=True,\n bgp={\n \"asn\": 16550,\n })\nipsec_encrypted_interconnect_attachment = gcp.compute.InterconnectAttachment(\"ipsec-encrypted-interconnect-attachment\",\n name=\"test-interconnect-attachment\",\n edge_availability_domain=\"AVAILABILITY_DOMAIN_1\",\n type=\"PARTNER\",\n router=router.id,\n encryption=\"IPSEC\",\n ipsec_internal_addresses=[address.self_link])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var network = new Gcp.Compute.Network(\"network\", new()\n {\n Name = \"test-network\",\n AutoCreateSubnetworks = false,\n });\n\n var address = new Gcp.Compute.Address(\"address\", new()\n {\n Name = \"test-address\",\n AddressType = \"INTERNAL\",\n Purpose = \"IPSEC_INTERCONNECT\",\n IPAddress = \"192.168.1.0\",\n PrefixLength = 29,\n Network = network.SelfLink,\n });\n\n var router = new Gcp.Compute.Router(\"router\", new()\n {\n Name = \"test-router\",\n Network = network.Name,\n EncryptedInterconnectRouter = true,\n Bgp = new Gcp.Compute.Inputs.RouterBgpArgs\n {\n Asn = 16550,\n },\n });\n\n var ipsec_encrypted_interconnect_attachment = new Gcp.Compute.InterconnectAttachment(\"ipsec-encrypted-interconnect-attachment\", new()\n {\n Name = \"test-interconnect-attachment\",\n EdgeAvailabilityDomain = \"AVAILABILITY_DOMAIN_1\",\n Type = \"PARTNER\",\n Router = router.Id,\n Encryption = \"IPSEC\",\n IpsecInternalAddresses = new[]\n {\n address.SelfLink,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tnetwork, err := compute.NewNetwork(ctx, \"network\", \u0026compute.NetworkArgs{\n\t\t\tName: pulumi.String(\"test-network\"),\n\t\t\tAutoCreateSubnetworks: pulumi.Bool(false),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\taddress, err := compute.NewAddress(ctx, \"address\", \u0026compute.AddressArgs{\n\t\t\tName: pulumi.String(\"test-address\"),\n\t\t\tAddressType: pulumi.String(\"INTERNAL\"),\n\t\t\tPurpose: pulumi.String(\"IPSEC_INTERCONNECT\"),\n\t\t\tAddress: pulumi.String(\"192.168.1.0\"),\n\t\t\tPrefixLength: pulumi.Int(29),\n\t\t\tNetwork: network.SelfLink,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\trouter, err := compute.NewRouter(ctx, \"router\", \u0026compute.RouterArgs{\n\t\t\tName: pulumi.String(\"test-router\"),\n\t\t\tNetwork: network.Name,\n\t\t\tEncryptedInterconnectRouter: pulumi.Bool(true),\n\t\t\tBgp: \u0026compute.RouterBgpArgs{\n\t\t\t\tAsn: pulumi.Int(16550),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = compute.NewInterconnectAttachment(ctx, \"ipsec-encrypted-interconnect-attachment\", \u0026compute.InterconnectAttachmentArgs{\n\t\t\tName: pulumi.String(\"test-interconnect-attachment\"),\n\t\t\tEdgeAvailabilityDomain: pulumi.String(\"AVAILABILITY_DOMAIN_1\"),\n\t\t\tType: pulumi.String(\"PARTNER\"),\n\t\t\tRouter: router.ID(),\n\t\t\tEncryption: pulumi.String(\"IPSEC\"),\n\t\t\tIpsecInternalAddresses: pulumi.StringArray{\n\t\t\t\taddress.SelfLink,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.compute.Network;\nimport com.pulumi.gcp.compute.NetworkArgs;\nimport com.pulumi.gcp.compute.Address;\nimport com.pulumi.gcp.compute.AddressArgs;\nimport com.pulumi.gcp.compute.Router;\nimport com.pulumi.gcp.compute.RouterArgs;\nimport com.pulumi.gcp.compute.inputs.RouterBgpArgs;\nimport com.pulumi.gcp.compute.InterconnectAttachment;\nimport com.pulumi.gcp.compute.InterconnectAttachmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var network = new Network(\"network\", NetworkArgs.builder()\n .name(\"test-network\")\n .autoCreateSubnetworks(false)\n .build());\n\n var address = new Address(\"address\", AddressArgs.builder()\n .name(\"test-address\")\n .addressType(\"INTERNAL\")\n .purpose(\"IPSEC_INTERCONNECT\")\n .address(\"192.168.1.0\")\n .prefixLength(29)\n .network(network.selfLink())\n .build());\n\n var router = new Router(\"router\", RouterArgs.builder()\n .name(\"test-router\")\n .network(network.name())\n .encryptedInterconnectRouter(true)\n .bgp(RouterBgpArgs.builder()\n .asn(16550)\n .build())\n .build());\n\n var ipsec_encrypted_interconnect_attachment = new InterconnectAttachment(\"ipsec-encrypted-interconnect-attachment\", InterconnectAttachmentArgs.builder()\n .name(\"test-interconnect-attachment\")\n .edgeAvailabilityDomain(\"AVAILABILITY_DOMAIN_1\")\n .type(\"PARTNER\")\n .router(router.id())\n .encryption(\"IPSEC\")\n .ipsecInternalAddresses(address.selfLink())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n ipsec-encrypted-interconnect-attachment:\n type: gcp:compute:InterconnectAttachment\n properties:\n name: test-interconnect-attachment\n edgeAvailabilityDomain: AVAILABILITY_DOMAIN_1\n type: PARTNER\n router: ${router.id}\n encryption: IPSEC\n ipsecInternalAddresses:\n - ${address.selfLink}\n address:\n type: gcp:compute:Address\n properties:\n name: test-address\n addressType: INTERNAL\n purpose: IPSEC_INTERCONNECT\n address: 192.168.1.0\n prefixLength: 29\n network: ${network.selfLink}\n router:\n type: gcp:compute:Router\n properties:\n name: test-router\n network: ${network.name}\n encryptedInterconnectRouter: true\n bgp:\n asn: 16550\n network:\n type: gcp:compute:Network\n properties:\n name: test-network\n autoCreateSubnetworks: false\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nInterconnectAttachment can be imported using any of these accepted formats:\n\n* `projects/{{project}}/regions/{{region}}/interconnectAttachments/{{name}}`\n\n* `{{project}}/{{region}}/{{name}}`\n\n* `{{region}}/{{name}}`\n\n* `{{name}}`\n\nWhen using the `pulumi import` command, InterconnectAttachment can be imported using one of the formats above. For example:\n\n```sh\n$ pulumi import gcp:compute/interconnectAttachment:InterconnectAttachment default projects/{{project}}/regions/{{region}}/interconnectAttachments/{{name}}\n```\n\n```sh\n$ pulumi import gcp:compute/interconnectAttachment:InterconnectAttachment default {{project}}/{{region}}/{{name}}\n```\n\n```sh\n$ pulumi import gcp:compute/interconnectAttachment:InterconnectAttachment default {{region}}/{{name}}\n```\n\n```sh\n$ pulumi import gcp:compute/interconnectAttachment:InterconnectAttachment default {{name}}\n```\n\n", + "description": "Represents an InterconnectAttachment (VLAN attachment) resource. For more\ninformation, see Creating VLAN Attachments.\n\n\n\n## Example Usage\n\n### Interconnect Attachment Basic\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst foobarNetwork = new gcp.compute.Network(\"foobar\", {\n name: \"network-1\",\n autoCreateSubnetworks: false,\n});\nconst foobar = new gcp.compute.Router(\"foobar\", {\n name: \"router-1\",\n network: foobarNetwork.name,\n bgp: {\n asn: 16550,\n },\n});\nconst onPrem = new gcp.compute.InterconnectAttachment(\"on_prem\", {\n name: \"on-prem-attachment\",\n edgeAvailabilityDomain: \"AVAILABILITY_DOMAIN_1\",\n type: \"PARTNER\",\n router: foobar.id,\n mtu: \"1500\",\n labels: {\n mykey: \"myvalue\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nfoobar_network = gcp.compute.Network(\"foobar\",\n name=\"network-1\",\n auto_create_subnetworks=False)\nfoobar = gcp.compute.Router(\"foobar\",\n name=\"router-1\",\n network=foobar_network.name,\n bgp={\n \"asn\": 16550,\n })\non_prem = gcp.compute.InterconnectAttachment(\"on_prem\",\n name=\"on-prem-attachment\",\n edge_availability_domain=\"AVAILABILITY_DOMAIN_1\",\n type=\"PARTNER\",\n router=foobar.id,\n mtu=\"1500\",\n labels={\n \"mykey\": \"myvalue\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var foobarNetwork = new Gcp.Compute.Network(\"foobar\", new()\n {\n Name = \"network-1\",\n AutoCreateSubnetworks = false,\n });\n\n var foobar = new Gcp.Compute.Router(\"foobar\", new()\n {\n Name = \"router-1\",\n Network = foobarNetwork.Name,\n Bgp = new Gcp.Compute.Inputs.RouterBgpArgs\n {\n Asn = 16550,\n },\n });\n\n var onPrem = new Gcp.Compute.InterconnectAttachment(\"on_prem\", new()\n {\n Name = \"on-prem-attachment\",\n EdgeAvailabilityDomain = \"AVAILABILITY_DOMAIN_1\",\n Type = \"PARTNER\",\n Router = foobar.Id,\n Mtu = \"1500\",\n Labels = \n {\n { \"mykey\", \"myvalue\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfoobarNetwork, err := compute.NewNetwork(ctx, \"foobar\", \u0026compute.NetworkArgs{\n\t\t\tName: pulumi.String(\"network-1\"),\n\t\t\tAutoCreateSubnetworks: pulumi.Bool(false),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfoobar, err := compute.NewRouter(ctx, \"foobar\", \u0026compute.RouterArgs{\n\t\t\tName: pulumi.String(\"router-1\"),\n\t\t\tNetwork: foobarNetwork.Name,\n\t\t\tBgp: \u0026compute.RouterBgpArgs{\n\t\t\t\tAsn: pulumi.Int(16550),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = compute.NewInterconnectAttachment(ctx, \"on_prem\", \u0026compute.InterconnectAttachmentArgs{\n\t\t\tName: pulumi.String(\"on-prem-attachment\"),\n\t\t\tEdgeAvailabilityDomain: pulumi.String(\"AVAILABILITY_DOMAIN_1\"),\n\t\t\tType: pulumi.String(\"PARTNER\"),\n\t\t\tRouter: foobar.ID(),\n\t\t\tMtu: pulumi.String(\"1500\"),\n\t\t\tLabels: pulumi.StringMap{\n\t\t\t\t\"mykey\": pulumi.String(\"myvalue\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.compute.Network;\nimport com.pulumi.gcp.compute.NetworkArgs;\nimport com.pulumi.gcp.compute.Router;\nimport com.pulumi.gcp.compute.RouterArgs;\nimport com.pulumi.gcp.compute.inputs.RouterBgpArgs;\nimport com.pulumi.gcp.compute.InterconnectAttachment;\nimport com.pulumi.gcp.compute.InterconnectAttachmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var foobarNetwork = new Network(\"foobarNetwork\", NetworkArgs.builder()\n .name(\"network-1\")\n .autoCreateSubnetworks(false)\n .build());\n\n var foobar = new Router(\"foobar\", RouterArgs.builder()\n .name(\"router-1\")\n .network(foobarNetwork.name())\n .bgp(RouterBgpArgs.builder()\n .asn(16550)\n .build())\n .build());\n\n var onPrem = new InterconnectAttachment(\"onPrem\", InterconnectAttachmentArgs.builder()\n .name(\"on-prem-attachment\")\n .edgeAvailabilityDomain(\"AVAILABILITY_DOMAIN_1\")\n .type(\"PARTNER\")\n .router(foobar.id())\n .mtu(1500)\n .labels(Map.of(\"mykey\", \"myvalue\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n onPrem:\n type: gcp:compute:InterconnectAttachment\n name: on_prem\n properties:\n name: on-prem-attachment\n edgeAvailabilityDomain: AVAILABILITY_DOMAIN_1\n type: PARTNER\n router: ${foobar.id}\n mtu: 1500\n labels:\n mykey: myvalue\n foobar:\n type: gcp:compute:Router\n properties:\n name: router-1\n network: ${foobarNetwork.name}\n bgp:\n asn: 16550\n foobarNetwork:\n type: gcp:compute:Network\n name: foobar\n properties:\n name: network-1\n autoCreateSubnetworks: false\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Compute Interconnect Attachment Ipsec Encryption\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst network = new gcp.compute.Network(\"network\", {\n name: \"test-network\",\n autoCreateSubnetworks: false,\n});\nconst address = new gcp.compute.Address(\"address\", {\n name: \"test-address\",\n addressType: \"INTERNAL\",\n purpose: \"IPSEC_INTERCONNECT\",\n address: \"192.168.1.0\",\n prefixLength: 29,\n network: network.selfLink,\n});\nconst router = new gcp.compute.Router(\"router\", {\n name: \"test-router\",\n network: network.name,\n encryptedInterconnectRouter: true,\n bgp: {\n asn: 16550,\n },\n});\nconst ipsec_encrypted_interconnect_attachment = new gcp.compute.InterconnectAttachment(\"ipsec-encrypted-interconnect-attachment\", {\n name: \"test-interconnect-attachment\",\n edgeAvailabilityDomain: \"AVAILABILITY_DOMAIN_1\",\n type: \"PARTNER\",\n router: router.id,\n encryption: \"IPSEC\",\n ipsecInternalAddresses: [address.selfLink],\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nnetwork = gcp.compute.Network(\"network\",\n name=\"test-network\",\n auto_create_subnetworks=False)\naddress = gcp.compute.Address(\"address\",\n name=\"test-address\",\n address_type=\"INTERNAL\",\n purpose=\"IPSEC_INTERCONNECT\",\n address=\"192.168.1.0\",\n prefix_length=29,\n network=network.self_link)\nrouter = gcp.compute.Router(\"router\",\n name=\"test-router\",\n network=network.name,\n encrypted_interconnect_router=True,\n bgp={\n \"asn\": 16550,\n })\nipsec_encrypted_interconnect_attachment = gcp.compute.InterconnectAttachment(\"ipsec-encrypted-interconnect-attachment\",\n name=\"test-interconnect-attachment\",\n edge_availability_domain=\"AVAILABILITY_DOMAIN_1\",\n type=\"PARTNER\",\n router=router.id,\n encryption=\"IPSEC\",\n ipsec_internal_addresses=[address.self_link])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var network = new Gcp.Compute.Network(\"network\", new()\n {\n Name = \"test-network\",\n AutoCreateSubnetworks = false,\n });\n\n var address = new Gcp.Compute.Address(\"address\", new()\n {\n Name = \"test-address\",\n AddressType = \"INTERNAL\",\n Purpose = \"IPSEC_INTERCONNECT\",\n IPAddress = \"192.168.1.0\",\n PrefixLength = 29,\n Network = network.SelfLink,\n });\n\n var router = new Gcp.Compute.Router(\"router\", new()\n {\n Name = \"test-router\",\n Network = network.Name,\n EncryptedInterconnectRouter = true,\n Bgp = new Gcp.Compute.Inputs.RouterBgpArgs\n {\n Asn = 16550,\n },\n });\n\n var ipsec_encrypted_interconnect_attachment = new Gcp.Compute.InterconnectAttachment(\"ipsec-encrypted-interconnect-attachment\", new()\n {\n Name = \"test-interconnect-attachment\",\n EdgeAvailabilityDomain = \"AVAILABILITY_DOMAIN_1\",\n Type = \"PARTNER\",\n Router = router.Id,\n Encryption = \"IPSEC\",\n IpsecInternalAddresses = new[]\n {\n address.SelfLink,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tnetwork, err := compute.NewNetwork(ctx, \"network\", \u0026compute.NetworkArgs{\n\t\t\tName: pulumi.String(\"test-network\"),\n\t\t\tAutoCreateSubnetworks: pulumi.Bool(false),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\taddress, err := compute.NewAddress(ctx, \"address\", \u0026compute.AddressArgs{\n\t\t\tName: pulumi.String(\"test-address\"),\n\t\t\tAddressType: pulumi.String(\"INTERNAL\"),\n\t\t\tPurpose: pulumi.String(\"IPSEC_INTERCONNECT\"),\n\t\t\tAddress: pulumi.String(\"192.168.1.0\"),\n\t\t\tPrefixLength: pulumi.Int(29),\n\t\t\tNetwork: network.SelfLink,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\trouter, err := compute.NewRouter(ctx, \"router\", \u0026compute.RouterArgs{\n\t\t\tName: pulumi.String(\"test-router\"),\n\t\t\tNetwork: network.Name,\n\t\t\tEncryptedInterconnectRouter: pulumi.Bool(true),\n\t\t\tBgp: \u0026compute.RouterBgpArgs{\n\t\t\t\tAsn: pulumi.Int(16550),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = compute.NewInterconnectAttachment(ctx, \"ipsec-encrypted-interconnect-attachment\", \u0026compute.InterconnectAttachmentArgs{\n\t\t\tName: pulumi.String(\"test-interconnect-attachment\"),\n\t\t\tEdgeAvailabilityDomain: pulumi.String(\"AVAILABILITY_DOMAIN_1\"),\n\t\t\tType: pulumi.String(\"PARTNER\"),\n\t\t\tRouter: router.ID(),\n\t\t\tEncryption: pulumi.String(\"IPSEC\"),\n\t\t\tIpsecInternalAddresses: pulumi.StringArray{\n\t\t\t\taddress.SelfLink,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.compute.Network;\nimport com.pulumi.gcp.compute.NetworkArgs;\nimport com.pulumi.gcp.compute.Address;\nimport com.pulumi.gcp.compute.AddressArgs;\nimport com.pulumi.gcp.compute.Router;\nimport com.pulumi.gcp.compute.RouterArgs;\nimport com.pulumi.gcp.compute.inputs.RouterBgpArgs;\nimport com.pulumi.gcp.compute.InterconnectAttachment;\nimport com.pulumi.gcp.compute.InterconnectAttachmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var network = new Network(\"network\", NetworkArgs.builder()\n .name(\"test-network\")\n .autoCreateSubnetworks(false)\n .build());\n\n var address = new Address(\"address\", AddressArgs.builder()\n .name(\"test-address\")\n .addressType(\"INTERNAL\")\n .purpose(\"IPSEC_INTERCONNECT\")\n .address(\"192.168.1.0\")\n .prefixLength(29)\n .network(network.selfLink())\n .build());\n\n var router = new Router(\"router\", RouterArgs.builder()\n .name(\"test-router\")\n .network(network.name())\n .encryptedInterconnectRouter(true)\n .bgp(RouterBgpArgs.builder()\n .asn(16550)\n .build())\n .build());\n\n var ipsec_encrypted_interconnect_attachment = new InterconnectAttachment(\"ipsec-encrypted-interconnect-attachment\", InterconnectAttachmentArgs.builder()\n .name(\"test-interconnect-attachment\")\n .edgeAvailabilityDomain(\"AVAILABILITY_DOMAIN_1\")\n .type(\"PARTNER\")\n .router(router.id())\n .encryption(\"IPSEC\")\n .ipsecInternalAddresses(address.selfLink())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n ipsec-encrypted-interconnect-attachment:\n type: gcp:compute:InterconnectAttachment\n properties:\n name: test-interconnect-attachment\n edgeAvailabilityDomain: AVAILABILITY_DOMAIN_1\n type: PARTNER\n router: ${router.id}\n encryption: IPSEC\n ipsecInternalAddresses:\n - ${address.selfLink}\n address:\n type: gcp:compute:Address\n properties:\n name: test-address\n addressType: INTERNAL\n purpose: IPSEC_INTERCONNECT\n address: 192.168.1.0\n prefixLength: 29\n network: ${network.selfLink}\n router:\n type: gcp:compute:Router\n properties:\n name: test-router\n network: ${network.name}\n encryptedInterconnectRouter: true\n bgp:\n asn: 16550\n network:\n type: gcp:compute:Network\n properties:\n name: test-network\n autoCreateSubnetworks: false\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nInterconnectAttachment can be imported using any of these accepted formats:\n\n* `projects/{{project}}/regions/{{region}}/interconnectAttachments/{{name}}`\n\n* `{{project}}/{{region}}/{{name}}`\n\n* `{{region}}/{{name}}`\n\n* `{{name}}`\n\nWhen using the `pulumi import` command, InterconnectAttachment can be imported using one of the formats above. For example:\n\n```sh\n$ pulumi import gcp:compute/interconnectAttachment:InterconnectAttachment default projects/{{project}}/regions/{{region}}/interconnectAttachments/{{name}}\n```\n\n```sh\n$ pulumi import gcp:compute/interconnectAttachment:InterconnectAttachment default {{project}}/{{region}}/{{name}}\n```\n\n```sh\n$ pulumi import gcp:compute/interconnectAttachment:InterconnectAttachment default {{region}}/{{name}}\n```\n\n```sh\n$ pulumi import gcp:compute/interconnectAttachment:InterconnectAttachment default {{name}}\n```\n\n", "properties": { "adminEnabled": { "type": "boolean", @@ -175571,6 +177475,14 @@ "type": "string", "description": "Desired availability domain for the attachment. Only available for type\nPARTNER, at creation time. For improved reliability, customers should\nconfigure a pair of attachments with one per availability domain. The\nselected availability domain will be provided to the Partner via the\npairing key so that the provisioned circuit will lie in the specified\ndomain. If not specified, the value will default to AVAILABILITY_DOMAIN_ANY.\n" }, + "effectiveLabels": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.\n", + "secret": true + }, "encryption": { "type": "string", "description": "Indicates the user-supplied encryption option of this interconnect\nattachment. Can only be specified at attachment creation for PARTNER or\nDEDICATED attachments.\n* NONE - This is the default value, which means that the VLAN attachment\ncarries unencrypted traffic. VMs are able to send traffic to, or receive\ntraffic from, such a VLAN attachment.\n* IPSEC - The VLAN attachment carries only encrypted traffic that is\nencrypted by an IPsec device, such as an HA VPN gateway or third-party\nIPsec VPN. VMs cannot directly send traffic to, or receive traffic from,\nsuch a VLAN attachment. To use HA VPN over Cloud Interconnect, the VLAN\nattachment must be created with this option.\nDefault value is `NONE`.\nPossible values are: `NONE`, `IPSEC`.\n" @@ -175590,6 +177502,17 @@ }, "description": "URL of addresses that have been reserved for the interconnect attachment,\nUsed only for interconnect attachment that has the encryption option as\nIPSEC.\nThe addresses must be RFC 1918 IP address ranges. When creating HA VPN\ngateway over the interconnect attachment, if the attachment is configured\nto use an RFC 1918 IP address, then the VPN gateway's IP address will be\nallocated from the IP address range specified here.\nFor example, if the HA VPN gateway's interface 0 is paired to this\ninterconnect attachment, then an RFC 1918 IP address for the VPN gateway\ninterface 0 will be allocated from the IP address specified for this\ninterconnect attachment.\nIf this field is not specified for interconnect attachment that has\nencryption option as IPSEC, later on when creating HA VPN gateway on this\ninterconnect attachment, the HA VPN gateway's IP address will be\nallocated from regional external IP address pool.\n" }, + "labelFingerprint": { + "type": "string", + "description": "A fingerprint for the labels being applied to this Interconnect, which is essentially a hash\nof the labels set used for optimistic locking. The fingerprint is initially generated by\nCompute Engine and changes after every request to modify or update labels.\nYou must always provide an up-to-date fingerprint hash in order to update or change labels,\notherwise the request will fail with error 412 conditionNotMet.\n" + }, + "labels": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Labels for this resource. These can only be added or modified by the setLabels\nmethod. Each label key/value pair must comply with RFC1035. Label values may be empty.\n\n**Note**: This field is non-authoritative, and will only manage the labels present in your configuration.\nPlease refer to the field `effective_labels` for all of the labels present on the resource.\n" + }, "mtu": { "type": "string", "description": "Maximum Transmission Unit (MTU), in bytes, of packets passing through\nthis interconnect attachment. Currently, only 1440 and 1500 are allowed. If not specified, the value will default to 1440.\n" @@ -175617,6 +177540,14 @@ "type": "string", "description": "The ID of the project in which the resource belongs.\nIf it is not provided, the provider project is used.\n" }, + "pulumiLabels": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The combination of labels configured directly on the resource\nand default labels configured on the provider.\n", + "secret": true + }, "region": { "type": "string", "description": "Region where the regional interconnect attachment resides.\n" @@ -175658,7 +177589,9 @@ "customerRouterIpAddress", "customerRouterIpv6Address", "edgeAvailabilityDomain", + "effectiveLabels", "googleReferenceId", + "labelFingerprint", "mtu", "name", "pairingKey", @@ -175670,6 +177603,7 @@ "selfLink", "stackType", "state", + "pulumiLabels", "type", "vlanTag8021q" ], @@ -175717,6 +177651,13 @@ "description": "URL of addresses that have been reserved for the interconnect attachment,\nUsed only for interconnect attachment that has the encryption option as\nIPSEC.\nThe addresses must be RFC 1918 IP address ranges. When creating HA VPN\ngateway over the interconnect attachment, if the attachment is configured\nto use an RFC 1918 IP address, then the VPN gateway's IP address will be\nallocated from the IP address range specified here.\nFor example, if the HA VPN gateway's interface 0 is paired to this\ninterconnect attachment, then an RFC 1918 IP address for the VPN gateway\ninterface 0 will be allocated from the IP address specified for this\ninterconnect attachment.\nIf this field is not specified for interconnect attachment that has\nencryption option as IPSEC, later on when creating HA VPN gateway on this\ninterconnect attachment, the HA VPN gateway's IP address will be\nallocated from regional external IP address pool.\n", "willReplaceOnChanges": true }, + "labels": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Labels for this resource. These can only be added or modified by the setLabels\nmethod. Each label key/value pair must comply with RFC1035. Label values may be empty.\n\n**Note**: This field is non-authoritative, and will only manage the labels present in your configuration.\nPlease refer to the field `effective_labels` for all of the labels present on the resource.\n" + }, "mtu": { "type": "string", "description": "Maximum Transmission Unit (MTU), in bytes, of packets passing through\nthis interconnect attachment. Currently, only 1440 and 1500 are allowed. If not specified, the value will default to 1440.\n" @@ -175811,6 +177752,14 @@ "description": "Desired availability domain for the attachment. Only available for type\nPARTNER, at creation time. For improved reliability, customers should\nconfigure a pair of attachments with one per availability domain. The\nselected availability domain will be provided to the Partner via the\npairing key so that the provisioned circuit will lie in the specified\ndomain. If not specified, the value will default to AVAILABILITY_DOMAIN_ANY.\n", "willReplaceOnChanges": true }, + "effectiveLabels": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.\n", + "secret": true + }, "encryption": { "type": "string", "description": "Indicates the user-supplied encryption option of this interconnect\nattachment. Can only be specified at attachment creation for PARTNER or\nDEDICATED attachments.\n* NONE - This is the default value, which means that the VLAN attachment\ncarries unencrypted traffic. VMs are able to send traffic to, or receive\ntraffic from, such a VLAN attachment.\n* IPSEC - The VLAN attachment carries only encrypted traffic that is\nencrypted by an IPsec device, such as an HA VPN gateway or third-party\nIPsec VPN. VMs cannot directly send traffic to, or receive traffic from,\nsuch a VLAN attachment. To use HA VPN over Cloud Interconnect, the VLAN\nattachment must be created with this option.\nDefault value is `NONE`.\nPossible values are: `NONE`, `IPSEC`.\n", @@ -175833,6 +177782,17 @@ "description": "URL of addresses that have been reserved for the interconnect attachment,\nUsed only for interconnect attachment that has the encryption option as\nIPSEC.\nThe addresses must be RFC 1918 IP address ranges. When creating HA VPN\ngateway over the interconnect attachment, if the attachment is configured\nto use an RFC 1918 IP address, then the VPN gateway's IP address will be\nallocated from the IP address range specified here.\nFor example, if the HA VPN gateway's interface 0 is paired to this\ninterconnect attachment, then an RFC 1918 IP address for the VPN gateway\ninterface 0 will be allocated from the IP address specified for this\ninterconnect attachment.\nIf this field is not specified for interconnect attachment that has\nencryption option as IPSEC, later on when creating HA VPN gateway on this\ninterconnect attachment, the HA VPN gateway's IP address will be\nallocated from regional external IP address pool.\n", "willReplaceOnChanges": true }, + "labelFingerprint": { + "type": "string", + "description": "A fingerprint for the labels being applied to this Interconnect, which is essentially a hash\nof the labels set used for optimistic locking. The fingerprint is initially generated by\nCompute Engine and changes after every request to modify or update labels.\nYou must always provide an up-to-date fingerprint hash in order to update or change labels,\notherwise the request will fail with error 412 conditionNotMet.\n" + }, + "labels": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Labels for this resource. These can only be added or modified by the setLabels\nmethod. Each label key/value pair must comply with RFC1035. Label values may be empty.\n\n**Note**: This field is non-authoritative, and will only manage the labels present in your configuration.\nPlease refer to the field `effective_labels` for all of the labels present on the resource.\n" + }, "mtu": { "type": "string", "description": "Maximum Transmission Unit (MTU), in bytes, of packets passing through\nthis interconnect attachment. Currently, only 1440 and 1500 are allowed. If not specified, the value will default to 1440.\n" @@ -175862,6 +177822,14 @@ "description": "The ID of the project in which the resource belongs.\nIf it is not provided, the provider project is used.\n", "willReplaceOnChanges": true }, + "pulumiLabels": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The combination of labels configured directly on the resource\nand default labels configured on the provider.\n", + "secret": true + }, "region": { "type": "string", "description": "Region where the regional interconnect attachment resides.\n" @@ -177741,7 +179709,7 @@ } }, "gcp:compute/networkFirewallPolicyRule:NetworkFirewallPolicyRule": { - "description": "Represents a rule that describes one or more match conditions along with the action to be taken when traffic matches this condition (allow or deny).\n\n\nTo get more information about NetworkFirewallPolicyRule, see:\n\n* [API documentation](https://cloud.google.com/compute/docs/reference/rest/v1/networkFirewallPolicies/addRule)\n\n## Example Usage\n\n### Network Firewall Policy Rule\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst basicGlobalNetworksecurityAddressGroup = new gcp.networksecurity.AddressGroup(\"basic_global_networksecurity_address_group\", {\n name: \"address\",\n parent: \"projects/my-project-name\",\n description: \"Sample global networksecurity_address_group\",\n location: \"global\",\n items: [\"208.80.154.224/32\"],\n type: \"IPV4\",\n capacity: 100,\n});\nconst basicNetworkFirewallPolicy = new gcp.compute.NetworkFirewallPolicy(\"basic_network_firewall_policy\", {\n name: \"policy\",\n description: \"Sample global network firewall policy\",\n project: \"my-project-name\",\n});\nconst basicNetwork = new gcp.compute.Network(\"basic_network\", {name: \"network\"});\nconst basicKey = new gcp.tags.TagKey(\"basic_key\", {\n description: \"For keyname resources.\",\n parent: \"organizations/123456789\",\n purpose: \"GCE_FIREWALL\",\n shortName: \"tagkey\",\n purposeData: {\n network: pulumi.interpolate`my-project-name/${basicNetwork.name}`,\n },\n});\nconst basicValue = new gcp.tags.TagValue(\"basic_value\", {\n description: \"For valuename resources.\",\n parent: basicKey.id,\n shortName: \"tagvalue\",\n});\nconst primary = new gcp.compute.NetworkFirewallPolicyRule(\"primary\", {\n action: \"allow\",\n description: \"This is a simple rule description\",\n direction: \"INGRESS\",\n disabled: false,\n enableLogging: true,\n firewallPolicy: basicNetworkFirewallPolicy.name,\n priority: 1000,\n ruleName: \"test-rule\",\n targetServiceAccounts: [\"my@service-account.com\"],\n match: {\n srcIpRanges: [\"10.100.0.1/32\"],\n srcFqdns: [\"google.com\"],\n srcRegionCodes: [\"US\"],\n srcThreatIntelligences: [\"iplist-known-malicious-ips\"],\n srcSecureTags: [{\n name: basicValue.id,\n }],\n layer4Configs: [{\n ipProtocol: \"all\",\n }],\n srcAddressGroups: [basicGlobalNetworksecurityAddressGroup.id],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nbasic_global_networksecurity_address_group = gcp.networksecurity.AddressGroup(\"basic_global_networksecurity_address_group\",\n name=\"address\",\n parent=\"projects/my-project-name\",\n description=\"Sample global networksecurity_address_group\",\n location=\"global\",\n items=[\"208.80.154.224/32\"],\n type=\"IPV4\",\n capacity=100)\nbasic_network_firewall_policy = gcp.compute.NetworkFirewallPolicy(\"basic_network_firewall_policy\",\n name=\"policy\",\n description=\"Sample global network firewall policy\",\n project=\"my-project-name\")\nbasic_network = gcp.compute.Network(\"basic_network\", name=\"network\")\nbasic_key = gcp.tags.TagKey(\"basic_key\",\n description=\"For keyname resources.\",\n parent=\"organizations/123456789\",\n purpose=\"GCE_FIREWALL\",\n short_name=\"tagkey\",\n purpose_data={\n \"network\": basic_network.name.apply(lambda name: f\"my-project-name/{name}\"),\n })\nbasic_value = gcp.tags.TagValue(\"basic_value\",\n description=\"For valuename resources.\",\n parent=basic_key.id,\n short_name=\"tagvalue\")\nprimary = gcp.compute.NetworkFirewallPolicyRule(\"primary\",\n action=\"allow\",\n description=\"This is a simple rule description\",\n direction=\"INGRESS\",\n disabled=False,\n enable_logging=True,\n firewall_policy=basic_network_firewall_policy.name,\n priority=1000,\n rule_name=\"test-rule\",\n target_service_accounts=[\"my@service-account.com\"],\n match={\n \"src_ip_ranges\": [\"10.100.0.1/32\"],\n \"src_fqdns\": [\"google.com\"],\n \"src_region_codes\": [\"US\"],\n \"src_threat_intelligences\": [\"iplist-known-malicious-ips\"],\n \"src_secure_tags\": [{\n \"name\": basic_value.id,\n }],\n \"layer4_configs\": [{\n \"ip_protocol\": \"all\",\n }],\n \"src_address_groups\": [basic_global_networksecurity_address_group.id],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var basicGlobalNetworksecurityAddressGroup = new Gcp.NetworkSecurity.AddressGroup(\"basic_global_networksecurity_address_group\", new()\n {\n Name = \"address\",\n Parent = \"projects/my-project-name\",\n Description = \"Sample global networksecurity_address_group\",\n Location = \"global\",\n Items = new[]\n {\n \"208.80.154.224/32\",\n },\n Type = \"IPV4\",\n Capacity = 100,\n });\n\n var basicNetworkFirewallPolicy = new Gcp.Compute.NetworkFirewallPolicy(\"basic_network_firewall_policy\", new()\n {\n Name = \"policy\",\n Description = \"Sample global network firewall policy\",\n Project = \"my-project-name\",\n });\n\n var basicNetwork = new Gcp.Compute.Network(\"basic_network\", new()\n {\n Name = \"network\",\n });\n\n var basicKey = new Gcp.Tags.TagKey(\"basic_key\", new()\n {\n Description = \"For keyname resources.\",\n Parent = \"organizations/123456789\",\n Purpose = \"GCE_FIREWALL\",\n ShortName = \"tagkey\",\n PurposeData = \n {\n { \"network\", basicNetwork.Name.Apply(name =\u003e $\"my-project-name/{name}\") },\n },\n });\n\n var basicValue = new Gcp.Tags.TagValue(\"basic_value\", new()\n {\n Description = \"For valuename resources.\",\n Parent = basicKey.Id,\n ShortName = \"tagvalue\",\n });\n\n var primary = new Gcp.Compute.NetworkFirewallPolicyRule(\"primary\", new()\n {\n Action = \"allow\",\n Description = \"This is a simple rule description\",\n Direction = \"INGRESS\",\n Disabled = false,\n EnableLogging = true,\n FirewallPolicy = basicNetworkFirewallPolicy.Name,\n Priority = 1000,\n RuleName = \"test-rule\",\n TargetServiceAccounts = new[]\n {\n \"my@service-account.com\",\n },\n Match = new Gcp.Compute.Inputs.NetworkFirewallPolicyRuleMatchArgs\n {\n SrcIpRanges = new[]\n {\n \"10.100.0.1/32\",\n },\n SrcFqdns = new[]\n {\n \"google.com\",\n },\n SrcRegionCodes = new[]\n {\n \"US\",\n },\n SrcThreatIntelligences = new[]\n {\n \"iplist-known-malicious-ips\",\n },\n SrcSecureTags = new[]\n {\n new Gcp.Compute.Inputs.NetworkFirewallPolicyRuleMatchSrcSecureTagArgs\n {\n Name = basicValue.Id,\n },\n },\n Layer4Configs = new[]\n {\n new Gcp.Compute.Inputs.NetworkFirewallPolicyRuleMatchLayer4ConfigArgs\n {\n IpProtocol = \"all\",\n },\n },\n SrcAddressGroups = new[]\n {\n basicGlobalNetworksecurityAddressGroup.Id,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/tags\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tbasicGlobalNetworksecurityAddressGroup, err := networksecurity.NewAddressGroup(ctx, \"basic_global_networksecurity_address_group\", \u0026networksecurity.AddressGroupArgs{\n\t\t\tName: pulumi.String(\"address\"),\n\t\t\tParent: pulumi.String(\"projects/my-project-name\"),\n\t\t\tDescription: pulumi.String(\"Sample global networksecurity_address_group\"),\n\t\t\tLocation: pulumi.String(\"global\"),\n\t\t\tItems: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"208.80.154.224/32\"),\n\t\t\t},\n\t\t\tType: pulumi.String(\"IPV4\"),\n\t\t\tCapacity: pulumi.Int(100),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tbasicNetworkFirewallPolicy, err := compute.NewNetworkFirewallPolicy(ctx, \"basic_network_firewall_policy\", \u0026compute.NetworkFirewallPolicyArgs{\n\t\t\tName: pulumi.String(\"policy\"),\n\t\t\tDescription: pulumi.String(\"Sample global network firewall policy\"),\n\t\t\tProject: pulumi.String(\"my-project-name\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tbasicNetwork, err := compute.NewNetwork(ctx, \"basic_network\", \u0026compute.NetworkArgs{\n\t\t\tName: pulumi.String(\"network\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tbasicKey, err := tags.NewTagKey(ctx, \"basic_key\", \u0026tags.TagKeyArgs{\n\t\t\tDescription: pulumi.String(\"For keyname resources.\"),\n\t\t\tParent: pulumi.String(\"organizations/123456789\"),\n\t\t\tPurpose: pulumi.String(\"GCE_FIREWALL\"),\n\t\t\tShortName: pulumi.String(\"tagkey\"),\n\t\t\tPurposeData: pulumi.StringMap{\n\t\t\t\t\"network\": basicNetwork.Name.ApplyT(func(name string) (string, error) {\n\t\t\t\t\treturn fmt.Sprintf(\"my-project-name/%v\", name), nil\n\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tbasicValue, err := tags.NewTagValue(ctx, \"basic_value\", \u0026tags.TagValueArgs{\n\t\t\tDescription: pulumi.String(\"For valuename resources.\"),\n\t\t\tParent: basicKey.ID(),\n\t\t\tShortName: pulumi.String(\"tagvalue\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = compute.NewNetworkFirewallPolicyRule(ctx, \"primary\", \u0026compute.NetworkFirewallPolicyRuleArgs{\n\t\t\tAction: pulumi.String(\"allow\"),\n\t\t\tDescription: pulumi.String(\"This is a simple rule description\"),\n\t\t\tDirection: pulumi.String(\"INGRESS\"),\n\t\t\tDisabled: pulumi.Bool(false),\n\t\t\tEnableLogging: pulumi.Bool(true),\n\t\t\tFirewallPolicy: basicNetworkFirewallPolicy.Name,\n\t\t\tPriority: pulumi.Int(1000),\n\t\t\tRuleName: pulumi.String(\"test-rule\"),\n\t\t\tTargetServiceAccounts: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"my@service-account.com\"),\n\t\t\t},\n\t\t\tMatch: \u0026compute.NetworkFirewallPolicyRuleMatchArgs{\n\t\t\t\tSrcIpRanges: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"10.100.0.1/32\"),\n\t\t\t\t},\n\t\t\t\tSrcFqdns: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"google.com\"),\n\t\t\t\t},\n\t\t\t\tSrcRegionCodes: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"US\"),\n\t\t\t\t},\n\t\t\t\tSrcThreatIntelligences: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"iplist-known-malicious-ips\"),\n\t\t\t\t},\n\t\t\t\tSrcSecureTags: compute.NetworkFirewallPolicyRuleMatchSrcSecureTagArray{\n\t\t\t\t\t\u0026compute.NetworkFirewallPolicyRuleMatchSrcSecureTagArgs{\n\t\t\t\t\t\tName: basicValue.ID(),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tLayer4Configs: compute.NetworkFirewallPolicyRuleMatchLayer4ConfigArray{\n\t\t\t\t\t\u0026compute.NetworkFirewallPolicyRuleMatchLayer4ConfigArgs{\n\t\t\t\t\t\tIpProtocol: pulumi.String(\"all\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tSrcAddressGroups: pulumi.StringArray{\n\t\t\t\t\tbasicGlobalNetworksecurityAddressGroup.ID(),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.networksecurity.AddressGroup;\nimport com.pulumi.gcp.networksecurity.AddressGroupArgs;\nimport com.pulumi.gcp.compute.NetworkFirewallPolicy;\nimport com.pulumi.gcp.compute.NetworkFirewallPolicyArgs;\nimport com.pulumi.gcp.compute.Network;\nimport com.pulumi.gcp.compute.NetworkArgs;\nimport com.pulumi.gcp.tags.TagKey;\nimport com.pulumi.gcp.tags.TagKeyArgs;\nimport com.pulumi.gcp.tags.TagValue;\nimport com.pulumi.gcp.tags.TagValueArgs;\nimport com.pulumi.gcp.compute.NetworkFirewallPolicyRule;\nimport com.pulumi.gcp.compute.NetworkFirewallPolicyRuleArgs;\nimport com.pulumi.gcp.compute.inputs.NetworkFirewallPolicyRuleMatchArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var basicGlobalNetworksecurityAddressGroup = new AddressGroup(\"basicGlobalNetworksecurityAddressGroup\", AddressGroupArgs.builder()\n .name(\"address\")\n .parent(\"projects/my-project-name\")\n .description(\"Sample global networksecurity_address_group\")\n .location(\"global\")\n .items(\"208.80.154.224/32\")\n .type(\"IPV4\")\n .capacity(100)\n .build());\n\n var basicNetworkFirewallPolicy = new NetworkFirewallPolicy(\"basicNetworkFirewallPolicy\", NetworkFirewallPolicyArgs.builder()\n .name(\"policy\")\n .description(\"Sample global network firewall policy\")\n .project(\"my-project-name\")\n .build());\n\n var basicNetwork = new Network(\"basicNetwork\", NetworkArgs.builder()\n .name(\"network\")\n .build());\n\n var basicKey = new TagKey(\"basicKey\", TagKeyArgs.builder()\n .description(\"For keyname resources.\")\n .parent(\"organizations/123456789\")\n .purpose(\"GCE_FIREWALL\")\n .shortName(\"tagkey\")\n .purposeData(Map.of(\"network\", basicNetwork.name().applyValue(name -\u003e String.format(\"my-project-name/%s\", name))))\n .build());\n\n var basicValue = new TagValue(\"basicValue\", TagValueArgs.builder()\n .description(\"For valuename resources.\")\n .parent(basicKey.id())\n .shortName(\"tagvalue\")\n .build());\n\n var primary = new NetworkFirewallPolicyRule(\"primary\", NetworkFirewallPolicyRuleArgs.builder()\n .action(\"allow\")\n .description(\"This is a simple rule description\")\n .direction(\"INGRESS\")\n .disabled(false)\n .enableLogging(true)\n .firewallPolicy(basicNetworkFirewallPolicy.name())\n .priority(1000)\n .ruleName(\"test-rule\")\n .targetServiceAccounts(\"my@service-account.com\")\n .match(NetworkFirewallPolicyRuleMatchArgs.builder()\n .srcIpRanges(\"10.100.0.1/32\")\n .srcFqdns(\"google.com\")\n .srcRegionCodes(\"US\")\n .srcThreatIntelligences(\"iplist-known-malicious-ips\")\n .srcSecureTags(NetworkFirewallPolicyRuleMatchSrcSecureTagArgs.builder()\n .name(basicValue.id())\n .build())\n .layer4Configs(NetworkFirewallPolicyRuleMatchLayer4ConfigArgs.builder()\n .ipProtocol(\"all\")\n .build())\n .srcAddressGroups(basicGlobalNetworksecurityAddressGroup.id())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n basicGlobalNetworksecurityAddressGroup:\n type: gcp:networksecurity:AddressGroup\n name: basic_global_networksecurity_address_group\n properties:\n name: address\n parent: projects/my-project-name\n description: Sample global networksecurity_address_group\n location: global\n items:\n - 208.80.154.224/32\n type: IPV4\n capacity: 100\n basicNetworkFirewallPolicy:\n type: gcp:compute:NetworkFirewallPolicy\n name: basic_network_firewall_policy\n properties:\n name: policy\n description: Sample global network firewall policy\n project: my-project-name\n primary:\n type: gcp:compute:NetworkFirewallPolicyRule\n properties:\n action: allow\n description: This is a simple rule description\n direction: INGRESS\n disabled: false\n enableLogging: true\n firewallPolicy: ${basicNetworkFirewallPolicy.name}\n priority: 1000\n ruleName: test-rule\n targetServiceAccounts:\n - my@service-account.com\n match:\n srcIpRanges:\n - 10.100.0.1/32\n srcFqdns:\n - google.com\n srcRegionCodes:\n - US\n srcThreatIntelligences:\n - iplist-known-malicious-ips\n srcSecureTags:\n - name: ${basicValue.id}\n layer4Configs:\n - ipProtocol: all\n srcAddressGroups:\n - ${basicGlobalNetworksecurityAddressGroup.id}\n basicNetwork:\n type: gcp:compute:Network\n name: basic_network\n properties:\n name: network\n basicKey:\n type: gcp:tags:TagKey\n name: basic_key\n properties:\n description: For keyname resources.\n parent: organizations/123456789\n purpose: GCE_FIREWALL\n shortName: tagkey\n purposeData:\n network: my-project-name/${basicNetwork.name}\n basicValue:\n type: gcp:tags:TagValue\n name: basic_value\n properties:\n description: For valuename resources.\n parent: ${basicKey.id}\n shortName: tagvalue\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nNetworkFirewallPolicyRule can be imported using any of these accepted formats:\n\n* `projects/{{project}}/global/firewallPolicies/{{firewall_policy}}/rules/{{priority}}`\n\n* `{{project}}/{{firewall_policy}}/{{priority}}`\n\n* `{{firewall_policy}}/{{priority}}`\n\nWhen using the `pulumi import` command, NetworkFirewallPolicyRule can be imported using one of the formats above. For example:\n\n```sh\n$ pulumi import gcp:compute/networkFirewallPolicyRule:NetworkFirewallPolicyRule default projects/{{project}}/global/firewallPolicies/{{firewall_policy}}/rules/{{priority}}\n```\n\n```sh\n$ pulumi import gcp:compute/networkFirewallPolicyRule:NetworkFirewallPolicyRule default {{project}}/{{firewall_policy}}/{{priority}}\n```\n\n```sh\n$ pulumi import gcp:compute/networkFirewallPolicyRule:NetworkFirewallPolicyRule default {{firewall_policy}}/{{priority}}\n```\n\n", + "description": "Represents a rule that describes one or more match conditions along with the action to be taken when traffic matches this condition (allow or deny).\n\n\nTo get more information about NetworkFirewallPolicyRule, see:\n\n* [API documentation](https://cloud.google.com/compute/docs/reference/rest/v1/networkFirewallPolicies/addRule)\n\n## Example Usage\n\n### Network Firewall Policy Rule\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst basicGlobalNetworksecurityAddressGroup = new gcp.networksecurity.AddressGroup(\"basic_global_networksecurity_address_group\", {\n name: \"address-group\",\n parent: \"projects/my-project-name\",\n description: \"Sample global networksecurity_address_group\",\n location: \"global\",\n items: [\"208.80.154.224/32\"],\n type: \"IPV4\",\n capacity: 100,\n});\nconst basicNetworkFirewallPolicy = new gcp.compute.NetworkFirewallPolicy(\"basic_network_firewall_policy\", {\n name: \"fw-policy\",\n description: \"Sample global network firewall policy\",\n project: \"my-project-name\",\n});\nconst basicNetwork = new gcp.compute.Network(\"basic_network\", {name: \"network\"});\nconst basicKey = new gcp.tags.TagKey(\"basic_key\", {\n description: \"For keyname resources.\",\n parent: \"organizations/123456789\",\n purpose: \"GCE_FIREWALL\",\n shortName: \"tag-key\",\n purposeData: {\n network: pulumi.interpolate`my-project-name/${basicNetwork.name}`,\n },\n});\nconst basicValue = new gcp.tags.TagValue(\"basic_value\", {\n description: \"For valuename resources.\",\n parent: basicKey.id,\n shortName: \"tag-value\",\n});\nconst primary = new gcp.compute.NetworkFirewallPolicyRule(\"primary\", {\n action: \"allow\",\n description: \"This is a simple rule description\",\n direction: \"INGRESS\",\n disabled: false,\n enableLogging: true,\n firewallPolicy: basicNetworkFirewallPolicy.name,\n priority: 1000,\n ruleName: \"test-rule\",\n targetServiceAccounts: [\"my@service-account.com\"],\n match: {\n srcAddressGroups: [basicGlobalNetworksecurityAddressGroup.id],\n srcIpRanges: [\"10.100.0.1/32\"],\n srcFqdns: [\"google.com\"],\n srcRegionCodes: [\"US\"],\n srcThreatIntelligences: [\"iplist-known-malicious-ips\"],\n srcSecureTags: [{\n name: basicValue.id,\n }],\n layer4Configs: [{\n ipProtocol: \"all\",\n }],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nbasic_global_networksecurity_address_group = gcp.networksecurity.AddressGroup(\"basic_global_networksecurity_address_group\",\n name=\"address-group\",\n parent=\"projects/my-project-name\",\n description=\"Sample global networksecurity_address_group\",\n location=\"global\",\n items=[\"208.80.154.224/32\"],\n type=\"IPV4\",\n capacity=100)\nbasic_network_firewall_policy = gcp.compute.NetworkFirewallPolicy(\"basic_network_firewall_policy\",\n name=\"fw-policy\",\n description=\"Sample global network firewall policy\",\n project=\"my-project-name\")\nbasic_network = gcp.compute.Network(\"basic_network\", name=\"network\")\nbasic_key = gcp.tags.TagKey(\"basic_key\",\n description=\"For keyname resources.\",\n parent=\"organizations/123456789\",\n purpose=\"GCE_FIREWALL\",\n short_name=\"tag-key\",\n purpose_data={\n \"network\": basic_network.name.apply(lambda name: f\"my-project-name/{name}\"),\n })\nbasic_value = gcp.tags.TagValue(\"basic_value\",\n description=\"For valuename resources.\",\n parent=basic_key.id,\n short_name=\"tag-value\")\nprimary = gcp.compute.NetworkFirewallPolicyRule(\"primary\",\n action=\"allow\",\n description=\"This is a simple rule description\",\n direction=\"INGRESS\",\n disabled=False,\n enable_logging=True,\n firewall_policy=basic_network_firewall_policy.name,\n priority=1000,\n rule_name=\"test-rule\",\n target_service_accounts=[\"my@service-account.com\"],\n match={\n \"src_address_groups\": [basic_global_networksecurity_address_group.id],\n \"src_ip_ranges\": [\"10.100.0.1/32\"],\n \"src_fqdns\": [\"google.com\"],\n \"src_region_codes\": [\"US\"],\n \"src_threat_intelligences\": [\"iplist-known-malicious-ips\"],\n \"src_secure_tags\": [{\n \"name\": basic_value.id,\n }],\n \"layer4_configs\": [{\n \"ip_protocol\": \"all\",\n }],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var basicGlobalNetworksecurityAddressGroup = new Gcp.NetworkSecurity.AddressGroup(\"basic_global_networksecurity_address_group\", new()\n {\n Name = \"address-group\",\n Parent = \"projects/my-project-name\",\n Description = \"Sample global networksecurity_address_group\",\n Location = \"global\",\n Items = new[]\n {\n \"208.80.154.224/32\",\n },\n Type = \"IPV4\",\n Capacity = 100,\n });\n\n var basicNetworkFirewallPolicy = new Gcp.Compute.NetworkFirewallPolicy(\"basic_network_firewall_policy\", new()\n {\n Name = \"fw-policy\",\n Description = \"Sample global network firewall policy\",\n Project = \"my-project-name\",\n });\n\n var basicNetwork = new Gcp.Compute.Network(\"basic_network\", new()\n {\n Name = \"network\",\n });\n\n var basicKey = new Gcp.Tags.TagKey(\"basic_key\", new()\n {\n Description = \"For keyname resources.\",\n Parent = \"organizations/123456789\",\n Purpose = \"GCE_FIREWALL\",\n ShortName = \"tag-key\",\n PurposeData = \n {\n { \"network\", basicNetwork.Name.Apply(name =\u003e $\"my-project-name/{name}\") },\n },\n });\n\n var basicValue = new Gcp.Tags.TagValue(\"basic_value\", new()\n {\n Description = \"For valuename resources.\",\n Parent = basicKey.Id,\n ShortName = \"tag-value\",\n });\n\n var primary = new Gcp.Compute.NetworkFirewallPolicyRule(\"primary\", new()\n {\n Action = \"allow\",\n Description = \"This is a simple rule description\",\n Direction = \"INGRESS\",\n Disabled = false,\n EnableLogging = true,\n FirewallPolicy = basicNetworkFirewallPolicy.Name,\n Priority = 1000,\n RuleName = \"test-rule\",\n TargetServiceAccounts = new[]\n {\n \"my@service-account.com\",\n },\n Match = new Gcp.Compute.Inputs.NetworkFirewallPolicyRuleMatchArgs\n {\n SrcAddressGroups = new[]\n {\n basicGlobalNetworksecurityAddressGroup.Id,\n },\n SrcIpRanges = new[]\n {\n \"10.100.0.1/32\",\n },\n SrcFqdns = new[]\n {\n \"google.com\",\n },\n SrcRegionCodes = new[]\n {\n \"US\",\n },\n SrcThreatIntelligences = new[]\n {\n \"iplist-known-malicious-ips\",\n },\n SrcSecureTags = new[]\n {\n new Gcp.Compute.Inputs.NetworkFirewallPolicyRuleMatchSrcSecureTagArgs\n {\n Name = basicValue.Id,\n },\n },\n Layer4Configs = new[]\n {\n new Gcp.Compute.Inputs.NetworkFirewallPolicyRuleMatchLayer4ConfigArgs\n {\n IpProtocol = \"all\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/tags\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tbasicGlobalNetworksecurityAddressGroup, err := networksecurity.NewAddressGroup(ctx, \"basic_global_networksecurity_address_group\", \u0026networksecurity.AddressGroupArgs{\n\t\t\tName: pulumi.String(\"address-group\"),\n\t\t\tParent: pulumi.String(\"projects/my-project-name\"),\n\t\t\tDescription: pulumi.String(\"Sample global networksecurity_address_group\"),\n\t\t\tLocation: pulumi.String(\"global\"),\n\t\t\tItems: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"208.80.154.224/32\"),\n\t\t\t},\n\t\t\tType: pulumi.String(\"IPV4\"),\n\t\t\tCapacity: pulumi.Int(100),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tbasicNetworkFirewallPolicy, err := compute.NewNetworkFirewallPolicy(ctx, \"basic_network_firewall_policy\", \u0026compute.NetworkFirewallPolicyArgs{\n\t\t\tName: pulumi.String(\"fw-policy\"),\n\t\t\tDescription: pulumi.String(\"Sample global network firewall policy\"),\n\t\t\tProject: pulumi.String(\"my-project-name\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tbasicNetwork, err := compute.NewNetwork(ctx, \"basic_network\", \u0026compute.NetworkArgs{\n\t\t\tName: pulumi.String(\"network\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tbasicKey, err := tags.NewTagKey(ctx, \"basic_key\", \u0026tags.TagKeyArgs{\n\t\t\tDescription: pulumi.String(\"For keyname resources.\"),\n\t\t\tParent: pulumi.String(\"organizations/123456789\"),\n\t\t\tPurpose: pulumi.String(\"GCE_FIREWALL\"),\n\t\t\tShortName: pulumi.String(\"tag-key\"),\n\t\t\tPurposeData: pulumi.StringMap{\n\t\t\t\t\"network\": basicNetwork.Name.ApplyT(func(name string) (string, error) {\n\t\t\t\t\treturn fmt.Sprintf(\"my-project-name/%v\", name), nil\n\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tbasicValue, err := tags.NewTagValue(ctx, \"basic_value\", \u0026tags.TagValueArgs{\n\t\t\tDescription: pulumi.String(\"For valuename resources.\"),\n\t\t\tParent: basicKey.ID(),\n\t\t\tShortName: pulumi.String(\"tag-value\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = compute.NewNetworkFirewallPolicyRule(ctx, \"primary\", \u0026compute.NetworkFirewallPolicyRuleArgs{\n\t\t\tAction: pulumi.String(\"allow\"),\n\t\t\tDescription: pulumi.String(\"This is a simple rule description\"),\n\t\t\tDirection: pulumi.String(\"INGRESS\"),\n\t\t\tDisabled: pulumi.Bool(false),\n\t\t\tEnableLogging: pulumi.Bool(true),\n\t\t\tFirewallPolicy: basicNetworkFirewallPolicy.Name,\n\t\t\tPriority: pulumi.Int(1000),\n\t\t\tRuleName: pulumi.String(\"test-rule\"),\n\t\t\tTargetServiceAccounts: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"my@service-account.com\"),\n\t\t\t},\n\t\t\tMatch: \u0026compute.NetworkFirewallPolicyRuleMatchArgs{\n\t\t\t\tSrcAddressGroups: pulumi.StringArray{\n\t\t\t\t\tbasicGlobalNetworksecurityAddressGroup.ID(),\n\t\t\t\t},\n\t\t\t\tSrcIpRanges: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"10.100.0.1/32\"),\n\t\t\t\t},\n\t\t\t\tSrcFqdns: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"google.com\"),\n\t\t\t\t},\n\t\t\t\tSrcRegionCodes: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"US\"),\n\t\t\t\t},\n\t\t\t\tSrcThreatIntelligences: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"iplist-known-malicious-ips\"),\n\t\t\t\t},\n\t\t\t\tSrcSecureTags: compute.NetworkFirewallPolicyRuleMatchSrcSecureTagArray{\n\t\t\t\t\t\u0026compute.NetworkFirewallPolicyRuleMatchSrcSecureTagArgs{\n\t\t\t\t\t\tName: basicValue.ID(),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tLayer4Configs: compute.NetworkFirewallPolicyRuleMatchLayer4ConfigArray{\n\t\t\t\t\t\u0026compute.NetworkFirewallPolicyRuleMatchLayer4ConfigArgs{\n\t\t\t\t\t\tIpProtocol: pulumi.String(\"all\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.networksecurity.AddressGroup;\nimport com.pulumi.gcp.networksecurity.AddressGroupArgs;\nimport com.pulumi.gcp.compute.NetworkFirewallPolicy;\nimport com.pulumi.gcp.compute.NetworkFirewallPolicyArgs;\nimport com.pulumi.gcp.compute.Network;\nimport com.pulumi.gcp.compute.NetworkArgs;\nimport com.pulumi.gcp.tags.TagKey;\nimport com.pulumi.gcp.tags.TagKeyArgs;\nimport com.pulumi.gcp.tags.TagValue;\nimport com.pulumi.gcp.tags.TagValueArgs;\nimport com.pulumi.gcp.compute.NetworkFirewallPolicyRule;\nimport com.pulumi.gcp.compute.NetworkFirewallPolicyRuleArgs;\nimport com.pulumi.gcp.compute.inputs.NetworkFirewallPolicyRuleMatchArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var basicGlobalNetworksecurityAddressGroup = new AddressGroup(\"basicGlobalNetworksecurityAddressGroup\", AddressGroupArgs.builder()\n .name(\"address-group\")\n .parent(\"projects/my-project-name\")\n .description(\"Sample global networksecurity_address_group\")\n .location(\"global\")\n .items(\"208.80.154.224/32\")\n .type(\"IPV4\")\n .capacity(100)\n .build());\n\n var basicNetworkFirewallPolicy = new NetworkFirewallPolicy(\"basicNetworkFirewallPolicy\", NetworkFirewallPolicyArgs.builder()\n .name(\"fw-policy\")\n .description(\"Sample global network firewall policy\")\n .project(\"my-project-name\")\n .build());\n\n var basicNetwork = new Network(\"basicNetwork\", NetworkArgs.builder()\n .name(\"network\")\n .build());\n\n var basicKey = new TagKey(\"basicKey\", TagKeyArgs.builder()\n .description(\"For keyname resources.\")\n .parent(\"organizations/123456789\")\n .purpose(\"GCE_FIREWALL\")\n .shortName(\"tag-key\")\n .purposeData(Map.of(\"network\", basicNetwork.name().applyValue(name -\u003e String.format(\"my-project-name/%s\", name))))\n .build());\n\n var basicValue = new TagValue(\"basicValue\", TagValueArgs.builder()\n .description(\"For valuename resources.\")\n .parent(basicKey.id())\n .shortName(\"tag-value\")\n .build());\n\n var primary = new NetworkFirewallPolicyRule(\"primary\", NetworkFirewallPolicyRuleArgs.builder()\n .action(\"allow\")\n .description(\"This is a simple rule description\")\n .direction(\"INGRESS\")\n .disabled(false)\n .enableLogging(true)\n .firewallPolicy(basicNetworkFirewallPolicy.name())\n .priority(1000)\n .ruleName(\"test-rule\")\n .targetServiceAccounts(\"my@service-account.com\")\n .match(NetworkFirewallPolicyRuleMatchArgs.builder()\n .srcAddressGroups(basicGlobalNetworksecurityAddressGroup.id())\n .srcIpRanges(\"10.100.0.1/32\")\n .srcFqdns(\"google.com\")\n .srcRegionCodes(\"US\")\n .srcThreatIntelligences(\"iplist-known-malicious-ips\")\n .srcSecureTags(NetworkFirewallPolicyRuleMatchSrcSecureTagArgs.builder()\n .name(basicValue.id())\n .build())\n .layer4Configs(NetworkFirewallPolicyRuleMatchLayer4ConfigArgs.builder()\n .ipProtocol(\"all\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n basicGlobalNetworksecurityAddressGroup:\n type: gcp:networksecurity:AddressGroup\n name: basic_global_networksecurity_address_group\n properties:\n name: address-group\n parent: projects/my-project-name\n description: Sample global networksecurity_address_group\n location: global\n items:\n - 208.80.154.224/32\n type: IPV4\n capacity: 100\n basicNetworkFirewallPolicy:\n type: gcp:compute:NetworkFirewallPolicy\n name: basic_network_firewall_policy\n properties:\n name: fw-policy\n description: Sample global network firewall policy\n project: my-project-name\n primary:\n type: gcp:compute:NetworkFirewallPolicyRule\n properties:\n action: allow\n description: This is a simple rule description\n direction: INGRESS\n disabled: false\n enableLogging: true\n firewallPolicy: ${basicNetworkFirewallPolicy.name}\n priority: 1000\n ruleName: test-rule\n targetServiceAccounts:\n - my@service-account.com\n match:\n srcAddressGroups:\n - ${basicGlobalNetworksecurityAddressGroup.id}\n srcIpRanges:\n - 10.100.0.1/32\n srcFqdns:\n - google.com\n srcRegionCodes:\n - US\n srcThreatIntelligences:\n - iplist-known-malicious-ips\n srcSecureTags:\n - name: ${basicValue.id}\n layer4Configs:\n - ipProtocol: all\n basicNetwork:\n type: gcp:compute:Network\n name: basic_network\n properties:\n name: network\n basicKey:\n type: gcp:tags:TagKey\n name: basic_key\n properties:\n description: For keyname resources.\n parent: organizations/123456789\n purpose: GCE_FIREWALL\n shortName: tag-key\n purposeData:\n network: my-project-name/${basicNetwork.name}\n basicValue:\n type: gcp:tags:TagValue\n name: basic_value\n properties:\n description: For valuename resources.\n parent: ${basicKey.id}\n shortName: tag-value\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Network Firewall Policy Rule Network Scope Egress\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst basicNetworkFirewallPolicy = new gcp.compute.NetworkFirewallPolicy(\"basic_network_firewall_policy\", {\n name: \"fw-policy\",\n description: \"Sample global network firewall policy\",\n project: \"my-project-name\",\n});\nconst primary = new gcp.compute.NetworkFirewallPolicyRule(\"primary\", {\n action: \"allow\",\n description: \"This is a simple rule description\",\n direction: \"EGRESS\",\n disabled: false,\n enableLogging: true,\n firewallPolicy: basicNetworkFirewallPolicy.name,\n priority: 1000,\n ruleName: \"test-rule\",\n match: {\n destIpRanges: [\"10.100.0.1/32\"],\n destNetworkScope: \"INTERNET\",\n layer4Configs: [{\n ipProtocol: \"all\",\n }],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nbasic_network_firewall_policy = gcp.compute.NetworkFirewallPolicy(\"basic_network_firewall_policy\",\n name=\"fw-policy\",\n description=\"Sample global network firewall policy\",\n project=\"my-project-name\")\nprimary = gcp.compute.NetworkFirewallPolicyRule(\"primary\",\n action=\"allow\",\n description=\"This is a simple rule description\",\n direction=\"EGRESS\",\n disabled=False,\n enable_logging=True,\n firewall_policy=basic_network_firewall_policy.name,\n priority=1000,\n rule_name=\"test-rule\",\n match={\n \"dest_ip_ranges\": [\"10.100.0.1/32\"],\n \"dest_network_scope\": \"INTERNET\",\n \"layer4_configs\": [{\n \"ip_protocol\": \"all\",\n }],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var basicNetworkFirewallPolicy = new Gcp.Compute.NetworkFirewallPolicy(\"basic_network_firewall_policy\", new()\n {\n Name = \"fw-policy\",\n Description = \"Sample global network firewall policy\",\n Project = \"my-project-name\",\n });\n\n var primary = new Gcp.Compute.NetworkFirewallPolicyRule(\"primary\", new()\n {\n Action = \"allow\",\n Description = \"This is a simple rule description\",\n Direction = \"EGRESS\",\n Disabled = false,\n EnableLogging = true,\n FirewallPolicy = basicNetworkFirewallPolicy.Name,\n Priority = 1000,\n RuleName = \"test-rule\",\n Match = new Gcp.Compute.Inputs.NetworkFirewallPolicyRuleMatchArgs\n {\n DestIpRanges = new[]\n {\n \"10.100.0.1/32\",\n },\n DestNetworkScope = \"INTERNET\",\n Layer4Configs = new[]\n {\n new Gcp.Compute.Inputs.NetworkFirewallPolicyRuleMatchLayer4ConfigArgs\n {\n IpProtocol = \"all\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tbasicNetworkFirewallPolicy, err := compute.NewNetworkFirewallPolicy(ctx, \"basic_network_firewall_policy\", \u0026compute.NetworkFirewallPolicyArgs{\n\t\t\tName: pulumi.String(\"fw-policy\"),\n\t\t\tDescription: pulumi.String(\"Sample global network firewall policy\"),\n\t\t\tProject: pulumi.String(\"my-project-name\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = compute.NewNetworkFirewallPolicyRule(ctx, \"primary\", \u0026compute.NetworkFirewallPolicyRuleArgs{\n\t\t\tAction: pulumi.String(\"allow\"),\n\t\t\tDescription: pulumi.String(\"This is a simple rule description\"),\n\t\t\tDirection: pulumi.String(\"EGRESS\"),\n\t\t\tDisabled: pulumi.Bool(false),\n\t\t\tEnableLogging: pulumi.Bool(true),\n\t\t\tFirewallPolicy: basicNetworkFirewallPolicy.Name,\n\t\t\tPriority: pulumi.Int(1000),\n\t\t\tRuleName: pulumi.String(\"test-rule\"),\n\t\t\tMatch: \u0026compute.NetworkFirewallPolicyRuleMatchArgs{\n\t\t\t\tDestIpRanges: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"10.100.0.1/32\"),\n\t\t\t\t},\n\t\t\t\tDestNetworkScope: pulumi.String(\"INTERNET\"),\n\t\t\t\tLayer4Configs: compute.NetworkFirewallPolicyRuleMatchLayer4ConfigArray{\n\t\t\t\t\t\u0026compute.NetworkFirewallPolicyRuleMatchLayer4ConfigArgs{\n\t\t\t\t\t\tIpProtocol: pulumi.String(\"all\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.compute.NetworkFirewallPolicy;\nimport com.pulumi.gcp.compute.NetworkFirewallPolicyArgs;\nimport com.pulumi.gcp.compute.NetworkFirewallPolicyRule;\nimport com.pulumi.gcp.compute.NetworkFirewallPolicyRuleArgs;\nimport com.pulumi.gcp.compute.inputs.NetworkFirewallPolicyRuleMatchArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var basicNetworkFirewallPolicy = new NetworkFirewallPolicy(\"basicNetworkFirewallPolicy\", NetworkFirewallPolicyArgs.builder()\n .name(\"fw-policy\")\n .description(\"Sample global network firewall policy\")\n .project(\"my-project-name\")\n .build());\n\n var primary = new NetworkFirewallPolicyRule(\"primary\", NetworkFirewallPolicyRuleArgs.builder()\n .action(\"allow\")\n .description(\"This is a simple rule description\")\n .direction(\"EGRESS\")\n .disabled(false)\n .enableLogging(true)\n .firewallPolicy(basicNetworkFirewallPolicy.name())\n .priority(1000)\n .ruleName(\"test-rule\")\n .match(NetworkFirewallPolicyRuleMatchArgs.builder()\n .destIpRanges(\"10.100.0.1/32\")\n .destNetworkScope(\"INTERNET\")\n .layer4Configs(NetworkFirewallPolicyRuleMatchLayer4ConfigArgs.builder()\n .ipProtocol(\"all\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n basicNetworkFirewallPolicy:\n type: gcp:compute:NetworkFirewallPolicy\n name: basic_network_firewall_policy\n properties:\n name: fw-policy\n description: Sample global network firewall policy\n project: my-project-name\n primary:\n type: gcp:compute:NetworkFirewallPolicyRule\n properties:\n action: allow\n description: This is a simple rule description\n direction: EGRESS\n disabled: false\n enableLogging: true\n firewallPolicy: ${basicNetworkFirewallPolicy.name}\n priority: 1000\n ruleName: test-rule\n match:\n destIpRanges:\n - 10.100.0.1/32\n destNetworkScope: INTERNET\n layer4Configs:\n - ipProtocol: all\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Network Firewall Policy Rule Network Scope Ingress\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst basicNetworkFirewallPolicy = new gcp.compute.NetworkFirewallPolicy(\"basic_network_firewall_policy\", {\n name: \"fw-policy\",\n description: \"Sample global network firewall policy\",\n project: \"my-project-name\",\n});\nconst network = new gcp.compute.Network(\"network\", {name: \"network\"});\nconst primary = new gcp.compute.NetworkFirewallPolicyRule(\"primary\", {\n action: \"allow\",\n description: \"This is a simple rule description\",\n direction: \"INGRESS\",\n disabled: false,\n enableLogging: true,\n firewallPolicy: basicNetworkFirewallPolicy.name,\n priority: 1000,\n ruleName: \"test-rule\",\n match: {\n srcIpRanges: [\"11.100.0.1/32\"],\n srcNetworkScope: \"VPC_NETWORKS\",\n srcNetworks: [network.id],\n layer4Configs: [{\n ipProtocol: \"all\",\n }],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nbasic_network_firewall_policy = gcp.compute.NetworkFirewallPolicy(\"basic_network_firewall_policy\",\n name=\"fw-policy\",\n description=\"Sample global network firewall policy\",\n project=\"my-project-name\")\nnetwork = gcp.compute.Network(\"network\", name=\"network\")\nprimary = gcp.compute.NetworkFirewallPolicyRule(\"primary\",\n action=\"allow\",\n description=\"This is a simple rule description\",\n direction=\"INGRESS\",\n disabled=False,\n enable_logging=True,\n firewall_policy=basic_network_firewall_policy.name,\n priority=1000,\n rule_name=\"test-rule\",\n match={\n \"src_ip_ranges\": [\"11.100.0.1/32\"],\n \"src_network_scope\": \"VPC_NETWORKS\",\n \"src_networks\": [network.id],\n \"layer4_configs\": [{\n \"ip_protocol\": \"all\",\n }],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var basicNetworkFirewallPolicy = new Gcp.Compute.NetworkFirewallPolicy(\"basic_network_firewall_policy\", new()\n {\n Name = \"fw-policy\",\n Description = \"Sample global network firewall policy\",\n Project = \"my-project-name\",\n });\n\n var network = new Gcp.Compute.Network(\"network\", new()\n {\n Name = \"network\",\n });\n\n var primary = new Gcp.Compute.NetworkFirewallPolicyRule(\"primary\", new()\n {\n Action = \"allow\",\n Description = \"This is a simple rule description\",\n Direction = \"INGRESS\",\n Disabled = false,\n EnableLogging = true,\n FirewallPolicy = basicNetworkFirewallPolicy.Name,\n Priority = 1000,\n RuleName = \"test-rule\",\n Match = new Gcp.Compute.Inputs.NetworkFirewallPolicyRuleMatchArgs\n {\n SrcIpRanges = new[]\n {\n \"11.100.0.1/32\",\n },\n SrcNetworkScope = \"VPC_NETWORKS\",\n SrcNetworks = new[]\n {\n network.Id,\n },\n Layer4Configs = new[]\n {\n new Gcp.Compute.Inputs.NetworkFirewallPolicyRuleMatchLayer4ConfigArgs\n {\n IpProtocol = \"all\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tbasicNetworkFirewallPolicy, err := compute.NewNetworkFirewallPolicy(ctx, \"basic_network_firewall_policy\", \u0026compute.NetworkFirewallPolicyArgs{\n\t\t\tName: pulumi.String(\"fw-policy\"),\n\t\t\tDescription: pulumi.String(\"Sample global network firewall policy\"),\n\t\t\tProject: pulumi.String(\"my-project-name\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tnetwork, err := compute.NewNetwork(ctx, \"network\", \u0026compute.NetworkArgs{\n\t\t\tName: pulumi.String(\"network\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = compute.NewNetworkFirewallPolicyRule(ctx, \"primary\", \u0026compute.NetworkFirewallPolicyRuleArgs{\n\t\t\tAction: pulumi.String(\"allow\"),\n\t\t\tDescription: pulumi.String(\"This is a simple rule description\"),\n\t\t\tDirection: pulumi.String(\"INGRESS\"),\n\t\t\tDisabled: pulumi.Bool(false),\n\t\t\tEnableLogging: pulumi.Bool(true),\n\t\t\tFirewallPolicy: basicNetworkFirewallPolicy.Name,\n\t\t\tPriority: pulumi.Int(1000),\n\t\t\tRuleName: pulumi.String(\"test-rule\"),\n\t\t\tMatch: \u0026compute.NetworkFirewallPolicyRuleMatchArgs{\n\t\t\t\tSrcIpRanges: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"11.100.0.1/32\"),\n\t\t\t\t},\n\t\t\t\tSrcNetworkScope: pulumi.String(\"VPC_NETWORKS\"),\n\t\t\t\tSrcNetworks: pulumi.StringArray{\n\t\t\t\t\tnetwork.ID(),\n\t\t\t\t},\n\t\t\t\tLayer4Configs: compute.NetworkFirewallPolicyRuleMatchLayer4ConfigArray{\n\t\t\t\t\t\u0026compute.NetworkFirewallPolicyRuleMatchLayer4ConfigArgs{\n\t\t\t\t\t\tIpProtocol: pulumi.String(\"all\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.compute.NetworkFirewallPolicy;\nimport com.pulumi.gcp.compute.NetworkFirewallPolicyArgs;\nimport com.pulumi.gcp.compute.Network;\nimport com.pulumi.gcp.compute.NetworkArgs;\nimport com.pulumi.gcp.compute.NetworkFirewallPolicyRule;\nimport com.pulumi.gcp.compute.NetworkFirewallPolicyRuleArgs;\nimport com.pulumi.gcp.compute.inputs.NetworkFirewallPolicyRuleMatchArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var basicNetworkFirewallPolicy = new NetworkFirewallPolicy(\"basicNetworkFirewallPolicy\", NetworkFirewallPolicyArgs.builder()\n .name(\"fw-policy\")\n .description(\"Sample global network firewall policy\")\n .project(\"my-project-name\")\n .build());\n\n var network = new Network(\"network\", NetworkArgs.builder()\n .name(\"network\")\n .build());\n\n var primary = new NetworkFirewallPolicyRule(\"primary\", NetworkFirewallPolicyRuleArgs.builder()\n .action(\"allow\")\n .description(\"This is a simple rule description\")\n .direction(\"INGRESS\")\n .disabled(false)\n .enableLogging(true)\n .firewallPolicy(basicNetworkFirewallPolicy.name())\n .priority(1000)\n .ruleName(\"test-rule\")\n .match(NetworkFirewallPolicyRuleMatchArgs.builder()\n .srcIpRanges(\"11.100.0.1/32\")\n .srcNetworkScope(\"VPC_NETWORKS\")\n .srcNetworks(network.id())\n .layer4Configs(NetworkFirewallPolicyRuleMatchLayer4ConfigArgs.builder()\n .ipProtocol(\"all\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n basicNetworkFirewallPolicy:\n type: gcp:compute:NetworkFirewallPolicy\n name: basic_network_firewall_policy\n properties:\n name: fw-policy\n description: Sample global network firewall policy\n project: my-project-name\n primary:\n type: gcp:compute:NetworkFirewallPolicyRule\n properties:\n action: allow\n description: This is a simple rule description\n direction: INGRESS\n disabled: false\n enableLogging: true\n firewallPolicy: ${basicNetworkFirewallPolicy.name}\n priority: 1000\n ruleName: test-rule\n match:\n srcIpRanges:\n - 11.100.0.1/32\n srcNetworkScope: VPC_NETWORKS\n srcNetworks:\n - ${network.id}\n layer4Configs:\n - ipProtocol: all\n network:\n type: gcp:compute:Network\n properties:\n name: network\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nNetworkFirewallPolicyRule can be imported using any of these accepted formats:\n\n* `projects/{{project}}/global/firewallPolicies/{{firewall_policy}}/rules/{{priority}}`\n\n* `{{project}}/{{firewall_policy}}/{{priority}}`\n\n* `{{firewall_policy}}/{{priority}}`\n\nWhen using the `pulumi import` command, NetworkFirewallPolicyRule can be imported using one of the formats above. For example:\n\n```sh\n$ pulumi import gcp:compute/networkFirewallPolicyRule:NetworkFirewallPolicyRule default projects/{{project}}/global/firewallPolicies/{{firewall_policy}}/rules/{{priority}}\n```\n\n```sh\n$ pulumi import gcp:compute/networkFirewallPolicyRule:NetworkFirewallPolicyRule default {{project}}/{{firewall_policy}}/{{priority}}\n```\n\n```sh\n$ pulumi import gcp:compute/networkFirewallPolicyRule:NetworkFirewallPolicyRule default {{firewall_policy}}/{{priority}}\n```\n\n", "properties": { "action": { "type": "string", @@ -177985,7 +179953,7 @@ } }, "gcp:compute/networkFirewallPolicyWithRules:NetworkFirewallPolicyWithRules": { - "description": "## Example Usage\n\n### Compute Network Firewall Policy With Rules Full\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst project = gcp.organizations.getProject({});\nconst addressGroup1 = new gcp.networksecurity.AddressGroup(\"address_group_1\", {\n name: \"tf-address-group\",\n parent: project.then(project =\u003e project.id),\n description: \"Global address group\",\n location: \"global\",\n items: [\"208.80.154.224/32\"],\n type: \"IPV4\",\n capacity: 100,\n});\nconst secureTagKey1 = new gcp.tags.TagKey(\"secure_tag_key_1\", {\n description: \"Tag key\",\n parent: project.then(project =\u003e project.id),\n purpose: \"GCE_FIREWALL\",\n shortName: \"tf-tag-key\",\n purposeData: {\n network: project.then(project =\u003e `${project.name}/default`),\n },\n});\nconst secureTagValue1 = new gcp.tags.TagValue(\"secure_tag_value_1\", {\n description: \"Tag value\",\n parent: secureTagKey1.id,\n shortName: \"tf-tag-value\",\n});\nconst securityProfile1 = new gcp.networksecurity.SecurityProfile(\"security_profile_1\", {\n name: \"tf-security-profile\",\n type: \"THREAT_PREVENTION\",\n parent: \"organizations/123456789\",\n location: \"global\",\n});\nconst securityProfileGroup1 = new gcp.networksecurity.SecurityProfileGroup(\"security_profile_group_1\", {\n name: \"tf-security-profile-group\",\n parent: \"organizations/123456789\",\n description: \"my description\",\n threatPreventionProfile: securityProfile1.id,\n});\nconst network_firewall_policy_with_rules = new gcp.compute.NetworkFirewallPolicyWithRules(\"network-firewall-policy-with-rules\", {\n name: \"tf-fw-policy-with-rules\",\n description: \"Terraform test\",\n rules: [\n {\n description: \"tcp rule\",\n priority: 1000,\n enableLogging: true,\n action: \"allow\",\n direction: \"EGRESS\",\n match: {\n layer4Configs: [{\n ipProtocol: \"tcp\",\n ports: [\n \"8080\",\n \"7070\",\n ],\n }],\n destIpRanges: [\"11.100.0.1/32\"],\n destFqdns: [\n \"www.yyy.com\",\n \"www.zzz.com\",\n ],\n destRegionCodes: [\n \"HK\",\n \"IN\",\n ],\n destThreatIntelligences: [\n \"iplist-search-engines-crawlers\",\n \"iplist-tor-exit-nodes\",\n ],\n destAddressGroups: [addressGroup1.id],\n },\n targetSecureTags: [{\n name: secureTagValue1.id,\n }],\n },\n {\n description: \"udp rule\",\n priority: 2000,\n enableLogging: false,\n action: \"deny\",\n direction: \"INGRESS\",\n match: {\n layer4Configs: [{\n ipProtocol: \"udp\",\n }],\n srcIpRanges: [\"0.0.0.0/0\"],\n srcFqdns: [\n \"www.abc.com\",\n \"www.def.com\",\n ],\n srcRegionCodes: [\n \"US\",\n \"CA\",\n ],\n srcThreatIntelligences: [\n \"iplist-known-malicious-ips\",\n \"iplist-public-clouds\",\n ],\n srcAddressGroups: [addressGroup1.id],\n srcSecureTags: [{\n name: secureTagValue1.id,\n }],\n },\n disabled: true,\n },\n {\n description: \"security profile group rule\",\n ruleName: \"tcp rule\",\n priority: 3000,\n enableLogging: false,\n action: \"apply_security_profile_group\",\n direction: \"INGRESS\",\n match: {\n layer4Configs: [{\n ipProtocol: \"tcp\",\n }],\n srcIpRanges: [\"0.0.0.0/0\"],\n },\n targetServiceAccounts: [\"test@google.com\"],\n securityProfileGroup: pulumi.interpolate`//networksecurity.googleapis.com/${securityProfileGroup1.id}`,\n tlsInspect: true,\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nproject = gcp.organizations.get_project()\naddress_group1 = gcp.networksecurity.AddressGroup(\"address_group_1\",\n name=\"tf-address-group\",\n parent=project.id,\n description=\"Global address group\",\n location=\"global\",\n items=[\"208.80.154.224/32\"],\n type=\"IPV4\",\n capacity=100)\nsecure_tag_key1 = gcp.tags.TagKey(\"secure_tag_key_1\",\n description=\"Tag key\",\n parent=project.id,\n purpose=\"GCE_FIREWALL\",\n short_name=\"tf-tag-key\",\n purpose_data={\n \"network\": f\"{project.name}/default\",\n })\nsecure_tag_value1 = gcp.tags.TagValue(\"secure_tag_value_1\",\n description=\"Tag value\",\n parent=secure_tag_key1.id,\n short_name=\"tf-tag-value\")\nsecurity_profile1 = gcp.networksecurity.SecurityProfile(\"security_profile_1\",\n name=\"tf-security-profile\",\n type=\"THREAT_PREVENTION\",\n parent=\"organizations/123456789\",\n location=\"global\")\nsecurity_profile_group1 = gcp.networksecurity.SecurityProfileGroup(\"security_profile_group_1\",\n name=\"tf-security-profile-group\",\n parent=\"organizations/123456789\",\n description=\"my description\",\n threat_prevention_profile=security_profile1.id)\nnetwork_firewall_policy_with_rules = gcp.compute.NetworkFirewallPolicyWithRules(\"network-firewall-policy-with-rules\",\n name=\"tf-fw-policy-with-rules\",\n description=\"Terraform test\",\n rules=[\n {\n \"description\": \"tcp rule\",\n \"priority\": 1000,\n \"enable_logging\": True,\n \"action\": \"allow\",\n \"direction\": \"EGRESS\",\n \"match\": {\n \"layer4_configs\": [{\n \"ip_protocol\": \"tcp\",\n \"ports\": [\n \"8080\",\n \"7070\",\n ],\n }],\n \"dest_ip_ranges\": [\"11.100.0.1/32\"],\n \"dest_fqdns\": [\n \"www.yyy.com\",\n \"www.zzz.com\",\n ],\n \"dest_region_codes\": [\n \"HK\",\n \"IN\",\n ],\n \"dest_threat_intelligences\": [\n \"iplist-search-engines-crawlers\",\n \"iplist-tor-exit-nodes\",\n ],\n \"dest_address_groups\": [address_group1.id],\n },\n \"target_secure_tags\": [{\n \"name\": secure_tag_value1.id,\n }],\n },\n {\n \"description\": \"udp rule\",\n \"priority\": 2000,\n \"enable_logging\": False,\n \"action\": \"deny\",\n \"direction\": \"INGRESS\",\n \"match\": {\n \"layer4_configs\": [{\n \"ip_protocol\": \"udp\",\n }],\n \"src_ip_ranges\": [\"0.0.0.0/0\"],\n \"src_fqdns\": [\n \"www.abc.com\",\n \"www.def.com\",\n ],\n \"src_region_codes\": [\n \"US\",\n \"CA\",\n ],\n \"src_threat_intelligences\": [\n \"iplist-known-malicious-ips\",\n \"iplist-public-clouds\",\n ],\n \"src_address_groups\": [address_group1.id],\n \"src_secure_tags\": [{\n \"name\": secure_tag_value1.id,\n }],\n },\n \"disabled\": True,\n },\n {\n \"description\": \"security profile group rule\",\n \"rule_name\": \"tcp rule\",\n \"priority\": 3000,\n \"enable_logging\": False,\n \"action\": \"apply_security_profile_group\",\n \"direction\": \"INGRESS\",\n \"match\": {\n \"layer4_configs\": [{\n \"ip_protocol\": \"tcp\",\n }],\n \"src_ip_ranges\": [\"0.0.0.0/0\"],\n },\n \"target_service_accounts\": [\"test@google.com\"],\n \"security_profile_group\": security_profile_group1.id.apply(lambda id: f\"//networksecurity.googleapis.com/{id}\"),\n \"tls_inspect\": True,\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var project = Gcp.Organizations.GetProject.Invoke();\n\n var addressGroup1 = new Gcp.NetworkSecurity.AddressGroup(\"address_group_1\", new()\n {\n Name = \"tf-address-group\",\n Parent = project.Apply(getProjectResult =\u003e getProjectResult.Id),\n Description = \"Global address group\",\n Location = \"global\",\n Items = new[]\n {\n \"208.80.154.224/32\",\n },\n Type = \"IPV4\",\n Capacity = 100,\n });\n\n var secureTagKey1 = new Gcp.Tags.TagKey(\"secure_tag_key_1\", new()\n {\n Description = \"Tag key\",\n Parent = project.Apply(getProjectResult =\u003e getProjectResult.Id),\n Purpose = \"GCE_FIREWALL\",\n ShortName = \"tf-tag-key\",\n PurposeData = \n {\n { \"network\", $\"{project.Apply(getProjectResult =\u003e getProjectResult.Name)}/default\" },\n },\n });\n\n var secureTagValue1 = new Gcp.Tags.TagValue(\"secure_tag_value_1\", new()\n {\n Description = \"Tag value\",\n Parent = secureTagKey1.Id,\n ShortName = \"tf-tag-value\",\n });\n\n var securityProfile1 = new Gcp.NetworkSecurity.SecurityProfile(\"security_profile_1\", new()\n {\n Name = \"tf-security-profile\",\n Type = \"THREAT_PREVENTION\",\n Parent = \"organizations/123456789\",\n Location = \"global\",\n });\n\n var securityProfileGroup1 = new Gcp.NetworkSecurity.SecurityProfileGroup(\"security_profile_group_1\", new()\n {\n Name = \"tf-security-profile-group\",\n Parent = \"organizations/123456789\",\n Description = \"my description\",\n ThreatPreventionProfile = securityProfile1.Id,\n });\n\n var network_firewall_policy_with_rules = new Gcp.Compute.NetworkFirewallPolicyWithRules(\"network-firewall-policy-with-rules\", new()\n {\n Name = \"tf-fw-policy-with-rules\",\n Description = \"Terraform test\",\n Rules = new[]\n {\n new Gcp.Compute.Inputs.NetworkFirewallPolicyWithRulesRuleArgs\n {\n Description = \"tcp rule\",\n Priority = 1000,\n EnableLogging = true,\n Action = \"allow\",\n Direction = \"EGRESS\",\n Match = new Gcp.Compute.Inputs.NetworkFirewallPolicyWithRulesRuleMatchArgs\n {\n Layer4Configs = new[]\n {\n new Gcp.Compute.Inputs.NetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArgs\n {\n IpProtocol = \"tcp\",\n Ports = new[]\n {\n \"8080\",\n \"7070\",\n },\n },\n },\n DestIpRanges = new[]\n {\n \"11.100.0.1/32\",\n },\n DestFqdns = new[]\n {\n \"www.yyy.com\",\n \"www.zzz.com\",\n },\n DestRegionCodes = new[]\n {\n \"HK\",\n \"IN\",\n },\n DestThreatIntelligences = new[]\n {\n \"iplist-search-engines-crawlers\",\n \"iplist-tor-exit-nodes\",\n },\n DestAddressGroups = new[]\n {\n addressGroup1.Id,\n },\n },\n TargetSecureTags = new[]\n {\n new Gcp.Compute.Inputs.NetworkFirewallPolicyWithRulesRuleTargetSecureTagArgs\n {\n Name = secureTagValue1.Id,\n },\n },\n },\n new Gcp.Compute.Inputs.NetworkFirewallPolicyWithRulesRuleArgs\n {\n Description = \"udp rule\",\n Priority = 2000,\n EnableLogging = false,\n Action = \"deny\",\n Direction = \"INGRESS\",\n Match = new Gcp.Compute.Inputs.NetworkFirewallPolicyWithRulesRuleMatchArgs\n {\n Layer4Configs = new[]\n {\n new Gcp.Compute.Inputs.NetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArgs\n {\n IpProtocol = \"udp\",\n },\n },\n SrcIpRanges = new[]\n {\n \"0.0.0.0/0\",\n },\n SrcFqdns = new[]\n {\n \"www.abc.com\",\n \"www.def.com\",\n },\n SrcRegionCodes = new[]\n {\n \"US\",\n \"CA\",\n },\n SrcThreatIntelligences = new[]\n {\n \"iplist-known-malicious-ips\",\n \"iplist-public-clouds\",\n },\n SrcAddressGroups = new[]\n {\n addressGroup1.Id,\n },\n SrcSecureTags = new[]\n {\n new Gcp.Compute.Inputs.NetworkFirewallPolicyWithRulesRuleMatchSrcSecureTagArgs\n {\n Name = secureTagValue1.Id,\n },\n },\n },\n Disabled = true,\n },\n new Gcp.Compute.Inputs.NetworkFirewallPolicyWithRulesRuleArgs\n {\n Description = \"security profile group rule\",\n RuleName = \"tcp rule\",\n Priority = 3000,\n EnableLogging = false,\n Action = \"apply_security_profile_group\",\n Direction = \"INGRESS\",\n Match = new Gcp.Compute.Inputs.NetworkFirewallPolicyWithRulesRuleMatchArgs\n {\n Layer4Configs = new[]\n {\n new Gcp.Compute.Inputs.NetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArgs\n {\n IpProtocol = \"tcp\",\n },\n },\n SrcIpRanges = new[]\n {\n \"0.0.0.0/0\",\n },\n },\n TargetServiceAccounts = new[]\n {\n \"test@google.com\",\n },\n SecurityProfileGroup = securityProfileGroup1.Id.Apply(id =\u003e $\"//networksecurity.googleapis.com/{id}\"),\n TlsInspect = true,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/tags\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tproject, err := organizations.LookupProject(ctx, \u0026organizations.LookupProjectArgs{}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\taddressGroup1, err := networksecurity.NewAddressGroup(ctx, \"address_group_1\", \u0026networksecurity.AddressGroupArgs{\n\t\t\tName: pulumi.String(\"tf-address-group\"),\n\t\t\tParent: pulumi.String(project.Id),\n\t\t\tDescription: pulumi.String(\"Global address group\"),\n\t\t\tLocation: pulumi.String(\"global\"),\n\t\t\tItems: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"208.80.154.224/32\"),\n\t\t\t},\n\t\t\tType: pulumi.String(\"IPV4\"),\n\t\t\tCapacity: pulumi.Int(100),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tsecureTagKey1, err := tags.NewTagKey(ctx, \"secure_tag_key_1\", \u0026tags.TagKeyArgs{\n\t\t\tDescription: pulumi.String(\"Tag key\"),\n\t\t\tParent: pulumi.String(project.Id),\n\t\t\tPurpose: pulumi.String(\"GCE_FIREWALL\"),\n\t\t\tShortName: pulumi.String(\"tf-tag-key\"),\n\t\t\tPurposeData: pulumi.StringMap{\n\t\t\t\t\"network\": pulumi.Sprintf(\"%v/default\", project.Name),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tsecureTagValue1, err := tags.NewTagValue(ctx, \"secure_tag_value_1\", \u0026tags.TagValueArgs{\n\t\t\tDescription: pulumi.String(\"Tag value\"),\n\t\t\tParent: secureTagKey1.ID(),\n\t\t\tShortName: pulumi.String(\"tf-tag-value\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tsecurityProfile1, err := networksecurity.NewSecurityProfile(ctx, \"security_profile_1\", \u0026networksecurity.SecurityProfileArgs{\n\t\t\tName: pulumi.String(\"tf-security-profile\"),\n\t\t\tType: pulumi.String(\"THREAT_PREVENTION\"),\n\t\t\tParent: pulumi.String(\"organizations/123456789\"),\n\t\t\tLocation: pulumi.String(\"global\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tsecurityProfileGroup1, err := networksecurity.NewSecurityProfileGroup(ctx, \"security_profile_group_1\", \u0026networksecurity.SecurityProfileGroupArgs{\n\t\t\tName: pulumi.String(\"tf-security-profile-group\"),\n\t\t\tParent: pulumi.String(\"organizations/123456789\"),\n\t\t\tDescription: pulumi.String(\"my description\"),\n\t\t\tThreatPreventionProfile: securityProfile1.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = compute.NewNetworkFirewallPolicyWithRules(ctx, \"network-firewall-policy-with-rules\", \u0026compute.NetworkFirewallPolicyWithRulesArgs{\n\t\t\tName: pulumi.String(\"tf-fw-policy-with-rules\"),\n\t\t\tDescription: pulumi.String(\"Terraform test\"),\n\t\t\tRules: compute.NetworkFirewallPolicyWithRulesRuleArray{\n\t\t\t\t\u0026compute.NetworkFirewallPolicyWithRulesRuleArgs{\n\t\t\t\t\tDescription: pulumi.String(\"tcp rule\"),\n\t\t\t\t\tPriority: pulumi.Int(1000),\n\t\t\t\t\tEnableLogging: pulumi.Bool(true),\n\t\t\t\t\tAction: pulumi.String(\"allow\"),\n\t\t\t\t\tDirection: pulumi.String(\"EGRESS\"),\n\t\t\t\t\tMatch: \u0026compute.NetworkFirewallPolicyWithRulesRuleMatchArgs{\n\t\t\t\t\t\tLayer4Configs: compute.NetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArray{\n\t\t\t\t\t\t\t\u0026compute.NetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArgs{\n\t\t\t\t\t\t\t\tIpProtocol: pulumi.String(\"tcp\"),\n\t\t\t\t\t\t\t\tPorts: pulumi.StringArray{\n\t\t\t\t\t\t\t\t\tpulumi.String(\"8080\"),\n\t\t\t\t\t\t\t\t\tpulumi.String(\"7070\"),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\tDestIpRanges: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"11.100.0.1/32\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tDestFqdns: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"www.yyy.com\"),\n\t\t\t\t\t\t\tpulumi.String(\"www.zzz.com\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tDestRegionCodes: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"HK\"),\n\t\t\t\t\t\t\tpulumi.String(\"IN\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tDestThreatIntelligences: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"iplist-search-engines-crawlers\"),\n\t\t\t\t\t\t\tpulumi.String(\"iplist-tor-exit-nodes\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tDestAddressGroups: pulumi.StringArray{\n\t\t\t\t\t\t\taddressGroup1.ID(),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tTargetSecureTags: compute.NetworkFirewallPolicyWithRulesRuleTargetSecureTagArray{\n\t\t\t\t\t\t\u0026compute.NetworkFirewallPolicyWithRulesRuleTargetSecureTagArgs{\n\t\t\t\t\t\t\tName: secureTagValue1.ID(),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026compute.NetworkFirewallPolicyWithRulesRuleArgs{\n\t\t\t\t\tDescription: pulumi.String(\"udp rule\"),\n\t\t\t\t\tPriority: pulumi.Int(2000),\n\t\t\t\t\tEnableLogging: pulumi.Bool(false),\n\t\t\t\t\tAction: pulumi.String(\"deny\"),\n\t\t\t\t\tDirection: pulumi.String(\"INGRESS\"),\n\t\t\t\t\tMatch: \u0026compute.NetworkFirewallPolicyWithRulesRuleMatchArgs{\n\t\t\t\t\t\tLayer4Configs: compute.NetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArray{\n\t\t\t\t\t\t\t\u0026compute.NetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArgs{\n\t\t\t\t\t\t\t\tIpProtocol: pulumi.String(\"udp\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\tSrcIpRanges: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"0.0.0.0/0\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tSrcFqdns: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"www.abc.com\"),\n\t\t\t\t\t\t\tpulumi.String(\"www.def.com\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tSrcRegionCodes: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"US\"),\n\t\t\t\t\t\t\tpulumi.String(\"CA\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tSrcThreatIntelligences: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"iplist-known-malicious-ips\"),\n\t\t\t\t\t\t\tpulumi.String(\"iplist-public-clouds\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tSrcAddressGroups: pulumi.StringArray{\n\t\t\t\t\t\t\taddressGroup1.ID(),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tSrcSecureTags: compute.NetworkFirewallPolicyWithRulesRuleMatchSrcSecureTagArray{\n\t\t\t\t\t\t\t\u0026compute.NetworkFirewallPolicyWithRulesRuleMatchSrcSecureTagArgs{\n\t\t\t\t\t\t\t\tName: secureTagValue1.ID(),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tDisabled: pulumi.Bool(true),\n\t\t\t\t},\n\t\t\t\t\u0026compute.NetworkFirewallPolicyWithRulesRuleArgs{\n\t\t\t\t\tDescription: pulumi.String(\"security profile group rule\"),\n\t\t\t\t\tRuleName: pulumi.String(\"tcp rule\"),\n\t\t\t\t\tPriority: pulumi.Int(3000),\n\t\t\t\t\tEnableLogging: pulumi.Bool(false),\n\t\t\t\t\tAction: pulumi.String(\"apply_security_profile_group\"),\n\t\t\t\t\tDirection: pulumi.String(\"INGRESS\"),\n\t\t\t\t\tMatch: \u0026compute.NetworkFirewallPolicyWithRulesRuleMatchArgs{\n\t\t\t\t\t\tLayer4Configs: compute.NetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArray{\n\t\t\t\t\t\t\t\u0026compute.NetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArgs{\n\t\t\t\t\t\t\t\tIpProtocol: pulumi.String(\"tcp\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\tSrcIpRanges: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"0.0.0.0/0\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tTargetServiceAccounts: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"test@google.com\"),\n\t\t\t\t\t},\n\t\t\t\t\tSecurityProfileGroup: securityProfileGroup1.ID().ApplyT(func(id string) (string, error) {\n\t\t\t\t\t\treturn fmt.Sprintf(\"//networksecurity.googleapis.com/%v\", id), nil\n\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\tTlsInspect: pulumi.Bool(true),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.organizations.OrganizationsFunctions;\nimport com.pulumi.gcp.organizations.inputs.GetProjectArgs;\nimport com.pulumi.gcp.networksecurity.AddressGroup;\nimport com.pulumi.gcp.networksecurity.AddressGroupArgs;\nimport com.pulumi.gcp.tags.TagKey;\nimport com.pulumi.gcp.tags.TagKeyArgs;\nimport com.pulumi.gcp.tags.TagValue;\nimport com.pulumi.gcp.tags.TagValueArgs;\nimport com.pulumi.gcp.networksecurity.SecurityProfile;\nimport com.pulumi.gcp.networksecurity.SecurityProfileArgs;\nimport com.pulumi.gcp.networksecurity.SecurityProfileGroup;\nimport com.pulumi.gcp.networksecurity.SecurityProfileGroupArgs;\nimport com.pulumi.gcp.compute.NetworkFirewallPolicyWithRules;\nimport com.pulumi.gcp.compute.NetworkFirewallPolicyWithRulesArgs;\nimport com.pulumi.gcp.compute.inputs.NetworkFirewallPolicyWithRulesRuleArgs;\nimport com.pulumi.gcp.compute.inputs.NetworkFirewallPolicyWithRulesRuleMatchArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var project = OrganizationsFunctions.getProject();\n\n var addressGroup1 = new AddressGroup(\"addressGroup1\", AddressGroupArgs.builder()\n .name(\"tf-address-group\")\n .parent(project.applyValue(getProjectResult -\u003e getProjectResult.id()))\n .description(\"Global address group\")\n .location(\"global\")\n .items(\"208.80.154.224/32\")\n .type(\"IPV4\")\n .capacity(100)\n .build());\n\n var secureTagKey1 = new TagKey(\"secureTagKey1\", TagKeyArgs.builder()\n .description(\"Tag key\")\n .parent(project.applyValue(getProjectResult -\u003e getProjectResult.id()))\n .purpose(\"GCE_FIREWALL\")\n .shortName(\"tf-tag-key\")\n .purposeData(Map.of(\"network\", String.format(\"%s/default\", project.applyValue(getProjectResult -\u003e getProjectResult.name()))))\n .build());\n\n var secureTagValue1 = new TagValue(\"secureTagValue1\", TagValueArgs.builder()\n .description(\"Tag value\")\n .parent(secureTagKey1.id())\n .shortName(\"tf-tag-value\")\n .build());\n\n var securityProfile1 = new SecurityProfile(\"securityProfile1\", SecurityProfileArgs.builder()\n .name(\"tf-security-profile\")\n .type(\"THREAT_PREVENTION\")\n .parent(\"organizations/123456789\")\n .location(\"global\")\n .build());\n\n var securityProfileGroup1 = new SecurityProfileGroup(\"securityProfileGroup1\", SecurityProfileGroupArgs.builder()\n .name(\"tf-security-profile-group\")\n .parent(\"organizations/123456789\")\n .description(\"my description\")\n .threatPreventionProfile(securityProfile1.id())\n .build());\n\n var network_firewall_policy_with_rules = new NetworkFirewallPolicyWithRules(\"network-firewall-policy-with-rules\", NetworkFirewallPolicyWithRulesArgs.builder()\n .name(\"tf-fw-policy-with-rules\")\n .description(\"Terraform test\")\n .rules( \n NetworkFirewallPolicyWithRulesRuleArgs.builder()\n .description(\"tcp rule\")\n .priority(1000)\n .enableLogging(true)\n .action(\"allow\")\n .direction(\"EGRESS\")\n .match(NetworkFirewallPolicyWithRulesRuleMatchArgs.builder()\n .layer4Configs(NetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArgs.builder()\n .ipProtocol(\"tcp\")\n .ports( \n 8080,\n 7070)\n .build())\n .destIpRanges(\"11.100.0.1/32\")\n .destFqdns( \n \"www.yyy.com\",\n \"www.zzz.com\")\n .destRegionCodes( \n \"HK\",\n \"IN\")\n .destThreatIntelligences( \n \"iplist-search-engines-crawlers\",\n \"iplist-tor-exit-nodes\")\n .destAddressGroups(addressGroup1.id())\n .build())\n .targetSecureTags(NetworkFirewallPolicyWithRulesRuleTargetSecureTagArgs.builder()\n .name(secureTagValue1.id())\n .build())\n .build(),\n NetworkFirewallPolicyWithRulesRuleArgs.builder()\n .description(\"udp rule\")\n .priority(2000)\n .enableLogging(false)\n .action(\"deny\")\n .direction(\"INGRESS\")\n .match(NetworkFirewallPolicyWithRulesRuleMatchArgs.builder()\n .layer4Configs(NetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArgs.builder()\n .ipProtocol(\"udp\")\n .build())\n .srcIpRanges(\"0.0.0.0/0\")\n .srcFqdns( \n \"www.abc.com\",\n \"www.def.com\")\n .srcRegionCodes( \n \"US\",\n \"CA\")\n .srcThreatIntelligences( \n \"iplist-known-malicious-ips\",\n \"iplist-public-clouds\")\n .srcAddressGroups(addressGroup1.id())\n .srcSecureTags(NetworkFirewallPolicyWithRulesRuleMatchSrcSecureTagArgs.builder()\n .name(secureTagValue1.id())\n .build())\n .build())\n .disabled(true)\n .build(),\n NetworkFirewallPolicyWithRulesRuleArgs.builder()\n .description(\"security profile group rule\")\n .ruleName(\"tcp rule\")\n .priority(3000)\n .enableLogging(false)\n .action(\"apply_security_profile_group\")\n .direction(\"INGRESS\")\n .match(NetworkFirewallPolicyWithRulesRuleMatchArgs.builder()\n .layer4Configs(NetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArgs.builder()\n .ipProtocol(\"tcp\")\n .build())\n .srcIpRanges(\"0.0.0.0/0\")\n .build())\n .targetServiceAccounts(\"test@google.com\")\n .securityProfileGroup(securityProfileGroup1.id().applyValue(id -\u003e String.format(\"//networksecurity.googleapis.com/%s\", id)))\n .tlsInspect(true)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n network-firewall-policy-with-rules:\n type: gcp:compute:NetworkFirewallPolicyWithRules\n properties:\n name: tf-fw-policy-with-rules\n description: Terraform test\n rules:\n - description: tcp rule\n priority: 1000\n enableLogging: true\n action: allow\n direction: EGRESS\n match:\n layer4Configs:\n - ipProtocol: tcp\n ports:\n - 8080\n - 7070\n destIpRanges:\n - 11.100.0.1/32\n destFqdns:\n - www.yyy.com\n - www.zzz.com\n destRegionCodes:\n - HK\n - IN\n destThreatIntelligences:\n - iplist-search-engines-crawlers\n - iplist-tor-exit-nodes\n destAddressGroups:\n - ${addressGroup1.id}\n targetSecureTags:\n - name: ${secureTagValue1.id}\n - description: udp rule\n priority: 2000\n enableLogging: false\n action: deny\n direction: INGRESS\n match:\n layer4Configs:\n - ipProtocol: udp\n srcIpRanges:\n - 0.0.0.0/0\n srcFqdns:\n - www.abc.com\n - www.def.com\n srcRegionCodes:\n - US\n - CA\n srcThreatIntelligences:\n - iplist-known-malicious-ips\n - iplist-public-clouds\n srcAddressGroups:\n - ${addressGroup1.id}\n srcSecureTags:\n - name: ${secureTagValue1.id}\n disabled: true\n - description: security profile group rule\n ruleName: tcp rule\n priority: 3000\n enableLogging: false\n action: apply_security_profile_group\n direction: INGRESS\n match:\n layer4Configs:\n - ipProtocol: tcp\n srcIpRanges:\n - 0.0.0.0/0\n targetServiceAccounts:\n - test@google.com\n securityProfileGroup: //networksecurity.googleapis.com/${securityProfileGroup1.id}\n tlsInspect: true\n addressGroup1:\n type: gcp:networksecurity:AddressGroup\n name: address_group_1\n properties:\n name: tf-address-group\n parent: ${project.id}\n description: Global address group\n location: global\n items:\n - 208.80.154.224/32\n type: IPV4\n capacity: 100\n secureTagKey1:\n type: gcp:tags:TagKey\n name: secure_tag_key_1\n properties:\n description: Tag key\n parent: ${project.id}\n purpose: GCE_FIREWALL\n shortName: tf-tag-key\n purposeData:\n network: ${project.name}/default\n secureTagValue1:\n type: gcp:tags:TagValue\n name: secure_tag_value_1\n properties:\n description: Tag value\n parent: ${secureTagKey1.id}\n shortName: tf-tag-value\n securityProfileGroup1:\n type: gcp:networksecurity:SecurityProfileGroup\n name: security_profile_group_1\n properties:\n name: tf-security-profile-group\n parent: organizations/123456789\n description: my description\n threatPreventionProfile: ${securityProfile1.id}\n securityProfile1:\n type: gcp:networksecurity:SecurityProfile\n name: security_profile_1\n properties:\n name: tf-security-profile\n type: THREAT_PREVENTION\n parent: organizations/123456789\n location: global\nvariables:\n project:\n fn::invoke:\n function: gcp:organizations:getProject\n arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nNetworkFirewallPolicyWithRules can be imported using any of these accepted formats:\n\n* `projects/{{project}}/global/firewallPolicies/{{name}}`\n\n* `{{project}}/{{name}}`\n\n* `{{name}}`\n\nWhen using the `pulumi import` command, NetworkFirewallPolicyWithRules can be imported using one of the formats above. For example:\n\n```sh\n$ pulumi import gcp:compute/networkFirewallPolicyWithRules:NetworkFirewallPolicyWithRules default projects/{{project}}/global/firewallPolicies/{{name}}\n```\n\n```sh\n$ pulumi import gcp:compute/networkFirewallPolicyWithRules:NetworkFirewallPolicyWithRules default {{project}}/{{name}}\n```\n\n```sh\n$ pulumi import gcp:compute/networkFirewallPolicyWithRules:NetworkFirewallPolicyWithRules default {{name}}\n```\n\n", + "description": "## Example Usage\n\n### Compute Network Firewall Policy With Rules Full\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst project = gcp.organizations.getProject({});\nconst addressGroup1 = new gcp.networksecurity.AddressGroup(\"address_group_1\", {\n name: \"address-group\",\n parent: project.then(project =\u003e project.id),\n description: \"Global address group\",\n location: \"global\",\n items: [\"208.80.154.224/32\"],\n type: \"IPV4\",\n capacity: 100,\n});\nconst secureTagKey1 = new gcp.tags.TagKey(\"secure_tag_key_1\", {\n description: \"Tag key\",\n parent: project.then(project =\u003e project.id),\n purpose: \"GCE_FIREWALL\",\n shortName: \"tag-key\",\n purposeData: {\n network: project.then(project =\u003e `${project.name}/default`),\n },\n});\nconst secureTagValue1 = new gcp.tags.TagValue(\"secure_tag_value_1\", {\n description: \"Tag value\",\n parent: secureTagKey1.id,\n shortName: \"tag-value\",\n});\nconst securityProfile1 = new gcp.networksecurity.SecurityProfile(\"security_profile_1\", {\n name: \"sp\",\n type: \"THREAT_PREVENTION\",\n parent: \"organizations/123456789\",\n location: \"global\",\n});\nconst securityProfileGroup1 = new gcp.networksecurity.SecurityProfileGroup(\"security_profile_group_1\", {\n name: \"spg\",\n parent: \"organizations/123456789\",\n description: \"my description\",\n threatPreventionProfile: securityProfile1.id,\n});\nconst network = new gcp.compute.Network(\"network\", {\n name: \"network\",\n autoCreateSubnetworks: false,\n});\nconst primary = new gcp.compute.NetworkFirewallPolicyWithRules(\"primary\", {\n name: \"fw-policy\",\n description: \"Terraform test\",\n rules: [\n {\n description: \"tcp rule\",\n priority: 1000,\n enableLogging: true,\n action: \"allow\",\n direction: \"EGRESS\",\n match: {\n destIpRanges: [\"11.100.0.1/32\"],\n destFqdns: [\n \"www.yyy.com\",\n \"www.zzz.com\",\n ],\n destRegionCodes: [\n \"HK\",\n \"IN\",\n ],\n destThreatIntelligences: [\n \"iplist-search-engines-crawlers\",\n \"iplist-tor-exit-nodes\",\n ],\n destAddressGroups: [addressGroup1.id],\n layer4Configs: [{\n ipProtocol: \"tcp\",\n ports: [\n \"8080\",\n \"7070\",\n ],\n }],\n },\n targetSecureTags: [{\n name: secureTagValue1.id,\n }],\n },\n {\n description: \"udp rule\",\n priority: 2000,\n enableLogging: false,\n action: \"deny\",\n direction: \"INGRESS\",\n disabled: true,\n match: {\n srcIpRanges: [\"0.0.0.0/0\"],\n srcFqdns: [\n \"www.abc.com\",\n \"www.def.com\",\n ],\n srcRegionCodes: [\n \"US\",\n \"CA\",\n ],\n srcThreatIntelligences: [\n \"iplist-known-malicious-ips\",\n \"iplist-public-clouds\",\n ],\n srcAddressGroups: [addressGroup1.id],\n srcSecureTags: [{\n name: secureTagValue1.id,\n }],\n layer4Configs: [{\n ipProtocol: \"udp\",\n }],\n },\n },\n {\n description: \"security profile group rule\",\n ruleName: \"tcp rule\",\n priority: 3000,\n enableLogging: false,\n action: \"apply_security_profile_group\",\n direction: \"INGRESS\",\n targetServiceAccounts: [\"test@google.com\"],\n securityProfileGroup: pulumi.interpolate`//networksecurity.googleapis.com/${securityProfileGroup1.id}`,\n tlsInspect: true,\n match: {\n srcIpRanges: [\"0.0.0.0/0\"],\n layer4Configs: [{\n ipProtocol: \"tcp\",\n }],\n },\n },\n {\n description: \"network scope rule 1\",\n ruleName: \"network scope 1\",\n priority: 4000,\n enableLogging: false,\n action: \"allow\",\n direction: \"INGRESS\",\n match: {\n srcIpRanges: [\"11.100.0.1/32\"],\n srcNetworkScope: \"VPC_NETWORKS\",\n srcNetworks: [network.id],\n layer4Configs: [{\n ipProtocol: \"tcp\",\n ports: [\"8080\"],\n }],\n },\n },\n {\n description: \"network scope rule 2\",\n ruleName: \"network scope 2\",\n priority: 5000,\n enableLogging: false,\n action: \"allow\",\n direction: \"EGRESS\",\n match: {\n destIpRanges: [\"0.0.0.0/0\"],\n destNetworkScope: \"INTERNET\",\n layer4Configs: [{\n ipProtocol: \"tcp\",\n ports: [\"8080\"],\n }],\n },\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nproject = gcp.organizations.get_project()\naddress_group1 = gcp.networksecurity.AddressGroup(\"address_group_1\",\n name=\"address-group\",\n parent=project.id,\n description=\"Global address group\",\n location=\"global\",\n items=[\"208.80.154.224/32\"],\n type=\"IPV4\",\n capacity=100)\nsecure_tag_key1 = gcp.tags.TagKey(\"secure_tag_key_1\",\n description=\"Tag key\",\n parent=project.id,\n purpose=\"GCE_FIREWALL\",\n short_name=\"tag-key\",\n purpose_data={\n \"network\": f\"{project.name}/default\",\n })\nsecure_tag_value1 = gcp.tags.TagValue(\"secure_tag_value_1\",\n description=\"Tag value\",\n parent=secure_tag_key1.id,\n short_name=\"tag-value\")\nsecurity_profile1 = gcp.networksecurity.SecurityProfile(\"security_profile_1\",\n name=\"sp\",\n type=\"THREAT_PREVENTION\",\n parent=\"organizations/123456789\",\n location=\"global\")\nsecurity_profile_group1 = gcp.networksecurity.SecurityProfileGroup(\"security_profile_group_1\",\n name=\"spg\",\n parent=\"organizations/123456789\",\n description=\"my description\",\n threat_prevention_profile=security_profile1.id)\nnetwork = gcp.compute.Network(\"network\",\n name=\"network\",\n auto_create_subnetworks=False)\nprimary = gcp.compute.NetworkFirewallPolicyWithRules(\"primary\",\n name=\"fw-policy\",\n description=\"Terraform test\",\n rules=[\n {\n \"description\": \"tcp rule\",\n \"priority\": 1000,\n \"enable_logging\": True,\n \"action\": \"allow\",\n \"direction\": \"EGRESS\",\n \"match\": {\n \"dest_ip_ranges\": [\"11.100.0.1/32\"],\n \"dest_fqdns\": [\n \"www.yyy.com\",\n \"www.zzz.com\",\n ],\n \"dest_region_codes\": [\n \"HK\",\n \"IN\",\n ],\n \"dest_threat_intelligences\": [\n \"iplist-search-engines-crawlers\",\n \"iplist-tor-exit-nodes\",\n ],\n \"dest_address_groups\": [address_group1.id],\n \"layer4_configs\": [{\n \"ip_protocol\": \"tcp\",\n \"ports\": [\n \"8080\",\n \"7070\",\n ],\n }],\n },\n \"target_secure_tags\": [{\n \"name\": secure_tag_value1.id,\n }],\n },\n {\n \"description\": \"udp rule\",\n \"priority\": 2000,\n \"enable_logging\": False,\n \"action\": \"deny\",\n \"direction\": \"INGRESS\",\n \"disabled\": True,\n \"match\": {\n \"src_ip_ranges\": [\"0.0.0.0/0\"],\n \"src_fqdns\": [\n \"www.abc.com\",\n \"www.def.com\",\n ],\n \"src_region_codes\": [\n \"US\",\n \"CA\",\n ],\n \"src_threat_intelligences\": [\n \"iplist-known-malicious-ips\",\n \"iplist-public-clouds\",\n ],\n \"src_address_groups\": [address_group1.id],\n \"src_secure_tags\": [{\n \"name\": secure_tag_value1.id,\n }],\n \"layer4_configs\": [{\n \"ip_protocol\": \"udp\",\n }],\n },\n },\n {\n \"description\": \"security profile group rule\",\n \"rule_name\": \"tcp rule\",\n \"priority\": 3000,\n \"enable_logging\": False,\n \"action\": \"apply_security_profile_group\",\n \"direction\": \"INGRESS\",\n \"target_service_accounts\": [\"test@google.com\"],\n \"security_profile_group\": security_profile_group1.id.apply(lambda id: f\"//networksecurity.googleapis.com/{id}\"),\n \"tls_inspect\": True,\n \"match\": {\n \"src_ip_ranges\": [\"0.0.0.0/0\"],\n \"layer4_configs\": [{\n \"ip_protocol\": \"tcp\",\n }],\n },\n },\n {\n \"description\": \"network scope rule 1\",\n \"rule_name\": \"network scope 1\",\n \"priority\": 4000,\n \"enable_logging\": False,\n \"action\": \"allow\",\n \"direction\": \"INGRESS\",\n \"match\": {\n \"src_ip_ranges\": [\"11.100.0.1/32\"],\n \"src_network_scope\": \"VPC_NETWORKS\",\n \"src_networks\": [network.id],\n \"layer4_configs\": [{\n \"ip_protocol\": \"tcp\",\n \"ports\": [\"8080\"],\n }],\n },\n },\n {\n \"description\": \"network scope rule 2\",\n \"rule_name\": \"network scope 2\",\n \"priority\": 5000,\n \"enable_logging\": False,\n \"action\": \"allow\",\n \"direction\": \"EGRESS\",\n \"match\": {\n \"dest_ip_ranges\": [\"0.0.0.0/0\"],\n \"dest_network_scope\": \"INTERNET\",\n \"layer4_configs\": [{\n \"ip_protocol\": \"tcp\",\n \"ports\": [\"8080\"],\n }],\n },\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var project = Gcp.Organizations.GetProject.Invoke();\n\n var addressGroup1 = new Gcp.NetworkSecurity.AddressGroup(\"address_group_1\", new()\n {\n Name = \"address-group\",\n Parent = project.Apply(getProjectResult =\u003e getProjectResult.Id),\n Description = \"Global address group\",\n Location = \"global\",\n Items = new[]\n {\n \"208.80.154.224/32\",\n },\n Type = \"IPV4\",\n Capacity = 100,\n });\n\n var secureTagKey1 = new Gcp.Tags.TagKey(\"secure_tag_key_1\", new()\n {\n Description = \"Tag key\",\n Parent = project.Apply(getProjectResult =\u003e getProjectResult.Id),\n Purpose = \"GCE_FIREWALL\",\n ShortName = \"tag-key\",\n PurposeData = \n {\n { \"network\", $\"{project.Apply(getProjectResult =\u003e getProjectResult.Name)}/default\" },\n },\n });\n\n var secureTagValue1 = new Gcp.Tags.TagValue(\"secure_tag_value_1\", new()\n {\n Description = \"Tag value\",\n Parent = secureTagKey1.Id,\n ShortName = \"tag-value\",\n });\n\n var securityProfile1 = new Gcp.NetworkSecurity.SecurityProfile(\"security_profile_1\", new()\n {\n Name = \"sp\",\n Type = \"THREAT_PREVENTION\",\n Parent = \"organizations/123456789\",\n Location = \"global\",\n });\n\n var securityProfileGroup1 = new Gcp.NetworkSecurity.SecurityProfileGroup(\"security_profile_group_1\", new()\n {\n Name = \"spg\",\n Parent = \"organizations/123456789\",\n Description = \"my description\",\n ThreatPreventionProfile = securityProfile1.Id,\n });\n\n var network = new Gcp.Compute.Network(\"network\", new()\n {\n Name = \"network\",\n AutoCreateSubnetworks = false,\n });\n\n var primary = new Gcp.Compute.NetworkFirewallPolicyWithRules(\"primary\", new()\n {\n Name = \"fw-policy\",\n Description = \"Terraform test\",\n Rules = new[]\n {\n new Gcp.Compute.Inputs.NetworkFirewallPolicyWithRulesRuleArgs\n {\n Description = \"tcp rule\",\n Priority = 1000,\n EnableLogging = true,\n Action = \"allow\",\n Direction = \"EGRESS\",\n Match = new Gcp.Compute.Inputs.NetworkFirewallPolicyWithRulesRuleMatchArgs\n {\n DestIpRanges = new[]\n {\n \"11.100.0.1/32\",\n },\n DestFqdns = new[]\n {\n \"www.yyy.com\",\n \"www.zzz.com\",\n },\n DestRegionCodes = new[]\n {\n \"HK\",\n \"IN\",\n },\n DestThreatIntelligences = new[]\n {\n \"iplist-search-engines-crawlers\",\n \"iplist-tor-exit-nodes\",\n },\n DestAddressGroups = new[]\n {\n addressGroup1.Id,\n },\n Layer4Configs = new[]\n {\n new Gcp.Compute.Inputs.NetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArgs\n {\n IpProtocol = \"tcp\",\n Ports = new[]\n {\n \"8080\",\n \"7070\",\n },\n },\n },\n },\n TargetSecureTags = new[]\n {\n new Gcp.Compute.Inputs.NetworkFirewallPolicyWithRulesRuleTargetSecureTagArgs\n {\n Name = secureTagValue1.Id,\n },\n },\n },\n new Gcp.Compute.Inputs.NetworkFirewallPolicyWithRulesRuleArgs\n {\n Description = \"udp rule\",\n Priority = 2000,\n EnableLogging = false,\n Action = \"deny\",\n Direction = \"INGRESS\",\n Disabled = true,\n Match = new Gcp.Compute.Inputs.NetworkFirewallPolicyWithRulesRuleMatchArgs\n {\n SrcIpRanges = new[]\n {\n \"0.0.0.0/0\",\n },\n SrcFqdns = new[]\n {\n \"www.abc.com\",\n \"www.def.com\",\n },\n SrcRegionCodes = new[]\n {\n \"US\",\n \"CA\",\n },\n SrcThreatIntelligences = new[]\n {\n \"iplist-known-malicious-ips\",\n \"iplist-public-clouds\",\n },\n SrcAddressGroups = new[]\n {\n addressGroup1.Id,\n },\n SrcSecureTags = new[]\n {\n new Gcp.Compute.Inputs.NetworkFirewallPolicyWithRulesRuleMatchSrcSecureTagArgs\n {\n Name = secureTagValue1.Id,\n },\n },\n Layer4Configs = new[]\n {\n new Gcp.Compute.Inputs.NetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArgs\n {\n IpProtocol = \"udp\",\n },\n },\n },\n },\n new Gcp.Compute.Inputs.NetworkFirewallPolicyWithRulesRuleArgs\n {\n Description = \"security profile group rule\",\n RuleName = \"tcp rule\",\n Priority = 3000,\n EnableLogging = false,\n Action = \"apply_security_profile_group\",\n Direction = \"INGRESS\",\n TargetServiceAccounts = new[]\n {\n \"test@google.com\",\n },\n SecurityProfileGroup = securityProfileGroup1.Id.Apply(id =\u003e $\"//networksecurity.googleapis.com/{id}\"),\n TlsInspect = true,\n Match = new Gcp.Compute.Inputs.NetworkFirewallPolicyWithRulesRuleMatchArgs\n {\n SrcIpRanges = new[]\n {\n \"0.0.0.0/0\",\n },\n Layer4Configs = new[]\n {\n new Gcp.Compute.Inputs.NetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArgs\n {\n IpProtocol = \"tcp\",\n },\n },\n },\n },\n new Gcp.Compute.Inputs.NetworkFirewallPolicyWithRulesRuleArgs\n {\n Description = \"network scope rule 1\",\n RuleName = \"network scope 1\",\n Priority = 4000,\n EnableLogging = false,\n Action = \"allow\",\n Direction = \"INGRESS\",\n Match = new Gcp.Compute.Inputs.NetworkFirewallPolicyWithRulesRuleMatchArgs\n {\n SrcIpRanges = new[]\n {\n \"11.100.0.1/32\",\n },\n SrcNetworkScope = \"VPC_NETWORKS\",\n SrcNetworks = new[]\n {\n network.Id,\n },\n Layer4Configs = new[]\n {\n new Gcp.Compute.Inputs.NetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArgs\n {\n IpProtocol = \"tcp\",\n Ports = new[]\n {\n \"8080\",\n },\n },\n },\n },\n },\n new Gcp.Compute.Inputs.NetworkFirewallPolicyWithRulesRuleArgs\n {\n Description = \"network scope rule 2\",\n RuleName = \"network scope 2\",\n Priority = 5000,\n EnableLogging = false,\n Action = \"allow\",\n Direction = \"EGRESS\",\n Match = new Gcp.Compute.Inputs.NetworkFirewallPolicyWithRulesRuleMatchArgs\n {\n DestIpRanges = new[]\n {\n \"0.0.0.0/0\",\n },\n DestNetworkScope = \"INTERNET\",\n Layer4Configs = new[]\n {\n new Gcp.Compute.Inputs.NetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArgs\n {\n IpProtocol = \"tcp\",\n Ports = new[]\n {\n \"8080\",\n },\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/tags\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tproject, err := organizations.LookupProject(ctx, \u0026organizations.LookupProjectArgs{}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\taddressGroup1, err := networksecurity.NewAddressGroup(ctx, \"address_group_1\", \u0026networksecurity.AddressGroupArgs{\n\t\t\tName: pulumi.String(\"address-group\"),\n\t\t\tParent: pulumi.String(project.Id),\n\t\t\tDescription: pulumi.String(\"Global address group\"),\n\t\t\tLocation: pulumi.String(\"global\"),\n\t\t\tItems: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"208.80.154.224/32\"),\n\t\t\t},\n\t\t\tType: pulumi.String(\"IPV4\"),\n\t\t\tCapacity: pulumi.Int(100),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tsecureTagKey1, err := tags.NewTagKey(ctx, \"secure_tag_key_1\", \u0026tags.TagKeyArgs{\n\t\t\tDescription: pulumi.String(\"Tag key\"),\n\t\t\tParent: pulumi.String(project.Id),\n\t\t\tPurpose: pulumi.String(\"GCE_FIREWALL\"),\n\t\t\tShortName: pulumi.String(\"tag-key\"),\n\t\t\tPurposeData: pulumi.StringMap{\n\t\t\t\t\"network\": pulumi.Sprintf(\"%v/default\", project.Name),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tsecureTagValue1, err := tags.NewTagValue(ctx, \"secure_tag_value_1\", \u0026tags.TagValueArgs{\n\t\t\tDescription: pulumi.String(\"Tag value\"),\n\t\t\tParent: secureTagKey1.ID(),\n\t\t\tShortName: pulumi.String(\"tag-value\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tsecurityProfile1, err := networksecurity.NewSecurityProfile(ctx, \"security_profile_1\", \u0026networksecurity.SecurityProfileArgs{\n\t\t\tName: pulumi.String(\"sp\"),\n\t\t\tType: pulumi.String(\"THREAT_PREVENTION\"),\n\t\t\tParent: pulumi.String(\"organizations/123456789\"),\n\t\t\tLocation: pulumi.String(\"global\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tsecurityProfileGroup1, err := networksecurity.NewSecurityProfileGroup(ctx, \"security_profile_group_1\", \u0026networksecurity.SecurityProfileGroupArgs{\n\t\t\tName: pulumi.String(\"spg\"),\n\t\t\tParent: pulumi.String(\"organizations/123456789\"),\n\t\t\tDescription: pulumi.String(\"my description\"),\n\t\t\tThreatPreventionProfile: securityProfile1.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tnetwork, err := compute.NewNetwork(ctx, \"network\", \u0026compute.NetworkArgs{\n\t\t\tName: pulumi.String(\"network\"),\n\t\t\tAutoCreateSubnetworks: pulumi.Bool(false),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = compute.NewNetworkFirewallPolicyWithRules(ctx, \"primary\", \u0026compute.NetworkFirewallPolicyWithRulesArgs{\n\t\t\tName: pulumi.String(\"fw-policy\"),\n\t\t\tDescription: pulumi.String(\"Terraform test\"),\n\t\t\tRules: compute.NetworkFirewallPolicyWithRulesRuleArray{\n\t\t\t\t\u0026compute.NetworkFirewallPolicyWithRulesRuleArgs{\n\t\t\t\t\tDescription: pulumi.String(\"tcp rule\"),\n\t\t\t\t\tPriority: pulumi.Int(1000),\n\t\t\t\t\tEnableLogging: pulumi.Bool(true),\n\t\t\t\t\tAction: pulumi.String(\"allow\"),\n\t\t\t\t\tDirection: pulumi.String(\"EGRESS\"),\n\t\t\t\t\tMatch: \u0026compute.NetworkFirewallPolicyWithRulesRuleMatchArgs{\n\t\t\t\t\t\tDestIpRanges: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"11.100.0.1/32\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tDestFqdns: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"www.yyy.com\"),\n\t\t\t\t\t\t\tpulumi.String(\"www.zzz.com\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tDestRegionCodes: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"HK\"),\n\t\t\t\t\t\t\tpulumi.String(\"IN\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tDestThreatIntelligences: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"iplist-search-engines-crawlers\"),\n\t\t\t\t\t\t\tpulumi.String(\"iplist-tor-exit-nodes\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tDestAddressGroups: pulumi.StringArray{\n\t\t\t\t\t\t\taddressGroup1.ID(),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tLayer4Configs: compute.NetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArray{\n\t\t\t\t\t\t\t\u0026compute.NetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArgs{\n\t\t\t\t\t\t\t\tIpProtocol: pulumi.String(\"tcp\"),\n\t\t\t\t\t\t\t\tPorts: pulumi.StringArray{\n\t\t\t\t\t\t\t\t\tpulumi.String(\"8080\"),\n\t\t\t\t\t\t\t\t\tpulumi.String(\"7070\"),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tTargetSecureTags: compute.NetworkFirewallPolicyWithRulesRuleTargetSecureTagArray{\n\t\t\t\t\t\t\u0026compute.NetworkFirewallPolicyWithRulesRuleTargetSecureTagArgs{\n\t\t\t\t\t\t\tName: secureTagValue1.ID(),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026compute.NetworkFirewallPolicyWithRulesRuleArgs{\n\t\t\t\t\tDescription: pulumi.String(\"udp rule\"),\n\t\t\t\t\tPriority: pulumi.Int(2000),\n\t\t\t\t\tEnableLogging: pulumi.Bool(false),\n\t\t\t\t\tAction: pulumi.String(\"deny\"),\n\t\t\t\t\tDirection: pulumi.String(\"INGRESS\"),\n\t\t\t\t\tDisabled: pulumi.Bool(true),\n\t\t\t\t\tMatch: \u0026compute.NetworkFirewallPolicyWithRulesRuleMatchArgs{\n\t\t\t\t\t\tSrcIpRanges: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"0.0.0.0/0\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tSrcFqdns: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"www.abc.com\"),\n\t\t\t\t\t\t\tpulumi.String(\"www.def.com\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tSrcRegionCodes: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"US\"),\n\t\t\t\t\t\t\tpulumi.String(\"CA\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tSrcThreatIntelligences: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"iplist-known-malicious-ips\"),\n\t\t\t\t\t\t\tpulumi.String(\"iplist-public-clouds\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tSrcAddressGroups: pulumi.StringArray{\n\t\t\t\t\t\t\taddressGroup1.ID(),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tSrcSecureTags: compute.NetworkFirewallPolicyWithRulesRuleMatchSrcSecureTagArray{\n\t\t\t\t\t\t\t\u0026compute.NetworkFirewallPolicyWithRulesRuleMatchSrcSecureTagArgs{\n\t\t\t\t\t\t\t\tName: secureTagValue1.ID(),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\tLayer4Configs: compute.NetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArray{\n\t\t\t\t\t\t\t\u0026compute.NetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArgs{\n\t\t\t\t\t\t\t\tIpProtocol: pulumi.String(\"udp\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026compute.NetworkFirewallPolicyWithRulesRuleArgs{\n\t\t\t\t\tDescription: pulumi.String(\"security profile group rule\"),\n\t\t\t\t\tRuleName: pulumi.String(\"tcp rule\"),\n\t\t\t\t\tPriority: pulumi.Int(3000),\n\t\t\t\t\tEnableLogging: pulumi.Bool(false),\n\t\t\t\t\tAction: pulumi.String(\"apply_security_profile_group\"),\n\t\t\t\t\tDirection: pulumi.String(\"INGRESS\"),\n\t\t\t\t\tTargetServiceAccounts: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"test@google.com\"),\n\t\t\t\t\t},\n\t\t\t\t\tSecurityProfileGroup: securityProfileGroup1.ID().ApplyT(func(id string) (string, error) {\n\t\t\t\t\t\treturn fmt.Sprintf(\"//networksecurity.googleapis.com/%v\", id), nil\n\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\tTlsInspect: pulumi.Bool(true),\n\t\t\t\t\tMatch: \u0026compute.NetworkFirewallPolicyWithRulesRuleMatchArgs{\n\t\t\t\t\t\tSrcIpRanges: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"0.0.0.0/0\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tLayer4Configs: compute.NetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArray{\n\t\t\t\t\t\t\t\u0026compute.NetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArgs{\n\t\t\t\t\t\t\t\tIpProtocol: pulumi.String(\"tcp\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026compute.NetworkFirewallPolicyWithRulesRuleArgs{\n\t\t\t\t\tDescription: pulumi.String(\"network scope rule 1\"),\n\t\t\t\t\tRuleName: pulumi.String(\"network scope 1\"),\n\t\t\t\t\tPriority: pulumi.Int(4000),\n\t\t\t\t\tEnableLogging: pulumi.Bool(false),\n\t\t\t\t\tAction: pulumi.String(\"allow\"),\n\t\t\t\t\tDirection: pulumi.String(\"INGRESS\"),\n\t\t\t\t\tMatch: \u0026compute.NetworkFirewallPolicyWithRulesRuleMatchArgs{\n\t\t\t\t\t\tSrcIpRanges: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"11.100.0.1/32\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tSrcNetworkScope: pulumi.String(\"VPC_NETWORKS\"),\n\t\t\t\t\t\tSrcNetworks: pulumi.StringArray{\n\t\t\t\t\t\t\tnetwork.ID(),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tLayer4Configs: compute.NetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArray{\n\t\t\t\t\t\t\t\u0026compute.NetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArgs{\n\t\t\t\t\t\t\t\tIpProtocol: pulumi.String(\"tcp\"),\n\t\t\t\t\t\t\t\tPorts: pulumi.StringArray{\n\t\t\t\t\t\t\t\t\tpulumi.String(\"8080\"),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026compute.NetworkFirewallPolicyWithRulesRuleArgs{\n\t\t\t\t\tDescription: pulumi.String(\"network scope rule 2\"),\n\t\t\t\t\tRuleName: pulumi.String(\"network scope 2\"),\n\t\t\t\t\tPriority: pulumi.Int(5000),\n\t\t\t\t\tEnableLogging: pulumi.Bool(false),\n\t\t\t\t\tAction: pulumi.String(\"allow\"),\n\t\t\t\t\tDirection: pulumi.String(\"EGRESS\"),\n\t\t\t\t\tMatch: \u0026compute.NetworkFirewallPolicyWithRulesRuleMatchArgs{\n\t\t\t\t\t\tDestIpRanges: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"0.0.0.0/0\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tDestNetworkScope: pulumi.String(\"INTERNET\"),\n\t\t\t\t\t\tLayer4Configs: compute.NetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArray{\n\t\t\t\t\t\t\t\u0026compute.NetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArgs{\n\t\t\t\t\t\t\t\tIpProtocol: pulumi.String(\"tcp\"),\n\t\t\t\t\t\t\t\tPorts: pulumi.StringArray{\n\t\t\t\t\t\t\t\t\tpulumi.String(\"8080\"),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.organizations.OrganizationsFunctions;\nimport com.pulumi.gcp.organizations.inputs.GetProjectArgs;\nimport com.pulumi.gcp.networksecurity.AddressGroup;\nimport com.pulumi.gcp.networksecurity.AddressGroupArgs;\nimport com.pulumi.gcp.tags.TagKey;\nimport com.pulumi.gcp.tags.TagKeyArgs;\nimport com.pulumi.gcp.tags.TagValue;\nimport com.pulumi.gcp.tags.TagValueArgs;\nimport com.pulumi.gcp.networksecurity.SecurityProfile;\nimport com.pulumi.gcp.networksecurity.SecurityProfileArgs;\nimport com.pulumi.gcp.networksecurity.SecurityProfileGroup;\nimport com.pulumi.gcp.networksecurity.SecurityProfileGroupArgs;\nimport com.pulumi.gcp.compute.Network;\nimport com.pulumi.gcp.compute.NetworkArgs;\nimport com.pulumi.gcp.compute.NetworkFirewallPolicyWithRules;\nimport com.pulumi.gcp.compute.NetworkFirewallPolicyWithRulesArgs;\nimport com.pulumi.gcp.compute.inputs.NetworkFirewallPolicyWithRulesRuleArgs;\nimport com.pulumi.gcp.compute.inputs.NetworkFirewallPolicyWithRulesRuleMatchArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var project = OrganizationsFunctions.getProject();\n\n var addressGroup1 = new AddressGroup(\"addressGroup1\", AddressGroupArgs.builder()\n .name(\"address-group\")\n .parent(project.applyValue(getProjectResult -\u003e getProjectResult.id()))\n .description(\"Global address group\")\n .location(\"global\")\n .items(\"208.80.154.224/32\")\n .type(\"IPV4\")\n .capacity(100)\n .build());\n\n var secureTagKey1 = new TagKey(\"secureTagKey1\", TagKeyArgs.builder()\n .description(\"Tag key\")\n .parent(project.applyValue(getProjectResult -\u003e getProjectResult.id()))\n .purpose(\"GCE_FIREWALL\")\n .shortName(\"tag-key\")\n .purposeData(Map.of(\"network\", String.format(\"%s/default\", project.applyValue(getProjectResult -\u003e getProjectResult.name()))))\n .build());\n\n var secureTagValue1 = new TagValue(\"secureTagValue1\", TagValueArgs.builder()\n .description(\"Tag value\")\n .parent(secureTagKey1.id())\n .shortName(\"tag-value\")\n .build());\n\n var securityProfile1 = new SecurityProfile(\"securityProfile1\", SecurityProfileArgs.builder()\n .name(\"sp\")\n .type(\"THREAT_PREVENTION\")\n .parent(\"organizations/123456789\")\n .location(\"global\")\n .build());\n\n var securityProfileGroup1 = new SecurityProfileGroup(\"securityProfileGroup1\", SecurityProfileGroupArgs.builder()\n .name(\"spg\")\n .parent(\"organizations/123456789\")\n .description(\"my description\")\n .threatPreventionProfile(securityProfile1.id())\n .build());\n\n var network = new Network(\"network\", NetworkArgs.builder()\n .name(\"network\")\n .autoCreateSubnetworks(false)\n .build());\n\n var primary = new NetworkFirewallPolicyWithRules(\"primary\", NetworkFirewallPolicyWithRulesArgs.builder()\n .name(\"fw-policy\")\n .description(\"Terraform test\")\n .rules( \n NetworkFirewallPolicyWithRulesRuleArgs.builder()\n .description(\"tcp rule\")\n .priority(1000)\n .enableLogging(true)\n .action(\"allow\")\n .direction(\"EGRESS\")\n .match(NetworkFirewallPolicyWithRulesRuleMatchArgs.builder()\n .destIpRanges(\"11.100.0.1/32\")\n .destFqdns( \n \"www.yyy.com\",\n \"www.zzz.com\")\n .destRegionCodes( \n \"HK\",\n \"IN\")\n .destThreatIntelligences( \n \"iplist-search-engines-crawlers\",\n \"iplist-tor-exit-nodes\")\n .destAddressGroups(addressGroup1.id())\n .layer4Configs(NetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArgs.builder()\n .ipProtocol(\"tcp\")\n .ports( \n 8080,\n 7070)\n .build())\n .build())\n .targetSecureTags(NetworkFirewallPolicyWithRulesRuleTargetSecureTagArgs.builder()\n .name(secureTagValue1.id())\n .build())\n .build(),\n NetworkFirewallPolicyWithRulesRuleArgs.builder()\n .description(\"udp rule\")\n .priority(2000)\n .enableLogging(false)\n .action(\"deny\")\n .direction(\"INGRESS\")\n .disabled(true)\n .match(NetworkFirewallPolicyWithRulesRuleMatchArgs.builder()\n .srcIpRanges(\"0.0.0.0/0\")\n .srcFqdns( \n \"www.abc.com\",\n \"www.def.com\")\n .srcRegionCodes( \n \"US\",\n \"CA\")\n .srcThreatIntelligences( \n \"iplist-known-malicious-ips\",\n \"iplist-public-clouds\")\n .srcAddressGroups(addressGroup1.id())\n .srcSecureTags(NetworkFirewallPolicyWithRulesRuleMatchSrcSecureTagArgs.builder()\n .name(secureTagValue1.id())\n .build())\n .layer4Configs(NetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArgs.builder()\n .ipProtocol(\"udp\")\n .build())\n .build())\n .build(),\n NetworkFirewallPolicyWithRulesRuleArgs.builder()\n .description(\"security profile group rule\")\n .ruleName(\"tcp rule\")\n .priority(3000)\n .enableLogging(false)\n .action(\"apply_security_profile_group\")\n .direction(\"INGRESS\")\n .targetServiceAccounts(\"test@google.com\")\n .securityProfileGroup(securityProfileGroup1.id().applyValue(id -\u003e String.format(\"//networksecurity.googleapis.com/%s\", id)))\n .tlsInspect(true)\n .match(NetworkFirewallPolicyWithRulesRuleMatchArgs.builder()\n .srcIpRanges(\"0.0.0.0/0\")\n .layer4Configs(NetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArgs.builder()\n .ipProtocol(\"tcp\")\n .build())\n .build())\n .build(),\n NetworkFirewallPolicyWithRulesRuleArgs.builder()\n .description(\"network scope rule 1\")\n .ruleName(\"network scope 1\")\n .priority(4000)\n .enableLogging(false)\n .action(\"allow\")\n .direction(\"INGRESS\")\n .match(NetworkFirewallPolicyWithRulesRuleMatchArgs.builder()\n .srcIpRanges(\"11.100.0.1/32\")\n .srcNetworkScope(\"VPC_NETWORKS\")\n .srcNetworks(network.id())\n .layer4Configs(NetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArgs.builder()\n .ipProtocol(\"tcp\")\n .ports(8080)\n .build())\n .build())\n .build(),\n NetworkFirewallPolicyWithRulesRuleArgs.builder()\n .description(\"network scope rule 2\")\n .ruleName(\"network scope 2\")\n .priority(5000)\n .enableLogging(false)\n .action(\"allow\")\n .direction(\"EGRESS\")\n .match(NetworkFirewallPolicyWithRulesRuleMatchArgs.builder()\n .destIpRanges(\"0.0.0.0/0\")\n .destNetworkScope(\"INTERNET\")\n .layer4Configs(NetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArgs.builder()\n .ipProtocol(\"tcp\")\n .ports(8080)\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n primary:\n type: gcp:compute:NetworkFirewallPolicyWithRules\n properties:\n name: fw-policy\n description: Terraform test\n rules:\n - description: tcp rule\n priority: 1000\n enableLogging: true\n action: allow\n direction: EGRESS\n match:\n destIpRanges:\n - 11.100.0.1/32\n destFqdns:\n - www.yyy.com\n - www.zzz.com\n destRegionCodes:\n - HK\n - IN\n destThreatIntelligences:\n - iplist-search-engines-crawlers\n - iplist-tor-exit-nodes\n destAddressGroups:\n - ${addressGroup1.id}\n layer4Configs:\n - ipProtocol: tcp\n ports:\n - 8080\n - 7070\n targetSecureTags:\n - name: ${secureTagValue1.id}\n - description: udp rule\n priority: 2000\n enableLogging: false\n action: deny\n direction: INGRESS\n disabled: true\n match:\n srcIpRanges:\n - 0.0.0.0/0\n srcFqdns:\n - www.abc.com\n - www.def.com\n srcRegionCodes:\n - US\n - CA\n srcThreatIntelligences:\n - iplist-known-malicious-ips\n - iplist-public-clouds\n srcAddressGroups:\n - ${addressGroup1.id}\n srcSecureTags:\n - name: ${secureTagValue1.id}\n layer4Configs:\n - ipProtocol: udp\n - description: security profile group rule\n ruleName: tcp rule\n priority: 3000\n enableLogging: false\n action: apply_security_profile_group\n direction: INGRESS\n targetServiceAccounts:\n - test@google.com\n securityProfileGroup: //networksecurity.googleapis.com/${securityProfileGroup1.id}\n tlsInspect: true\n match:\n srcIpRanges:\n - 0.0.0.0/0\n layer4Configs:\n - ipProtocol: tcp\n - description: network scope rule 1\n ruleName: network scope 1\n priority: 4000\n enableLogging: false\n action: allow\n direction: INGRESS\n match:\n srcIpRanges:\n - 11.100.0.1/32\n srcNetworkScope: VPC_NETWORKS\n srcNetworks:\n - ${network.id}\n layer4Configs:\n - ipProtocol: tcp\n ports:\n - 8080\n - description: network scope rule 2\n ruleName: network scope 2\n priority: 5000\n enableLogging: false\n action: allow\n direction: EGRESS\n match:\n destIpRanges:\n - 0.0.0.0/0\n destNetworkScope: INTERNET\n layer4Configs:\n - ipProtocol: tcp\n ports:\n - 8080\n addressGroup1:\n type: gcp:networksecurity:AddressGroup\n name: address_group_1\n properties:\n name: address-group\n parent: ${project.id}\n description: Global address group\n location: global\n items:\n - 208.80.154.224/32\n type: IPV4\n capacity: 100\n secureTagKey1:\n type: gcp:tags:TagKey\n name: secure_tag_key_1\n properties:\n description: Tag key\n parent: ${project.id}\n purpose: GCE_FIREWALL\n shortName: tag-key\n purposeData:\n network: ${project.name}/default\n secureTagValue1:\n type: gcp:tags:TagValue\n name: secure_tag_value_1\n properties:\n description: Tag value\n parent: ${secureTagKey1.id}\n shortName: tag-value\n securityProfileGroup1:\n type: gcp:networksecurity:SecurityProfileGroup\n name: security_profile_group_1\n properties:\n name: spg\n parent: organizations/123456789\n description: my description\n threatPreventionProfile: ${securityProfile1.id}\n securityProfile1:\n type: gcp:networksecurity:SecurityProfile\n name: security_profile_1\n properties:\n name: sp\n type: THREAT_PREVENTION\n parent: organizations/123456789\n location: global\n network:\n type: gcp:compute:Network\n properties:\n name: network\n autoCreateSubnetworks: false\nvariables:\n project:\n fn::invoke:\n function: gcp:organizations:getProject\n arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nNetworkFirewallPolicyWithRules can be imported using any of these accepted formats:\n\n* `projects/{{project}}/global/firewallPolicies/{{name}}`\n\n* `{{project}}/{{name}}`\n\n* `{{name}}`\n\nWhen using the `pulumi import` command, NetworkFirewallPolicyWithRules can be imported using one of the formats above. For example:\n\n```sh\n$ pulumi import gcp:compute/networkFirewallPolicyWithRules:NetworkFirewallPolicyWithRules default projects/{{project}}/global/firewallPolicies/{{name}}\n```\n\n```sh\n$ pulumi import gcp:compute/networkFirewallPolicyWithRules:NetworkFirewallPolicyWithRules default {{project}}/{{name}}\n```\n\n```sh\n$ pulumi import gcp:compute/networkFirewallPolicyWithRules:NetworkFirewallPolicyWithRules default {{name}}\n```\n\n", "properties": { "creationTimestamp": { "type": "string", @@ -179527,7 +181495,7 @@ } }, "gcp:compute/projectMetadataItem:ProjectMetadataItem": { - "description": "Manages a single key/value pair on metadata common to all instances for\na project in GCE. Using `gcp.compute.ProjectMetadataItem` lets you\nmanage a single key/value setting in the provider rather than the entire\nproject metadata map.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst _default = new gcp.compute.ProjectMetadataItem(\"default\", {\n key: \"my_metadata\",\n value: \"my_value\",\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\ndefault = gcp.compute.ProjectMetadataItem(\"default\",\n key=\"my_metadata\",\n value=\"my_value\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = new Gcp.Compute.ProjectMetadataItem(\"default\", new()\n {\n Key = \"my_metadata\",\n Value = \"my_value\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := compute.NewProjectMetadataItem(ctx, \"default\", \u0026compute.ProjectMetadataItemArgs{\n\t\t\tKey: pulumi.String(\"my_metadata\"),\n\t\t\tValue: pulumi.String(\"my_value\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.compute.ProjectMetadataItem;\nimport com.pulumi.gcp.compute.ProjectMetadataItemArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var default_ = new ProjectMetadataItem(\"default\", ProjectMetadataItemArgs.builder()\n .key(\"my_metadata\")\n .value(\"my_value\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: gcp:compute:ProjectMetadataItem\n properties:\n key: my_metadata\n value: my_value\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nProject metadata items can be imported using the `key`, e.g.\n\n* `{{key}}`\n\nWhen using the `pulumi import` command, project metadata items can be imported using one of the formats above. For example:\n\n```sh\n$ pulumi import gcp:compute/projectMetadataItem:ProjectMetadataItem default {{key}}\n```\n\n", + "description": "Manages a single key/value pair on metadata common to all instances for\na project in GCE. Using `gcp.compute.ProjectMetadataItem` lets you\nmanage a single key/value setting in the provider rather than the entire\nproject metadata map.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst _default = new gcp.compute.ProjectMetadataItem(\"default\", {\n key: \"my_metadata\",\n value: \"my_value\",\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\ndefault = gcp.compute.ProjectMetadataItem(\"default\",\n key=\"my_metadata\",\n value=\"my_value\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = new Gcp.Compute.ProjectMetadataItem(\"default\", new()\n {\n Key = \"my_metadata\",\n Value = \"my_value\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := compute.NewProjectMetadataItem(ctx, \"default\", \u0026compute.ProjectMetadataItemArgs{\n\t\t\tKey: pulumi.String(\"my_metadata\"),\n\t\t\tValue: pulumi.String(\"my_value\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.compute.ProjectMetadataItem;\nimport com.pulumi.gcp.compute.ProjectMetadataItemArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var default_ = new ProjectMetadataItem(\"default\", ProjectMetadataItemArgs.builder()\n .key(\"my_metadata\")\n .value(\"my_value\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: gcp:compute:ProjectMetadataItem\n properties:\n key: my_metadata\n value: my_value\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nProject metadata items can be imported using the `key`, e.g.\n\n* `{{key}}`\n\n* `projects/{{project}}/meta-data/{{key}}`\n\nWhen using the `pulumi import` command, project metadata items can be imported using one of the formats above. For example:\n\n```sh\n$ pulumi import gcp:compute/projectMetadataItem:ProjectMetadataItem default {{key}}\n```\n\n```sh\n$ pulumi import gcp:compute/projectMetadataItem:ProjectMetadataItem default projects/{{project}}/meta-data/{{key}}\n```\n\n", "properties": { "key": { "type": "string", @@ -179589,7 +181557,7 @@ } }, "gcp:compute/publicAdvertisedPrefix:PublicAdvertisedPrefix": { - "description": "Represents a PublicAdvertisedPrefix for use with bring your own IP addresses (BYOIP).\n\n\nTo get more information about PublicAdvertisedPrefix, see:\n\n* [API documentation](https://cloud.google.com/compute/docs/reference/rest/v1/publicAdvertisedPrefixes)\n* How-to Guides\n * [Using bring your own IP](https://cloud.google.com/vpc/docs/using-bring-your-own-ip)\n\n## Example Usage\n\n### Public Advertised Prefixes Basic\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst prefixes = new gcp.compute.PublicAdvertisedPrefix(\"prefixes\", {\n name: \"my-prefix\",\n description: \"description\",\n dnsVerificationIp: \"127.127.0.0\",\n ipCidrRange: \"127.127.0.0/16\",\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nprefixes = gcp.compute.PublicAdvertisedPrefix(\"prefixes\",\n name=\"my-prefix\",\n description=\"description\",\n dns_verification_ip=\"127.127.0.0\",\n ip_cidr_range=\"127.127.0.0/16\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var prefixes = new Gcp.Compute.PublicAdvertisedPrefix(\"prefixes\", new()\n {\n Name = \"my-prefix\",\n Description = \"description\",\n DnsVerificationIp = \"127.127.0.0\",\n IpCidrRange = \"127.127.0.0/16\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := compute.NewPublicAdvertisedPrefix(ctx, \"prefixes\", \u0026compute.PublicAdvertisedPrefixArgs{\n\t\t\tName: pulumi.String(\"my-prefix\"),\n\t\t\tDescription: pulumi.String(\"description\"),\n\t\t\tDnsVerificationIp: pulumi.String(\"127.127.0.0\"),\n\t\t\tIpCidrRange: pulumi.String(\"127.127.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.compute.PublicAdvertisedPrefix;\nimport com.pulumi.gcp.compute.PublicAdvertisedPrefixArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var prefixes = new PublicAdvertisedPrefix(\"prefixes\", PublicAdvertisedPrefixArgs.builder()\n .name(\"my-prefix\")\n .description(\"description\")\n .dnsVerificationIp(\"127.127.0.0\")\n .ipCidrRange(\"127.127.0.0/16\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n prefixes:\n type: gcp:compute:PublicAdvertisedPrefix\n properties:\n name: my-prefix\n description: description\n dnsVerificationIp: 127.127.0.0\n ipCidrRange: 127.127.0.0/16\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nPublicAdvertisedPrefix can be imported using any of these accepted formats:\n\n* `projects/{{project}}/global/publicAdvertisedPrefixes/{{name}}`\n\n* `{{project}}/{{name}}`\n\n* `{{name}}`\n\nWhen using the `pulumi import` command, PublicAdvertisedPrefix can be imported using one of the formats above. For example:\n\n```sh\n$ pulumi import gcp:compute/publicAdvertisedPrefix:PublicAdvertisedPrefix default projects/{{project}}/global/publicAdvertisedPrefixes/{{name}}\n```\n\n```sh\n$ pulumi import gcp:compute/publicAdvertisedPrefix:PublicAdvertisedPrefix default {{project}}/{{name}}\n```\n\n```sh\n$ pulumi import gcp:compute/publicAdvertisedPrefix:PublicAdvertisedPrefix default {{name}}\n```\n\n", + "description": "Represents a PublicAdvertisedPrefix for use with bring your own IP addresses (BYOIP).\n\n\nTo get more information about PublicAdvertisedPrefix, see:\n\n* [API documentation](https://cloud.google.com/compute/docs/reference/rest/v1/publicAdvertisedPrefixes)\n* How-to Guides\n * [Using bring your own IP](https://cloud.google.com/vpc/docs/using-bring-your-own-ip)\n\n## Example Usage\n\n### Public Advertised Prefixes Basic\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst prefixes = new gcp.compute.PublicAdvertisedPrefix(\"prefixes\", {\n name: \"my-prefix\",\n description: \"description\",\n dnsVerificationIp: \"127.127.0.0\",\n ipCidrRange: \"127.127.0.0/16\",\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nprefixes = gcp.compute.PublicAdvertisedPrefix(\"prefixes\",\n name=\"my-prefix\",\n description=\"description\",\n dns_verification_ip=\"127.127.0.0\",\n ip_cidr_range=\"127.127.0.0/16\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var prefixes = new Gcp.Compute.PublicAdvertisedPrefix(\"prefixes\", new()\n {\n Name = \"my-prefix\",\n Description = \"description\",\n DnsVerificationIp = \"127.127.0.0\",\n IpCidrRange = \"127.127.0.0/16\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := compute.NewPublicAdvertisedPrefix(ctx, \"prefixes\", \u0026compute.PublicAdvertisedPrefixArgs{\n\t\t\tName: pulumi.String(\"my-prefix\"),\n\t\t\tDescription: pulumi.String(\"description\"),\n\t\t\tDnsVerificationIp: pulumi.String(\"127.127.0.0\"),\n\t\t\tIpCidrRange: pulumi.String(\"127.127.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.compute.PublicAdvertisedPrefix;\nimport com.pulumi.gcp.compute.PublicAdvertisedPrefixArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var prefixes = new PublicAdvertisedPrefix(\"prefixes\", PublicAdvertisedPrefixArgs.builder()\n .name(\"my-prefix\")\n .description(\"description\")\n .dnsVerificationIp(\"127.127.0.0\")\n .ipCidrRange(\"127.127.0.0/16\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n prefixes:\n type: gcp:compute:PublicAdvertisedPrefix\n properties:\n name: my-prefix\n description: description\n dnsVerificationIp: 127.127.0.0\n ipCidrRange: 127.127.0.0/16\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Public Advertised Prefixes Pdp Scope\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst prefixes = new gcp.compute.PublicAdvertisedPrefix(\"prefixes\", {\n name: \"my-pap\",\n description: \"description\",\n dnsVerificationIp: \"127.127.0.0\",\n ipCidrRange: \"127.127.0.0/16\",\n pdpScope: \"REGIONAL\",\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nprefixes = gcp.compute.PublicAdvertisedPrefix(\"prefixes\",\n name=\"my-pap\",\n description=\"description\",\n dns_verification_ip=\"127.127.0.0\",\n ip_cidr_range=\"127.127.0.0/16\",\n pdp_scope=\"REGIONAL\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var prefixes = new Gcp.Compute.PublicAdvertisedPrefix(\"prefixes\", new()\n {\n Name = \"my-pap\",\n Description = \"description\",\n DnsVerificationIp = \"127.127.0.0\",\n IpCidrRange = \"127.127.0.0/16\",\n PdpScope = \"REGIONAL\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := compute.NewPublicAdvertisedPrefix(ctx, \"prefixes\", \u0026compute.PublicAdvertisedPrefixArgs{\n\t\t\tName: pulumi.String(\"my-pap\"),\n\t\t\tDescription: pulumi.String(\"description\"),\n\t\t\tDnsVerificationIp: pulumi.String(\"127.127.0.0\"),\n\t\t\tIpCidrRange: pulumi.String(\"127.127.0.0/16\"),\n\t\t\tPdpScope: pulumi.String(\"REGIONAL\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.compute.PublicAdvertisedPrefix;\nimport com.pulumi.gcp.compute.PublicAdvertisedPrefixArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var prefixes = new PublicAdvertisedPrefix(\"prefixes\", PublicAdvertisedPrefixArgs.builder()\n .name(\"my-pap\")\n .description(\"description\")\n .dnsVerificationIp(\"127.127.0.0\")\n .ipCidrRange(\"127.127.0.0/16\")\n .pdpScope(\"REGIONAL\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n prefixes:\n type: gcp:compute:PublicAdvertisedPrefix\n properties:\n name: my-pap\n description: description\n dnsVerificationIp: 127.127.0.0\n ipCidrRange: 127.127.0.0/16\n pdpScope: REGIONAL\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nPublicAdvertisedPrefix can be imported using any of these accepted formats:\n\n* `projects/{{project}}/global/publicAdvertisedPrefixes/{{name}}`\n\n* `{{project}}/{{name}}`\n\n* `{{name}}`\n\nWhen using the `pulumi import` command, PublicAdvertisedPrefix can be imported using one of the formats above. For example:\n\n```sh\n$ pulumi import gcp:compute/publicAdvertisedPrefix:PublicAdvertisedPrefix default projects/{{project}}/global/publicAdvertisedPrefixes/{{name}}\n```\n\n```sh\n$ pulumi import gcp:compute/publicAdvertisedPrefix:PublicAdvertisedPrefix default {{project}}/{{name}}\n```\n\n```sh\n$ pulumi import gcp:compute/publicAdvertisedPrefix:PublicAdvertisedPrefix default {{name}}\n```\n\n", "properties": { "description": { "type": "string", @@ -179607,6 +181575,10 @@ "type": "string", "description": "Name of the resource. The name must be 1-63 characters long, and\ncomply with RFC1035. Specifically, the name must be 1-63 characters\nlong and match the regular expression `a-z?`\nwhich means the first character must be a lowercase letter, and all\nfollowing characters must be a dash, lowercase letter, or digit,\nexcept the last character, which cannot be a dash.\n" }, + "pdpScope": { + "type": "string", + "description": "Specifies how child public delegated prefix will be scoped. pdpScope\nmust be one of: GLOBAL, REGIONAL\nPossible values are: `GLOBAL`, `REGIONAL`.\n" + }, "project": { "type": "string", "description": "The ID of the project in which the resource belongs.\nIf it is not provided, the provider project is used.\n" @@ -179649,6 +181621,11 @@ "description": "Name of the resource. The name must be 1-63 characters long, and\ncomply with RFC1035. Specifically, the name must be 1-63 characters\nlong and match the regular expression `a-z?`\nwhich means the first character must be a lowercase letter, and all\nfollowing characters must be a dash, lowercase letter, or digit,\nexcept the last character, which cannot be a dash.\n", "willReplaceOnChanges": true }, + "pdpScope": { + "type": "string", + "description": "Specifies how child public delegated prefix will be scoped. pdpScope\nmust be one of: GLOBAL, REGIONAL\nPossible values are: `GLOBAL`, `REGIONAL`.\n", + "willReplaceOnChanges": true + }, "project": { "type": "string", "description": "The ID of the project in which the resource belongs.\nIf it is not provided, the provider project is used.\n", @@ -179682,6 +181659,11 @@ "description": "Name of the resource. The name must be 1-63 characters long, and\ncomply with RFC1035. Specifically, the name must be 1-63 characters\nlong and match the regular expression `a-z?`\nwhich means the first character must be a lowercase letter, and all\nfollowing characters must be a dash, lowercase letter, or digit,\nexcept the last character, which cannot be a dash.\n", "willReplaceOnChanges": true }, + "pdpScope": { + "type": "string", + "description": "Specifies how child public delegated prefix will be scoped. pdpScope\nmust be one of: GLOBAL, REGIONAL\nPossible values are: `GLOBAL`, `REGIONAL`.\n", + "willReplaceOnChanges": true + }, "project": { "type": "string", "description": "The ID of the project in which the resource belongs.\nIf it is not provided, the provider project is used.\n", @@ -183616,7 +185598,7 @@ } }, "gcp:compute/regionNetworkFirewallPolicyRule:RegionNetworkFirewallPolicyRule": { - "description": "Represents a rule that describes one or more match conditions along with the action to be taken when traffic matches this condition (allow or deny).\n\n\nTo get more information about RegionNetworkFirewallPolicyRule, see:\n\n* [API documentation](https://cloud.google.com/compute/docs/reference/rest/v1/regionNetworkFirewallPolicies/addRule)\n\n## Example Usage\n\n### Region Network Firewall Policy Rule\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst basicRegionalNetworksecurityAddressGroup = new gcp.networksecurity.AddressGroup(\"basic_regional_networksecurity_address_group\", {\n name: \"address\",\n parent: \"projects/my-project-name\",\n description: \"Sample regional networksecurity_address_group\",\n location: \"us-west1\",\n items: [\"208.80.154.224/32\"],\n type: \"IPV4\",\n capacity: 100,\n});\nconst basicRegionalNetworkFirewallPolicy = new gcp.compute.RegionNetworkFirewallPolicy(\"basic_regional_network_firewall_policy\", {\n name: \"policy\",\n description: \"Sample regional network firewall policy\",\n project: \"my-project-name\",\n region: \"us-west1\",\n});\nconst basicNetwork = new gcp.compute.Network(\"basic_network\", {name: \"network\"});\nconst basicKey = new gcp.tags.TagKey(\"basic_key\", {\n description: \"For keyname resources.\",\n parent: \"organizations/123456789\",\n purpose: \"GCE_FIREWALL\",\n shortName: \"tagkey\",\n purposeData: {\n network: pulumi.interpolate`my-project-name/${basicNetwork.name}`,\n },\n});\nconst basicValue = new gcp.tags.TagValue(\"basic_value\", {\n description: \"For valuename resources.\",\n parent: basicKey.id,\n shortName: \"tagvalue\",\n});\nconst primary = new gcp.compute.RegionNetworkFirewallPolicyRule(\"primary\", {\n action: \"allow\",\n description: \"This is a simple rule description\",\n direction: \"INGRESS\",\n disabled: false,\n enableLogging: true,\n firewallPolicy: basicRegionalNetworkFirewallPolicy.name,\n priority: 1000,\n region: \"us-west1\",\n ruleName: \"test-rule\",\n targetServiceAccounts: [\"my@service-account.com\"],\n match: {\n srcIpRanges: [\"10.100.0.1/32\"],\n srcFqdns: [\"example.com\"],\n srcRegionCodes: [\"US\"],\n srcThreatIntelligences: [\"iplist-known-malicious-ips\"],\n layer4Configs: [{\n ipProtocol: \"all\",\n }],\n srcSecureTags: [{\n name: basicValue.id,\n }],\n srcAddressGroups: [basicRegionalNetworksecurityAddressGroup.id],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nbasic_regional_networksecurity_address_group = gcp.networksecurity.AddressGroup(\"basic_regional_networksecurity_address_group\",\n name=\"address\",\n parent=\"projects/my-project-name\",\n description=\"Sample regional networksecurity_address_group\",\n location=\"us-west1\",\n items=[\"208.80.154.224/32\"],\n type=\"IPV4\",\n capacity=100)\nbasic_regional_network_firewall_policy = gcp.compute.RegionNetworkFirewallPolicy(\"basic_regional_network_firewall_policy\",\n name=\"policy\",\n description=\"Sample regional network firewall policy\",\n project=\"my-project-name\",\n region=\"us-west1\")\nbasic_network = gcp.compute.Network(\"basic_network\", name=\"network\")\nbasic_key = gcp.tags.TagKey(\"basic_key\",\n description=\"For keyname resources.\",\n parent=\"organizations/123456789\",\n purpose=\"GCE_FIREWALL\",\n short_name=\"tagkey\",\n purpose_data={\n \"network\": basic_network.name.apply(lambda name: f\"my-project-name/{name}\"),\n })\nbasic_value = gcp.tags.TagValue(\"basic_value\",\n description=\"For valuename resources.\",\n parent=basic_key.id,\n short_name=\"tagvalue\")\nprimary = gcp.compute.RegionNetworkFirewallPolicyRule(\"primary\",\n action=\"allow\",\n description=\"This is a simple rule description\",\n direction=\"INGRESS\",\n disabled=False,\n enable_logging=True,\n firewall_policy=basic_regional_network_firewall_policy.name,\n priority=1000,\n region=\"us-west1\",\n rule_name=\"test-rule\",\n target_service_accounts=[\"my@service-account.com\"],\n match={\n \"src_ip_ranges\": [\"10.100.0.1/32\"],\n \"src_fqdns\": [\"example.com\"],\n \"src_region_codes\": [\"US\"],\n \"src_threat_intelligences\": [\"iplist-known-malicious-ips\"],\n \"layer4_configs\": [{\n \"ip_protocol\": \"all\",\n }],\n \"src_secure_tags\": [{\n \"name\": basic_value.id,\n }],\n \"src_address_groups\": [basic_regional_networksecurity_address_group.id],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var basicRegionalNetworksecurityAddressGroup = new Gcp.NetworkSecurity.AddressGroup(\"basic_regional_networksecurity_address_group\", new()\n {\n Name = \"address\",\n Parent = \"projects/my-project-name\",\n Description = \"Sample regional networksecurity_address_group\",\n Location = \"us-west1\",\n Items = new[]\n {\n \"208.80.154.224/32\",\n },\n Type = \"IPV4\",\n Capacity = 100,\n });\n\n var basicRegionalNetworkFirewallPolicy = new Gcp.Compute.RegionNetworkFirewallPolicy(\"basic_regional_network_firewall_policy\", new()\n {\n Name = \"policy\",\n Description = \"Sample regional network firewall policy\",\n Project = \"my-project-name\",\n Region = \"us-west1\",\n });\n\n var basicNetwork = new Gcp.Compute.Network(\"basic_network\", new()\n {\n Name = \"network\",\n });\n\n var basicKey = new Gcp.Tags.TagKey(\"basic_key\", new()\n {\n Description = \"For keyname resources.\",\n Parent = \"organizations/123456789\",\n Purpose = \"GCE_FIREWALL\",\n ShortName = \"tagkey\",\n PurposeData = \n {\n { \"network\", basicNetwork.Name.Apply(name =\u003e $\"my-project-name/{name}\") },\n },\n });\n\n var basicValue = new Gcp.Tags.TagValue(\"basic_value\", new()\n {\n Description = \"For valuename resources.\",\n Parent = basicKey.Id,\n ShortName = \"tagvalue\",\n });\n\n var primary = new Gcp.Compute.RegionNetworkFirewallPolicyRule(\"primary\", new()\n {\n Action = \"allow\",\n Description = \"This is a simple rule description\",\n Direction = \"INGRESS\",\n Disabled = false,\n EnableLogging = true,\n FirewallPolicy = basicRegionalNetworkFirewallPolicy.Name,\n Priority = 1000,\n Region = \"us-west1\",\n RuleName = \"test-rule\",\n TargetServiceAccounts = new[]\n {\n \"my@service-account.com\",\n },\n Match = new Gcp.Compute.Inputs.RegionNetworkFirewallPolicyRuleMatchArgs\n {\n SrcIpRanges = new[]\n {\n \"10.100.0.1/32\",\n },\n SrcFqdns = new[]\n {\n \"example.com\",\n },\n SrcRegionCodes = new[]\n {\n \"US\",\n },\n SrcThreatIntelligences = new[]\n {\n \"iplist-known-malicious-ips\",\n },\n Layer4Configs = new[]\n {\n new Gcp.Compute.Inputs.RegionNetworkFirewallPolicyRuleMatchLayer4ConfigArgs\n {\n IpProtocol = \"all\",\n },\n },\n SrcSecureTags = new[]\n {\n new Gcp.Compute.Inputs.RegionNetworkFirewallPolicyRuleMatchSrcSecureTagArgs\n {\n Name = basicValue.Id,\n },\n },\n SrcAddressGroups = new[]\n {\n basicRegionalNetworksecurityAddressGroup.Id,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/tags\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tbasicRegionalNetworksecurityAddressGroup, err := networksecurity.NewAddressGroup(ctx, \"basic_regional_networksecurity_address_group\", \u0026networksecurity.AddressGroupArgs{\n\t\t\tName: pulumi.String(\"address\"),\n\t\t\tParent: pulumi.String(\"projects/my-project-name\"),\n\t\t\tDescription: pulumi.String(\"Sample regional networksecurity_address_group\"),\n\t\t\tLocation: pulumi.String(\"us-west1\"),\n\t\t\tItems: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"208.80.154.224/32\"),\n\t\t\t},\n\t\t\tType: pulumi.String(\"IPV4\"),\n\t\t\tCapacity: pulumi.Int(100),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tbasicRegionalNetworkFirewallPolicy, err := compute.NewRegionNetworkFirewallPolicy(ctx, \"basic_regional_network_firewall_policy\", \u0026compute.RegionNetworkFirewallPolicyArgs{\n\t\t\tName: pulumi.String(\"policy\"),\n\t\t\tDescription: pulumi.String(\"Sample regional network firewall policy\"),\n\t\t\tProject: pulumi.String(\"my-project-name\"),\n\t\t\tRegion: pulumi.String(\"us-west1\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tbasicNetwork, err := compute.NewNetwork(ctx, \"basic_network\", \u0026compute.NetworkArgs{\n\t\t\tName: pulumi.String(\"network\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tbasicKey, err := tags.NewTagKey(ctx, \"basic_key\", \u0026tags.TagKeyArgs{\n\t\t\tDescription: pulumi.String(\"For keyname resources.\"),\n\t\t\tParent: pulumi.String(\"organizations/123456789\"),\n\t\t\tPurpose: pulumi.String(\"GCE_FIREWALL\"),\n\t\t\tShortName: pulumi.String(\"tagkey\"),\n\t\t\tPurposeData: pulumi.StringMap{\n\t\t\t\t\"network\": basicNetwork.Name.ApplyT(func(name string) (string, error) {\n\t\t\t\t\treturn fmt.Sprintf(\"my-project-name/%v\", name), nil\n\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tbasicValue, err := tags.NewTagValue(ctx, \"basic_value\", \u0026tags.TagValueArgs{\n\t\t\tDescription: pulumi.String(\"For valuename resources.\"),\n\t\t\tParent: basicKey.ID(),\n\t\t\tShortName: pulumi.String(\"tagvalue\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = compute.NewRegionNetworkFirewallPolicyRule(ctx, \"primary\", \u0026compute.RegionNetworkFirewallPolicyRuleArgs{\n\t\t\tAction: pulumi.String(\"allow\"),\n\t\t\tDescription: pulumi.String(\"This is a simple rule description\"),\n\t\t\tDirection: pulumi.String(\"INGRESS\"),\n\t\t\tDisabled: pulumi.Bool(false),\n\t\t\tEnableLogging: pulumi.Bool(true),\n\t\t\tFirewallPolicy: basicRegionalNetworkFirewallPolicy.Name,\n\t\t\tPriority: pulumi.Int(1000),\n\t\t\tRegion: pulumi.String(\"us-west1\"),\n\t\t\tRuleName: pulumi.String(\"test-rule\"),\n\t\t\tTargetServiceAccounts: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"my@service-account.com\"),\n\t\t\t},\n\t\t\tMatch: \u0026compute.RegionNetworkFirewallPolicyRuleMatchArgs{\n\t\t\t\tSrcIpRanges: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"10.100.0.1/32\"),\n\t\t\t\t},\n\t\t\t\tSrcFqdns: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"example.com\"),\n\t\t\t\t},\n\t\t\t\tSrcRegionCodes: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"US\"),\n\t\t\t\t},\n\t\t\t\tSrcThreatIntelligences: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"iplist-known-malicious-ips\"),\n\t\t\t\t},\n\t\t\t\tLayer4Configs: compute.RegionNetworkFirewallPolicyRuleMatchLayer4ConfigArray{\n\t\t\t\t\t\u0026compute.RegionNetworkFirewallPolicyRuleMatchLayer4ConfigArgs{\n\t\t\t\t\t\tIpProtocol: pulumi.String(\"all\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tSrcSecureTags: compute.RegionNetworkFirewallPolicyRuleMatchSrcSecureTagArray{\n\t\t\t\t\t\u0026compute.RegionNetworkFirewallPolicyRuleMatchSrcSecureTagArgs{\n\t\t\t\t\t\tName: basicValue.ID(),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tSrcAddressGroups: pulumi.StringArray{\n\t\t\t\t\tbasicRegionalNetworksecurityAddressGroup.ID(),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.networksecurity.AddressGroup;\nimport com.pulumi.gcp.networksecurity.AddressGroupArgs;\nimport com.pulumi.gcp.compute.RegionNetworkFirewallPolicy;\nimport com.pulumi.gcp.compute.RegionNetworkFirewallPolicyArgs;\nimport com.pulumi.gcp.compute.Network;\nimport com.pulumi.gcp.compute.NetworkArgs;\nimport com.pulumi.gcp.tags.TagKey;\nimport com.pulumi.gcp.tags.TagKeyArgs;\nimport com.pulumi.gcp.tags.TagValue;\nimport com.pulumi.gcp.tags.TagValueArgs;\nimport com.pulumi.gcp.compute.RegionNetworkFirewallPolicyRule;\nimport com.pulumi.gcp.compute.RegionNetworkFirewallPolicyRuleArgs;\nimport com.pulumi.gcp.compute.inputs.RegionNetworkFirewallPolicyRuleMatchArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var basicRegionalNetworksecurityAddressGroup = new AddressGroup(\"basicRegionalNetworksecurityAddressGroup\", AddressGroupArgs.builder()\n .name(\"address\")\n .parent(\"projects/my-project-name\")\n .description(\"Sample regional networksecurity_address_group\")\n .location(\"us-west1\")\n .items(\"208.80.154.224/32\")\n .type(\"IPV4\")\n .capacity(100)\n .build());\n\n var basicRegionalNetworkFirewallPolicy = new RegionNetworkFirewallPolicy(\"basicRegionalNetworkFirewallPolicy\", RegionNetworkFirewallPolicyArgs.builder()\n .name(\"policy\")\n .description(\"Sample regional network firewall policy\")\n .project(\"my-project-name\")\n .region(\"us-west1\")\n .build());\n\n var basicNetwork = new Network(\"basicNetwork\", NetworkArgs.builder()\n .name(\"network\")\n .build());\n\n var basicKey = new TagKey(\"basicKey\", TagKeyArgs.builder()\n .description(\"For keyname resources.\")\n .parent(\"organizations/123456789\")\n .purpose(\"GCE_FIREWALL\")\n .shortName(\"tagkey\")\n .purposeData(Map.of(\"network\", basicNetwork.name().applyValue(name -\u003e String.format(\"my-project-name/%s\", name))))\n .build());\n\n var basicValue = new TagValue(\"basicValue\", TagValueArgs.builder()\n .description(\"For valuename resources.\")\n .parent(basicKey.id())\n .shortName(\"tagvalue\")\n .build());\n\n var primary = new RegionNetworkFirewallPolicyRule(\"primary\", RegionNetworkFirewallPolicyRuleArgs.builder()\n .action(\"allow\")\n .description(\"This is a simple rule description\")\n .direction(\"INGRESS\")\n .disabled(false)\n .enableLogging(true)\n .firewallPolicy(basicRegionalNetworkFirewallPolicy.name())\n .priority(1000)\n .region(\"us-west1\")\n .ruleName(\"test-rule\")\n .targetServiceAccounts(\"my@service-account.com\")\n .match(RegionNetworkFirewallPolicyRuleMatchArgs.builder()\n .srcIpRanges(\"10.100.0.1/32\")\n .srcFqdns(\"example.com\")\n .srcRegionCodes(\"US\")\n .srcThreatIntelligences(\"iplist-known-malicious-ips\")\n .layer4Configs(RegionNetworkFirewallPolicyRuleMatchLayer4ConfigArgs.builder()\n .ipProtocol(\"all\")\n .build())\n .srcSecureTags(RegionNetworkFirewallPolicyRuleMatchSrcSecureTagArgs.builder()\n .name(basicValue.id())\n .build())\n .srcAddressGroups(basicRegionalNetworksecurityAddressGroup.id())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n basicRegionalNetworksecurityAddressGroup:\n type: gcp:networksecurity:AddressGroup\n name: basic_regional_networksecurity_address_group\n properties:\n name: address\n parent: projects/my-project-name\n description: Sample regional networksecurity_address_group\n location: us-west1\n items:\n - 208.80.154.224/32\n type: IPV4\n capacity: 100\n basicRegionalNetworkFirewallPolicy:\n type: gcp:compute:RegionNetworkFirewallPolicy\n name: basic_regional_network_firewall_policy\n properties:\n name: policy\n description: Sample regional network firewall policy\n project: my-project-name\n region: us-west1\n primary:\n type: gcp:compute:RegionNetworkFirewallPolicyRule\n properties:\n action: allow\n description: This is a simple rule description\n direction: INGRESS\n disabled: false\n enableLogging: true\n firewallPolicy: ${basicRegionalNetworkFirewallPolicy.name}\n priority: 1000\n region: us-west1\n ruleName: test-rule\n targetServiceAccounts:\n - my@service-account.com\n match:\n srcIpRanges:\n - 10.100.0.1/32\n srcFqdns:\n - example.com\n srcRegionCodes:\n - US\n srcThreatIntelligences:\n - iplist-known-malicious-ips\n layer4Configs:\n - ipProtocol: all\n srcSecureTags:\n - name: ${basicValue.id}\n srcAddressGroups:\n - ${basicRegionalNetworksecurityAddressGroup.id}\n basicNetwork:\n type: gcp:compute:Network\n name: basic_network\n properties:\n name: network\n basicKey:\n type: gcp:tags:TagKey\n name: basic_key\n properties:\n description: For keyname resources.\n parent: organizations/123456789\n purpose: GCE_FIREWALL\n shortName: tagkey\n purposeData:\n network: my-project-name/${basicNetwork.name}\n basicValue:\n type: gcp:tags:TagValue\n name: basic_value\n properties:\n description: For valuename resources.\n parent: ${basicKey.id}\n shortName: tagvalue\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nRegionNetworkFirewallPolicyRule can be imported using any of these accepted formats:\n\n* `projects/{{project}}/regions/{{region}}/firewallPolicies/{{firewall_policy}}/{{priority}}`\n\n* `{{project}}/{{region}}/{{firewall_policy}}/{{priority}}`\n\n* `{{region}}/{{firewall_policy}}/{{priority}}`\n\n* `{{firewall_policy}}/{{priority}}`\n\nWhen using the `pulumi import` command, RegionNetworkFirewallPolicyRule can be imported using one of the formats above. For example:\n\n```sh\n$ pulumi import gcp:compute/regionNetworkFirewallPolicyRule:RegionNetworkFirewallPolicyRule default projects/{{project}}/regions/{{region}}/firewallPolicies/{{firewall_policy}}/{{priority}}\n```\n\n```sh\n$ pulumi import gcp:compute/regionNetworkFirewallPolicyRule:RegionNetworkFirewallPolicyRule default {{project}}/{{region}}/{{firewall_policy}}/{{priority}}\n```\n\n```sh\n$ pulumi import gcp:compute/regionNetworkFirewallPolicyRule:RegionNetworkFirewallPolicyRule default {{region}}/{{firewall_policy}}/{{priority}}\n```\n\n```sh\n$ pulumi import gcp:compute/regionNetworkFirewallPolicyRule:RegionNetworkFirewallPolicyRule default {{firewall_policy}}/{{priority}}\n```\n\n", + "description": "Represents a rule that describes one or more match conditions along with the action to be taken when traffic matches this condition (allow or deny).\n\n\nTo get more information about RegionNetworkFirewallPolicyRule, see:\n\n* [API documentation](https://cloud.google.com/compute/docs/reference/rest/v1/regionNetworkFirewallPolicies/addRule)\n\n## Example Usage\n\n### Region Network Firewall Policy Rule\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst basicRegionalNetworksecurityAddressGroup = new gcp.networksecurity.AddressGroup(\"basic_regional_networksecurity_address_group\", {\n name: \"address-group\",\n parent: \"projects/my-project-name\",\n description: \"Sample regional networksecurity_address_group\",\n location: \"us-west1\",\n items: [\"208.80.154.224/32\"],\n type: \"IPV4\",\n capacity: 100,\n});\nconst basicRegionalNetworkFirewallPolicy = new gcp.compute.RegionNetworkFirewallPolicy(\"basic_regional_network_firewall_policy\", {\n name: \"fw-policy\",\n description: \"Sample regional network firewall policy\",\n project: \"my-project-name\",\n region: \"us-west1\",\n});\nconst basicNetwork = new gcp.compute.Network(\"basic_network\", {name: \"network\"});\nconst basicKey = new gcp.tags.TagKey(\"basic_key\", {\n description: \"For keyname resources.\",\n parent: \"organizations/123456789\",\n purpose: \"GCE_FIREWALL\",\n shortName: \"tag-key\",\n purposeData: {\n network: pulumi.interpolate`my-project-name/${basicNetwork.name}`,\n },\n});\nconst basicValue = new gcp.tags.TagValue(\"basic_value\", {\n description: \"For valuename resources.\",\n parent: basicKey.id,\n shortName: \"tag-value\",\n});\nconst primary = new gcp.compute.RegionNetworkFirewallPolicyRule(\"primary\", {\n action: \"allow\",\n description: \"This is a simple rule description\",\n direction: \"INGRESS\",\n disabled: false,\n enableLogging: true,\n firewallPolicy: basicRegionalNetworkFirewallPolicy.name,\n priority: 1000,\n region: \"us-west1\",\n ruleName: \"test-rule\",\n targetServiceAccounts: [\"my@service-account.com\"],\n match: {\n srcAddressGroups: [basicRegionalNetworksecurityAddressGroup.id],\n srcIpRanges: [\"10.100.0.1/32\"],\n srcFqdns: [\"example.com\"],\n srcRegionCodes: [\"US\"],\n srcThreatIntelligences: [\"iplist-known-malicious-ips\"],\n layer4Configs: [{\n ipProtocol: \"all\",\n }],\n srcSecureTags: [{\n name: basicValue.id,\n }],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nbasic_regional_networksecurity_address_group = gcp.networksecurity.AddressGroup(\"basic_regional_networksecurity_address_group\",\n name=\"address-group\",\n parent=\"projects/my-project-name\",\n description=\"Sample regional networksecurity_address_group\",\n location=\"us-west1\",\n items=[\"208.80.154.224/32\"],\n type=\"IPV4\",\n capacity=100)\nbasic_regional_network_firewall_policy = gcp.compute.RegionNetworkFirewallPolicy(\"basic_regional_network_firewall_policy\",\n name=\"fw-policy\",\n description=\"Sample regional network firewall policy\",\n project=\"my-project-name\",\n region=\"us-west1\")\nbasic_network = gcp.compute.Network(\"basic_network\", name=\"network\")\nbasic_key = gcp.tags.TagKey(\"basic_key\",\n description=\"For keyname resources.\",\n parent=\"organizations/123456789\",\n purpose=\"GCE_FIREWALL\",\n short_name=\"tag-key\",\n purpose_data={\n \"network\": basic_network.name.apply(lambda name: f\"my-project-name/{name}\"),\n })\nbasic_value = gcp.tags.TagValue(\"basic_value\",\n description=\"For valuename resources.\",\n parent=basic_key.id,\n short_name=\"tag-value\")\nprimary = gcp.compute.RegionNetworkFirewallPolicyRule(\"primary\",\n action=\"allow\",\n description=\"This is a simple rule description\",\n direction=\"INGRESS\",\n disabled=False,\n enable_logging=True,\n firewall_policy=basic_regional_network_firewall_policy.name,\n priority=1000,\n region=\"us-west1\",\n rule_name=\"test-rule\",\n target_service_accounts=[\"my@service-account.com\"],\n match={\n \"src_address_groups\": [basic_regional_networksecurity_address_group.id],\n \"src_ip_ranges\": [\"10.100.0.1/32\"],\n \"src_fqdns\": [\"example.com\"],\n \"src_region_codes\": [\"US\"],\n \"src_threat_intelligences\": [\"iplist-known-malicious-ips\"],\n \"layer4_configs\": [{\n \"ip_protocol\": \"all\",\n }],\n \"src_secure_tags\": [{\n \"name\": basic_value.id,\n }],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var basicRegionalNetworksecurityAddressGroup = new Gcp.NetworkSecurity.AddressGroup(\"basic_regional_networksecurity_address_group\", new()\n {\n Name = \"address-group\",\n Parent = \"projects/my-project-name\",\n Description = \"Sample regional networksecurity_address_group\",\n Location = \"us-west1\",\n Items = new[]\n {\n \"208.80.154.224/32\",\n },\n Type = \"IPV4\",\n Capacity = 100,\n });\n\n var basicRegionalNetworkFirewallPolicy = new Gcp.Compute.RegionNetworkFirewallPolicy(\"basic_regional_network_firewall_policy\", new()\n {\n Name = \"fw-policy\",\n Description = \"Sample regional network firewall policy\",\n Project = \"my-project-name\",\n Region = \"us-west1\",\n });\n\n var basicNetwork = new Gcp.Compute.Network(\"basic_network\", new()\n {\n Name = \"network\",\n });\n\n var basicKey = new Gcp.Tags.TagKey(\"basic_key\", new()\n {\n Description = \"For keyname resources.\",\n Parent = \"organizations/123456789\",\n Purpose = \"GCE_FIREWALL\",\n ShortName = \"tag-key\",\n PurposeData = \n {\n { \"network\", basicNetwork.Name.Apply(name =\u003e $\"my-project-name/{name}\") },\n },\n });\n\n var basicValue = new Gcp.Tags.TagValue(\"basic_value\", new()\n {\n Description = \"For valuename resources.\",\n Parent = basicKey.Id,\n ShortName = \"tag-value\",\n });\n\n var primary = new Gcp.Compute.RegionNetworkFirewallPolicyRule(\"primary\", new()\n {\n Action = \"allow\",\n Description = \"This is a simple rule description\",\n Direction = \"INGRESS\",\n Disabled = false,\n EnableLogging = true,\n FirewallPolicy = basicRegionalNetworkFirewallPolicy.Name,\n Priority = 1000,\n Region = \"us-west1\",\n RuleName = \"test-rule\",\n TargetServiceAccounts = new[]\n {\n \"my@service-account.com\",\n },\n Match = new Gcp.Compute.Inputs.RegionNetworkFirewallPolicyRuleMatchArgs\n {\n SrcAddressGroups = new[]\n {\n basicRegionalNetworksecurityAddressGroup.Id,\n },\n SrcIpRanges = new[]\n {\n \"10.100.0.1/32\",\n },\n SrcFqdns = new[]\n {\n \"example.com\",\n },\n SrcRegionCodes = new[]\n {\n \"US\",\n },\n SrcThreatIntelligences = new[]\n {\n \"iplist-known-malicious-ips\",\n },\n Layer4Configs = new[]\n {\n new Gcp.Compute.Inputs.RegionNetworkFirewallPolicyRuleMatchLayer4ConfigArgs\n {\n IpProtocol = \"all\",\n },\n },\n SrcSecureTags = new[]\n {\n new Gcp.Compute.Inputs.RegionNetworkFirewallPolicyRuleMatchSrcSecureTagArgs\n {\n Name = basicValue.Id,\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/tags\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tbasicRegionalNetworksecurityAddressGroup, err := networksecurity.NewAddressGroup(ctx, \"basic_regional_networksecurity_address_group\", \u0026networksecurity.AddressGroupArgs{\n\t\t\tName: pulumi.String(\"address-group\"),\n\t\t\tParent: pulumi.String(\"projects/my-project-name\"),\n\t\t\tDescription: pulumi.String(\"Sample regional networksecurity_address_group\"),\n\t\t\tLocation: pulumi.String(\"us-west1\"),\n\t\t\tItems: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"208.80.154.224/32\"),\n\t\t\t},\n\t\t\tType: pulumi.String(\"IPV4\"),\n\t\t\tCapacity: pulumi.Int(100),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tbasicRegionalNetworkFirewallPolicy, err := compute.NewRegionNetworkFirewallPolicy(ctx, \"basic_regional_network_firewall_policy\", \u0026compute.RegionNetworkFirewallPolicyArgs{\n\t\t\tName: pulumi.String(\"fw-policy\"),\n\t\t\tDescription: pulumi.String(\"Sample regional network firewall policy\"),\n\t\t\tProject: pulumi.String(\"my-project-name\"),\n\t\t\tRegion: pulumi.String(\"us-west1\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tbasicNetwork, err := compute.NewNetwork(ctx, \"basic_network\", \u0026compute.NetworkArgs{\n\t\t\tName: pulumi.String(\"network\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tbasicKey, err := tags.NewTagKey(ctx, \"basic_key\", \u0026tags.TagKeyArgs{\n\t\t\tDescription: pulumi.String(\"For keyname resources.\"),\n\t\t\tParent: pulumi.String(\"organizations/123456789\"),\n\t\t\tPurpose: pulumi.String(\"GCE_FIREWALL\"),\n\t\t\tShortName: pulumi.String(\"tag-key\"),\n\t\t\tPurposeData: pulumi.StringMap{\n\t\t\t\t\"network\": basicNetwork.Name.ApplyT(func(name string) (string, error) {\n\t\t\t\t\treturn fmt.Sprintf(\"my-project-name/%v\", name), nil\n\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tbasicValue, err := tags.NewTagValue(ctx, \"basic_value\", \u0026tags.TagValueArgs{\n\t\t\tDescription: pulumi.String(\"For valuename resources.\"),\n\t\t\tParent: basicKey.ID(),\n\t\t\tShortName: pulumi.String(\"tag-value\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = compute.NewRegionNetworkFirewallPolicyRule(ctx, \"primary\", \u0026compute.RegionNetworkFirewallPolicyRuleArgs{\n\t\t\tAction: pulumi.String(\"allow\"),\n\t\t\tDescription: pulumi.String(\"This is a simple rule description\"),\n\t\t\tDirection: pulumi.String(\"INGRESS\"),\n\t\t\tDisabled: pulumi.Bool(false),\n\t\t\tEnableLogging: pulumi.Bool(true),\n\t\t\tFirewallPolicy: basicRegionalNetworkFirewallPolicy.Name,\n\t\t\tPriority: pulumi.Int(1000),\n\t\t\tRegion: pulumi.String(\"us-west1\"),\n\t\t\tRuleName: pulumi.String(\"test-rule\"),\n\t\t\tTargetServiceAccounts: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"my@service-account.com\"),\n\t\t\t},\n\t\t\tMatch: \u0026compute.RegionNetworkFirewallPolicyRuleMatchArgs{\n\t\t\t\tSrcAddressGroups: pulumi.StringArray{\n\t\t\t\t\tbasicRegionalNetworksecurityAddressGroup.ID(),\n\t\t\t\t},\n\t\t\t\tSrcIpRanges: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"10.100.0.1/32\"),\n\t\t\t\t},\n\t\t\t\tSrcFqdns: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"example.com\"),\n\t\t\t\t},\n\t\t\t\tSrcRegionCodes: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"US\"),\n\t\t\t\t},\n\t\t\t\tSrcThreatIntelligences: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"iplist-known-malicious-ips\"),\n\t\t\t\t},\n\t\t\t\tLayer4Configs: compute.RegionNetworkFirewallPolicyRuleMatchLayer4ConfigArray{\n\t\t\t\t\t\u0026compute.RegionNetworkFirewallPolicyRuleMatchLayer4ConfigArgs{\n\t\t\t\t\t\tIpProtocol: pulumi.String(\"all\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tSrcSecureTags: compute.RegionNetworkFirewallPolicyRuleMatchSrcSecureTagArray{\n\t\t\t\t\t\u0026compute.RegionNetworkFirewallPolicyRuleMatchSrcSecureTagArgs{\n\t\t\t\t\t\tName: basicValue.ID(),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.networksecurity.AddressGroup;\nimport com.pulumi.gcp.networksecurity.AddressGroupArgs;\nimport com.pulumi.gcp.compute.RegionNetworkFirewallPolicy;\nimport com.pulumi.gcp.compute.RegionNetworkFirewallPolicyArgs;\nimport com.pulumi.gcp.compute.Network;\nimport com.pulumi.gcp.compute.NetworkArgs;\nimport com.pulumi.gcp.tags.TagKey;\nimport com.pulumi.gcp.tags.TagKeyArgs;\nimport com.pulumi.gcp.tags.TagValue;\nimport com.pulumi.gcp.tags.TagValueArgs;\nimport com.pulumi.gcp.compute.RegionNetworkFirewallPolicyRule;\nimport com.pulumi.gcp.compute.RegionNetworkFirewallPolicyRuleArgs;\nimport com.pulumi.gcp.compute.inputs.RegionNetworkFirewallPolicyRuleMatchArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var basicRegionalNetworksecurityAddressGroup = new AddressGroup(\"basicRegionalNetworksecurityAddressGroup\", AddressGroupArgs.builder()\n .name(\"address-group\")\n .parent(\"projects/my-project-name\")\n .description(\"Sample regional networksecurity_address_group\")\n .location(\"us-west1\")\n .items(\"208.80.154.224/32\")\n .type(\"IPV4\")\n .capacity(100)\n .build());\n\n var basicRegionalNetworkFirewallPolicy = new RegionNetworkFirewallPolicy(\"basicRegionalNetworkFirewallPolicy\", RegionNetworkFirewallPolicyArgs.builder()\n .name(\"fw-policy\")\n .description(\"Sample regional network firewall policy\")\n .project(\"my-project-name\")\n .region(\"us-west1\")\n .build());\n\n var basicNetwork = new Network(\"basicNetwork\", NetworkArgs.builder()\n .name(\"network\")\n .build());\n\n var basicKey = new TagKey(\"basicKey\", TagKeyArgs.builder()\n .description(\"For keyname resources.\")\n .parent(\"organizations/123456789\")\n .purpose(\"GCE_FIREWALL\")\n .shortName(\"tag-key\")\n .purposeData(Map.of(\"network\", basicNetwork.name().applyValue(name -\u003e String.format(\"my-project-name/%s\", name))))\n .build());\n\n var basicValue = new TagValue(\"basicValue\", TagValueArgs.builder()\n .description(\"For valuename resources.\")\n .parent(basicKey.id())\n .shortName(\"tag-value\")\n .build());\n\n var primary = new RegionNetworkFirewallPolicyRule(\"primary\", RegionNetworkFirewallPolicyRuleArgs.builder()\n .action(\"allow\")\n .description(\"This is a simple rule description\")\n .direction(\"INGRESS\")\n .disabled(false)\n .enableLogging(true)\n .firewallPolicy(basicRegionalNetworkFirewallPolicy.name())\n .priority(1000)\n .region(\"us-west1\")\n .ruleName(\"test-rule\")\n .targetServiceAccounts(\"my@service-account.com\")\n .match(RegionNetworkFirewallPolicyRuleMatchArgs.builder()\n .srcAddressGroups(basicRegionalNetworksecurityAddressGroup.id())\n .srcIpRanges(\"10.100.0.1/32\")\n .srcFqdns(\"example.com\")\n .srcRegionCodes(\"US\")\n .srcThreatIntelligences(\"iplist-known-malicious-ips\")\n .layer4Configs(RegionNetworkFirewallPolicyRuleMatchLayer4ConfigArgs.builder()\n .ipProtocol(\"all\")\n .build())\n .srcSecureTags(RegionNetworkFirewallPolicyRuleMatchSrcSecureTagArgs.builder()\n .name(basicValue.id())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n basicRegionalNetworksecurityAddressGroup:\n type: gcp:networksecurity:AddressGroup\n name: basic_regional_networksecurity_address_group\n properties:\n name: address-group\n parent: projects/my-project-name\n description: Sample regional networksecurity_address_group\n location: us-west1\n items:\n - 208.80.154.224/32\n type: IPV4\n capacity: 100\n basicRegionalNetworkFirewallPolicy:\n type: gcp:compute:RegionNetworkFirewallPolicy\n name: basic_regional_network_firewall_policy\n properties:\n name: fw-policy\n description: Sample regional network firewall policy\n project: my-project-name\n region: us-west1\n primary:\n type: gcp:compute:RegionNetworkFirewallPolicyRule\n properties:\n action: allow\n description: This is a simple rule description\n direction: INGRESS\n disabled: false\n enableLogging: true\n firewallPolicy: ${basicRegionalNetworkFirewallPolicy.name}\n priority: 1000\n region: us-west1\n ruleName: test-rule\n targetServiceAccounts:\n - my@service-account.com\n match:\n srcAddressGroups:\n - ${basicRegionalNetworksecurityAddressGroup.id}\n srcIpRanges:\n - 10.100.0.1/32\n srcFqdns:\n - example.com\n srcRegionCodes:\n - US\n srcThreatIntelligences:\n - iplist-known-malicious-ips\n layer4Configs:\n - ipProtocol: all\n srcSecureTags:\n - name: ${basicValue.id}\n basicNetwork:\n type: gcp:compute:Network\n name: basic_network\n properties:\n name: network\n basicKey:\n type: gcp:tags:TagKey\n name: basic_key\n properties:\n description: For keyname resources.\n parent: organizations/123456789\n purpose: GCE_FIREWALL\n shortName: tag-key\n purposeData:\n network: my-project-name/${basicNetwork.name}\n basicValue:\n type: gcp:tags:TagValue\n name: basic_value\n properties:\n description: For valuename resources.\n parent: ${basicKey.id}\n shortName: tag-value\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Region Network Firewall Policy Rule Network Scope Egress\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst basicRegionalNetworkFirewallPolicy = new gcp.compute.RegionNetworkFirewallPolicy(\"basic_regional_network_firewall_policy\", {\n name: \"fw-policy\",\n description: \"Sample regional network firewall policy\",\n project: \"my-project-name\",\n region: \"us-west1\",\n});\nconst primary = new gcp.compute.RegionNetworkFirewallPolicyRule(\"primary\", {\n action: \"allow\",\n description: \"This is a simple rule description\",\n direction: \"EGRESS\",\n disabled: false,\n enableLogging: true,\n firewallPolicy: basicRegionalNetworkFirewallPolicy.name,\n priority: 1000,\n region: \"us-west1\",\n ruleName: \"test-rule\",\n match: {\n destIpRanges: [\"10.100.0.1/32\"],\n destNetworkScope: \"INTERNET\",\n layer4Configs: [{\n ipProtocol: \"all\",\n }],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nbasic_regional_network_firewall_policy = gcp.compute.RegionNetworkFirewallPolicy(\"basic_regional_network_firewall_policy\",\n name=\"fw-policy\",\n description=\"Sample regional network firewall policy\",\n project=\"my-project-name\",\n region=\"us-west1\")\nprimary = gcp.compute.RegionNetworkFirewallPolicyRule(\"primary\",\n action=\"allow\",\n description=\"This is a simple rule description\",\n direction=\"EGRESS\",\n disabled=False,\n enable_logging=True,\n firewall_policy=basic_regional_network_firewall_policy.name,\n priority=1000,\n region=\"us-west1\",\n rule_name=\"test-rule\",\n match={\n \"dest_ip_ranges\": [\"10.100.0.1/32\"],\n \"dest_network_scope\": \"INTERNET\",\n \"layer4_configs\": [{\n \"ip_protocol\": \"all\",\n }],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var basicRegionalNetworkFirewallPolicy = new Gcp.Compute.RegionNetworkFirewallPolicy(\"basic_regional_network_firewall_policy\", new()\n {\n Name = \"fw-policy\",\n Description = \"Sample regional network firewall policy\",\n Project = \"my-project-name\",\n Region = \"us-west1\",\n });\n\n var primary = new Gcp.Compute.RegionNetworkFirewallPolicyRule(\"primary\", new()\n {\n Action = \"allow\",\n Description = \"This is a simple rule description\",\n Direction = \"EGRESS\",\n Disabled = false,\n EnableLogging = true,\n FirewallPolicy = basicRegionalNetworkFirewallPolicy.Name,\n Priority = 1000,\n Region = \"us-west1\",\n RuleName = \"test-rule\",\n Match = new Gcp.Compute.Inputs.RegionNetworkFirewallPolicyRuleMatchArgs\n {\n DestIpRanges = new[]\n {\n \"10.100.0.1/32\",\n },\n DestNetworkScope = \"INTERNET\",\n Layer4Configs = new[]\n {\n new Gcp.Compute.Inputs.RegionNetworkFirewallPolicyRuleMatchLayer4ConfigArgs\n {\n IpProtocol = \"all\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tbasicRegionalNetworkFirewallPolicy, err := compute.NewRegionNetworkFirewallPolicy(ctx, \"basic_regional_network_firewall_policy\", \u0026compute.RegionNetworkFirewallPolicyArgs{\n\t\t\tName: pulumi.String(\"fw-policy\"),\n\t\t\tDescription: pulumi.String(\"Sample regional network firewall policy\"),\n\t\t\tProject: pulumi.String(\"my-project-name\"),\n\t\t\tRegion: pulumi.String(\"us-west1\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = compute.NewRegionNetworkFirewallPolicyRule(ctx, \"primary\", \u0026compute.RegionNetworkFirewallPolicyRuleArgs{\n\t\t\tAction: pulumi.String(\"allow\"),\n\t\t\tDescription: pulumi.String(\"This is a simple rule description\"),\n\t\t\tDirection: pulumi.String(\"EGRESS\"),\n\t\t\tDisabled: pulumi.Bool(false),\n\t\t\tEnableLogging: pulumi.Bool(true),\n\t\t\tFirewallPolicy: basicRegionalNetworkFirewallPolicy.Name,\n\t\t\tPriority: pulumi.Int(1000),\n\t\t\tRegion: pulumi.String(\"us-west1\"),\n\t\t\tRuleName: pulumi.String(\"test-rule\"),\n\t\t\tMatch: \u0026compute.RegionNetworkFirewallPolicyRuleMatchArgs{\n\t\t\t\tDestIpRanges: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"10.100.0.1/32\"),\n\t\t\t\t},\n\t\t\t\tDestNetworkScope: pulumi.String(\"INTERNET\"),\n\t\t\t\tLayer4Configs: compute.RegionNetworkFirewallPolicyRuleMatchLayer4ConfigArray{\n\t\t\t\t\t\u0026compute.RegionNetworkFirewallPolicyRuleMatchLayer4ConfigArgs{\n\t\t\t\t\t\tIpProtocol: pulumi.String(\"all\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.compute.RegionNetworkFirewallPolicy;\nimport com.pulumi.gcp.compute.RegionNetworkFirewallPolicyArgs;\nimport com.pulumi.gcp.compute.RegionNetworkFirewallPolicyRule;\nimport com.pulumi.gcp.compute.RegionNetworkFirewallPolicyRuleArgs;\nimport com.pulumi.gcp.compute.inputs.RegionNetworkFirewallPolicyRuleMatchArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var basicRegionalNetworkFirewallPolicy = new RegionNetworkFirewallPolicy(\"basicRegionalNetworkFirewallPolicy\", RegionNetworkFirewallPolicyArgs.builder()\n .name(\"fw-policy\")\n .description(\"Sample regional network firewall policy\")\n .project(\"my-project-name\")\n .region(\"us-west1\")\n .build());\n\n var primary = new RegionNetworkFirewallPolicyRule(\"primary\", RegionNetworkFirewallPolicyRuleArgs.builder()\n .action(\"allow\")\n .description(\"This is a simple rule description\")\n .direction(\"EGRESS\")\n .disabled(false)\n .enableLogging(true)\n .firewallPolicy(basicRegionalNetworkFirewallPolicy.name())\n .priority(1000)\n .region(\"us-west1\")\n .ruleName(\"test-rule\")\n .match(RegionNetworkFirewallPolicyRuleMatchArgs.builder()\n .destIpRanges(\"10.100.0.1/32\")\n .destNetworkScope(\"INTERNET\")\n .layer4Configs(RegionNetworkFirewallPolicyRuleMatchLayer4ConfigArgs.builder()\n .ipProtocol(\"all\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n basicRegionalNetworkFirewallPolicy:\n type: gcp:compute:RegionNetworkFirewallPolicy\n name: basic_regional_network_firewall_policy\n properties:\n name: fw-policy\n description: Sample regional network firewall policy\n project: my-project-name\n region: us-west1\n primary:\n type: gcp:compute:RegionNetworkFirewallPolicyRule\n properties:\n action: allow\n description: This is a simple rule description\n direction: EGRESS\n disabled: false\n enableLogging: true\n firewallPolicy: ${basicRegionalNetworkFirewallPolicy.name}\n priority: 1000\n region: us-west1\n ruleName: test-rule\n match:\n destIpRanges:\n - 10.100.0.1/32\n destNetworkScope: INTERNET\n layer4Configs:\n - ipProtocol: all\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Region Network Firewall Policy Rule Network Scope Ingress\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst basicRegionalNetworkFirewallPolicy = new gcp.compute.RegionNetworkFirewallPolicy(\"basic_regional_network_firewall_policy\", {\n name: \"fw-policy\",\n description: \"Sample regional network firewall policy\",\n project: \"my-project-name\",\n region: \"us-west1\",\n});\nconst network = new gcp.compute.Network(\"network\", {name: \"network\"});\nconst primary = new gcp.compute.RegionNetworkFirewallPolicyRule(\"primary\", {\n action: \"allow\",\n description: \"This is a simple rule description\",\n direction: \"INGRESS\",\n disabled: false,\n enableLogging: true,\n firewallPolicy: basicRegionalNetworkFirewallPolicy.name,\n priority: 1000,\n region: \"us-west1\",\n ruleName: \"test-rule\",\n match: {\n srcIpRanges: [\"10.100.0.1/32\"],\n srcNetworkScope: \"VPC_NETWORKS\",\n srcNetworks: [network.id],\n layer4Configs: [{\n ipProtocol: \"all\",\n }],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nbasic_regional_network_firewall_policy = gcp.compute.RegionNetworkFirewallPolicy(\"basic_regional_network_firewall_policy\",\n name=\"fw-policy\",\n description=\"Sample regional network firewall policy\",\n project=\"my-project-name\",\n region=\"us-west1\")\nnetwork = gcp.compute.Network(\"network\", name=\"network\")\nprimary = gcp.compute.RegionNetworkFirewallPolicyRule(\"primary\",\n action=\"allow\",\n description=\"This is a simple rule description\",\n direction=\"INGRESS\",\n disabled=False,\n enable_logging=True,\n firewall_policy=basic_regional_network_firewall_policy.name,\n priority=1000,\n region=\"us-west1\",\n rule_name=\"test-rule\",\n match={\n \"src_ip_ranges\": [\"10.100.0.1/32\"],\n \"src_network_scope\": \"VPC_NETWORKS\",\n \"src_networks\": [network.id],\n \"layer4_configs\": [{\n \"ip_protocol\": \"all\",\n }],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var basicRegionalNetworkFirewallPolicy = new Gcp.Compute.RegionNetworkFirewallPolicy(\"basic_regional_network_firewall_policy\", new()\n {\n Name = \"fw-policy\",\n Description = \"Sample regional network firewall policy\",\n Project = \"my-project-name\",\n Region = \"us-west1\",\n });\n\n var network = new Gcp.Compute.Network(\"network\", new()\n {\n Name = \"network\",\n });\n\n var primary = new Gcp.Compute.RegionNetworkFirewallPolicyRule(\"primary\", new()\n {\n Action = \"allow\",\n Description = \"This is a simple rule description\",\n Direction = \"INGRESS\",\n Disabled = false,\n EnableLogging = true,\n FirewallPolicy = basicRegionalNetworkFirewallPolicy.Name,\n Priority = 1000,\n Region = \"us-west1\",\n RuleName = \"test-rule\",\n Match = new Gcp.Compute.Inputs.RegionNetworkFirewallPolicyRuleMatchArgs\n {\n SrcIpRanges = new[]\n {\n \"10.100.0.1/32\",\n },\n SrcNetworkScope = \"VPC_NETWORKS\",\n SrcNetworks = new[]\n {\n network.Id,\n },\n Layer4Configs = new[]\n {\n new Gcp.Compute.Inputs.RegionNetworkFirewallPolicyRuleMatchLayer4ConfigArgs\n {\n IpProtocol = \"all\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tbasicRegionalNetworkFirewallPolicy, err := compute.NewRegionNetworkFirewallPolicy(ctx, \"basic_regional_network_firewall_policy\", \u0026compute.RegionNetworkFirewallPolicyArgs{\n\t\t\tName: pulumi.String(\"fw-policy\"),\n\t\t\tDescription: pulumi.String(\"Sample regional network firewall policy\"),\n\t\t\tProject: pulumi.String(\"my-project-name\"),\n\t\t\tRegion: pulumi.String(\"us-west1\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tnetwork, err := compute.NewNetwork(ctx, \"network\", \u0026compute.NetworkArgs{\n\t\t\tName: pulumi.String(\"network\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = compute.NewRegionNetworkFirewallPolicyRule(ctx, \"primary\", \u0026compute.RegionNetworkFirewallPolicyRuleArgs{\n\t\t\tAction: pulumi.String(\"allow\"),\n\t\t\tDescription: pulumi.String(\"This is a simple rule description\"),\n\t\t\tDirection: pulumi.String(\"INGRESS\"),\n\t\t\tDisabled: pulumi.Bool(false),\n\t\t\tEnableLogging: pulumi.Bool(true),\n\t\t\tFirewallPolicy: basicRegionalNetworkFirewallPolicy.Name,\n\t\t\tPriority: pulumi.Int(1000),\n\t\t\tRegion: pulumi.String(\"us-west1\"),\n\t\t\tRuleName: pulumi.String(\"test-rule\"),\n\t\t\tMatch: \u0026compute.RegionNetworkFirewallPolicyRuleMatchArgs{\n\t\t\t\tSrcIpRanges: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"10.100.0.1/32\"),\n\t\t\t\t},\n\t\t\t\tSrcNetworkScope: pulumi.String(\"VPC_NETWORKS\"),\n\t\t\t\tSrcNetworks: pulumi.StringArray{\n\t\t\t\t\tnetwork.ID(),\n\t\t\t\t},\n\t\t\t\tLayer4Configs: compute.RegionNetworkFirewallPolicyRuleMatchLayer4ConfigArray{\n\t\t\t\t\t\u0026compute.RegionNetworkFirewallPolicyRuleMatchLayer4ConfigArgs{\n\t\t\t\t\t\tIpProtocol: pulumi.String(\"all\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.compute.RegionNetworkFirewallPolicy;\nimport com.pulumi.gcp.compute.RegionNetworkFirewallPolicyArgs;\nimport com.pulumi.gcp.compute.Network;\nimport com.pulumi.gcp.compute.NetworkArgs;\nimport com.pulumi.gcp.compute.RegionNetworkFirewallPolicyRule;\nimport com.pulumi.gcp.compute.RegionNetworkFirewallPolicyRuleArgs;\nimport com.pulumi.gcp.compute.inputs.RegionNetworkFirewallPolicyRuleMatchArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var basicRegionalNetworkFirewallPolicy = new RegionNetworkFirewallPolicy(\"basicRegionalNetworkFirewallPolicy\", RegionNetworkFirewallPolicyArgs.builder()\n .name(\"fw-policy\")\n .description(\"Sample regional network firewall policy\")\n .project(\"my-project-name\")\n .region(\"us-west1\")\n .build());\n\n var network = new Network(\"network\", NetworkArgs.builder()\n .name(\"network\")\n .build());\n\n var primary = new RegionNetworkFirewallPolicyRule(\"primary\", RegionNetworkFirewallPolicyRuleArgs.builder()\n .action(\"allow\")\n .description(\"This is a simple rule description\")\n .direction(\"INGRESS\")\n .disabled(false)\n .enableLogging(true)\n .firewallPolicy(basicRegionalNetworkFirewallPolicy.name())\n .priority(1000)\n .region(\"us-west1\")\n .ruleName(\"test-rule\")\n .match(RegionNetworkFirewallPolicyRuleMatchArgs.builder()\n .srcIpRanges(\"10.100.0.1/32\")\n .srcNetworkScope(\"VPC_NETWORKS\")\n .srcNetworks(network.id())\n .layer4Configs(RegionNetworkFirewallPolicyRuleMatchLayer4ConfigArgs.builder()\n .ipProtocol(\"all\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n basicRegionalNetworkFirewallPolicy:\n type: gcp:compute:RegionNetworkFirewallPolicy\n name: basic_regional_network_firewall_policy\n properties:\n name: fw-policy\n description: Sample regional network firewall policy\n project: my-project-name\n region: us-west1\n primary:\n type: gcp:compute:RegionNetworkFirewallPolicyRule\n properties:\n action: allow\n description: This is a simple rule description\n direction: INGRESS\n disabled: false\n enableLogging: true\n firewallPolicy: ${basicRegionalNetworkFirewallPolicy.name}\n priority: 1000\n region: us-west1\n ruleName: test-rule\n match:\n srcIpRanges:\n - 10.100.0.1/32\n srcNetworkScope: VPC_NETWORKS\n srcNetworks:\n - ${network.id}\n layer4Configs:\n - ipProtocol: all\n network:\n type: gcp:compute:Network\n properties:\n name: network\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nRegionNetworkFirewallPolicyRule can be imported using any of these accepted formats:\n\n* `projects/{{project}}/regions/{{region}}/firewallPolicies/{{firewall_policy}}/{{priority}}`\n\n* `{{project}}/{{region}}/{{firewall_policy}}/{{priority}}`\n\n* `{{region}}/{{firewall_policy}}/{{priority}}`\n\n* `{{firewall_policy}}/{{priority}}`\n\nWhen using the `pulumi import` command, RegionNetworkFirewallPolicyRule can be imported using one of the formats above. For example:\n\n```sh\n$ pulumi import gcp:compute/regionNetworkFirewallPolicyRule:RegionNetworkFirewallPolicyRule default projects/{{project}}/regions/{{region}}/firewallPolicies/{{firewall_policy}}/{{priority}}\n```\n\n```sh\n$ pulumi import gcp:compute/regionNetworkFirewallPolicyRule:RegionNetworkFirewallPolicyRule default {{project}}/{{region}}/{{firewall_policy}}/{{priority}}\n```\n\n```sh\n$ pulumi import gcp:compute/regionNetworkFirewallPolicyRule:RegionNetworkFirewallPolicyRule default {{region}}/{{firewall_policy}}/{{priority}}\n```\n\n```sh\n$ pulumi import gcp:compute/regionNetworkFirewallPolicyRule:RegionNetworkFirewallPolicyRule default {{firewall_policy}}/{{priority}}\n```\n\n", "properties": { "action": { "type": "string", @@ -183875,7 +185857,7 @@ } }, "gcp:compute/regionNetworkFirewallPolicyWithRules:RegionNetworkFirewallPolicyWithRules": { - "description": "## Example Usage\n\n### Compute Region Network Firewall Policy With Rules Full\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst project = gcp.organizations.getProject({});\nconst addressGroup1 = new gcp.networksecurity.AddressGroup(\"address_group_1\", {\n name: \"tf-address-group\",\n parent: project.then(project =\u003e project.id),\n description: \"Regional address group\",\n location: \"us-west2\",\n items: [\"208.80.154.224/32\"],\n type: \"IPV4\",\n capacity: 100,\n});\nconst secureTagKey1 = new gcp.tags.TagKey(\"secure_tag_key_1\", {\n description: \"Tag key\",\n parent: project.then(project =\u003e project.id),\n purpose: \"GCE_FIREWALL\",\n shortName: \"tf-tag-key\",\n purposeData: {\n network: project.then(project =\u003e `${project.name}/default`),\n },\n});\nconst secureTagValue1 = new gcp.tags.TagValue(\"secure_tag_value_1\", {\n description: \"Tag value\",\n parent: secureTagKey1.id,\n shortName: \"tf-tag-value\",\n});\nconst region_network_firewall_policy_with_rules = new gcp.compute.RegionNetworkFirewallPolicyWithRules(\"region-network-firewall-policy-with-rules\", {\n name: \"tf-region-fw-policy-with-rules\",\n region: \"us-west2\",\n description: \"Terraform test\",\n rules: [\n {\n description: \"tcp rule\",\n priority: 1000,\n enableLogging: true,\n action: \"allow\",\n direction: \"EGRESS\",\n match: {\n layer4Configs: [{\n ipProtocol: \"tcp\",\n ports: [\n \"8080\",\n \"7070\",\n ],\n }],\n destIpRanges: [\"11.100.0.1/32\"],\n destFqdns: [\n \"www.yyy.com\",\n \"www.zzz.com\",\n ],\n destRegionCodes: [\n \"HK\",\n \"IN\",\n ],\n destThreatIntelligences: [\n \"iplist-search-engines-crawlers\",\n \"iplist-tor-exit-nodes\",\n ],\n destAddressGroups: [addressGroup1.id],\n },\n targetSecureTags: [{\n name: secureTagValue1.id,\n }],\n },\n {\n description: \"udp rule\",\n ruleName: \"test-rule\",\n priority: 2000,\n enableLogging: false,\n action: \"deny\",\n direction: \"INGRESS\",\n match: {\n layer4Configs: [{\n ipProtocol: \"udp\",\n }],\n srcIpRanges: [\"0.0.0.0/0\"],\n srcFqdns: [\n \"www.abc.com\",\n \"www.def.com\",\n ],\n srcRegionCodes: [\n \"US\",\n \"CA\",\n ],\n srcThreatIntelligences: [\n \"iplist-known-malicious-ips\",\n \"iplist-public-clouds\",\n ],\n srcAddressGroups: [addressGroup1.id],\n srcSecureTags: [{\n name: secureTagValue1.id,\n }],\n },\n disabled: true,\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nproject = gcp.organizations.get_project()\naddress_group1 = gcp.networksecurity.AddressGroup(\"address_group_1\",\n name=\"tf-address-group\",\n parent=project.id,\n description=\"Regional address group\",\n location=\"us-west2\",\n items=[\"208.80.154.224/32\"],\n type=\"IPV4\",\n capacity=100)\nsecure_tag_key1 = gcp.tags.TagKey(\"secure_tag_key_1\",\n description=\"Tag key\",\n parent=project.id,\n purpose=\"GCE_FIREWALL\",\n short_name=\"tf-tag-key\",\n purpose_data={\n \"network\": f\"{project.name}/default\",\n })\nsecure_tag_value1 = gcp.tags.TagValue(\"secure_tag_value_1\",\n description=\"Tag value\",\n parent=secure_tag_key1.id,\n short_name=\"tf-tag-value\")\nregion_network_firewall_policy_with_rules = gcp.compute.RegionNetworkFirewallPolicyWithRules(\"region-network-firewall-policy-with-rules\",\n name=\"tf-region-fw-policy-with-rules\",\n region=\"us-west2\",\n description=\"Terraform test\",\n rules=[\n {\n \"description\": \"tcp rule\",\n \"priority\": 1000,\n \"enable_logging\": True,\n \"action\": \"allow\",\n \"direction\": \"EGRESS\",\n \"match\": {\n \"layer4_configs\": [{\n \"ip_protocol\": \"tcp\",\n \"ports\": [\n \"8080\",\n \"7070\",\n ],\n }],\n \"dest_ip_ranges\": [\"11.100.0.1/32\"],\n \"dest_fqdns\": [\n \"www.yyy.com\",\n \"www.zzz.com\",\n ],\n \"dest_region_codes\": [\n \"HK\",\n \"IN\",\n ],\n \"dest_threat_intelligences\": [\n \"iplist-search-engines-crawlers\",\n \"iplist-tor-exit-nodes\",\n ],\n \"dest_address_groups\": [address_group1.id],\n },\n \"target_secure_tags\": [{\n \"name\": secure_tag_value1.id,\n }],\n },\n {\n \"description\": \"udp rule\",\n \"rule_name\": \"test-rule\",\n \"priority\": 2000,\n \"enable_logging\": False,\n \"action\": \"deny\",\n \"direction\": \"INGRESS\",\n \"match\": {\n \"layer4_configs\": [{\n \"ip_protocol\": \"udp\",\n }],\n \"src_ip_ranges\": [\"0.0.0.0/0\"],\n \"src_fqdns\": [\n \"www.abc.com\",\n \"www.def.com\",\n ],\n \"src_region_codes\": [\n \"US\",\n \"CA\",\n ],\n \"src_threat_intelligences\": [\n \"iplist-known-malicious-ips\",\n \"iplist-public-clouds\",\n ],\n \"src_address_groups\": [address_group1.id],\n \"src_secure_tags\": [{\n \"name\": secure_tag_value1.id,\n }],\n },\n \"disabled\": True,\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var project = Gcp.Organizations.GetProject.Invoke();\n\n var addressGroup1 = new Gcp.NetworkSecurity.AddressGroup(\"address_group_1\", new()\n {\n Name = \"tf-address-group\",\n Parent = project.Apply(getProjectResult =\u003e getProjectResult.Id),\n Description = \"Regional address group\",\n Location = \"us-west2\",\n Items = new[]\n {\n \"208.80.154.224/32\",\n },\n Type = \"IPV4\",\n Capacity = 100,\n });\n\n var secureTagKey1 = new Gcp.Tags.TagKey(\"secure_tag_key_1\", new()\n {\n Description = \"Tag key\",\n Parent = project.Apply(getProjectResult =\u003e getProjectResult.Id),\n Purpose = \"GCE_FIREWALL\",\n ShortName = \"tf-tag-key\",\n PurposeData = \n {\n { \"network\", $\"{project.Apply(getProjectResult =\u003e getProjectResult.Name)}/default\" },\n },\n });\n\n var secureTagValue1 = new Gcp.Tags.TagValue(\"secure_tag_value_1\", new()\n {\n Description = \"Tag value\",\n Parent = secureTagKey1.Id,\n ShortName = \"tf-tag-value\",\n });\n\n var region_network_firewall_policy_with_rules = new Gcp.Compute.RegionNetworkFirewallPolicyWithRules(\"region-network-firewall-policy-with-rules\", new()\n {\n Name = \"tf-region-fw-policy-with-rules\",\n Region = \"us-west2\",\n Description = \"Terraform test\",\n Rules = new[]\n {\n new Gcp.Compute.Inputs.RegionNetworkFirewallPolicyWithRulesRuleArgs\n {\n Description = \"tcp rule\",\n Priority = 1000,\n EnableLogging = true,\n Action = \"allow\",\n Direction = \"EGRESS\",\n Match = new Gcp.Compute.Inputs.RegionNetworkFirewallPolicyWithRulesRuleMatchArgs\n {\n Layer4Configs = new[]\n {\n new Gcp.Compute.Inputs.RegionNetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArgs\n {\n IpProtocol = \"tcp\",\n Ports = new[]\n {\n \"8080\",\n \"7070\",\n },\n },\n },\n DestIpRanges = new[]\n {\n \"11.100.0.1/32\",\n },\n DestFqdns = new[]\n {\n \"www.yyy.com\",\n \"www.zzz.com\",\n },\n DestRegionCodes = new[]\n {\n \"HK\",\n \"IN\",\n },\n DestThreatIntelligences = new[]\n {\n \"iplist-search-engines-crawlers\",\n \"iplist-tor-exit-nodes\",\n },\n DestAddressGroups = new[]\n {\n addressGroup1.Id,\n },\n },\n TargetSecureTags = new[]\n {\n new Gcp.Compute.Inputs.RegionNetworkFirewallPolicyWithRulesRuleTargetSecureTagArgs\n {\n Name = secureTagValue1.Id,\n },\n },\n },\n new Gcp.Compute.Inputs.RegionNetworkFirewallPolicyWithRulesRuleArgs\n {\n Description = \"udp rule\",\n RuleName = \"test-rule\",\n Priority = 2000,\n EnableLogging = false,\n Action = \"deny\",\n Direction = \"INGRESS\",\n Match = new Gcp.Compute.Inputs.RegionNetworkFirewallPolicyWithRulesRuleMatchArgs\n {\n Layer4Configs = new[]\n {\n new Gcp.Compute.Inputs.RegionNetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArgs\n {\n IpProtocol = \"udp\",\n },\n },\n SrcIpRanges = new[]\n {\n \"0.0.0.0/0\",\n },\n SrcFqdns = new[]\n {\n \"www.abc.com\",\n \"www.def.com\",\n },\n SrcRegionCodes = new[]\n {\n \"US\",\n \"CA\",\n },\n SrcThreatIntelligences = new[]\n {\n \"iplist-known-malicious-ips\",\n \"iplist-public-clouds\",\n },\n SrcAddressGroups = new[]\n {\n addressGroup1.Id,\n },\n SrcSecureTags = new[]\n {\n new Gcp.Compute.Inputs.RegionNetworkFirewallPolicyWithRulesRuleMatchSrcSecureTagArgs\n {\n Name = secureTagValue1.Id,\n },\n },\n },\n Disabled = true,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/tags\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tproject, err := organizations.LookupProject(ctx, \u0026organizations.LookupProjectArgs{}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\taddressGroup1, err := networksecurity.NewAddressGroup(ctx, \"address_group_1\", \u0026networksecurity.AddressGroupArgs{\n\t\t\tName: pulumi.String(\"tf-address-group\"),\n\t\t\tParent: pulumi.String(project.Id),\n\t\t\tDescription: pulumi.String(\"Regional address group\"),\n\t\t\tLocation: pulumi.String(\"us-west2\"),\n\t\t\tItems: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"208.80.154.224/32\"),\n\t\t\t},\n\t\t\tType: pulumi.String(\"IPV4\"),\n\t\t\tCapacity: pulumi.Int(100),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tsecureTagKey1, err := tags.NewTagKey(ctx, \"secure_tag_key_1\", \u0026tags.TagKeyArgs{\n\t\t\tDescription: pulumi.String(\"Tag key\"),\n\t\t\tParent: pulumi.String(project.Id),\n\t\t\tPurpose: pulumi.String(\"GCE_FIREWALL\"),\n\t\t\tShortName: pulumi.String(\"tf-tag-key\"),\n\t\t\tPurposeData: pulumi.StringMap{\n\t\t\t\t\"network\": pulumi.Sprintf(\"%v/default\", project.Name),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tsecureTagValue1, err := tags.NewTagValue(ctx, \"secure_tag_value_1\", \u0026tags.TagValueArgs{\n\t\t\tDescription: pulumi.String(\"Tag value\"),\n\t\t\tParent: secureTagKey1.ID(),\n\t\t\tShortName: pulumi.String(\"tf-tag-value\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = compute.NewRegionNetworkFirewallPolicyWithRules(ctx, \"region-network-firewall-policy-with-rules\", \u0026compute.RegionNetworkFirewallPolicyWithRulesArgs{\n\t\t\tName: pulumi.String(\"tf-region-fw-policy-with-rules\"),\n\t\t\tRegion: pulumi.String(\"us-west2\"),\n\t\t\tDescription: pulumi.String(\"Terraform test\"),\n\t\t\tRules: compute.RegionNetworkFirewallPolicyWithRulesRuleArray{\n\t\t\t\t\u0026compute.RegionNetworkFirewallPolicyWithRulesRuleArgs{\n\t\t\t\t\tDescription: pulumi.String(\"tcp rule\"),\n\t\t\t\t\tPriority: pulumi.Int(1000),\n\t\t\t\t\tEnableLogging: pulumi.Bool(true),\n\t\t\t\t\tAction: pulumi.String(\"allow\"),\n\t\t\t\t\tDirection: pulumi.String(\"EGRESS\"),\n\t\t\t\t\tMatch: \u0026compute.RegionNetworkFirewallPolicyWithRulesRuleMatchArgs{\n\t\t\t\t\t\tLayer4Configs: compute.RegionNetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArray{\n\t\t\t\t\t\t\t\u0026compute.RegionNetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArgs{\n\t\t\t\t\t\t\t\tIpProtocol: pulumi.String(\"tcp\"),\n\t\t\t\t\t\t\t\tPorts: pulumi.StringArray{\n\t\t\t\t\t\t\t\t\tpulumi.String(\"8080\"),\n\t\t\t\t\t\t\t\t\tpulumi.String(\"7070\"),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\tDestIpRanges: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"11.100.0.1/32\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tDestFqdns: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"www.yyy.com\"),\n\t\t\t\t\t\t\tpulumi.String(\"www.zzz.com\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tDestRegionCodes: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"HK\"),\n\t\t\t\t\t\t\tpulumi.String(\"IN\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tDestThreatIntelligences: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"iplist-search-engines-crawlers\"),\n\t\t\t\t\t\t\tpulumi.String(\"iplist-tor-exit-nodes\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tDestAddressGroups: pulumi.StringArray{\n\t\t\t\t\t\t\taddressGroup1.ID(),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tTargetSecureTags: compute.RegionNetworkFirewallPolicyWithRulesRuleTargetSecureTagArray{\n\t\t\t\t\t\t\u0026compute.RegionNetworkFirewallPolicyWithRulesRuleTargetSecureTagArgs{\n\t\t\t\t\t\t\tName: secureTagValue1.ID(),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026compute.RegionNetworkFirewallPolicyWithRulesRuleArgs{\n\t\t\t\t\tDescription: pulumi.String(\"udp rule\"),\n\t\t\t\t\tRuleName: pulumi.String(\"test-rule\"),\n\t\t\t\t\tPriority: pulumi.Int(2000),\n\t\t\t\t\tEnableLogging: pulumi.Bool(false),\n\t\t\t\t\tAction: pulumi.String(\"deny\"),\n\t\t\t\t\tDirection: pulumi.String(\"INGRESS\"),\n\t\t\t\t\tMatch: \u0026compute.RegionNetworkFirewallPolicyWithRulesRuleMatchArgs{\n\t\t\t\t\t\tLayer4Configs: compute.RegionNetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArray{\n\t\t\t\t\t\t\t\u0026compute.RegionNetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArgs{\n\t\t\t\t\t\t\t\tIpProtocol: pulumi.String(\"udp\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\tSrcIpRanges: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"0.0.0.0/0\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tSrcFqdns: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"www.abc.com\"),\n\t\t\t\t\t\t\tpulumi.String(\"www.def.com\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tSrcRegionCodes: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"US\"),\n\t\t\t\t\t\t\tpulumi.String(\"CA\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tSrcThreatIntelligences: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"iplist-known-malicious-ips\"),\n\t\t\t\t\t\t\tpulumi.String(\"iplist-public-clouds\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tSrcAddressGroups: pulumi.StringArray{\n\t\t\t\t\t\t\taddressGroup1.ID(),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tSrcSecureTags: compute.RegionNetworkFirewallPolicyWithRulesRuleMatchSrcSecureTagArray{\n\t\t\t\t\t\t\t\u0026compute.RegionNetworkFirewallPolicyWithRulesRuleMatchSrcSecureTagArgs{\n\t\t\t\t\t\t\t\tName: secureTagValue1.ID(),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tDisabled: pulumi.Bool(true),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.organizations.OrganizationsFunctions;\nimport com.pulumi.gcp.organizations.inputs.GetProjectArgs;\nimport com.pulumi.gcp.networksecurity.AddressGroup;\nimport com.pulumi.gcp.networksecurity.AddressGroupArgs;\nimport com.pulumi.gcp.tags.TagKey;\nimport com.pulumi.gcp.tags.TagKeyArgs;\nimport com.pulumi.gcp.tags.TagValue;\nimport com.pulumi.gcp.tags.TagValueArgs;\nimport com.pulumi.gcp.compute.RegionNetworkFirewallPolicyWithRules;\nimport com.pulumi.gcp.compute.RegionNetworkFirewallPolicyWithRulesArgs;\nimport com.pulumi.gcp.compute.inputs.RegionNetworkFirewallPolicyWithRulesRuleArgs;\nimport com.pulumi.gcp.compute.inputs.RegionNetworkFirewallPolicyWithRulesRuleMatchArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var project = OrganizationsFunctions.getProject();\n\n var addressGroup1 = new AddressGroup(\"addressGroup1\", AddressGroupArgs.builder()\n .name(\"tf-address-group\")\n .parent(project.applyValue(getProjectResult -\u003e getProjectResult.id()))\n .description(\"Regional address group\")\n .location(\"us-west2\")\n .items(\"208.80.154.224/32\")\n .type(\"IPV4\")\n .capacity(100)\n .build());\n\n var secureTagKey1 = new TagKey(\"secureTagKey1\", TagKeyArgs.builder()\n .description(\"Tag key\")\n .parent(project.applyValue(getProjectResult -\u003e getProjectResult.id()))\n .purpose(\"GCE_FIREWALL\")\n .shortName(\"tf-tag-key\")\n .purposeData(Map.of(\"network\", String.format(\"%s/default\", project.applyValue(getProjectResult -\u003e getProjectResult.name()))))\n .build());\n\n var secureTagValue1 = new TagValue(\"secureTagValue1\", TagValueArgs.builder()\n .description(\"Tag value\")\n .parent(secureTagKey1.id())\n .shortName(\"tf-tag-value\")\n .build());\n\n var region_network_firewall_policy_with_rules = new RegionNetworkFirewallPolicyWithRules(\"region-network-firewall-policy-with-rules\", RegionNetworkFirewallPolicyWithRulesArgs.builder()\n .name(\"tf-region-fw-policy-with-rules\")\n .region(\"us-west2\")\n .description(\"Terraform test\")\n .rules( \n RegionNetworkFirewallPolicyWithRulesRuleArgs.builder()\n .description(\"tcp rule\")\n .priority(1000)\n .enableLogging(true)\n .action(\"allow\")\n .direction(\"EGRESS\")\n .match(RegionNetworkFirewallPolicyWithRulesRuleMatchArgs.builder()\n .layer4Configs(RegionNetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArgs.builder()\n .ipProtocol(\"tcp\")\n .ports( \n 8080,\n 7070)\n .build())\n .destIpRanges(\"11.100.0.1/32\")\n .destFqdns( \n \"www.yyy.com\",\n \"www.zzz.com\")\n .destRegionCodes( \n \"HK\",\n \"IN\")\n .destThreatIntelligences( \n \"iplist-search-engines-crawlers\",\n \"iplist-tor-exit-nodes\")\n .destAddressGroups(addressGroup1.id())\n .build())\n .targetSecureTags(RegionNetworkFirewallPolicyWithRulesRuleTargetSecureTagArgs.builder()\n .name(secureTagValue1.id())\n .build())\n .build(),\n RegionNetworkFirewallPolicyWithRulesRuleArgs.builder()\n .description(\"udp rule\")\n .ruleName(\"test-rule\")\n .priority(2000)\n .enableLogging(false)\n .action(\"deny\")\n .direction(\"INGRESS\")\n .match(RegionNetworkFirewallPolicyWithRulesRuleMatchArgs.builder()\n .layer4Configs(RegionNetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArgs.builder()\n .ipProtocol(\"udp\")\n .build())\n .srcIpRanges(\"0.0.0.0/0\")\n .srcFqdns( \n \"www.abc.com\",\n \"www.def.com\")\n .srcRegionCodes( \n \"US\",\n \"CA\")\n .srcThreatIntelligences( \n \"iplist-known-malicious-ips\",\n \"iplist-public-clouds\")\n .srcAddressGroups(addressGroup1.id())\n .srcSecureTags(RegionNetworkFirewallPolicyWithRulesRuleMatchSrcSecureTagArgs.builder()\n .name(secureTagValue1.id())\n .build())\n .build())\n .disabled(true)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n region-network-firewall-policy-with-rules:\n type: gcp:compute:RegionNetworkFirewallPolicyWithRules\n properties:\n name: tf-region-fw-policy-with-rules\n region: us-west2\n description: Terraform test\n rules:\n - description: tcp rule\n priority: 1000\n enableLogging: true\n action: allow\n direction: EGRESS\n match:\n layer4Configs:\n - ipProtocol: tcp\n ports:\n - 8080\n - 7070\n destIpRanges:\n - 11.100.0.1/32\n destFqdns:\n - www.yyy.com\n - www.zzz.com\n destRegionCodes:\n - HK\n - IN\n destThreatIntelligences:\n - iplist-search-engines-crawlers\n - iplist-tor-exit-nodes\n destAddressGroups:\n - ${addressGroup1.id}\n targetSecureTags:\n - name: ${secureTagValue1.id}\n - description: udp rule\n ruleName: test-rule\n priority: 2000\n enableLogging: false\n action: deny\n direction: INGRESS\n match:\n layer4Configs:\n - ipProtocol: udp\n srcIpRanges:\n - 0.0.0.0/0\n srcFqdns:\n - www.abc.com\n - www.def.com\n srcRegionCodes:\n - US\n - CA\n srcThreatIntelligences:\n - iplist-known-malicious-ips\n - iplist-public-clouds\n srcAddressGroups:\n - ${addressGroup1.id}\n srcSecureTags:\n - name: ${secureTagValue1.id}\n disabled: true\n addressGroup1:\n type: gcp:networksecurity:AddressGroup\n name: address_group_1\n properties:\n name: tf-address-group\n parent: ${project.id}\n description: Regional address group\n location: us-west2\n items:\n - 208.80.154.224/32\n type: IPV4\n capacity: 100\n secureTagKey1:\n type: gcp:tags:TagKey\n name: secure_tag_key_1\n properties:\n description: Tag key\n parent: ${project.id}\n purpose: GCE_FIREWALL\n shortName: tf-tag-key\n purposeData:\n network: ${project.name}/default\n secureTagValue1:\n type: gcp:tags:TagValue\n name: secure_tag_value_1\n properties:\n description: Tag value\n parent: ${secureTagKey1.id}\n shortName: tf-tag-value\nvariables:\n project:\n fn::invoke:\n function: gcp:organizations:getProject\n arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nRegionNetworkFirewallPolicyWithRules can be imported using any of these accepted formats:\n\n* `projects/{{project}}/regions/{{region}}/firewallPolicies/{{name}}`\n\n* `{{project}}/{{region}}/{{name}}`\n\n* `{{region}}/{{name}}`\n\n* `{{name}}`\n\nWhen using the `pulumi import` command, RegionNetworkFirewallPolicyWithRules can be imported using one of the formats above. For example:\n\n```sh\n$ pulumi import gcp:compute/regionNetworkFirewallPolicyWithRules:RegionNetworkFirewallPolicyWithRules default projects/{{project}}/regions/{{region}}/firewallPolicies/{{name}}\n```\n\n```sh\n$ pulumi import gcp:compute/regionNetworkFirewallPolicyWithRules:RegionNetworkFirewallPolicyWithRules default {{project}}/{{region}}/{{name}}\n```\n\n```sh\n$ pulumi import gcp:compute/regionNetworkFirewallPolicyWithRules:RegionNetworkFirewallPolicyWithRules default {{region}}/{{name}}\n```\n\n```sh\n$ pulumi import gcp:compute/regionNetworkFirewallPolicyWithRules:RegionNetworkFirewallPolicyWithRules default {{name}}\n```\n\n", + "description": "## Example Usage\n\n### Compute Region Network Firewall Policy With Rules Full\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst project = gcp.organizations.getProject({});\nconst addressGroup1 = new gcp.networksecurity.AddressGroup(\"address_group_1\", {\n name: \"address-group\",\n parent: project.then(project =\u003e project.id),\n description: \"Regional address group\",\n location: \"us-west2\",\n items: [\"208.80.154.224/32\"],\n type: \"IPV4\",\n capacity: 100,\n});\nconst secureTagKey1 = new gcp.tags.TagKey(\"secure_tag_key_1\", {\n description: \"Tag key\",\n parent: project.then(project =\u003e project.id),\n purpose: \"GCE_FIREWALL\",\n shortName: \"tag-key\",\n purposeData: {\n network: project.then(project =\u003e `${project.name}/default`),\n },\n});\nconst secureTagValue1 = new gcp.tags.TagValue(\"secure_tag_value_1\", {\n description: \"Tag value\",\n parent: secureTagKey1.id,\n shortName: \"tag-value\",\n});\nconst network = new gcp.compute.Network(\"network\", {\n name: \"network\",\n autoCreateSubnetworks: false,\n});\nconst primary = new gcp.compute.RegionNetworkFirewallPolicyWithRules(\"primary\", {\n name: \"fw-policy\",\n region: \"us-west2\",\n description: \"Terraform test\",\n rules: [\n {\n description: \"tcp rule\",\n priority: 1000,\n enableLogging: true,\n action: \"allow\",\n direction: \"EGRESS\",\n match: {\n destIpRanges: [\"11.100.0.1/32\"],\n destFqdns: [\n \"www.yyy.com\",\n \"www.zzz.com\",\n ],\n destRegionCodes: [\n \"HK\",\n \"IN\",\n ],\n destThreatIntelligences: [\n \"iplist-search-engines-crawlers\",\n \"iplist-tor-exit-nodes\",\n ],\n destAddressGroups: [addressGroup1.id],\n layer4Configs: [{\n ipProtocol: \"tcp\",\n ports: [\n \"8080\",\n \"7070\",\n ],\n }],\n },\n targetSecureTags: [{\n name: secureTagValue1.id,\n }],\n },\n {\n description: \"udp rule\",\n ruleName: \"test-rule\",\n priority: 2000,\n enableLogging: false,\n action: \"deny\",\n direction: \"INGRESS\",\n disabled: true,\n match: {\n srcIpRanges: [\"0.0.0.0/0\"],\n srcFqdns: [\n \"www.abc.com\",\n \"www.def.com\",\n ],\n srcRegionCodes: [\n \"US\",\n \"CA\",\n ],\n srcThreatIntelligences: [\n \"iplist-known-malicious-ips\",\n \"iplist-public-clouds\",\n ],\n srcAddressGroups: [addressGroup1.id],\n srcSecureTags: [{\n name: secureTagValue1.id,\n }],\n layer4Configs: [{\n ipProtocol: \"udp\",\n }],\n },\n },\n {\n description: \"network scope rule 1\",\n ruleName: \"network scope 1\",\n priority: 4000,\n enableLogging: false,\n action: \"allow\",\n direction: \"INGRESS\",\n match: {\n srcIpRanges: [\"11.100.0.1/32\"],\n srcNetworkScope: \"VPC_NETWORKS\",\n srcNetworks: [network.id],\n layer4Configs: [{\n ipProtocol: \"tcp\",\n ports: [\"8080\"],\n }],\n },\n },\n {\n description: \"network scope rule 2\",\n ruleName: \"network scope 2\",\n priority: 5000,\n enableLogging: false,\n action: \"allow\",\n direction: \"EGRESS\",\n match: {\n destIpRanges: [\"0.0.0.0/0\"],\n destNetworkScope: \"NON_INTERNET\",\n layer4Configs: [{\n ipProtocol: \"tcp\",\n ports: [\"8080\"],\n }],\n },\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nproject = gcp.organizations.get_project()\naddress_group1 = gcp.networksecurity.AddressGroup(\"address_group_1\",\n name=\"address-group\",\n parent=project.id,\n description=\"Regional address group\",\n location=\"us-west2\",\n items=[\"208.80.154.224/32\"],\n type=\"IPV4\",\n capacity=100)\nsecure_tag_key1 = gcp.tags.TagKey(\"secure_tag_key_1\",\n description=\"Tag key\",\n parent=project.id,\n purpose=\"GCE_FIREWALL\",\n short_name=\"tag-key\",\n purpose_data={\n \"network\": f\"{project.name}/default\",\n })\nsecure_tag_value1 = gcp.tags.TagValue(\"secure_tag_value_1\",\n description=\"Tag value\",\n parent=secure_tag_key1.id,\n short_name=\"tag-value\")\nnetwork = gcp.compute.Network(\"network\",\n name=\"network\",\n auto_create_subnetworks=False)\nprimary = gcp.compute.RegionNetworkFirewallPolicyWithRules(\"primary\",\n name=\"fw-policy\",\n region=\"us-west2\",\n description=\"Terraform test\",\n rules=[\n {\n \"description\": \"tcp rule\",\n \"priority\": 1000,\n \"enable_logging\": True,\n \"action\": \"allow\",\n \"direction\": \"EGRESS\",\n \"match\": {\n \"dest_ip_ranges\": [\"11.100.0.1/32\"],\n \"dest_fqdns\": [\n \"www.yyy.com\",\n \"www.zzz.com\",\n ],\n \"dest_region_codes\": [\n \"HK\",\n \"IN\",\n ],\n \"dest_threat_intelligences\": [\n \"iplist-search-engines-crawlers\",\n \"iplist-tor-exit-nodes\",\n ],\n \"dest_address_groups\": [address_group1.id],\n \"layer4_configs\": [{\n \"ip_protocol\": \"tcp\",\n \"ports\": [\n \"8080\",\n \"7070\",\n ],\n }],\n },\n \"target_secure_tags\": [{\n \"name\": secure_tag_value1.id,\n }],\n },\n {\n \"description\": \"udp rule\",\n \"rule_name\": \"test-rule\",\n \"priority\": 2000,\n \"enable_logging\": False,\n \"action\": \"deny\",\n \"direction\": \"INGRESS\",\n \"disabled\": True,\n \"match\": {\n \"src_ip_ranges\": [\"0.0.0.0/0\"],\n \"src_fqdns\": [\n \"www.abc.com\",\n \"www.def.com\",\n ],\n \"src_region_codes\": [\n \"US\",\n \"CA\",\n ],\n \"src_threat_intelligences\": [\n \"iplist-known-malicious-ips\",\n \"iplist-public-clouds\",\n ],\n \"src_address_groups\": [address_group1.id],\n \"src_secure_tags\": [{\n \"name\": secure_tag_value1.id,\n }],\n \"layer4_configs\": [{\n \"ip_protocol\": \"udp\",\n }],\n },\n },\n {\n \"description\": \"network scope rule 1\",\n \"rule_name\": \"network scope 1\",\n \"priority\": 4000,\n \"enable_logging\": False,\n \"action\": \"allow\",\n \"direction\": \"INGRESS\",\n \"match\": {\n \"src_ip_ranges\": [\"11.100.0.1/32\"],\n \"src_network_scope\": \"VPC_NETWORKS\",\n \"src_networks\": [network.id],\n \"layer4_configs\": [{\n \"ip_protocol\": \"tcp\",\n \"ports\": [\"8080\"],\n }],\n },\n },\n {\n \"description\": \"network scope rule 2\",\n \"rule_name\": \"network scope 2\",\n \"priority\": 5000,\n \"enable_logging\": False,\n \"action\": \"allow\",\n \"direction\": \"EGRESS\",\n \"match\": {\n \"dest_ip_ranges\": [\"0.0.0.0/0\"],\n \"dest_network_scope\": \"NON_INTERNET\",\n \"layer4_configs\": [{\n \"ip_protocol\": \"tcp\",\n \"ports\": [\"8080\"],\n }],\n },\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var project = Gcp.Organizations.GetProject.Invoke();\n\n var addressGroup1 = new Gcp.NetworkSecurity.AddressGroup(\"address_group_1\", new()\n {\n Name = \"address-group\",\n Parent = project.Apply(getProjectResult =\u003e getProjectResult.Id),\n Description = \"Regional address group\",\n Location = \"us-west2\",\n Items = new[]\n {\n \"208.80.154.224/32\",\n },\n Type = \"IPV4\",\n Capacity = 100,\n });\n\n var secureTagKey1 = new Gcp.Tags.TagKey(\"secure_tag_key_1\", new()\n {\n Description = \"Tag key\",\n Parent = project.Apply(getProjectResult =\u003e getProjectResult.Id),\n Purpose = \"GCE_FIREWALL\",\n ShortName = \"tag-key\",\n PurposeData = \n {\n { \"network\", $\"{project.Apply(getProjectResult =\u003e getProjectResult.Name)}/default\" },\n },\n });\n\n var secureTagValue1 = new Gcp.Tags.TagValue(\"secure_tag_value_1\", new()\n {\n Description = \"Tag value\",\n Parent = secureTagKey1.Id,\n ShortName = \"tag-value\",\n });\n\n var network = new Gcp.Compute.Network(\"network\", new()\n {\n Name = \"network\",\n AutoCreateSubnetworks = false,\n });\n\n var primary = new Gcp.Compute.RegionNetworkFirewallPolicyWithRules(\"primary\", new()\n {\n Name = \"fw-policy\",\n Region = \"us-west2\",\n Description = \"Terraform test\",\n Rules = new[]\n {\n new Gcp.Compute.Inputs.RegionNetworkFirewallPolicyWithRulesRuleArgs\n {\n Description = \"tcp rule\",\n Priority = 1000,\n EnableLogging = true,\n Action = \"allow\",\n Direction = \"EGRESS\",\n Match = new Gcp.Compute.Inputs.RegionNetworkFirewallPolicyWithRulesRuleMatchArgs\n {\n DestIpRanges = new[]\n {\n \"11.100.0.1/32\",\n },\n DestFqdns = new[]\n {\n \"www.yyy.com\",\n \"www.zzz.com\",\n },\n DestRegionCodes = new[]\n {\n \"HK\",\n \"IN\",\n },\n DestThreatIntelligences = new[]\n {\n \"iplist-search-engines-crawlers\",\n \"iplist-tor-exit-nodes\",\n },\n DestAddressGroups = new[]\n {\n addressGroup1.Id,\n },\n Layer4Configs = new[]\n {\n new Gcp.Compute.Inputs.RegionNetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArgs\n {\n IpProtocol = \"tcp\",\n Ports = new[]\n {\n \"8080\",\n \"7070\",\n },\n },\n },\n },\n TargetSecureTags = new[]\n {\n new Gcp.Compute.Inputs.RegionNetworkFirewallPolicyWithRulesRuleTargetSecureTagArgs\n {\n Name = secureTagValue1.Id,\n },\n },\n },\n new Gcp.Compute.Inputs.RegionNetworkFirewallPolicyWithRulesRuleArgs\n {\n Description = \"udp rule\",\n RuleName = \"test-rule\",\n Priority = 2000,\n EnableLogging = false,\n Action = \"deny\",\n Direction = \"INGRESS\",\n Disabled = true,\n Match = new Gcp.Compute.Inputs.RegionNetworkFirewallPolicyWithRulesRuleMatchArgs\n {\n SrcIpRanges = new[]\n {\n \"0.0.0.0/0\",\n },\n SrcFqdns = new[]\n {\n \"www.abc.com\",\n \"www.def.com\",\n },\n SrcRegionCodes = new[]\n {\n \"US\",\n \"CA\",\n },\n SrcThreatIntelligences = new[]\n {\n \"iplist-known-malicious-ips\",\n \"iplist-public-clouds\",\n },\n SrcAddressGroups = new[]\n {\n addressGroup1.Id,\n },\n SrcSecureTags = new[]\n {\n new Gcp.Compute.Inputs.RegionNetworkFirewallPolicyWithRulesRuleMatchSrcSecureTagArgs\n {\n Name = secureTagValue1.Id,\n },\n },\n Layer4Configs = new[]\n {\n new Gcp.Compute.Inputs.RegionNetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArgs\n {\n IpProtocol = \"udp\",\n },\n },\n },\n },\n new Gcp.Compute.Inputs.RegionNetworkFirewallPolicyWithRulesRuleArgs\n {\n Description = \"network scope rule 1\",\n RuleName = \"network scope 1\",\n Priority = 4000,\n EnableLogging = false,\n Action = \"allow\",\n Direction = \"INGRESS\",\n Match = new Gcp.Compute.Inputs.RegionNetworkFirewallPolicyWithRulesRuleMatchArgs\n {\n SrcIpRanges = new[]\n {\n \"11.100.0.1/32\",\n },\n SrcNetworkScope = \"VPC_NETWORKS\",\n SrcNetworks = new[]\n {\n network.Id,\n },\n Layer4Configs = new[]\n {\n new Gcp.Compute.Inputs.RegionNetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArgs\n {\n IpProtocol = \"tcp\",\n Ports = new[]\n {\n \"8080\",\n },\n },\n },\n },\n },\n new Gcp.Compute.Inputs.RegionNetworkFirewallPolicyWithRulesRuleArgs\n {\n Description = \"network scope rule 2\",\n RuleName = \"network scope 2\",\n Priority = 5000,\n EnableLogging = false,\n Action = \"allow\",\n Direction = \"EGRESS\",\n Match = new Gcp.Compute.Inputs.RegionNetworkFirewallPolicyWithRulesRuleMatchArgs\n {\n DestIpRanges = new[]\n {\n \"0.0.0.0/0\",\n },\n DestNetworkScope = \"NON_INTERNET\",\n Layer4Configs = new[]\n {\n new Gcp.Compute.Inputs.RegionNetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArgs\n {\n IpProtocol = \"tcp\",\n Ports = new[]\n {\n \"8080\",\n },\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/tags\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tproject, err := organizations.LookupProject(ctx, \u0026organizations.LookupProjectArgs{}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\taddressGroup1, err := networksecurity.NewAddressGroup(ctx, \"address_group_1\", \u0026networksecurity.AddressGroupArgs{\n\t\t\tName: pulumi.String(\"address-group\"),\n\t\t\tParent: pulumi.String(project.Id),\n\t\t\tDescription: pulumi.String(\"Regional address group\"),\n\t\t\tLocation: pulumi.String(\"us-west2\"),\n\t\t\tItems: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"208.80.154.224/32\"),\n\t\t\t},\n\t\t\tType: pulumi.String(\"IPV4\"),\n\t\t\tCapacity: pulumi.Int(100),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tsecureTagKey1, err := tags.NewTagKey(ctx, \"secure_tag_key_1\", \u0026tags.TagKeyArgs{\n\t\t\tDescription: pulumi.String(\"Tag key\"),\n\t\t\tParent: pulumi.String(project.Id),\n\t\t\tPurpose: pulumi.String(\"GCE_FIREWALL\"),\n\t\t\tShortName: pulumi.String(\"tag-key\"),\n\t\t\tPurposeData: pulumi.StringMap{\n\t\t\t\t\"network\": pulumi.Sprintf(\"%v/default\", project.Name),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tsecureTagValue1, err := tags.NewTagValue(ctx, \"secure_tag_value_1\", \u0026tags.TagValueArgs{\n\t\t\tDescription: pulumi.String(\"Tag value\"),\n\t\t\tParent: secureTagKey1.ID(),\n\t\t\tShortName: pulumi.String(\"tag-value\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tnetwork, err := compute.NewNetwork(ctx, \"network\", \u0026compute.NetworkArgs{\n\t\t\tName: pulumi.String(\"network\"),\n\t\t\tAutoCreateSubnetworks: pulumi.Bool(false),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = compute.NewRegionNetworkFirewallPolicyWithRules(ctx, \"primary\", \u0026compute.RegionNetworkFirewallPolicyWithRulesArgs{\n\t\t\tName: pulumi.String(\"fw-policy\"),\n\t\t\tRegion: pulumi.String(\"us-west2\"),\n\t\t\tDescription: pulumi.String(\"Terraform test\"),\n\t\t\tRules: compute.RegionNetworkFirewallPolicyWithRulesRuleArray{\n\t\t\t\t\u0026compute.RegionNetworkFirewallPolicyWithRulesRuleArgs{\n\t\t\t\t\tDescription: pulumi.String(\"tcp rule\"),\n\t\t\t\t\tPriority: pulumi.Int(1000),\n\t\t\t\t\tEnableLogging: pulumi.Bool(true),\n\t\t\t\t\tAction: pulumi.String(\"allow\"),\n\t\t\t\t\tDirection: pulumi.String(\"EGRESS\"),\n\t\t\t\t\tMatch: \u0026compute.RegionNetworkFirewallPolicyWithRulesRuleMatchArgs{\n\t\t\t\t\t\tDestIpRanges: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"11.100.0.1/32\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tDestFqdns: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"www.yyy.com\"),\n\t\t\t\t\t\t\tpulumi.String(\"www.zzz.com\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tDestRegionCodes: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"HK\"),\n\t\t\t\t\t\t\tpulumi.String(\"IN\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tDestThreatIntelligences: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"iplist-search-engines-crawlers\"),\n\t\t\t\t\t\t\tpulumi.String(\"iplist-tor-exit-nodes\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tDestAddressGroups: pulumi.StringArray{\n\t\t\t\t\t\t\taddressGroup1.ID(),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tLayer4Configs: compute.RegionNetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArray{\n\t\t\t\t\t\t\t\u0026compute.RegionNetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArgs{\n\t\t\t\t\t\t\t\tIpProtocol: pulumi.String(\"tcp\"),\n\t\t\t\t\t\t\t\tPorts: pulumi.StringArray{\n\t\t\t\t\t\t\t\t\tpulumi.String(\"8080\"),\n\t\t\t\t\t\t\t\t\tpulumi.String(\"7070\"),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tTargetSecureTags: compute.RegionNetworkFirewallPolicyWithRulesRuleTargetSecureTagArray{\n\t\t\t\t\t\t\u0026compute.RegionNetworkFirewallPolicyWithRulesRuleTargetSecureTagArgs{\n\t\t\t\t\t\t\tName: secureTagValue1.ID(),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026compute.RegionNetworkFirewallPolicyWithRulesRuleArgs{\n\t\t\t\t\tDescription: pulumi.String(\"udp rule\"),\n\t\t\t\t\tRuleName: pulumi.String(\"test-rule\"),\n\t\t\t\t\tPriority: pulumi.Int(2000),\n\t\t\t\t\tEnableLogging: pulumi.Bool(false),\n\t\t\t\t\tAction: pulumi.String(\"deny\"),\n\t\t\t\t\tDirection: pulumi.String(\"INGRESS\"),\n\t\t\t\t\tDisabled: pulumi.Bool(true),\n\t\t\t\t\tMatch: \u0026compute.RegionNetworkFirewallPolicyWithRulesRuleMatchArgs{\n\t\t\t\t\t\tSrcIpRanges: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"0.0.0.0/0\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tSrcFqdns: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"www.abc.com\"),\n\t\t\t\t\t\t\tpulumi.String(\"www.def.com\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tSrcRegionCodes: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"US\"),\n\t\t\t\t\t\t\tpulumi.String(\"CA\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tSrcThreatIntelligences: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"iplist-known-malicious-ips\"),\n\t\t\t\t\t\t\tpulumi.String(\"iplist-public-clouds\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tSrcAddressGroups: pulumi.StringArray{\n\t\t\t\t\t\t\taddressGroup1.ID(),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tSrcSecureTags: compute.RegionNetworkFirewallPolicyWithRulesRuleMatchSrcSecureTagArray{\n\t\t\t\t\t\t\t\u0026compute.RegionNetworkFirewallPolicyWithRulesRuleMatchSrcSecureTagArgs{\n\t\t\t\t\t\t\t\tName: secureTagValue1.ID(),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\tLayer4Configs: compute.RegionNetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArray{\n\t\t\t\t\t\t\t\u0026compute.RegionNetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArgs{\n\t\t\t\t\t\t\t\tIpProtocol: pulumi.String(\"udp\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026compute.RegionNetworkFirewallPolicyWithRulesRuleArgs{\n\t\t\t\t\tDescription: pulumi.String(\"network scope rule 1\"),\n\t\t\t\t\tRuleName: pulumi.String(\"network scope 1\"),\n\t\t\t\t\tPriority: pulumi.Int(4000),\n\t\t\t\t\tEnableLogging: pulumi.Bool(false),\n\t\t\t\t\tAction: pulumi.String(\"allow\"),\n\t\t\t\t\tDirection: pulumi.String(\"INGRESS\"),\n\t\t\t\t\tMatch: \u0026compute.RegionNetworkFirewallPolicyWithRulesRuleMatchArgs{\n\t\t\t\t\t\tSrcIpRanges: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"11.100.0.1/32\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tSrcNetworkScope: pulumi.String(\"VPC_NETWORKS\"),\n\t\t\t\t\t\tSrcNetworks: pulumi.StringArray{\n\t\t\t\t\t\t\tnetwork.ID(),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tLayer4Configs: compute.RegionNetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArray{\n\t\t\t\t\t\t\t\u0026compute.RegionNetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArgs{\n\t\t\t\t\t\t\t\tIpProtocol: pulumi.String(\"tcp\"),\n\t\t\t\t\t\t\t\tPorts: pulumi.StringArray{\n\t\t\t\t\t\t\t\t\tpulumi.String(\"8080\"),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026compute.RegionNetworkFirewallPolicyWithRulesRuleArgs{\n\t\t\t\t\tDescription: pulumi.String(\"network scope rule 2\"),\n\t\t\t\t\tRuleName: pulumi.String(\"network scope 2\"),\n\t\t\t\t\tPriority: pulumi.Int(5000),\n\t\t\t\t\tEnableLogging: pulumi.Bool(false),\n\t\t\t\t\tAction: pulumi.String(\"allow\"),\n\t\t\t\t\tDirection: pulumi.String(\"EGRESS\"),\n\t\t\t\t\tMatch: \u0026compute.RegionNetworkFirewallPolicyWithRulesRuleMatchArgs{\n\t\t\t\t\t\tDestIpRanges: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"0.0.0.0/0\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tDestNetworkScope: pulumi.String(\"NON_INTERNET\"),\n\t\t\t\t\t\tLayer4Configs: compute.RegionNetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArray{\n\t\t\t\t\t\t\t\u0026compute.RegionNetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArgs{\n\t\t\t\t\t\t\t\tIpProtocol: pulumi.String(\"tcp\"),\n\t\t\t\t\t\t\t\tPorts: pulumi.StringArray{\n\t\t\t\t\t\t\t\t\tpulumi.String(\"8080\"),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.organizations.OrganizationsFunctions;\nimport com.pulumi.gcp.organizations.inputs.GetProjectArgs;\nimport com.pulumi.gcp.networksecurity.AddressGroup;\nimport com.pulumi.gcp.networksecurity.AddressGroupArgs;\nimport com.pulumi.gcp.tags.TagKey;\nimport com.pulumi.gcp.tags.TagKeyArgs;\nimport com.pulumi.gcp.tags.TagValue;\nimport com.pulumi.gcp.tags.TagValueArgs;\nimport com.pulumi.gcp.compute.Network;\nimport com.pulumi.gcp.compute.NetworkArgs;\nimport com.pulumi.gcp.compute.RegionNetworkFirewallPolicyWithRules;\nimport com.pulumi.gcp.compute.RegionNetworkFirewallPolicyWithRulesArgs;\nimport com.pulumi.gcp.compute.inputs.RegionNetworkFirewallPolicyWithRulesRuleArgs;\nimport com.pulumi.gcp.compute.inputs.RegionNetworkFirewallPolicyWithRulesRuleMatchArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var project = OrganizationsFunctions.getProject();\n\n var addressGroup1 = new AddressGroup(\"addressGroup1\", AddressGroupArgs.builder()\n .name(\"address-group\")\n .parent(project.applyValue(getProjectResult -\u003e getProjectResult.id()))\n .description(\"Regional address group\")\n .location(\"us-west2\")\n .items(\"208.80.154.224/32\")\n .type(\"IPV4\")\n .capacity(100)\n .build());\n\n var secureTagKey1 = new TagKey(\"secureTagKey1\", TagKeyArgs.builder()\n .description(\"Tag key\")\n .parent(project.applyValue(getProjectResult -\u003e getProjectResult.id()))\n .purpose(\"GCE_FIREWALL\")\n .shortName(\"tag-key\")\n .purposeData(Map.of(\"network\", String.format(\"%s/default\", project.applyValue(getProjectResult -\u003e getProjectResult.name()))))\n .build());\n\n var secureTagValue1 = new TagValue(\"secureTagValue1\", TagValueArgs.builder()\n .description(\"Tag value\")\n .parent(secureTagKey1.id())\n .shortName(\"tag-value\")\n .build());\n\n var network = new Network(\"network\", NetworkArgs.builder()\n .name(\"network\")\n .autoCreateSubnetworks(false)\n .build());\n\n var primary = new RegionNetworkFirewallPolicyWithRules(\"primary\", RegionNetworkFirewallPolicyWithRulesArgs.builder()\n .name(\"fw-policy\")\n .region(\"us-west2\")\n .description(\"Terraform test\")\n .rules( \n RegionNetworkFirewallPolicyWithRulesRuleArgs.builder()\n .description(\"tcp rule\")\n .priority(1000)\n .enableLogging(true)\n .action(\"allow\")\n .direction(\"EGRESS\")\n .match(RegionNetworkFirewallPolicyWithRulesRuleMatchArgs.builder()\n .destIpRanges(\"11.100.0.1/32\")\n .destFqdns( \n \"www.yyy.com\",\n \"www.zzz.com\")\n .destRegionCodes( \n \"HK\",\n \"IN\")\n .destThreatIntelligences( \n \"iplist-search-engines-crawlers\",\n \"iplist-tor-exit-nodes\")\n .destAddressGroups(addressGroup1.id())\n .layer4Configs(RegionNetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArgs.builder()\n .ipProtocol(\"tcp\")\n .ports( \n 8080,\n 7070)\n .build())\n .build())\n .targetSecureTags(RegionNetworkFirewallPolicyWithRulesRuleTargetSecureTagArgs.builder()\n .name(secureTagValue1.id())\n .build())\n .build(),\n RegionNetworkFirewallPolicyWithRulesRuleArgs.builder()\n .description(\"udp rule\")\n .ruleName(\"test-rule\")\n .priority(2000)\n .enableLogging(false)\n .action(\"deny\")\n .direction(\"INGRESS\")\n .disabled(true)\n .match(RegionNetworkFirewallPolicyWithRulesRuleMatchArgs.builder()\n .srcIpRanges(\"0.0.0.0/0\")\n .srcFqdns( \n \"www.abc.com\",\n \"www.def.com\")\n .srcRegionCodes( \n \"US\",\n \"CA\")\n .srcThreatIntelligences( \n \"iplist-known-malicious-ips\",\n \"iplist-public-clouds\")\n .srcAddressGroups(addressGroup1.id())\n .srcSecureTags(RegionNetworkFirewallPolicyWithRulesRuleMatchSrcSecureTagArgs.builder()\n .name(secureTagValue1.id())\n .build())\n .layer4Configs(RegionNetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArgs.builder()\n .ipProtocol(\"udp\")\n .build())\n .build())\n .build(),\n RegionNetworkFirewallPolicyWithRulesRuleArgs.builder()\n .description(\"network scope rule 1\")\n .ruleName(\"network scope 1\")\n .priority(4000)\n .enableLogging(false)\n .action(\"allow\")\n .direction(\"INGRESS\")\n .match(RegionNetworkFirewallPolicyWithRulesRuleMatchArgs.builder()\n .srcIpRanges(\"11.100.0.1/32\")\n .srcNetworkScope(\"VPC_NETWORKS\")\n .srcNetworks(network.id())\n .layer4Configs(RegionNetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArgs.builder()\n .ipProtocol(\"tcp\")\n .ports(8080)\n .build())\n .build())\n .build(),\n RegionNetworkFirewallPolicyWithRulesRuleArgs.builder()\n .description(\"network scope rule 2\")\n .ruleName(\"network scope 2\")\n .priority(5000)\n .enableLogging(false)\n .action(\"allow\")\n .direction(\"EGRESS\")\n .match(RegionNetworkFirewallPolicyWithRulesRuleMatchArgs.builder()\n .destIpRanges(\"0.0.0.0/0\")\n .destNetworkScope(\"NON_INTERNET\")\n .layer4Configs(RegionNetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArgs.builder()\n .ipProtocol(\"tcp\")\n .ports(8080)\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n primary:\n type: gcp:compute:RegionNetworkFirewallPolicyWithRules\n properties:\n name: fw-policy\n region: us-west2\n description: Terraform test\n rules:\n - description: tcp rule\n priority: 1000\n enableLogging: true\n action: allow\n direction: EGRESS\n match:\n destIpRanges:\n - 11.100.0.1/32\n destFqdns:\n - www.yyy.com\n - www.zzz.com\n destRegionCodes:\n - HK\n - IN\n destThreatIntelligences:\n - iplist-search-engines-crawlers\n - iplist-tor-exit-nodes\n destAddressGroups:\n - ${addressGroup1.id}\n layer4Configs:\n - ipProtocol: tcp\n ports:\n - 8080\n - 7070\n targetSecureTags:\n - name: ${secureTagValue1.id}\n - description: udp rule\n ruleName: test-rule\n priority: 2000\n enableLogging: false\n action: deny\n direction: INGRESS\n disabled: true\n match:\n srcIpRanges:\n - 0.0.0.0/0\n srcFqdns:\n - www.abc.com\n - www.def.com\n srcRegionCodes:\n - US\n - CA\n srcThreatIntelligences:\n - iplist-known-malicious-ips\n - iplist-public-clouds\n srcAddressGroups:\n - ${addressGroup1.id}\n srcSecureTags:\n - name: ${secureTagValue1.id}\n layer4Configs:\n - ipProtocol: udp\n - description: network scope rule 1\n ruleName: network scope 1\n priority: 4000\n enableLogging: false\n action: allow\n direction: INGRESS\n match:\n srcIpRanges:\n - 11.100.0.1/32\n srcNetworkScope: VPC_NETWORKS\n srcNetworks:\n - ${network.id}\n layer4Configs:\n - ipProtocol: tcp\n ports:\n - 8080\n - description: network scope rule 2\n ruleName: network scope 2\n priority: 5000\n enableLogging: false\n action: allow\n direction: EGRESS\n match:\n destIpRanges:\n - 0.0.0.0/0\n destNetworkScope: NON_INTERNET\n layer4Configs:\n - ipProtocol: tcp\n ports:\n - 8080\n addressGroup1:\n type: gcp:networksecurity:AddressGroup\n name: address_group_1\n properties:\n name: address-group\n parent: ${project.id}\n description: Regional address group\n location: us-west2\n items:\n - 208.80.154.224/32\n type: IPV4\n capacity: 100\n secureTagKey1:\n type: gcp:tags:TagKey\n name: secure_tag_key_1\n properties:\n description: Tag key\n parent: ${project.id}\n purpose: GCE_FIREWALL\n shortName: tag-key\n purposeData:\n network: ${project.name}/default\n secureTagValue1:\n type: gcp:tags:TagValue\n name: secure_tag_value_1\n properties:\n description: Tag value\n parent: ${secureTagKey1.id}\n shortName: tag-value\n network:\n type: gcp:compute:Network\n properties:\n name: network\n autoCreateSubnetworks: false\nvariables:\n project:\n fn::invoke:\n function: gcp:organizations:getProject\n arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nRegionNetworkFirewallPolicyWithRules can be imported using any of these accepted formats:\n\n* `projects/{{project}}/regions/{{region}}/firewallPolicies/{{name}}`\n\n* `{{project}}/{{region}}/{{name}}`\n\n* `{{region}}/{{name}}`\n\n* `{{name}}`\n\nWhen using the `pulumi import` command, RegionNetworkFirewallPolicyWithRules can be imported using one of the formats above. For example:\n\n```sh\n$ pulumi import gcp:compute/regionNetworkFirewallPolicyWithRules:RegionNetworkFirewallPolicyWithRules default projects/{{project}}/regions/{{region}}/firewallPolicies/{{name}}\n```\n\n```sh\n$ pulumi import gcp:compute/regionNetworkFirewallPolicyWithRules:RegionNetworkFirewallPolicyWithRules default {{project}}/{{region}}/{{name}}\n```\n\n```sh\n$ pulumi import gcp:compute/regionNetworkFirewallPolicyWithRules:RegionNetworkFirewallPolicyWithRules default {{region}}/{{name}}\n```\n\n```sh\n$ pulumi import gcp:compute/regionNetworkFirewallPolicyWithRules:RegionNetworkFirewallPolicyWithRules default {{name}}\n```\n\n", "properties": { "creationTimestamp": { "type": "string", @@ -187200,7 +189182,7 @@ } }, "gcp:compute/routerPeer:RouterPeer": { - "description": "BGP information that must be configured into the routing stack to\nestablish BGP peering. This information must specify the peer ASN\nand either the interface name, IP address, or peer IP address.\nPlease refer to RFC4273.\n\n\nTo get more information about RouterBgpPeer, see:\n\n* [API documentation](https://cloud.google.com/compute/docs/reference/rest/v1/routers)\n* How-to Guides\n * [Google Cloud Router](https://cloud.google.com/router/docs/)\n\n## Example Usage\n\n### Router Peer Basic\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst peer = new gcp.compute.RouterPeer(\"peer\", {\n name: \"my-router-peer\",\n router: \"my-router\",\n region: \"us-central1\",\n peerAsn: 65513,\n advertisedRoutePriority: 100,\n \"interface\": \"interface-1\",\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\npeer = gcp.compute.RouterPeer(\"peer\",\n name=\"my-router-peer\",\n router=\"my-router\",\n region=\"us-central1\",\n peer_asn=65513,\n advertised_route_priority=100,\n interface=\"interface-1\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var peer = new Gcp.Compute.RouterPeer(\"peer\", new()\n {\n Name = \"my-router-peer\",\n Router = \"my-router\",\n Region = \"us-central1\",\n PeerAsn = 65513,\n AdvertisedRoutePriority = 100,\n Interface = \"interface-1\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := compute.NewRouterPeer(ctx, \"peer\", \u0026compute.RouterPeerArgs{\n\t\t\tName: pulumi.String(\"my-router-peer\"),\n\t\t\tRouter: pulumi.String(\"my-router\"),\n\t\t\tRegion: pulumi.String(\"us-central1\"),\n\t\t\tPeerAsn: pulumi.Int(65513),\n\t\t\tAdvertisedRoutePriority: pulumi.Int(100),\n\t\t\tInterface: pulumi.String(\"interface-1\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.compute.RouterPeer;\nimport com.pulumi.gcp.compute.RouterPeerArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var peer = new RouterPeer(\"peer\", RouterPeerArgs.builder()\n .name(\"my-router-peer\")\n .router(\"my-router\")\n .region(\"us-central1\")\n .peerAsn(65513)\n .advertisedRoutePriority(100)\n .interface_(\"interface-1\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n peer:\n type: gcp:compute:RouterPeer\n properties:\n name: my-router-peer\n router: my-router\n region: us-central1\n peerAsn: 65513\n advertisedRoutePriority: 100\n interface: interface-1\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Router Peer Disabled\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst peer = new gcp.compute.RouterPeer(\"peer\", {\n name: \"my-router-peer\",\n router: \"my-router\",\n region: \"us-central1\",\n peerIpAddress: \"169.254.1.2\",\n peerAsn: 65513,\n advertisedRoutePriority: 100,\n \"interface\": \"interface-1\",\n enable: false,\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\npeer = gcp.compute.RouterPeer(\"peer\",\n name=\"my-router-peer\",\n router=\"my-router\",\n region=\"us-central1\",\n peer_ip_address=\"169.254.1.2\",\n peer_asn=65513,\n advertised_route_priority=100,\n interface=\"interface-1\",\n enable=False)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var peer = new Gcp.Compute.RouterPeer(\"peer\", new()\n {\n Name = \"my-router-peer\",\n Router = \"my-router\",\n Region = \"us-central1\",\n PeerIpAddress = \"169.254.1.2\",\n PeerAsn = 65513,\n AdvertisedRoutePriority = 100,\n Interface = \"interface-1\",\n Enable = false,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := compute.NewRouterPeer(ctx, \"peer\", \u0026compute.RouterPeerArgs{\n\t\t\tName: pulumi.String(\"my-router-peer\"),\n\t\t\tRouter: pulumi.String(\"my-router\"),\n\t\t\tRegion: pulumi.String(\"us-central1\"),\n\t\t\tPeerIpAddress: pulumi.String(\"169.254.1.2\"),\n\t\t\tPeerAsn: pulumi.Int(65513),\n\t\t\tAdvertisedRoutePriority: pulumi.Int(100),\n\t\t\tInterface: pulumi.String(\"interface-1\"),\n\t\t\tEnable: pulumi.Bool(false),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.compute.RouterPeer;\nimport com.pulumi.gcp.compute.RouterPeerArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var peer = new RouterPeer(\"peer\", RouterPeerArgs.builder()\n .name(\"my-router-peer\")\n .router(\"my-router\")\n .region(\"us-central1\")\n .peerIpAddress(\"169.254.1.2\")\n .peerAsn(65513)\n .advertisedRoutePriority(100)\n .interface_(\"interface-1\")\n .enable(false)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n peer:\n type: gcp:compute:RouterPeer\n properties:\n name: my-router-peer\n router: my-router\n region: us-central1\n peerIpAddress: 169.254.1.2\n peerAsn: 65513\n advertisedRoutePriority: 100\n interface: interface-1\n enable: false\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Router Peer Bfd\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst peer = new gcp.compute.RouterPeer(\"peer\", {\n name: \"my-router-peer\",\n router: \"my-router\",\n region: \"us-central1\",\n peerIpAddress: \"169.254.1.2\",\n peerAsn: 65513,\n advertisedRoutePriority: 100,\n \"interface\": \"interface-1\",\n bfd: {\n minReceiveInterval: 1000,\n minTransmitInterval: 1000,\n multiplier: 5,\n sessionInitializationMode: \"ACTIVE\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\npeer = gcp.compute.RouterPeer(\"peer\",\n name=\"my-router-peer\",\n router=\"my-router\",\n region=\"us-central1\",\n peer_ip_address=\"169.254.1.2\",\n peer_asn=65513,\n advertised_route_priority=100,\n interface=\"interface-1\",\n bfd={\n \"min_receive_interval\": 1000,\n \"min_transmit_interval\": 1000,\n \"multiplier\": 5,\n \"session_initialization_mode\": \"ACTIVE\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var peer = new Gcp.Compute.RouterPeer(\"peer\", new()\n {\n Name = \"my-router-peer\",\n Router = \"my-router\",\n Region = \"us-central1\",\n PeerIpAddress = \"169.254.1.2\",\n PeerAsn = 65513,\n AdvertisedRoutePriority = 100,\n Interface = \"interface-1\",\n Bfd = new Gcp.Compute.Inputs.RouterPeerBfdArgs\n {\n MinReceiveInterval = 1000,\n MinTransmitInterval = 1000,\n Multiplier = 5,\n SessionInitializationMode = \"ACTIVE\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := compute.NewRouterPeer(ctx, \"peer\", \u0026compute.RouterPeerArgs{\n\t\t\tName: pulumi.String(\"my-router-peer\"),\n\t\t\tRouter: pulumi.String(\"my-router\"),\n\t\t\tRegion: pulumi.String(\"us-central1\"),\n\t\t\tPeerIpAddress: pulumi.String(\"169.254.1.2\"),\n\t\t\tPeerAsn: pulumi.Int(65513),\n\t\t\tAdvertisedRoutePriority: pulumi.Int(100),\n\t\t\tInterface: pulumi.String(\"interface-1\"),\n\t\t\tBfd: \u0026compute.RouterPeerBfdArgs{\n\t\t\t\tMinReceiveInterval: pulumi.Int(1000),\n\t\t\t\tMinTransmitInterval: pulumi.Int(1000),\n\t\t\t\tMultiplier: pulumi.Int(5),\n\t\t\t\tSessionInitializationMode: pulumi.String(\"ACTIVE\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.compute.RouterPeer;\nimport com.pulumi.gcp.compute.RouterPeerArgs;\nimport com.pulumi.gcp.compute.inputs.RouterPeerBfdArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var peer = new RouterPeer(\"peer\", RouterPeerArgs.builder()\n .name(\"my-router-peer\")\n .router(\"my-router\")\n .region(\"us-central1\")\n .peerIpAddress(\"169.254.1.2\")\n .peerAsn(65513)\n .advertisedRoutePriority(100)\n .interface_(\"interface-1\")\n .bfd(RouterPeerBfdArgs.builder()\n .minReceiveInterval(1000)\n .minTransmitInterval(1000)\n .multiplier(5)\n .sessionInitializationMode(\"ACTIVE\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n peer:\n type: gcp:compute:RouterPeer\n properties:\n name: my-router-peer\n router: my-router\n region: us-central1\n peerIpAddress: 169.254.1.2\n peerAsn: 65513\n advertisedRoutePriority: 100\n interface: interface-1\n bfd:\n minReceiveInterval: 1000\n minTransmitInterval: 1000\n multiplier: 5\n sessionInitializationMode: ACTIVE\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Router Peer Router Appliance\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst network = new gcp.compute.Network(\"network\", {\n name: \"my-router-net\",\n autoCreateSubnetworks: false,\n});\nconst subnetwork = new gcp.compute.Subnetwork(\"subnetwork\", {\n name: \"my-router-sub\",\n network: network.selfLink,\n ipCidrRange: \"10.0.0.0/16\",\n region: \"us-central1\",\n});\nconst addrIntf = new gcp.compute.Address(\"addr_intf\", {\n name: \"my-router-addr-intf\",\n region: subnetwork.region,\n subnetwork: subnetwork.id,\n addressType: \"INTERNAL\",\n});\nconst addrIntfRedundant = new gcp.compute.Address(\"addr_intf_redundant\", {\n name: \"my-router-addr-intf-red\",\n region: subnetwork.region,\n subnetwork: subnetwork.id,\n addressType: \"INTERNAL\",\n});\nconst addrPeer = new gcp.compute.Address(\"addr_peer\", {\n name: \"my-router-addr-peer\",\n region: subnetwork.region,\n subnetwork: subnetwork.id,\n addressType: \"INTERNAL\",\n});\nconst instance = new gcp.compute.Instance(\"instance\", {\n name: \"router-appliance\",\n zone: \"us-central1-a\",\n machineType: \"e2-medium\",\n canIpForward: true,\n bootDisk: {\n initializeParams: {\n image: \"debian-cloud/debian-11\",\n },\n },\n networkInterfaces: [{\n networkIp: addrPeer.address,\n subnetwork: subnetwork.selfLink,\n }],\n});\nconst hub = new gcp.networkconnectivity.Hub(\"hub\", {name: \"my-router-hub\"});\nconst spoke = new gcp.networkconnectivity.Spoke(\"spoke\", {\n name: \"my-router-spoke\",\n location: subnetwork.region,\n hub: hub.id,\n linkedRouterApplianceInstances: {\n instances: [{\n virtualMachine: instance.selfLink,\n ipAddress: addrPeer.address,\n }],\n siteToSiteDataTransfer: false,\n },\n});\nconst router = new gcp.compute.Router(\"router\", {\n name: \"my-router-router\",\n region: subnetwork.region,\n network: network.selfLink,\n bgp: {\n asn: 64514,\n },\n});\nconst interfaceRedundant = new gcp.compute.RouterInterface(\"interface_redundant\", {\n name: \"my-router-intf-red\",\n region: router.region,\n router: router.name,\n subnetwork: subnetwork.selfLink,\n privateIpAddress: addrIntfRedundant.address,\n});\nconst _interface = new gcp.compute.RouterInterface(\"interface\", {\n name: \"my-router-intf\",\n region: router.region,\n router: router.name,\n subnetwork: subnetwork.selfLink,\n privateIpAddress: addrIntf.address,\n redundantInterface: interfaceRedundant.name,\n});\nconst peer = new gcp.compute.RouterPeer(\"peer\", {\n name: \"my-router-peer\",\n router: router.name,\n region: router.region,\n \"interface\": _interface.name,\n routerApplianceInstance: instance.selfLink,\n peerAsn: 65513,\n peerIpAddress: addrPeer.address,\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nnetwork = gcp.compute.Network(\"network\",\n name=\"my-router-net\",\n auto_create_subnetworks=False)\nsubnetwork = gcp.compute.Subnetwork(\"subnetwork\",\n name=\"my-router-sub\",\n network=network.self_link,\n ip_cidr_range=\"10.0.0.0/16\",\n region=\"us-central1\")\naddr_intf = gcp.compute.Address(\"addr_intf\",\n name=\"my-router-addr-intf\",\n region=subnetwork.region,\n subnetwork=subnetwork.id,\n address_type=\"INTERNAL\")\naddr_intf_redundant = gcp.compute.Address(\"addr_intf_redundant\",\n name=\"my-router-addr-intf-red\",\n region=subnetwork.region,\n subnetwork=subnetwork.id,\n address_type=\"INTERNAL\")\naddr_peer = gcp.compute.Address(\"addr_peer\",\n name=\"my-router-addr-peer\",\n region=subnetwork.region,\n subnetwork=subnetwork.id,\n address_type=\"INTERNAL\")\ninstance = gcp.compute.Instance(\"instance\",\n name=\"router-appliance\",\n zone=\"us-central1-a\",\n machine_type=\"e2-medium\",\n can_ip_forward=True,\n boot_disk={\n \"initialize_params\": {\n \"image\": \"debian-cloud/debian-11\",\n },\n },\n network_interfaces=[{\n \"network_ip\": addr_peer.address,\n \"subnetwork\": subnetwork.self_link,\n }])\nhub = gcp.networkconnectivity.Hub(\"hub\", name=\"my-router-hub\")\nspoke = gcp.networkconnectivity.Spoke(\"spoke\",\n name=\"my-router-spoke\",\n location=subnetwork.region,\n hub=hub.id,\n linked_router_appliance_instances={\n \"instances\": [{\n \"virtual_machine\": instance.self_link,\n \"ip_address\": addr_peer.address,\n }],\n \"site_to_site_data_transfer\": False,\n })\nrouter = gcp.compute.Router(\"router\",\n name=\"my-router-router\",\n region=subnetwork.region,\n network=network.self_link,\n bgp={\n \"asn\": 64514,\n })\ninterface_redundant = gcp.compute.RouterInterface(\"interface_redundant\",\n name=\"my-router-intf-red\",\n region=router.region,\n router=router.name,\n subnetwork=subnetwork.self_link,\n private_ip_address=addr_intf_redundant.address)\ninterface = gcp.compute.RouterInterface(\"interface\",\n name=\"my-router-intf\",\n region=router.region,\n router=router.name,\n subnetwork=subnetwork.self_link,\n private_ip_address=addr_intf.address,\n redundant_interface=interface_redundant.name)\npeer = gcp.compute.RouterPeer(\"peer\",\n name=\"my-router-peer\",\n router=router.name,\n region=router.region,\n interface=interface.name,\n router_appliance_instance=instance.self_link,\n peer_asn=65513,\n peer_ip_address=addr_peer.address)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var network = new Gcp.Compute.Network(\"network\", new()\n {\n Name = \"my-router-net\",\n AutoCreateSubnetworks = false,\n });\n\n var subnetwork = new Gcp.Compute.Subnetwork(\"subnetwork\", new()\n {\n Name = \"my-router-sub\",\n Network = network.SelfLink,\n IpCidrRange = \"10.0.0.0/16\",\n Region = \"us-central1\",\n });\n\n var addrIntf = new Gcp.Compute.Address(\"addr_intf\", new()\n {\n Name = \"my-router-addr-intf\",\n Region = subnetwork.Region,\n Subnetwork = subnetwork.Id,\n AddressType = \"INTERNAL\",\n });\n\n var addrIntfRedundant = new Gcp.Compute.Address(\"addr_intf_redundant\", new()\n {\n Name = \"my-router-addr-intf-red\",\n Region = subnetwork.Region,\n Subnetwork = subnetwork.Id,\n AddressType = \"INTERNAL\",\n });\n\n var addrPeer = new Gcp.Compute.Address(\"addr_peer\", new()\n {\n Name = \"my-router-addr-peer\",\n Region = subnetwork.Region,\n Subnetwork = subnetwork.Id,\n AddressType = \"INTERNAL\",\n });\n\n var instance = new Gcp.Compute.Instance(\"instance\", new()\n {\n Name = \"router-appliance\",\n Zone = \"us-central1-a\",\n MachineType = \"e2-medium\",\n CanIpForward = true,\n BootDisk = new Gcp.Compute.Inputs.InstanceBootDiskArgs\n {\n InitializeParams = new Gcp.Compute.Inputs.InstanceBootDiskInitializeParamsArgs\n {\n Image = \"debian-cloud/debian-11\",\n },\n },\n NetworkInterfaces = new[]\n {\n new Gcp.Compute.Inputs.InstanceNetworkInterfaceArgs\n {\n NetworkIp = addrPeer.IPAddress,\n Subnetwork = subnetwork.SelfLink,\n },\n },\n });\n\n var hub = new Gcp.NetworkConnectivity.Hub(\"hub\", new()\n {\n Name = \"my-router-hub\",\n });\n\n var spoke = new Gcp.NetworkConnectivity.Spoke(\"spoke\", new()\n {\n Name = \"my-router-spoke\",\n Location = subnetwork.Region,\n Hub = hub.Id,\n LinkedRouterApplianceInstances = new Gcp.NetworkConnectivity.Inputs.SpokeLinkedRouterApplianceInstancesArgs\n {\n Instances = new[]\n {\n new Gcp.NetworkConnectivity.Inputs.SpokeLinkedRouterApplianceInstancesInstanceArgs\n {\n VirtualMachine = instance.SelfLink,\n IpAddress = addrPeer.IPAddress,\n },\n },\n SiteToSiteDataTransfer = false,\n },\n });\n\n var router = new Gcp.Compute.Router(\"router\", new()\n {\n Name = \"my-router-router\",\n Region = subnetwork.Region,\n Network = network.SelfLink,\n Bgp = new Gcp.Compute.Inputs.RouterBgpArgs\n {\n Asn = 64514,\n },\n });\n\n var interfaceRedundant = new Gcp.Compute.RouterInterface(\"interface_redundant\", new()\n {\n Name = \"my-router-intf-red\",\n Region = router.Region,\n Router = router.Name,\n Subnetwork = subnetwork.SelfLink,\n PrivateIpAddress = addrIntfRedundant.IPAddress,\n });\n\n var @interface = new Gcp.Compute.RouterInterface(\"interface\", new()\n {\n Name = \"my-router-intf\",\n Region = router.Region,\n Router = router.Name,\n Subnetwork = subnetwork.SelfLink,\n PrivateIpAddress = addrIntf.IPAddress,\n RedundantInterface = interfaceRedundant.Name,\n });\n\n var peer = new Gcp.Compute.RouterPeer(\"peer\", new()\n {\n Name = \"my-router-peer\",\n Router = router.Name,\n Region = router.Region,\n Interface = @interface.Name,\n RouterApplianceInstance = instance.SelfLink,\n PeerAsn = 65513,\n PeerIpAddress = addrPeer.IPAddress,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networkconnectivity\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\nnetwork, err := compute.NewNetwork(ctx, \"network\", \u0026compute.NetworkArgs{\nName: pulumi.String(\"my-router-net\"),\nAutoCreateSubnetworks: pulumi.Bool(false),\n})\nif err != nil {\nreturn err\n}\nsubnetwork, err := compute.NewSubnetwork(ctx, \"subnetwork\", \u0026compute.SubnetworkArgs{\nName: pulumi.String(\"my-router-sub\"),\nNetwork: network.SelfLink,\nIpCidrRange: pulumi.String(\"10.0.0.0/16\"),\nRegion: pulumi.String(\"us-central1\"),\n})\nif err != nil {\nreturn err\n}\naddrIntf, err := compute.NewAddress(ctx, \"addr_intf\", \u0026compute.AddressArgs{\nName: pulumi.String(\"my-router-addr-intf\"),\nRegion: subnetwork.Region,\nSubnetwork: subnetwork.ID(),\nAddressType: pulumi.String(\"INTERNAL\"),\n})\nif err != nil {\nreturn err\n}\naddrIntfRedundant, err := compute.NewAddress(ctx, \"addr_intf_redundant\", \u0026compute.AddressArgs{\nName: pulumi.String(\"my-router-addr-intf-red\"),\nRegion: subnetwork.Region,\nSubnetwork: subnetwork.ID(),\nAddressType: pulumi.String(\"INTERNAL\"),\n})\nif err != nil {\nreturn err\n}\naddrPeer, err := compute.NewAddress(ctx, \"addr_peer\", \u0026compute.AddressArgs{\nName: pulumi.String(\"my-router-addr-peer\"),\nRegion: subnetwork.Region,\nSubnetwork: subnetwork.ID(),\nAddressType: pulumi.String(\"INTERNAL\"),\n})\nif err != nil {\nreturn err\n}\ninstance, err := compute.NewInstance(ctx, \"instance\", \u0026compute.InstanceArgs{\nName: pulumi.String(\"router-appliance\"),\nZone: pulumi.String(\"us-central1-a\"),\nMachineType: pulumi.String(\"e2-medium\"),\nCanIpForward: pulumi.Bool(true),\nBootDisk: \u0026compute.InstanceBootDiskArgs{\nInitializeParams: \u0026compute.InstanceBootDiskInitializeParamsArgs{\nImage: pulumi.String(\"debian-cloud/debian-11\"),\n},\n},\nNetworkInterfaces: compute.InstanceNetworkInterfaceArray{\n\u0026compute.InstanceNetworkInterfaceArgs{\nNetworkIp: addrPeer.Address,\nSubnetwork: subnetwork.SelfLink,\n},\n},\n})\nif err != nil {\nreturn err\n}\nhub, err := networkconnectivity.NewHub(ctx, \"hub\", \u0026networkconnectivity.HubArgs{\nName: pulumi.String(\"my-router-hub\"),\n})\nif err != nil {\nreturn err\n}\n_, err = networkconnectivity.NewSpoke(ctx, \"spoke\", \u0026networkconnectivity.SpokeArgs{\nName: pulumi.String(\"my-router-spoke\"),\nLocation: subnetwork.Region,\nHub: hub.ID(),\nLinkedRouterApplianceInstances: \u0026networkconnectivity.SpokeLinkedRouterApplianceInstancesArgs{\nInstances: networkconnectivity.SpokeLinkedRouterApplianceInstancesInstanceArray{\n\u0026networkconnectivity.SpokeLinkedRouterApplianceInstancesInstanceArgs{\nVirtualMachine: instance.SelfLink,\nIpAddress: addrPeer.Address,\n},\n},\nSiteToSiteDataTransfer: pulumi.Bool(false),\n},\n})\nif err != nil {\nreturn err\n}\nrouter, err := compute.NewRouter(ctx, \"router\", \u0026compute.RouterArgs{\nName: pulumi.String(\"my-router-router\"),\nRegion: subnetwork.Region,\nNetwork: network.SelfLink,\nBgp: \u0026compute.RouterBgpArgs{\nAsn: pulumi.Int(64514),\n},\n})\nif err != nil {\nreturn err\n}\ninterfaceRedundant, err := compute.NewRouterInterface(ctx, \"interface_redundant\", \u0026compute.RouterInterfaceArgs{\nName: pulumi.String(\"my-router-intf-red\"),\nRegion: router.Region,\nRouter: router.Name,\nSubnetwork: subnetwork.SelfLink,\nPrivateIpAddress: addrIntfRedundant.Address,\n})\nif err != nil {\nreturn err\n}\ninterface, err := compute.NewRouterInterface(ctx, \"interface\", \u0026compute.RouterInterfaceArgs{\nName: pulumi.String(\"my-router-intf\"),\nRegion: router.Region,\nRouter: router.Name,\nSubnetwork: subnetwork.SelfLink,\nPrivateIpAddress: addrIntf.Address,\nRedundantInterface: interfaceRedundant.Name,\n})\nif err != nil {\nreturn err\n}\n_, err = compute.NewRouterPeer(ctx, \"peer\", \u0026compute.RouterPeerArgs{\nName: pulumi.String(\"my-router-peer\"),\nRouter: router.Name,\nRegion: router.Region,\nInterface: interface.Name,\nRouterApplianceInstance: instance.SelfLink,\nPeerAsn: pulumi.Int(65513),\nPeerIpAddress: addrPeer.Address,\n})\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.compute.Network;\nimport com.pulumi.gcp.compute.NetworkArgs;\nimport com.pulumi.gcp.compute.Subnetwork;\nimport com.pulumi.gcp.compute.SubnetworkArgs;\nimport com.pulumi.gcp.compute.Address;\nimport com.pulumi.gcp.compute.AddressArgs;\nimport com.pulumi.gcp.compute.Instance;\nimport com.pulumi.gcp.compute.InstanceArgs;\nimport com.pulumi.gcp.compute.inputs.InstanceBootDiskArgs;\nimport com.pulumi.gcp.compute.inputs.InstanceBootDiskInitializeParamsArgs;\nimport com.pulumi.gcp.compute.inputs.InstanceNetworkInterfaceArgs;\nimport com.pulumi.gcp.networkconnectivity.Hub;\nimport com.pulumi.gcp.networkconnectivity.HubArgs;\nimport com.pulumi.gcp.networkconnectivity.Spoke;\nimport com.pulumi.gcp.networkconnectivity.SpokeArgs;\nimport com.pulumi.gcp.networkconnectivity.inputs.SpokeLinkedRouterApplianceInstancesArgs;\nimport com.pulumi.gcp.compute.Router;\nimport com.pulumi.gcp.compute.RouterArgs;\nimport com.pulumi.gcp.compute.inputs.RouterBgpArgs;\nimport com.pulumi.gcp.compute.RouterInterface;\nimport com.pulumi.gcp.compute.RouterInterfaceArgs;\nimport com.pulumi.gcp.compute.RouterPeer;\nimport com.pulumi.gcp.compute.RouterPeerArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var network = new Network(\"network\", NetworkArgs.builder()\n .name(\"my-router-net\")\n .autoCreateSubnetworks(false)\n .build());\n\n var subnetwork = new Subnetwork(\"subnetwork\", SubnetworkArgs.builder()\n .name(\"my-router-sub\")\n .network(network.selfLink())\n .ipCidrRange(\"10.0.0.0/16\")\n .region(\"us-central1\")\n .build());\n\n var addrIntf = new Address(\"addrIntf\", AddressArgs.builder()\n .name(\"my-router-addr-intf\")\n .region(subnetwork.region())\n .subnetwork(subnetwork.id())\n .addressType(\"INTERNAL\")\n .build());\n\n var addrIntfRedundant = new Address(\"addrIntfRedundant\", AddressArgs.builder()\n .name(\"my-router-addr-intf-red\")\n .region(subnetwork.region())\n .subnetwork(subnetwork.id())\n .addressType(\"INTERNAL\")\n .build());\n\n var addrPeer = new Address(\"addrPeer\", AddressArgs.builder()\n .name(\"my-router-addr-peer\")\n .region(subnetwork.region())\n .subnetwork(subnetwork.id())\n .addressType(\"INTERNAL\")\n .build());\n\n var instance = new Instance(\"instance\", InstanceArgs.builder()\n .name(\"router-appliance\")\n .zone(\"us-central1-a\")\n .machineType(\"e2-medium\")\n .canIpForward(true)\n .bootDisk(InstanceBootDiskArgs.builder()\n .initializeParams(InstanceBootDiskInitializeParamsArgs.builder()\n .image(\"debian-cloud/debian-11\")\n .build())\n .build())\n .networkInterfaces(InstanceNetworkInterfaceArgs.builder()\n .networkIp(addrPeer.address())\n .subnetwork(subnetwork.selfLink())\n .build())\n .build());\n\n var hub = new Hub(\"hub\", HubArgs.builder()\n .name(\"my-router-hub\")\n .build());\n\n var spoke = new Spoke(\"spoke\", SpokeArgs.builder()\n .name(\"my-router-spoke\")\n .location(subnetwork.region())\n .hub(hub.id())\n .linkedRouterApplianceInstances(SpokeLinkedRouterApplianceInstancesArgs.builder()\n .instances(SpokeLinkedRouterApplianceInstancesInstanceArgs.builder()\n .virtualMachine(instance.selfLink())\n .ipAddress(addrPeer.address())\n .build())\n .siteToSiteDataTransfer(false)\n .build())\n .build());\n\n var router = new Router(\"router\", RouterArgs.builder()\n .name(\"my-router-router\")\n .region(subnetwork.region())\n .network(network.selfLink())\n .bgp(RouterBgpArgs.builder()\n .asn(64514)\n .build())\n .build());\n\n var interfaceRedundant = new RouterInterface(\"interfaceRedundant\", RouterInterfaceArgs.builder()\n .name(\"my-router-intf-red\")\n .region(router.region())\n .router(router.name())\n .subnetwork(subnetwork.selfLink())\n .privateIpAddress(addrIntfRedundant.address())\n .build());\n\n var interface_ = new RouterInterface(\"interface\", RouterInterfaceArgs.builder()\n .name(\"my-router-intf\")\n .region(router.region())\n .router(router.name())\n .subnetwork(subnetwork.selfLink())\n .privateIpAddress(addrIntf.address())\n .redundantInterface(interfaceRedundant.name())\n .build());\n\n var peer = new RouterPeer(\"peer\", RouterPeerArgs.builder()\n .name(\"my-router-peer\")\n .router(router.name())\n .region(router.region())\n .interface_(interface_.name())\n .routerApplianceInstance(instance.selfLink())\n .peerAsn(65513)\n .peerIpAddress(addrPeer.address())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n network:\n type: gcp:compute:Network\n properties:\n name: my-router-net\n autoCreateSubnetworks: false\n subnetwork:\n type: gcp:compute:Subnetwork\n properties:\n name: my-router-sub\n network: ${network.selfLink}\n ipCidrRange: 10.0.0.0/16\n region: us-central1\n addrIntf:\n type: gcp:compute:Address\n name: addr_intf\n properties:\n name: my-router-addr-intf\n region: ${subnetwork.region}\n subnetwork: ${subnetwork.id}\n addressType: INTERNAL\n addrIntfRedundant:\n type: gcp:compute:Address\n name: addr_intf_redundant\n properties:\n name: my-router-addr-intf-red\n region: ${subnetwork.region}\n subnetwork: ${subnetwork.id}\n addressType: INTERNAL\n addrPeer:\n type: gcp:compute:Address\n name: addr_peer\n properties:\n name: my-router-addr-peer\n region: ${subnetwork.region}\n subnetwork: ${subnetwork.id}\n addressType: INTERNAL\n instance:\n type: gcp:compute:Instance\n properties:\n name: router-appliance\n zone: us-central1-a\n machineType: e2-medium\n canIpForward: true\n bootDisk:\n initializeParams:\n image: debian-cloud/debian-11\n networkInterfaces:\n - networkIp: ${addrPeer.address}\n subnetwork: ${subnetwork.selfLink}\n hub:\n type: gcp:networkconnectivity:Hub\n properties:\n name: my-router-hub\n spoke:\n type: gcp:networkconnectivity:Spoke\n properties:\n name: my-router-spoke\n location: ${subnetwork.region}\n hub: ${hub.id}\n linkedRouterApplianceInstances:\n instances:\n - virtualMachine: ${instance.selfLink}\n ipAddress: ${addrPeer.address}\n siteToSiteDataTransfer: false\n router:\n type: gcp:compute:Router\n properties:\n name: my-router-router\n region: ${subnetwork.region}\n network: ${network.selfLink}\n bgp:\n asn: 64514\n interfaceRedundant:\n type: gcp:compute:RouterInterface\n name: interface_redundant\n properties:\n name: my-router-intf-red\n region: ${router.region}\n router: ${router.name}\n subnetwork: ${subnetwork.selfLink}\n privateIpAddress: ${addrIntfRedundant.address}\n interface:\n type: gcp:compute:RouterInterface\n properties:\n name: my-router-intf\n region: ${router.region}\n router: ${router.name}\n subnetwork: ${subnetwork.selfLink}\n privateIpAddress: ${addrIntf.address}\n redundantInterface: ${interfaceRedundant.name}\n peer:\n type: gcp:compute:RouterPeer\n properties:\n name: my-router-peer\n router: ${router.name}\n region: ${router.region}\n interface: ${interface.name}\n routerApplianceInstance: ${instance.selfLink}\n peerAsn: 65513\n peerIpAddress: ${addrPeer.address}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Router Peer Md5 Authentication Key\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst foobar = new gcp.compute.RouterPeer(\"foobar\", {\n name: \"%s-peer\",\n router: foobarGoogleComputeRouter.name,\n region: foobarGoogleComputeRouter.region,\n peerAsn: 65515,\n advertisedRoutePriority: 100,\n \"interface\": foobarGoogleComputeRouterInterface.name,\n peerIpAddress: \"169.254.3.2\",\n md5AuthenticationKey: {\n name: \"%s-peer-key\",\n key: \"%s-peer-key-value\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nfoobar = gcp.compute.RouterPeer(\"foobar\",\n name=\"%s-peer\",\n router=foobar_google_compute_router[\"name\"],\n region=foobar_google_compute_router[\"region\"],\n peer_asn=65515,\n advertised_route_priority=100,\n interface=foobar_google_compute_router_interface[\"name\"],\n peer_ip_address=\"169.254.3.2\",\n md5_authentication_key={\n \"name\": \"%s-peer-key\",\n \"key\": \"%s-peer-key-value\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var foobar = new Gcp.Compute.RouterPeer(\"foobar\", new()\n {\n Name = \"%s-peer\",\n Router = foobarGoogleComputeRouter.Name,\n Region = foobarGoogleComputeRouter.Region,\n PeerAsn = 65515,\n AdvertisedRoutePriority = 100,\n Interface = foobarGoogleComputeRouterInterface.Name,\n PeerIpAddress = \"169.254.3.2\",\n Md5AuthenticationKey = new Gcp.Compute.Inputs.RouterPeerMd5AuthenticationKeyArgs\n {\n Name = \"%s-peer-key\",\n Key = \"%s-peer-key-value\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := compute.NewRouterPeer(ctx, \"foobar\", \u0026compute.RouterPeerArgs{\n\t\t\tName: pulumi.String(\"%s-peer\"),\n\t\t\tRouter: pulumi.Any(foobarGoogleComputeRouter.Name),\n\t\t\tRegion: pulumi.Any(foobarGoogleComputeRouter.Region),\n\t\t\tPeerAsn: pulumi.Int(65515),\n\t\t\tAdvertisedRoutePriority: pulumi.Int(100),\n\t\t\tInterface: pulumi.Any(foobarGoogleComputeRouterInterface.Name),\n\t\t\tPeerIpAddress: pulumi.String(\"169.254.3.2\"),\n\t\t\tMd5AuthenticationKey: \u0026compute.RouterPeerMd5AuthenticationKeyArgs{\n\t\t\t\tName: pulumi.String(\"%s-peer-key\"),\n\t\t\t\tKey: pulumi.String(\"%s-peer-key-value\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.compute.RouterPeer;\nimport com.pulumi.gcp.compute.RouterPeerArgs;\nimport com.pulumi.gcp.compute.inputs.RouterPeerMd5AuthenticationKeyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var foobar = new RouterPeer(\"foobar\", RouterPeerArgs.builder()\n .name(\"%s-peer\")\n .router(foobarGoogleComputeRouter.name())\n .region(foobarGoogleComputeRouter.region())\n .peerAsn(65515)\n .advertisedRoutePriority(100)\n .interface_(foobarGoogleComputeRouterInterface.name())\n .peerIpAddress(\"169.254.3.2\")\n .md5AuthenticationKey(RouterPeerMd5AuthenticationKeyArgs.builder()\n .name(\"%s-peer-key\")\n .key(\"%s-peer-key-value\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n foobar:\n type: gcp:compute:RouterPeer\n properties:\n name: '%s-peer'\n router: ${foobarGoogleComputeRouter.name}\n region: ${foobarGoogleComputeRouter.region}\n peerAsn: 65515\n advertisedRoutePriority: 100\n interface: ${foobarGoogleComputeRouterInterface.name}\n peerIpAddress: 169.254.3.2\n md5AuthenticationKey:\n name: '%s-peer-key'\n key: '%s-peer-key-value'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Router Peer Export And Import Policies\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst network = new gcp.compute.Network(\"network\", {\n name: \"my-router-net\",\n autoCreateSubnetworks: false,\n});\nconst subnetwork = new gcp.compute.Subnetwork(\"subnetwork\", {\n name: \"my-router-subnet\",\n network: network.selfLink,\n ipCidrRange: \"10.0.0.0/16\",\n region: \"us-central1\",\n});\nconst address = new gcp.compute.Address(\"address\", {\n name: \"my-router\",\n region: subnetwork.region,\n});\nconst vpnGateway = new gcp.compute.HaVpnGateway(\"vpn_gateway\", {\n name: \"my-router-gateway\",\n network: network.selfLink,\n region: subnetwork.region,\n});\nconst externalGateway = new gcp.compute.ExternalVpnGateway(\"external_gateway\", {\n name: \"my-router-external-gateway\",\n redundancyType: \"SINGLE_IP_INTERNALLY_REDUNDANT\",\n description: \"An externally managed VPN gateway\",\n interfaces: [{\n id: 0,\n ipAddress: \"8.8.8.8\",\n }],\n});\nconst router = new gcp.compute.Router(\"router\", {\n name: \"my-router\",\n region: subnetwork.region,\n network: network.selfLink,\n bgp: {\n asn: 64514,\n },\n});\nconst vpnTunnel = new gcp.compute.VPNTunnel(\"vpn_tunnel\", {\n name: \"my-router\",\n region: subnetwork.region,\n vpnGateway: vpnGateway.id,\n peerExternalGateway: externalGateway.id,\n peerExternalGatewayInterface: 0,\n sharedSecret: \"unguessable\",\n router: router.name,\n vpnGatewayInterface: 0,\n});\nconst routerInterface = new gcp.compute.RouterInterface(\"router_interface\", {\n name: \"my-router\",\n router: router.name,\n region: router.region,\n vpnTunnel: vpnTunnel.name,\n});\nconst rp_export = new gcp.compute.RouterRoutePolicy(\"rp-export\", {\n name: \"my-router-rp-export\",\n router: router.name,\n region: router.region,\n type: \"ROUTE_POLICY_TYPE_EXPORT\",\n terms: [{\n priority: 2,\n match: {\n expression: \"destination == '10.0.0.0/12'\",\n title: \"export_expression\",\n description: \"acceptance expression for export\",\n },\n actions: [{\n expression: \"accept()\",\n }],\n }],\n}, {\n dependsOn: [routerInterface],\n});\nconst rp_import = new gcp.compute.RouterRoutePolicy(\"rp-import\", {\n name: \"my-router-rp-import\",\n router: router.name,\n region: router.region,\n type: \"ROUTE_POLICY_TYPE_IMPORT\",\n terms: [{\n priority: 1,\n match: {\n expression: \"destination == '10.0.0.0/12'\",\n title: \"import_expression\",\n description: \"acceptance expression for import\",\n },\n actions: [{\n expression: \"accept()\",\n }],\n }],\n}, {\n dependsOn: [\n routerInterface,\n rp_export,\n ],\n});\nconst routerPeer = new gcp.compute.RouterPeer(\"router_peer\", {\n name: \"my-router-peer\",\n router: router.name,\n region: router.region,\n peerAsn: 65515,\n advertisedRoutePriority: 100,\n \"interface\": routerInterface.name,\n md5AuthenticationKey: {\n name: \"my-router-peer-key\",\n key: \"my-router-peer-key-value\",\n },\n importPolicies: [rp_import.name],\n exportPolicies: [rp_export.name],\n}, {\n dependsOn: [\n rp_export,\n rp_import,\n routerInterface,\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nnetwork = gcp.compute.Network(\"network\",\n name=\"my-router-net\",\n auto_create_subnetworks=False)\nsubnetwork = gcp.compute.Subnetwork(\"subnetwork\",\n name=\"my-router-subnet\",\n network=network.self_link,\n ip_cidr_range=\"10.0.0.0/16\",\n region=\"us-central1\")\naddress = gcp.compute.Address(\"address\",\n name=\"my-router\",\n region=subnetwork.region)\nvpn_gateway = gcp.compute.HaVpnGateway(\"vpn_gateway\",\n name=\"my-router-gateway\",\n network=network.self_link,\n region=subnetwork.region)\nexternal_gateway = gcp.compute.ExternalVpnGateway(\"external_gateway\",\n name=\"my-router-external-gateway\",\n redundancy_type=\"SINGLE_IP_INTERNALLY_REDUNDANT\",\n description=\"An externally managed VPN gateway\",\n interfaces=[{\n \"id\": 0,\n \"ip_address\": \"8.8.8.8\",\n }])\nrouter = gcp.compute.Router(\"router\",\n name=\"my-router\",\n region=subnetwork.region,\n network=network.self_link,\n bgp={\n \"asn\": 64514,\n })\nvpn_tunnel = gcp.compute.VPNTunnel(\"vpn_tunnel\",\n name=\"my-router\",\n region=subnetwork.region,\n vpn_gateway=vpn_gateway.id,\n peer_external_gateway=external_gateway.id,\n peer_external_gateway_interface=0,\n shared_secret=\"unguessable\",\n router=router.name,\n vpn_gateway_interface=0)\nrouter_interface = gcp.compute.RouterInterface(\"router_interface\",\n name=\"my-router\",\n router=router.name,\n region=router.region,\n vpn_tunnel=vpn_tunnel.name)\nrp_export = gcp.compute.RouterRoutePolicy(\"rp-export\",\n name=\"my-router-rp-export\",\n router=router.name,\n region=router.region,\n type=\"ROUTE_POLICY_TYPE_EXPORT\",\n terms=[{\n \"priority\": 2,\n \"match\": {\n \"expression\": \"destination == '10.0.0.0/12'\",\n \"title\": \"export_expression\",\n \"description\": \"acceptance expression for export\",\n },\n \"actions\": [{\n \"expression\": \"accept()\",\n }],\n }],\n opts = pulumi.ResourceOptions(depends_on=[router_interface]))\nrp_import = gcp.compute.RouterRoutePolicy(\"rp-import\",\n name=\"my-router-rp-import\",\n router=router.name,\n region=router.region,\n type=\"ROUTE_POLICY_TYPE_IMPORT\",\n terms=[{\n \"priority\": 1,\n \"match\": {\n \"expression\": \"destination == '10.0.0.0/12'\",\n \"title\": \"import_expression\",\n \"description\": \"acceptance expression for import\",\n },\n \"actions\": [{\n \"expression\": \"accept()\",\n }],\n }],\n opts = pulumi.ResourceOptions(depends_on=[\n router_interface,\n rp_export,\n ]))\nrouter_peer = gcp.compute.RouterPeer(\"router_peer\",\n name=\"my-router-peer\",\n router=router.name,\n region=router.region,\n peer_asn=65515,\n advertised_route_priority=100,\n interface=router_interface.name,\n md5_authentication_key={\n \"name\": \"my-router-peer-key\",\n \"key\": \"my-router-peer-key-value\",\n },\n import_policies=[rp_import.name],\n export_policies=[rp_export.name],\n opts = pulumi.ResourceOptions(depends_on=[\n rp_export,\n rp_import,\n router_interface,\n ]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var network = new Gcp.Compute.Network(\"network\", new()\n {\n Name = \"my-router-net\",\n AutoCreateSubnetworks = false,\n });\n\n var subnetwork = new Gcp.Compute.Subnetwork(\"subnetwork\", new()\n {\n Name = \"my-router-subnet\",\n Network = network.SelfLink,\n IpCidrRange = \"10.0.0.0/16\",\n Region = \"us-central1\",\n });\n\n var address = new Gcp.Compute.Address(\"address\", new()\n {\n Name = \"my-router\",\n Region = subnetwork.Region,\n });\n\n var vpnGateway = new Gcp.Compute.HaVpnGateway(\"vpn_gateway\", new()\n {\n Name = \"my-router-gateway\",\n Network = network.SelfLink,\n Region = subnetwork.Region,\n });\n\n var externalGateway = new Gcp.Compute.ExternalVpnGateway(\"external_gateway\", new()\n {\n Name = \"my-router-external-gateway\",\n RedundancyType = \"SINGLE_IP_INTERNALLY_REDUNDANT\",\n Description = \"An externally managed VPN gateway\",\n Interfaces = new[]\n {\n new Gcp.Compute.Inputs.ExternalVpnGatewayInterfaceArgs\n {\n Id = 0,\n IpAddress = \"8.8.8.8\",\n },\n },\n });\n\n var router = new Gcp.Compute.Router(\"router\", new()\n {\n Name = \"my-router\",\n Region = subnetwork.Region,\n Network = network.SelfLink,\n Bgp = new Gcp.Compute.Inputs.RouterBgpArgs\n {\n Asn = 64514,\n },\n });\n\n var vpnTunnel = new Gcp.Compute.VPNTunnel(\"vpn_tunnel\", new()\n {\n Name = \"my-router\",\n Region = subnetwork.Region,\n VpnGateway = vpnGateway.Id,\n PeerExternalGateway = externalGateway.Id,\n PeerExternalGatewayInterface = 0,\n SharedSecret = \"unguessable\",\n Router = router.Name,\n VpnGatewayInterface = 0,\n });\n\n var routerInterface = new Gcp.Compute.RouterInterface(\"router_interface\", new()\n {\n Name = \"my-router\",\n Router = router.Name,\n Region = router.Region,\n VpnTunnel = vpnTunnel.Name,\n });\n\n var rp_export = new Gcp.Compute.RouterRoutePolicy(\"rp-export\", new()\n {\n Name = \"my-router-rp-export\",\n Router = router.Name,\n Region = router.Region,\n Type = \"ROUTE_POLICY_TYPE_EXPORT\",\n Terms = new[]\n {\n new Gcp.Compute.Inputs.RouterRoutePolicyTermArgs\n {\n Priority = 2,\n Match = new Gcp.Compute.Inputs.RouterRoutePolicyTermMatchArgs\n {\n Expression = \"destination == '10.0.0.0/12'\",\n Title = \"export_expression\",\n Description = \"acceptance expression for export\",\n },\n Actions = new[]\n {\n new Gcp.Compute.Inputs.RouterRoutePolicyTermActionArgs\n {\n Expression = \"accept()\",\n },\n },\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n routerInterface,\n },\n });\n\n var rp_import = new Gcp.Compute.RouterRoutePolicy(\"rp-import\", new()\n {\n Name = \"my-router-rp-import\",\n Router = router.Name,\n Region = router.Region,\n Type = \"ROUTE_POLICY_TYPE_IMPORT\",\n Terms = new[]\n {\n new Gcp.Compute.Inputs.RouterRoutePolicyTermArgs\n {\n Priority = 1,\n Match = new Gcp.Compute.Inputs.RouterRoutePolicyTermMatchArgs\n {\n Expression = \"destination == '10.0.0.0/12'\",\n Title = \"import_expression\",\n Description = \"acceptance expression for import\",\n },\n Actions = new[]\n {\n new Gcp.Compute.Inputs.RouterRoutePolicyTermActionArgs\n {\n Expression = \"accept()\",\n },\n },\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n routerInterface,\n rp_export,\n },\n });\n\n var routerPeer = new Gcp.Compute.RouterPeer(\"router_peer\", new()\n {\n Name = \"my-router-peer\",\n Router = router.Name,\n Region = router.Region,\n PeerAsn = 65515,\n AdvertisedRoutePriority = 100,\n Interface = routerInterface.Name,\n Md5AuthenticationKey = new Gcp.Compute.Inputs.RouterPeerMd5AuthenticationKeyArgs\n {\n Name = \"my-router-peer-key\",\n Key = \"my-router-peer-key-value\",\n },\n ImportPolicies = new[]\n {\n rp_import.Name,\n },\n ExportPolicies = new[]\n {\n rp_export.Name,\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n rp_export,\n rp_import,\n routerInterface,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tnetwork, err := compute.NewNetwork(ctx, \"network\", \u0026compute.NetworkArgs{\n\t\t\tName: pulumi.String(\"my-router-net\"),\n\t\t\tAutoCreateSubnetworks: pulumi.Bool(false),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tsubnetwork, err := compute.NewSubnetwork(ctx, \"subnetwork\", \u0026compute.SubnetworkArgs{\n\t\t\tName: pulumi.String(\"my-router-subnet\"),\n\t\t\tNetwork: network.SelfLink,\n\t\t\tIpCidrRange: pulumi.String(\"10.0.0.0/16\"),\n\t\t\tRegion: pulumi.String(\"us-central1\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = compute.NewAddress(ctx, \"address\", \u0026compute.AddressArgs{\n\t\t\tName: pulumi.String(\"my-router\"),\n\t\t\tRegion: subnetwork.Region,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tvpnGateway, err := compute.NewHaVpnGateway(ctx, \"vpn_gateway\", \u0026compute.HaVpnGatewayArgs{\n\t\t\tName: pulumi.String(\"my-router-gateway\"),\n\t\t\tNetwork: network.SelfLink,\n\t\t\tRegion: subnetwork.Region,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texternalGateway, err := compute.NewExternalVpnGateway(ctx, \"external_gateway\", \u0026compute.ExternalVpnGatewayArgs{\n\t\t\tName: pulumi.String(\"my-router-external-gateway\"),\n\t\t\tRedundancyType: pulumi.String(\"SINGLE_IP_INTERNALLY_REDUNDANT\"),\n\t\t\tDescription: pulumi.String(\"An externally managed VPN gateway\"),\n\t\t\tInterfaces: compute.ExternalVpnGatewayInterfaceArray{\n\t\t\t\t\u0026compute.ExternalVpnGatewayInterfaceArgs{\n\t\t\t\t\tId: pulumi.Int(0),\n\t\t\t\t\tIpAddress: pulumi.String(\"8.8.8.8\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\trouter, err := compute.NewRouter(ctx, \"router\", \u0026compute.RouterArgs{\n\t\t\tName: pulumi.String(\"my-router\"),\n\t\t\tRegion: subnetwork.Region,\n\t\t\tNetwork: network.SelfLink,\n\t\t\tBgp: \u0026compute.RouterBgpArgs{\n\t\t\t\tAsn: pulumi.Int(64514),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tvpnTunnel, err := compute.NewVPNTunnel(ctx, \"vpn_tunnel\", \u0026compute.VPNTunnelArgs{\n\t\t\tName: pulumi.String(\"my-router\"),\n\t\t\tRegion: subnetwork.Region,\n\t\t\tVpnGateway: vpnGateway.ID(),\n\t\t\tPeerExternalGateway: externalGateway.ID(),\n\t\t\tPeerExternalGatewayInterface: pulumi.Int(0),\n\t\t\tSharedSecret: pulumi.String(\"unguessable\"),\n\t\t\tRouter: router.Name,\n\t\t\tVpnGatewayInterface: pulumi.Int(0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\trouterInterface, err := compute.NewRouterInterface(ctx, \"router_interface\", \u0026compute.RouterInterfaceArgs{\n\t\t\tName: pulumi.String(\"my-router\"),\n\t\t\tRouter: router.Name,\n\t\t\tRegion: router.Region,\n\t\t\tVpnTunnel: vpnTunnel.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = compute.NewRouterRoutePolicy(ctx, \"rp-export\", \u0026compute.RouterRoutePolicyArgs{\n\t\t\tName: pulumi.String(\"my-router-rp-export\"),\n\t\t\tRouter: router.Name,\n\t\t\tRegion: router.Region,\n\t\t\tType: pulumi.String(\"ROUTE_POLICY_TYPE_EXPORT\"),\n\t\t\tTerms: compute.RouterRoutePolicyTermArray{\n\t\t\t\t\u0026compute.RouterRoutePolicyTermArgs{\n\t\t\t\t\tPriority: pulumi.Int(2),\n\t\t\t\t\tMatch: \u0026compute.RouterRoutePolicyTermMatchArgs{\n\t\t\t\t\t\tExpression: pulumi.String(\"destination == '10.0.0.0/12'\"),\n\t\t\t\t\t\tTitle: pulumi.String(\"export_expression\"),\n\t\t\t\t\t\tDescription: pulumi.String(\"acceptance expression for export\"),\n\t\t\t\t\t},\n\t\t\t\t\tActions: compute.RouterRoutePolicyTermActionArray{\n\t\t\t\t\t\t\u0026compute.RouterRoutePolicyTermActionArgs{\n\t\t\t\t\t\t\tExpression: pulumi.String(\"accept()\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\trouterInterface,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = compute.NewRouterRoutePolicy(ctx, \"rp-import\", \u0026compute.RouterRoutePolicyArgs{\n\t\t\tName: pulumi.String(\"my-router-rp-import\"),\n\t\t\tRouter: router.Name,\n\t\t\tRegion: router.Region,\n\t\t\tType: pulumi.String(\"ROUTE_POLICY_TYPE_IMPORT\"),\n\t\t\tTerms: compute.RouterRoutePolicyTermArray{\n\t\t\t\t\u0026compute.RouterRoutePolicyTermArgs{\n\t\t\t\t\tPriority: pulumi.Int(1),\n\t\t\t\t\tMatch: \u0026compute.RouterRoutePolicyTermMatchArgs{\n\t\t\t\t\t\tExpression: pulumi.String(\"destination == '10.0.0.0/12'\"),\n\t\t\t\t\t\tTitle: pulumi.String(\"import_expression\"),\n\t\t\t\t\t\tDescription: pulumi.String(\"acceptance expression for import\"),\n\t\t\t\t\t},\n\t\t\t\t\tActions: compute.RouterRoutePolicyTermActionArray{\n\t\t\t\t\t\t\u0026compute.RouterRoutePolicyTermActionArgs{\n\t\t\t\t\t\t\tExpression: pulumi.String(\"accept()\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\trouterInterface,\n\t\t\trp_export,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = compute.NewRouterPeer(ctx, \"router_peer\", \u0026compute.RouterPeerArgs{\n\t\t\tName: pulumi.String(\"my-router-peer\"),\n\t\t\tRouter: router.Name,\n\t\t\tRegion: router.Region,\n\t\t\tPeerAsn: pulumi.Int(65515),\n\t\t\tAdvertisedRoutePriority: pulumi.Int(100),\n\t\t\tInterface: routerInterface.Name,\n\t\t\tMd5AuthenticationKey: \u0026compute.RouterPeerMd5AuthenticationKeyArgs{\n\t\t\t\tName: pulumi.String(\"my-router-peer-key\"),\n\t\t\t\tKey: pulumi.String(\"my-router-peer-key-value\"),\n\t\t\t},\n\t\t\tImportPolicies: pulumi.StringArray{\n\t\t\t\trp_import.Name,\n\t\t\t},\n\t\t\tExportPolicies: pulumi.StringArray{\n\t\t\t\trp_export.Name,\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\trp_export,\n\t\t\trp_import,\n\t\t\trouterInterface,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.compute.Network;\nimport com.pulumi.gcp.compute.NetworkArgs;\nimport com.pulumi.gcp.compute.Subnetwork;\nimport com.pulumi.gcp.compute.SubnetworkArgs;\nimport com.pulumi.gcp.compute.Address;\nimport com.pulumi.gcp.compute.AddressArgs;\nimport com.pulumi.gcp.compute.HaVpnGateway;\nimport com.pulumi.gcp.compute.HaVpnGatewayArgs;\nimport com.pulumi.gcp.compute.ExternalVpnGateway;\nimport com.pulumi.gcp.compute.ExternalVpnGatewayArgs;\nimport com.pulumi.gcp.compute.inputs.ExternalVpnGatewayInterfaceArgs;\nimport com.pulumi.gcp.compute.Router;\nimport com.pulumi.gcp.compute.RouterArgs;\nimport com.pulumi.gcp.compute.inputs.RouterBgpArgs;\nimport com.pulumi.gcp.compute.VPNTunnel;\nimport com.pulumi.gcp.compute.VPNTunnelArgs;\nimport com.pulumi.gcp.compute.RouterInterface;\nimport com.pulumi.gcp.compute.RouterInterfaceArgs;\nimport com.pulumi.gcp.compute.RouterRoutePolicy;\nimport com.pulumi.gcp.compute.RouterRoutePolicyArgs;\nimport com.pulumi.gcp.compute.inputs.RouterRoutePolicyTermArgs;\nimport com.pulumi.gcp.compute.inputs.RouterRoutePolicyTermMatchArgs;\nimport com.pulumi.gcp.compute.RouterPeer;\nimport com.pulumi.gcp.compute.RouterPeerArgs;\nimport com.pulumi.gcp.compute.inputs.RouterPeerMd5AuthenticationKeyArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var network = new Network(\"network\", NetworkArgs.builder()\n .name(\"my-router-net\")\n .autoCreateSubnetworks(false)\n .build());\n\n var subnetwork = new Subnetwork(\"subnetwork\", SubnetworkArgs.builder()\n .name(\"my-router-subnet\")\n .network(network.selfLink())\n .ipCidrRange(\"10.0.0.0/16\")\n .region(\"us-central1\")\n .build());\n\n var address = new Address(\"address\", AddressArgs.builder()\n .name(\"my-router\")\n .region(subnetwork.region())\n .build());\n\n var vpnGateway = new HaVpnGateway(\"vpnGateway\", HaVpnGatewayArgs.builder()\n .name(\"my-router-gateway\")\n .network(network.selfLink())\n .region(subnetwork.region())\n .build());\n\n var externalGateway = new ExternalVpnGateway(\"externalGateway\", ExternalVpnGatewayArgs.builder()\n .name(\"my-router-external-gateway\")\n .redundancyType(\"SINGLE_IP_INTERNALLY_REDUNDANT\")\n .description(\"An externally managed VPN gateway\")\n .interfaces(ExternalVpnGatewayInterfaceArgs.builder()\n .id(0)\n .ipAddress(\"8.8.8.8\")\n .build())\n .build());\n\n var router = new Router(\"router\", RouterArgs.builder()\n .name(\"my-router\")\n .region(subnetwork.region())\n .network(network.selfLink())\n .bgp(RouterBgpArgs.builder()\n .asn(64514)\n .build())\n .build());\n\n var vpnTunnel = new VPNTunnel(\"vpnTunnel\", VPNTunnelArgs.builder()\n .name(\"my-router\")\n .region(subnetwork.region())\n .vpnGateway(vpnGateway.id())\n .peerExternalGateway(externalGateway.id())\n .peerExternalGatewayInterface(0)\n .sharedSecret(\"unguessable\")\n .router(router.name())\n .vpnGatewayInterface(0)\n .build());\n\n var routerInterface = new RouterInterface(\"routerInterface\", RouterInterfaceArgs.builder()\n .name(\"my-router\")\n .router(router.name())\n .region(router.region())\n .vpnTunnel(vpnTunnel.name())\n .build());\n\n var rp_export = new RouterRoutePolicy(\"rp-export\", RouterRoutePolicyArgs.builder()\n .name(\"my-router-rp-export\")\n .router(router.name())\n .region(router.region())\n .type(\"ROUTE_POLICY_TYPE_EXPORT\")\n .terms(RouterRoutePolicyTermArgs.builder()\n .priority(2)\n .match(RouterRoutePolicyTermMatchArgs.builder()\n .expression(\"destination == '10.0.0.0/12'\")\n .title(\"export_expression\")\n .description(\"acceptance expression for export\")\n .build())\n .actions(RouterRoutePolicyTermActionArgs.builder()\n .expression(\"accept()\")\n .build())\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(routerInterface)\n .build());\n\n var rp_import = new RouterRoutePolicy(\"rp-import\", RouterRoutePolicyArgs.builder()\n .name(\"my-router-rp-import\")\n .router(router.name())\n .region(router.region())\n .type(\"ROUTE_POLICY_TYPE_IMPORT\")\n .terms(RouterRoutePolicyTermArgs.builder()\n .priority(1)\n .match(RouterRoutePolicyTermMatchArgs.builder()\n .expression(\"destination == '10.0.0.0/12'\")\n .title(\"import_expression\")\n .description(\"acceptance expression for import\")\n .build())\n .actions(RouterRoutePolicyTermActionArgs.builder()\n .expression(\"accept()\")\n .build())\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn( \n routerInterface,\n rp_export)\n .build());\n\n var routerPeer = new RouterPeer(\"routerPeer\", RouterPeerArgs.builder()\n .name(\"my-router-peer\")\n .router(router.name())\n .region(router.region())\n .peerAsn(65515)\n .advertisedRoutePriority(100)\n .interface_(routerInterface.name())\n .md5AuthenticationKey(RouterPeerMd5AuthenticationKeyArgs.builder()\n .name(\"my-router-peer-key\")\n .key(\"my-router-peer-key-value\")\n .build())\n .importPolicies(rp_import.name())\n .exportPolicies(rp_export.name())\n .build(), CustomResourceOptions.builder()\n .dependsOn( \n rp_export,\n rp_import,\n routerInterface)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n network:\n type: gcp:compute:Network\n properties:\n name: my-router-net\n autoCreateSubnetworks: false\n subnetwork:\n type: gcp:compute:Subnetwork\n properties:\n name: my-router-subnet\n network: ${network.selfLink}\n ipCidrRange: 10.0.0.0/16\n region: us-central1\n address:\n type: gcp:compute:Address\n properties:\n name: my-router\n region: ${subnetwork.region}\n vpnGateway:\n type: gcp:compute:HaVpnGateway\n name: vpn_gateway\n properties:\n name: my-router-gateway\n network: ${network.selfLink}\n region: ${subnetwork.region}\n externalGateway:\n type: gcp:compute:ExternalVpnGateway\n name: external_gateway\n properties:\n name: my-router-external-gateway\n redundancyType: SINGLE_IP_INTERNALLY_REDUNDANT\n description: An externally managed VPN gateway\n interfaces:\n - id: 0\n ipAddress: 8.8.8.8\n router:\n type: gcp:compute:Router\n properties:\n name: my-router\n region: ${subnetwork.region}\n network: ${network.selfLink}\n bgp:\n asn: 64514\n vpnTunnel:\n type: gcp:compute:VPNTunnel\n name: vpn_tunnel\n properties:\n name: my-router\n region: ${subnetwork.region}\n vpnGateway: ${vpnGateway.id}\n peerExternalGateway: ${externalGateway.id}\n peerExternalGatewayInterface: 0\n sharedSecret: unguessable\n router: ${router.name}\n vpnGatewayInterface: 0\n routerInterface:\n type: gcp:compute:RouterInterface\n name: router_interface\n properties:\n name: my-router\n router: ${router.name}\n region: ${router.region}\n vpnTunnel: ${vpnTunnel.name}\n rp-export:\n type: gcp:compute:RouterRoutePolicy\n properties:\n name: my-router-rp-export\n router: ${router.name}\n region: ${router.region}\n type: ROUTE_POLICY_TYPE_EXPORT\n terms:\n - priority: 2\n match:\n expression: destination == '10.0.0.0/12'\n title: export_expression\n description: acceptance expression for export\n actions:\n - expression: accept()\n options:\n dependsOn:\n - ${routerInterface}\n rp-import:\n type: gcp:compute:RouterRoutePolicy\n properties:\n name: my-router-rp-import\n router: ${router.name}\n region: ${router.region}\n type: ROUTE_POLICY_TYPE_IMPORT\n terms:\n - priority: 1\n match:\n expression: destination == '10.0.0.0/12'\n title: import_expression\n description: acceptance expression for import\n actions:\n - expression: accept()\n options:\n dependsOn:\n - ${routerInterface}\n - ${[\"rp-export\"]}\n routerPeer:\n type: gcp:compute:RouterPeer\n name: router_peer\n properties:\n name: my-router-peer\n router: ${router.name}\n region: ${router.region}\n peerAsn: 65515\n advertisedRoutePriority: 100\n interface: ${routerInterface.name}\n md5AuthenticationKey:\n name: my-router-peer-key\n key: my-router-peer-key-value\n importPolicies:\n - ${[\"rp-import\"].name}\n exportPolicies:\n - ${[\"rp-export\"].name}\n options:\n dependsOn:\n - ${[\"rp-export\"]}\n - ${[\"rp-import\"]}\n - ${routerInterface}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nRouterBgpPeer can be imported using any of these accepted formats:\n\n* `projects/{{project}}/regions/{{region}}/routers/{{router}}/{{name}}`\n\n* `{{project}}/{{region}}/{{router}}/{{name}}`\n\n* `{{region}}/{{router}}/{{name}}`\n\n* `{{router}}/{{name}}`\n\nWhen using the `pulumi import` command, RouterBgpPeer can be imported using one of the formats above. For example:\n\n```sh\n$ pulumi import gcp:compute/routerPeer:RouterPeer default projects/{{project}}/regions/{{region}}/routers/{{router}}/{{name}}\n```\n\n```sh\n$ pulumi import gcp:compute/routerPeer:RouterPeer default {{project}}/{{region}}/{{router}}/{{name}}\n```\n\n```sh\n$ pulumi import gcp:compute/routerPeer:RouterPeer default {{region}}/{{router}}/{{name}}\n```\n\n```sh\n$ pulumi import gcp:compute/routerPeer:RouterPeer default {{router}}/{{name}}\n```\n\n", + "description": "BGP information that must be configured into the routing stack to\nestablish BGP peering. This information must specify the peer ASN\nand either the interface name, IP address, or peer IP address.\nPlease refer to RFC4273.\n\n\nTo get more information about RouterBgpPeer, see:\n\n* [API documentation](https://cloud.google.com/compute/docs/reference/rest/v1/routers)\n* How-to Guides\n * [Google Cloud Router](https://cloud.google.com/router/docs/)\n\n## Example Usage\n\n### Router Peer Basic\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst peer = new gcp.compute.RouterPeer(\"peer\", {\n name: \"my-router-peer\",\n router: \"my-router\",\n region: \"us-central1\",\n peerAsn: 65513,\n advertisedRoutePriority: 100,\n \"interface\": \"interface-1\",\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\npeer = gcp.compute.RouterPeer(\"peer\",\n name=\"my-router-peer\",\n router=\"my-router\",\n region=\"us-central1\",\n peer_asn=65513,\n advertised_route_priority=100,\n interface=\"interface-1\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var peer = new Gcp.Compute.RouterPeer(\"peer\", new()\n {\n Name = \"my-router-peer\",\n Router = \"my-router\",\n Region = \"us-central1\",\n PeerAsn = 65513,\n AdvertisedRoutePriority = 100,\n Interface = \"interface-1\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := compute.NewRouterPeer(ctx, \"peer\", \u0026compute.RouterPeerArgs{\n\t\t\tName: pulumi.String(\"my-router-peer\"),\n\t\t\tRouter: pulumi.String(\"my-router\"),\n\t\t\tRegion: pulumi.String(\"us-central1\"),\n\t\t\tPeerAsn: pulumi.Int(65513),\n\t\t\tAdvertisedRoutePriority: pulumi.Int(100),\n\t\t\tInterface: pulumi.String(\"interface-1\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.compute.RouterPeer;\nimport com.pulumi.gcp.compute.RouterPeerArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var peer = new RouterPeer(\"peer\", RouterPeerArgs.builder()\n .name(\"my-router-peer\")\n .router(\"my-router\")\n .region(\"us-central1\")\n .peerAsn(65513)\n .advertisedRoutePriority(100)\n .interface_(\"interface-1\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n peer:\n type: gcp:compute:RouterPeer\n properties:\n name: my-router-peer\n router: my-router\n region: us-central1\n peerAsn: 65513\n advertisedRoutePriority: 100\n interface: interface-1\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Router Peer Disabled\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst peer = new gcp.compute.RouterPeer(\"peer\", {\n name: \"my-router-peer\",\n router: \"my-router\",\n region: \"us-central1\",\n peerIpAddress: \"169.254.1.2\",\n peerAsn: 65513,\n advertisedRoutePriority: 100,\n \"interface\": \"interface-1\",\n enable: false,\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\npeer = gcp.compute.RouterPeer(\"peer\",\n name=\"my-router-peer\",\n router=\"my-router\",\n region=\"us-central1\",\n peer_ip_address=\"169.254.1.2\",\n peer_asn=65513,\n advertised_route_priority=100,\n interface=\"interface-1\",\n enable=False)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var peer = new Gcp.Compute.RouterPeer(\"peer\", new()\n {\n Name = \"my-router-peer\",\n Router = \"my-router\",\n Region = \"us-central1\",\n PeerIpAddress = \"169.254.1.2\",\n PeerAsn = 65513,\n AdvertisedRoutePriority = 100,\n Interface = \"interface-1\",\n Enable = false,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := compute.NewRouterPeer(ctx, \"peer\", \u0026compute.RouterPeerArgs{\n\t\t\tName: pulumi.String(\"my-router-peer\"),\n\t\t\tRouter: pulumi.String(\"my-router\"),\n\t\t\tRegion: pulumi.String(\"us-central1\"),\n\t\t\tPeerIpAddress: pulumi.String(\"169.254.1.2\"),\n\t\t\tPeerAsn: pulumi.Int(65513),\n\t\t\tAdvertisedRoutePriority: pulumi.Int(100),\n\t\t\tInterface: pulumi.String(\"interface-1\"),\n\t\t\tEnable: pulumi.Bool(false),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.compute.RouterPeer;\nimport com.pulumi.gcp.compute.RouterPeerArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var peer = new RouterPeer(\"peer\", RouterPeerArgs.builder()\n .name(\"my-router-peer\")\n .router(\"my-router\")\n .region(\"us-central1\")\n .peerIpAddress(\"169.254.1.2\")\n .peerAsn(65513)\n .advertisedRoutePriority(100)\n .interface_(\"interface-1\")\n .enable(false)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n peer:\n type: gcp:compute:RouterPeer\n properties:\n name: my-router-peer\n router: my-router\n region: us-central1\n peerIpAddress: 169.254.1.2\n peerAsn: 65513\n advertisedRoutePriority: 100\n interface: interface-1\n enable: false\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Router Peer Bfd\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst peer = new gcp.compute.RouterPeer(\"peer\", {\n name: \"my-router-peer\",\n router: \"my-router\",\n region: \"us-central1\",\n peerIpAddress: \"169.254.1.2\",\n peerAsn: 65513,\n advertisedRoutePriority: 100,\n \"interface\": \"interface-1\",\n bfd: {\n minReceiveInterval: 1000,\n minTransmitInterval: 1000,\n multiplier: 5,\n sessionInitializationMode: \"ACTIVE\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\npeer = gcp.compute.RouterPeer(\"peer\",\n name=\"my-router-peer\",\n router=\"my-router\",\n region=\"us-central1\",\n peer_ip_address=\"169.254.1.2\",\n peer_asn=65513,\n advertised_route_priority=100,\n interface=\"interface-1\",\n bfd={\n \"min_receive_interval\": 1000,\n \"min_transmit_interval\": 1000,\n \"multiplier\": 5,\n \"session_initialization_mode\": \"ACTIVE\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var peer = new Gcp.Compute.RouterPeer(\"peer\", new()\n {\n Name = \"my-router-peer\",\n Router = \"my-router\",\n Region = \"us-central1\",\n PeerIpAddress = \"169.254.1.2\",\n PeerAsn = 65513,\n AdvertisedRoutePriority = 100,\n Interface = \"interface-1\",\n Bfd = new Gcp.Compute.Inputs.RouterPeerBfdArgs\n {\n MinReceiveInterval = 1000,\n MinTransmitInterval = 1000,\n Multiplier = 5,\n SessionInitializationMode = \"ACTIVE\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := compute.NewRouterPeer(ctx, \"peer\", \u0026compute.RouterPeerArgs{\n\t\t\tName: pulumi.String(\"my-router-peer\"),\n\t\t\tRouter: pulumi.String(\"my-router\"),\n\t\t\tRegion: pulumi.String(\"us-central1\"),\n\t\t\tPeerIpAddress: pulumi.String(\"169.254.1.2\"),\n\t\t\tPeerAsn: pulumi.Int(65513),\n\t\t\tAdvertisedRoutePriority: pulumi.Int(100),\n\t\t\tInterface: pulumi.String(\"interface-1\"),\n\t\t\tBfd: \u0026compute.RouterPeerBfdArgs{\n\t\t\t\tMinReceiveInterval: pulumi.Int(1000),\n\t\t\t\tMinTransmitInterval: pulumi.Int(1000),\n\t\t\t\tMultiplier: pulumi.Int(5),\n\t\t\t\tSessionInitializationMode: pulumi.String(\"ACTIVE\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.compute.RouterPeer;\nimport com.pulumi.gcp.compute.RouterPeerArgs;\nimport com.pulumi.gcp.compute.inputs.RouterPeerBfdArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var peer = new RouterPeer(\"peer\", RouterPeerArgs.builder()\n .name(\"my-router-peer\")\n .router(\"my-router\")\n .region(\"us-central1\")\n .peerIpAddress(\"169.254.1.2\")\n .peerAsn(65513)\n .advertisedRoutePriority(100)\n .interface_(\"interface-1\")\n .bfd(RouterPeerBfdArgs.builder()\n .minReceiveInterval(1000)\n .minTransmitInterval(1000)\n .multiplier(5)\n .sessionInitializationMode(\"ACTIVE\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n peer:\n type: gcp:compute:RouterPeer\n properties:\n name: my-router-peer\n router: my-router\n region: us-central1\n peerIpAddress: 169.254.1.2\n peerAsn: 65513\n advertisedRoutePriority: 100\n interface: interface-1\n bfd:\n minReceiveInterval: 1000\n minTransmitInterval: 1000\n multiplier: 5\n sessionInitializationMode: ACTIVE\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Router Zero Custom Learend Route Priority\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst peer = new gcp.compute.RouterPeer(\"peer\", {\n name: \"my-router-peer\",\n router: \"my-router\",\n region: \"us-central1\",\n \"interface\": \"interface-1\",\n peerAsn: 65513,\n customLearnedRoutePriority: 0,\n zeroCustomLearnedRoutePriority: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\npeer = gcp.compute.RouterPeer(\"peer\",\n name=\"my-router-peer\",\n router=\"my-router\",\n region=\"us-central1\",\n interface=\"interface-1\",\n peer_asn=65513,\n custom_learned_route_priority=0,\n zero_custom_learned_route_priority=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var peer = new Gcp.Compute.RouterPeer(\"peer\", new()\n {\n Name = \"my-router-peer\",\n Router = \"my-router\",\n Region = \"us-central1\",\n Interface = \"interface-1\",\n PeerAsn = 65513,\n CustomLearnedRoutePriority = 0,\n ZeroCustomLearnedRoutePriority = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := compute.NewRouterPeer(ctx, \"peer\", \u0026compute.RouterPeerArgs{\n\t\t\tName: pulumi.String(\"my-router-peer\"),\n\t\t\tRouter: pulumi.String(\"my-router\"),\n\t\t\tRegion: pulumi.String(\"us-central1\"),\n\t\t\tInterface: pulumi.String(\"interface-1\"),\n\t\t\tPeerAsn: pulumi.Int(65513),\n\t\t\tCustomLearnedRoutePriority: pulumi.Int(0),\n\t\t\tZeroCustomLearnedRoutePriority: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.compute.RouterPeer;\nimport com.pulumi.gcp.compute.RouterPeerArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var peer = new RouterPeer(\"peer\", RouterPeerArgs.builder()\n .name(\"my-router-peer\")\n .router(\"my-router\")\n .region(\"us-central1\")\n .interface_(\"interface-1\")\n .peerAsn(65513)\n .customLearnedRoutePriority(0)\n .zeroCustomLearnedRoutePriority(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n peer:\n type: gcp:compute:RouterPeer\n properties:\n name: my-router-peer\n router: my-router\n region: us-central1\n interface: interface-1\n peerAsn: 65513\n customLearnedRoutePriority: 0\n zeroCustomLearnedRoutePriority: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Router Peer Router Appliance\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst network = new gcp.compute.Network(\"network\", {\n name: \"my-router-net\",\n autoCreateSubnetworks: false,\n});\nconst subnetwork = new gcp.compute.Subnetwork(\"subnetwork\", {\n name: \"my-router-sub\",\n network: network.selfLink,\n ipCidrRange: \"10.0.0.0/16\",\n region: \"us-central1\",\n});\nconst addrIntf = new gcp.compute.Address(\"addr_intf\", {\n name: \"my-router-addr-intf\",\n region: subnetwork.region,\n subnetwork: subnetwork.id,\n addressType: \"INTERNAL\",\n});\nconst addrIntfRedundant = new gcp.compute.Address(\"addr_intf_redundant\", {\n name: \"my-router-addr-intf-red\",\n region: subnetwork.region,\n subnetwork: subnetwork.id,\n addressType: \"INTERNAL\",\n});\nconst addrPeer = new gcp.compute.Address(\"addr_peer\", {\n name: \"my-router-addr-peer\",\n region: subnetwork.region,\n subnetwork: subnetwork.id,\n addressType: \"INTERNAL\",\n});\nconst instance = new gcp.compute.Instance(\"instance\", {\n name: \"router-appliance\",\n zone: \"us-central1-a\",\n machineType: \"e2-medium\",\n canIpForward: true,\n bootDisk: {\n initializeParams: {\n image: \"debian-cloud/debian-11\",\n },\n },\n networkInterfaces: [{\n networkIp: addrPeer.address,\n subnetwork: subnetwork.selfLink,\n }],\n});\nconst hub = new gcp.networkconnectivity.Hub(\"hub\", {name: \"my-router-hub\"});\nconst spoke = new gcp.networkconnectivity.Spoke(\"spoke\", {\n name: \"my-router-spoke\",\n location: subnetwork.region,\n hub: hub.id,\n linkedRouterApplianceInstances: {\n instances: [{\n virtualMachine: instance.selfLink,\n ipAddress: addrPeer.address,\n }],\n siteToSiteDataTransfer: false,\n },\n});\nconst router = new gcp.compute.Router(\"router\", {\n name: \"my-router-router\",\n region: subnetwork.region,\n network: network.selfLink,\n bgp: {\n asn: 64514,\n },\n});\nconst interfaceRedundant = new gcp.compute.RouterInterface(\"interface_redundant\", {\n name: \"my-router-intf-red\",\n region: router.region,\n router: router.name,\n subnetwork: subnetwork.selfLink,\n privateIpAddress: addrIntfRedundant.address,\n});\nconst _interface = new gcp.compute.RouterInterface(\"interface\", {\n name: \"my-router-intf\",\n region: router.region,\n router: router.name,\n subnetwork: subnetwork.selfLink,\n privateIpAddress: addrIntf.address,\n redundantInterface: interfaceRedundant.name,\n});\nconst peer = new gcp.compute.RouterPeer(\"peer\", {\n name: \"my-router-peer\",\n router: router.name,\n region: router.region,\n \"interface\": _interface.name,\n routerApplianceInstance: instance.selfLink,\n peerAsn: 65513,\n peerIpAddress: addrPeer.address,\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nnetwork = gcp.compute.Network(\"network\",\n name=\"my-router-net\",\n auto_create_subnetworks=False)\nsubnetwork = gcp.compute.Subnetwork(\"subnetwork\",\n name=\"my-router-sub\",\n network=network.self_link,\n ip_cidr_range=\"10.0.0.0/16\",\n region=\"us-central1\")\naddr_intf = gcp.compute.Address(\"addr_intf\",\n name=\"my-router-addr-intf\",\n region=subnetwork.region,\n subnetwork=subnetwork.id,\n address_type=\"INTERNAL\")\naddr_intf_redundant = gcp.compute.Address(\"addr_intf_redundant\",\n name=\"my-router-addr-intf-red\",\n region=subnetwork.region,\n subnetwork=subnetwork.id,\n address_type=\"INTERNAL\")\naddr_peer = gcp.compute.Address(\"addr_peer\",\n name=\"my-router-addr-peer\",\n region=subnetwork.region,\n subnetwork=subnetwork.id,\n address_type=\"INTERNAL\")\ninstance = gcp.compute.Instance(\"instance\",\n name=\"router-appliance\",\n zone=\"us-central1-a\",\n machine_type=\"e2-medium\",\n can_ip_forward=True,\n boot_disk={\n \"initialize_params\": {\n \"image\": \"debian-cloud/debian-11\",\n },\n },\n network_interfaces=[{\n \"network_ip\": addr_peer.address,\n \"subnetwork\": subnetwork.self_link,\n }])\nhub = gcp.networkconnectivity.Hub(\"hub\", name=\"my-router-hub\")\nspoke = gcp.networkconnectivity.Spoke(\"spoke\",\n name=\"my-router-spoke\",\n location=subnetwork.region,\n hub=hub.id,\n linked_router_appliance_instances={\n \"instances\": [{\n \"virtual_machine\": instance.self_link,\n \"ip_address\": addr_peer.address,\n }],\n \"site_to_site_data_transfer\": False,\n })\nrouter = gcp.compute.Router(\"router\",\n name=\"my-router-router\",\n region=subnetwork.region,\n network=network.self_link,\n bgp={\n \"asn\": 64514,\n })\ninterface_redundant = gcp.compute.RouterInterface(\"interface_redundant\",\n name=\"my-router-intf-red\",\n region=router.region,\n router=router.name,\n subnetwork=subnetwork.self_link,\n private_ip_address=addr_intf_redundant.address)\ninterface = gcp.compute.RouterInterface(\"interface\",\n name=\"my-router-intf\",\n region=router.region,\n router=router.name,\n subnetwork=subnetwork.self_link,\n private_ip_address=addr_intf.address,\n redundant_interface=interface_redundant.name)\npeer = gcp.compute.RouterPeer(\"peer\",\n name=\"my-router-peer\",\n router=router.name,\n region=router.region,\n interface=interface.name,\n router_appliance_instance=instance.self_link,\n peer_asn=65513,\n peer_ip_address=addr_peer.address)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var network = new Gcp.Compute.Network(\"network\", new()\n {\n Name = \"my-router-net\",\n AutoCreateSubnetworks = false,\n });\n\n var subnetwork = new Gcp.Compute.Subnetwork(\"subnetwork\", new()\n {\n Name = \"my-router-sub\",\n Network = network.SelfLink,\n IpCidrRange = \"10.0.0.0/16\",\n Region = \"us-central1\",\n });\n\n var addrIntf = new Gcp.Compute.Address(\"addr_intf\", new()\n {\n Name = \"my-router-addr-intf\",\n Region = subnetwork.Region,\n Subnetwork = subnetwork.Id,\n AddressType = \"INTERNAL\",\n });\n\n var addrIntfRedundant = new Gcp.Compute.Address(\"addr_intf_redundant\", new()\n {\n Name = \"my-router-addr-intf-red\",\n Region = subnetwork.Region,\n Subnetwork = subnetwork.Id,\n AddressType = \"INTERNAL\",\n });\n\n var addrPeer = new Gcp.Compute.Address(\"addr_peer\", new()\n {\n Name = \"my-router-addr-peer\",\n Region = subnetwork.Region,\n Subnetwork = subnetwork.Id,\n AddressType = \"INTERNAL\",\n });\n\n var instance = new Gcp.Compute.Instance(\"instance\", new()\n {\n Name = \"router-appliance\",\n Zone = \"us-central1-a\",\n MachineType = \"e2-medium\",\n CanIpForward = true,\n BootDisk = new Gcp.Compute.Inputs.InstanceBootDiskArgs\n {\n InitializeParams = new Gcp.Compute.Inputs.InstanceBootDiskInitializeParamsArgs\n {\n Image = \"debian-cloud/debian-11\",\n },\n },\n NetworkInterfaces = new[]\n {\n new Gcp.Compute.Inputs.InstanceNetworkInterfaceArgs\n {\n NetworkIp = addrPeer.IPAddress,\n Subnetwork = subnetwork.SelfLink,\n },\n },\n });\n\n var hub = new Gcp.NetworkConnectivity.Hub(\"hub\", new()\n {\n Name = \"my-router-hub\",\n });\n\n var spoke = new Gcp.NetworkConnectivity.Spoke(\"spoke\", new()\n {\n Name = \"my-router-spoke\",\n Location = subnetwork.Region,\n Hub = hub.Id,\n LinkedRouterApplianceInstances = new Gcp.NetworkConnectivity.Inputs.SpokeLinkedRouterApplianceInstancesArgs\n {\n Instances = new[]\n {\n new Gcp.NetworkConnectivity.Inputs.SpokeLinkedRouterApplianceInstancesInstanceArgs\n {\n VirtualMachine = instance.SelfLink,\n IpAddress = addrPeer.IPAddress,\n },\n },\n SiteToSiteDataTransfer = false,\n },\n });\n\n var router = new Gcp.Compute.Router(\"router\", new()\n {\n Name = \"my-router-router\",\n Region = subnetwork.Region,\n Network = network.SelfLink,\n Bgp = new Gcp.Compute.Inputs.RouterBgpArgs\n {\n Asn = 64514,\n },\n });\n\n var interfaceRedundant = new Gcp.Compute.RouterInterface(\"interface_redundant\", new()\n {\n Name = \"my-router-intf-red\",\n Region = router.Region,\n Router = router.Name,\n Subnetwork = subnetwork.SelfLink,\n PrivateIpAddress = addrIntfRedundant.IPAddress,\n });\n\n var @interface = new Gcp.Compute.RouterInterface(\"interface\", new()\n {\n Name = \"my-router-intf\",\n Region = router.Region,\n Router = router.Name,\n Subnetwork = subnetwork.SelfLink,\n PrivateIpAddress = addrIntf.IPAddress,\n RedundantInterface = interfaceRedundant.Name,\n });\n\n var peer = new Gcp.Compute.RouterPeer(\"peer\", new()\n {\n Name = \"my-router-peer\",\n Router = router.Name,\n Region = router.Region,\n Interface = @interface.Name,\n RouterApplianceInstance = instance.SelfLink,\n PeerAsn = 65513,\n PeerIpAddress = addrPeer.IPAddress,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networkconnectivity\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\nnetwork, err := compute.NewNetwork(ctx, \"network\", \u0026compute.NetworkArgs{\nName: pulumi.String(\"my-router-net\"),\nAutoCreateSubnetworks: pulumi.Bool(false),\n})\nif err != nil {\nreturn err\n}\nsubnetwork, err := compute.NewSubnetwork(ctx, \"subnetwork\", \u0026compute.SubnetworkArgs{\nName: pulumi.String(\"my-router-sub\"),\nNetwork: network.SelfLink,\nIpCidrRange: pulumi.String(\"10.0.0.0/16\"),\nRegion: pulumi.String(\"us-central1\"),\n})\nif err != nil {\nreturn err\n}\naddrIntf, err := compute.NewAddress(ctx, \"addr_intf\", \u0026compute.AddressArgs{\nName: pulumi.String(\"my-router-addr-intf\"),\nRegion: subnetwork.Region,\nSubnetwork: subnetwork.ID(),\nAddressType: pulumi.String(\"INTERNAL\"),\n})\nif err != nil {\nreturn err\n}\naddrIntfRedundant, err := compute.NewAddress(ctx, \"addr_intf_redundant\", \u0026compute.AddressArgs{\nName: pulumi.String(\"my-router-addr-intf-red\"),\nRegion: subnetwork.Region,\nSubnetwork: subnetwork.ID(),\nAddressType: pulumi.String(\"INTERNAL\"),\n})\nif err != nil {\nreturn err\n}\naddrPeer, err := compute.NewAddress(ctx, \"addr_peer\", \u0026compute.AddressArgs{\nName: pulumi.String(\"my-router-addr-peer\"),\nRegion: subnetwork.Region,\nSubnetwork: subnetwork.ID(),\nAddressType: pulumi.String(\"INTERNAL\"),\n})\nif err != nil {\nreturn err\n}\ninstance, err := compute.NewInstance(ctx, \"instance\", \u0026compute.InstanceArgs{\nName: pulumi.String(\"router-appliance\"),\nZone: pulumi.String(\"us-central1-a\"),\nMachineType: pulumi.String(\"e2-medium\"),\nCanIpForward: pulumi.Bool(true),\nBootDisk: \u0026compute.InstanceBootDiskArgs{\nInitializeParams: \u0026compute.InstanceBootDiskInitializeParamsArgs{\nImage: pulumi.String(\"debian-cloud/debian-11\"),\n},\n},\nNetworkInterfaces: compute.InstanceNetworkInterfaceArray{\n\u0026compute.InstanceNetworkInterfaceArgs{\nNetworkIp: addrPeer.Address,\nSubnetwork: subnetwork.SelfLink,\n},\n},\n})\nif err != nil {\nreturn err\n}\nhub, err := networkconnectivity.NewHub(ctx, \"hub\", \u0026networkconnectivity.HubArgs{\nName: pulumi.String(\"my-router-hub\"),\n})\nif err != nil {\nreturn err\n}\n_, err = networkconnectivity.NewSpoke(ctx, \"spoke\", \u0026networkconnectivity.SpokeArgs{\nName: pulumi.String(\"my-router-spoke\"),\nLocation: subnetwork.Region,\nHub: hub.ID(),\nLinkedRouterApplianceInstances: \u0026networkconnectivity.SpokeLinkedRouterApplianceInstancesArgs{\nInstances: networkconnectivity.SpokeLinkedRouterApplianceInstancesInstanceArray{\n\u0026networkconnectivity.SpokeLinkedRouterApplianceInstancesInstanceArgs{\nVirtualMachine: instance.SelfLink,\nIpAddress: addrPeer.Address,\n},\n},\nSiteToSiteDataTransfer: pulumi.Bool(false),\n},\n})\nif err != nil {\nreturn err\n}\nrouter, err := compute.NewRouter(ctx, \"router\", \u0026compute.RouterArgs{\nName: pulumi.String(\"my-router-router\"),\nRegion: subnetwork.Region,\nNetwork: network.SelfLink,\nBgp: \u0026compute.RouterBgpArgs{\nAsn: pulumi.Int(64514),\n},\n})\nif err != nil {\nreturn err\n}\ninterfaceRedundant, err := compute.NewRouterInterface(ctx, \"interface_redundant\", \u0026compute.RouterInterfaceArgs{\nName: pulumi.String(\"my-router-intf-red\"),\nRegion: router.Region,\nRouter: router.Name,\nSubnetwork: subnetwork.SelfLink,\nPrivateIpAddress: addrIntfRedundant.Address,\n})\nif err != nil {\nreturn err\n}\ninterface, err := compute.NewRouterInterface(ctx, \"interface\", \u0026compute.RouterInterfaceArgs{\nName: pulumi.String(\"my-router-intf\"),\nRegion: router.Region,\nRouter: router.Name,\nSubnetwork: subnetwork.SelfLink,\nPrivateIpAddress: addrIntf.Address,\nRedundantInterface: interfaceRedundant.Name,\n})\nif err != nil {\nreturn err\n}\n_, err = compute.NewRouterPeer(ctx, \"peer\", \u0026compute.RouterPeerArgs{\nName: pulumi.String(\"my-router-peer\"),\nRouter: router.Name,\nRegion: router.Region,\nInterface: interface.Name,\nRouterApplianceInstance: instance.SelfLink,\nPeerAsn: pulumi.Int(65513),\nPeerIpAddress: addrPeer.Address,\n})\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.compute.Network;\nimport com.pulumi.gcp.compute.NetworkArgs;\nimport com.pulumi.gcp.compute.Subnetwork;\nimport com.pulumi.gcp.compute.SubnetworkArgs;\nimport com.pulumi.gcp.compute.Address;\nimport com.pulumi.gcp.compute.AddressArgs;\nimport com.pulumi.gcp.compute.Instance;\nimport com.pulumi.gcp.compute.InstanceArgs;\nimport com.pulumi.gcp.compute.inputs.InstanceBootDiskArgs;\nimport com.pulumi.gcp.compute.inputs.InstanceBootDiskInitializeParamsArgs;\nimport com.pulumi.gcp.compute.inputs.InstanceNetworkInterfaceArgs;\nimport com.pulumi.gcp.networkconnectivity.Hub;\nimport com.pulumi.gcp.networkconnectivity.HubArgs;\nimport com.pulumi.gcp.networkconnectivity.Spoke;\nimport com.pulumi.gcp.networkconnectivity.SpokeArgs;\nimport com.pulumi.gcp.networkconnectivity.inputs.SpokeLinkedRouterApplianceInstancesArgs;\nimport com.pulumi.gcp.compute.Router;\nimport com.pulumi.gcp.compute.RouterArgs;\nimport com.pulumi.gcp.compute.inputs.RouterBgpArgs;\nimport com.pulumi.gcp.compute.RouterInterface;\nimport com.pulumi.gcp.compute.RouterInterfaceArgs;\nimport com.pulumi.gcp.compute.RouterPeer;\nimport com.pulumi.gcp.compute.RouterPeerArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var network = new Network(\"network\", NetworkArgs.builder()\n .name(\"my-router-net\")\n .autoCreateSubnetworks(false)\n .build());\n\n var subnetwork = new Subnetwork(\"subnetwork\", SubnetworkArgs.builder()\n .name(\"my-router-sub\")\n .network(network.selfLink())\n .ipCidrRange(\"10.0.0.0/16\")\n .region(\"us-central1\")\n .build());\n\n var addrIntf = new Address(\"addrIntf\", AddressArgs.builder()\n .name(\"my-router-addr-intf\")\n .region(subnetwork.region())\n .subnetwork(subnetwork.id())\n .addressType(\"INTERNAL\")\n .build());\n\n var addrIntfRedundant = new Address(\"addrIntfRedundant\", AddressArgs.builder()\n .name(\"my-router-addr-intf-red\")\n .region(subnetwork.region())\n .subnetwork(subnetwork.id())\n .addressType(\"INTERNAL\")\n .build());\n\n var addrPeer = new Address(\"addrPeer\", AddressArgs.builder()\n .name(\"my-router-addr-peer\")\n .region(subnetwork.region())\n .subnetwork(subnetwork.id())\n .addressType(\"INTERNAL\")\n .build());\n\n var instance = new Instance(\"instance\", InstanceArgs.builder()\n .name(\"router-appliance\")\n .zone(\"us-central1-a\")\n .machineType(\"e2-medium\")\n .canIpForward(true)\n .bootDisk(InstanceBootDiskArgs.builder()\n .initializeParams(InstanceBootDiskInitializeParamsArgs.builder()\n .image(\"debian-cloud/debian-11\")\n .build())\n .build())\n .networkInterfaces(InstanceNetworkInterfaceArgs.builder()\n .networkIp(addrPeer.address())\n .subnetwork(subnetwork.selfLink())\n .build())\n .build());\n\n var hub = new Hub(\"hub\", HubArgs.builder()\n .name(\"my-router-hub\")\n .build());\n\n var spoke = new Spoke(\"spoke\", SpokeArgs.builder()\n .name(\"my-router-spoke\")\n .location(subnetwork.region())\n .hub(hub.id())\n .linkedRouterApplianceInstances(SpokeLinkedRouterApplianceInstancesArgs.builder()\n .instances(SpokeLinkedRouterApplianceInstancesInstanceArgs.builder()\n .virtualMachine(instance.selfLink())\n .ipAddress(addrPeer.address())\n .build())\n .siteToSiteDataTransfer(false)\n .build())\n .build());\n\n var router = new Router(\"router\", RouterArgs.builder()\n .name(\"my-router-router\")\n .region(subnetwork.region())\n .network(network.selfLink())\n .bgp(RouterBgpArgs.builder()\n .asn(64514)\n .build())\n .build());\n\n var interfaceRedundant = new RouterInterface(\"interfaceRedundant\", RouterInterfaceArgs.builder()\n .name(\"my-router-intf-red\")\n .region(router.region())\n .router(router.name())\n .subnetwork(subnetwork.selfLink())\n .privateIpAddress(addrIntfRedundant.address())\n .build());\n\n var interface_ = new RouterInterface(\"interface\", RouterInterfaceArgs.builder()\n .name(\"my-router-intf\")\n .region(router.region())\n .router(router.name())\n .subnetwork(subnetwork.selfLink())\n .privateIpAddress(addrIntf.address())\n .redundantInterface(interfaceRedundant.name())\n .build());\n\n var peer = new RouterPeer(\"peer\", RouterPeerArgs.builder()\n .name(\"my-router-peer\")\n .router(router.name())\n .region(router.region())\n .interface_(interface_.name())\n .routerApplianceInstance(instance.selfLink())\n .peerAsn(65513)\n .peerIpAddress(addrPeer.address())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n network:\n type: gcp:compute:Network\n properties:\n name: my-router-net\n autoCreateSubnetworks: false\n subnetwork:\n type: gcp:compute:Subnetwork\n properties:\n name: my-router-sub\n network: ${network.selfLink}\n ipCidrRange: 10.0.0.0/16\n region: us-central1\n addrIntf:\n type: gcp:compute:Address\n name: addr_intf\n properties:\n name: my-router-addr-intf\n region: ${subnetwork.region}\n subnetwork: ${subnetwork.id}\n addressType: INTERNAL\n addrIntfRedundant:\n type: gcp:compute:Address\n name: addr_intf_redundant\n properties:\n name: my-router-addr-intf-red\n region: ${subnetwork.region}\n subnetwork: ${subnetwork.id}\n addressType: INTERNAL\n addrPeer:\n type: gcp:compute:Address\n name: addr_peer\n properties:\n name: my-router-addr-peer\n region: ${subnetwork.region}\n subnetwork: ${subnetwork.id}\n addressType: INTERNAL\n instance:\n type: gcp:compute:Instance\n properties:\n name: router-appliance\n zone: us-central1-a\n machineType: e2-medium\n canIpForward: true\n bootDisk:\n initializeParams:\n image: debian-cloud/debian-11\n networkInterfaces:\n - networkIp: ${addrPeer.address}\n subnetwork: ${subnetwork.selfLink}\n hub:\n type: gcp:networkconnectivity:Hub\n properties:\n name: my-router-hub\n spoke:\n type: gcp:networkconnectivity:Spoke\n properties:\n name: my-router-spoke\n location: ${subnetwork.region}\n hub: ${hub.id}\n linkedRouterApplianceInstances:\n instances:\n - virtualMachine: ${instance.selfLink}\n ipAddress: ${addrPeer.address}\n siteToSiteDataTransfer: false\n router:\n type: gcp:compute:Router\n properties:\n name: my-router-router\n region: ${subnetwork.region}\n network: ${network.selfLink}\n bgp:\n asn: 64514\n interfaceRedundant:\n type: gcp:compute:RouterInterface\n name: interface_redundant\n properties:\n name: my-router-intf-red\n region: ${router.region}\n router: ${router.name}\n subnetwork: ${subnetwork.selfLink}\n privateIpAddress: ${addrIntfRedundant.address}\n interface:\n type: gcp:compute:RouterInterface\n properties:\n name: my-router-intf\n region: ${router.region}\n router: ${router.name}\n subnetwork: ${subnetwork.selfLink}\n privateIpAddress: ${addrIntf.address}\n redundantInterface: ${interfaceRedundant.name}\n peer:\n type: gcp:compute:RouterPeer\n properties:\n name: my-router-peer\n router: ${router.name}\n region: ${router.region}\n interface: ${interface.name}\n routerApplianceInstance: ${instance.selfLink}\n peerAsn: 65513\n peerIpAddress: ${addrPeer.address}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Router Peer Md5 Authentication Key\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst foobar = new gcp.compute.RouterPeer(\"foobar\", {\n name: \"%s-peer\",\n router: foobarGoogleComputeRouter.name,\n region: foobarGoogleComputeRouter.region,\n peerAsn: 65515,\n advertisedRoutePriority: 100,\n \"interface\": foobarGoogleComputeRouterInterface.name,\n peerIpAddress: \"169.254.3.2\",\n md5AuthenticationKey: {\n name: \"%s-peer-key\",\n key: \"%s-peer-key-value\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nfoobar = gcp.compute.RouterPeer(\"foobar\",\n name=\"%s-peer\",\n router=foobar_google_compute_router[\"name\"],\n region=foobar_google_compute_router[\"region\"],\n peer_asn=65515,\n advertised_route_priority=100,\n interface=foobar_google_compute_router_interface[\"name\"],\n peer_ip_address=\"169.254.3.2\",\n md5_authentication_key={\n \"name\": \"%s-peer-key\",\n \"key\": \"%s-peer-key-value\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var foobar = new Gcp.Compute.RouterPeer(\"foobar\", new()\n {\n Name = \"%s-peer\",\n Router = foobarGoogleComputeRouter.Name,\n Region = foobarGoogleComputeRouter.Region,\n PeerAsn = 65515,\n AdvertisedRoutePriority = 100,\n Interface = foobarGoogleComputeRouterInterface.Name,\n PeerIpAddress = \"169.254.3.2\",\n Md5AuthenticationKey = new Gcp.Compute.Inputs.RouterPeerMd5AuthenticationKeyArgs\n {\n Name = \"%s-peer-key\",\n Key = \"%s-peer-key-value\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := compute.NewRouterPeer(ctx, \"foobar\", \u0026compute.RouterPeerArgs{\n\t\t\tName: pulumi.String(\"%s-peer\"),\n\t\t\tRouter: pulumi.Any(foobarGoogleComputeRouter.Name),\n\t\t\tRegion: pulumi.Any(foobarGoogleComputeRouter.Region),\n\t\t\tPeerAsn: pulumi.Int(65515),\n\t\t\tAdvertisedRoutePriority: pulumi.Int(100),\n\t\t\tInterface: pulumi.Any(foobarGoogleComputeRouterInterface.Name),\n\t\t\tPeerIpAddress: pulumi.String(\"169.254.3.2\"),\n\t\t\tMd5AuthenticationKey: \u0026compute.RouterPeerMd5AuthenticationKeyArgs{\n\t\t\t\tName: pulumi.String(\"%s-peer-key\"),\n\t\t\t\tKey: pulumi.String(\"%s-peer-key-value\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.compute.RouterPeer;\nimport com.pulumi.gcp.compute.RouterPeerArgs;\nimport com.pulumi.gcp.compute.inputs.RouterPeerMd5AuthenticationKeyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var foobar = new RouterPeer(\"foobar\", RouterPeerArgs.builder()\n .name(\"%s-peer\")\n .router(foobarGoogleComputeRouter.name())\n .region(foobarGoogleComputeRouter.region())\n .peerAsn(65515)\n .advertisedRoutePriority(100)\n .interface_(foobarGoogleComputeRouterInterface.name())\n .peerIpAddress(\"169.254.3.2\")\n .md5AuthenticationKey(RouterPeerMd5AuthenticationKeyArgs.builder()\n .name(\"%s-peer-key\")\n .key(\"%s-peer-key-value\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n foobar:\n type: gcp:compute:RouterPeer\n properties:\n name: '%s-peer'\n router: ${foobarGoogleComputeRouter.name}\n region: ${foobarGoogleComputeRouter.region}\n peerAsn: 65515\n advertisedRoutePriority: 100\n interface: ${foobarGoogleComputeRouterInterface.name}\n peerIpAddress: 169.254.3.2\n md5AuthenticationKey:\n name: '%s-peer-key'\n key: '%s-peer-key-value'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Router Peer Export And Import Policies\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst network = new gcp.compute.Network(\"network\", {\n name: \"my-router-net\",\n autoCreateSubnetworks: false,\n});\nconst subnetwork = new gcp.compute.Subnetwork(\"subnetwork\", {\n name: \"my-router-subnet\",\n network: network.selfLink,\n ipCidrRange: \"10.0.0.0/16\",\n region: \"us-central1\",\n});\nconst address = new gcp.compute.Address(\"address\", {\n name: \"my-router\",\n region: subnetwork.region,\n});\nconst vpnGateway = new gcp.compute.HaVpnGateway(\"vpn_gateway\", {\n name: \"my-router-gateway\",\n network: network.selfLink,\n region: subnetwork.region,\n});\nconst externalGateway = new gcp.compute.ExternalVpnGateway(\"external_gateway\", {\n name: \"my-router-external-gateway\",\n redundancyType: \"SINGLE_IP_INTERNALLY_REDUNDANT\",\n description: \"An externally managed VPN gateway\",\n interfaces: [{\n id: 0,\n ipAddress: \"8.8.8.8\",\n }],\n});\nconst router = new gcp.compute.Router(\"router\", {\n name: \"my-router\",\n region: subnetwork.region,\n network: network.selfLink,\n bgp: {\n asn: 64514,\n },\n});\nconst vpnTunnel = new gcp.compute.VPNTunnel(\"vpn_tunnel\", {\n name: \"my-router\",\n region: subnetwork.region,\n vpnGateway: vpnGateway.id,\n peerExternalGateway: externalGateway.id,\n peerExternalGatewayInterface: 0,\n sharedSecret: \"unguessable\",\n router: router.name,\n vpnGatewayInterface: 0,\n});\nconst routerInterface = new gcp.compute.RouterInterface(\"router_interface\", {\n name: \"my-router\",\n router: router.name,\n region: router.region,\n vpnTunnel: vpnTunnel.name,\n});\nconst rp_export = new gcp.compute.RouterRoutePolicy(\"rp-export\", {\n name: \"my-router-rp-export\",\n router: router.name,\n region: router.region,\n type: \"ROUTE_POLICY_TYPE_EXPORT\",\n terms: [{\n priority: 2,\n match: {\n expression: \"destination == '10.0.0.0/12'\",\n title: \"export_expression\",\n description: \"acceptance expression for export\",\n },\n actions: [{\n expression: \"accept()\",\n }],\n }],\n}, {\n dependsOn: [routerInterface],\n});\nconst rp_import = new gcp.compute.RouterRoutePolicy(\"rp-import\", {\n name: \"my-router-rp-import\",\n router: router.name,\n region: router.region,\n type: \"ROUTE_POLICY_TYPE_IMPORT\",\n terms: [{\n priority: 1,\n match: {\n expression: \"destination == '10.0.0.0/12'\",\n title: \"import_expression\",\n description: \"acceptance expression for import\",\n },\n actions: [{\n expression: \"accept()\",\n }],\n }],\n}, {\n dependsOn: [\n routerInterface,\n rp_export,\n ],\n});\nconst routerPeer = new gcp.compute.RouterPeer(\"router_peer\", {\n name: \"my-router-peer\",\n router: router.name,\n region: router.region,\n peerAsn: 65515,\n advertisedRoutePriority: 100,\n \"interface\": routerInterface.name,\n md5AuthenticationKey: {\n name: \"my-router-peer-key\",\n key: \"my-router-peer-key-value\",\n },\n importPolicies: [rp_import.name],\n exportPolicies: [rp_export.name],\n}, {\n dependsOn: [\n rp_export,\n rp_import,\n routerInterface,\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nnetwork = gcp.compute.Network(\"network\",\n name=\"my-router-net\",\n auto_create_subnetworks=False)\nsubnetwork = gcp.compute.Subnetwork(\"subnetwork\",\n name=\"my-router-subnet\",\n network=network.self_link,\n ip_cidr_range=\"10.0.0.0/16\",\n region=\"us-central1\")\naddress = gcp.compute.Address(\"address\",\n name=\"my-router\",\n region=subnetwork.region)\nvpn_gateway = gcp.compute.HaVpnGateway(\"vpn_gateway\",\n name=\"my-router-gateway\",\n network=network.self_link,\n region=subnetwork.region)\nexternal_gateway = gcp.compute.ExternalVpnGateway(\"external_gateway\",\n name=\"my-router-external-gateway\",\n redundancy_type=\"SINGLE_IP_INTERNALLY_REDUNDANT\",\n description=\"An externally managed VPN gateway\",\n interfaces=[{\n \"id\": 0,\n \"ip_address\": \"8.8.8.8\",\n }])\nrouter = gcp.compute.Router(\"router\",\n name=\"my-router\",\n region=subnetwork.region,\n network=network.self_link,\n bgp={\n \"asn\": 64514,\n })\nvpn_tunnel = gcp.compute.VPNTunnel(\"vpn_tunnel\",\n name=\"my-router\",\n region=subnetwork.region,\n vpn_gateway=vpn_gateway.id,\n peer_external_gateway=external_gateway.id,\n peer_external_gateway_interface=0,\n shared_secret=\"unguessable\",\n router=router.name,\n vpn_gateway_interface=0)\nrouter_interface = gcp.compute.RouterInterface(\"router_interface\",\n name=\"my-router\",\n router=router.name,\n region=router.region,\n vpn_tunnel=vpn_tunnel.name)\nrp_export = gcp.compute.RouterRoutePolicy(\"rp-export\",\n name=\"my-router-rp-export\",\n router=router.name,\n region=router.region,\n type=\"ROUTE_POLICY_TYPE_EXPORT\",\n terms=[{\n \"priority\": 2,\n \"match\": {\n \"expression\": \"destination == '10.0.0.0/12'\",\n \"title\": \"export_expression\",\n \"description\": \"acceptance expression for export\",\n },\n \"actions\": [{\n \"expression\": \"accept()\",\n }],\n }],\n opts = pulumi.ResourceOptions(depends_on=[router_interface]))\nrp_import = gcp.compute.RouterRoutePolicy(\"rp-import\",\n name=\"my-router-rp-import\",\n router=router.name,\n region=router.region,\n type=\"ROUTE_POLICY_TYPE_IMPORT\",\n terms=[{\n \"priority\": 1,\n \"match\": {\n \"expression\": \"destination == '10.0.0.0/12'\",\n \"title\": \"import_expression\",\n \"description\": \"acceptance expression for import\",\n },\n \"actions\": [{\n \"expression\": \"accept()\",\n }],\n }],\n opts = pulumi.ResourceOptions(depends_on=[\n router_interface,\n rp_export,\n ]))\nrouter_peer = gcp.compute.RouterPeer(\"router_peer\",\n name=\"my-router-peer\",\n router=router.name,\n region=router.region,\n peer_asn=65515,\n advertised_route_priority=100,\n interface=router_interface.name,\n md5_authentication_key={\n \"name\": \"my-router-peer-key\",\n \"key\": \"my-router-peer-key-value\",\n },\n import_policies=[rp_import.name],\n export_policies=[rp_export.name],\n opts = pulumi.ResourceOptions(depends_on=[\n rp_export,\n rp_import,\n router_interface,\n ]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var network = new Gcp.Compute.Network(\"network\", new()\n {\n Name = \"my-router-net\",\n AutoCreateSubnetworks = false,\n });\n\n var subnetwork = new Gcp.Compute.Subnetwork(\"subnetwork\", new()\n {\n Name = \"my-router-subnet\",\n Network = network.SelfLink,\n IpCidrRange = \"10.0.0.0/16\",\n Region = \"us-central1\",\n });\n\n var address = new Gcp.Compute.Address(\"address\", new()\n {\n Name = \"my-router\",\n Region = subnetwork.Region,\n });\n\n var vpnGateway = new Gcp.Compute.HaVpnGateway(\"vpn_gateway\", new()\n {\n Name = \"my-router-gateway\",\n Network = network.SelfLink,\n Region = subnetwork.Region,\n });\n\n var externalGateway = new Gcp.Compute.ExternalVpnGateway(\"external_gateway\", new()\n {\n Name = \"my-router-external-gateway\",\n RedundancyType = \"SINGLE_IP_INTERNALLY_REDUNDANT\",\n Description = \"An externally managed VPN gateway\",\n Interfaces = new[]\n {\n new Gcp.Compute.Inputs.ExternalVpnGatewayInterfaceArgs\n {\n Id = 0,\n IpAddress = \"8.8.8.8\",\n },\n },\n });\n\n var router = new Gcp.Compute.Router(\"router\", new()\n {\n Name = \"my-router\",\n Region = subnetwork.Region,\n Network = network.SelfLink,\n Bgp = new Gcp.Compute.Inputs.RouterBgpArgs\n {\n Asn = 64514,\n },\n });\n\n var vpnTunnel = new Gcp.Compute.VPNTunnel(\"vpn_tunnel\", new()\n {\n Name = \"my-router\",\n Region = subnetwork.Region,\n VpnGateway = vpnGateway.Id,\n PeerExternalGateway = externalGateway.Id,\n PeerExternalGatewayInterface = 0,\n SharedSecret = \"unguessable\",\n Router = router.Name,\n VpnGatewayInterface = 0,\n });\n\n var routerInterface = new Gcp.Compute.RouterInterface(\"router_interface\", new()\n {\n Name = \"my-router\",\n Router = router.Name,\n Region = router.Region,\n VpnTunnel = vpnTunnel.Name,\n });\n\n var rp_export = new Gcp.Compute.RouterRoutePolicy(\"rp-export\", new()\n {\n Name = \"my-router-rp-export\",\n Router = router.Name,\n Region = router.Region,\n Type = \"ROUTE_POLICY_TYPE_EXPORT\",\n Terms = new[]\n {\n new Gcp.Compute.Inputs.RouterRoutePolicyTermArgs\n {\n Priority = 2,\n Match = new Gcp.Compute.Inputs.RouterRoutePolicyTermMatchArgs\n {\n Expression = \"destination == '10.0.0.0/12'\",\n Title = \"export_expression\",\n Description = \"acceptance expression for export\",\n },\n Actions = new[]\n {\n new Gcp.Compute.Inputs.RouterRoutePolicyTermActionArgs\n {\n Expression = \"accept()\",\n },\n },\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n routerInterface,\n },\n });\n\n var rp_import = new Gcp.Compute.RouterRoutePolicy(\"rp-import\", new()\n {\n Name = \"my-router-rp-import\",\n Router = router.Name,\n Region = router.Region,\n Type = \"ROUTE_POLICY_TYPE_IMPORT\",\n Terms = new[]\n {\n new Gcp.Compute.Inputs.RouterRoutePolicyTermArgs\n {\n Priority = 1,\n Match = new Gcp.Compute.Inputs.RouterRoutePolicyTermMatchArgs\n {\n Expression = \"destination == '10.0.0.0/12'\",\n Title = \"import_expression\",\n Description = \"acceptance expression for import\",\n },\n Actions = new[]\n {\n new Gcp.Compute.Inputs.RouterRoutePolicyTermActionArgs\n {\n Expression = \"accept()\",\n },\n },\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n routerInterface,\n rp_export,\n },\n });\n\n var routerPeer = new Gcp.Compute.RouterPeer(\"router_peer\", new()\n {\n Name = \"my-router-peer\",\n Router = router.Name,\n Region = router.Region,\n PeerAsn = 65515,\n AdvertisedRoutePriority = 100,\n Interface = routerInterface.Name,\n Md5AuthenticationKey = new Gcp.Compute.Inputs.RouterPeerMd5AuthenticationKeyArgs\n {\n Name = \"my-router-peer-key\",\n Key = \"my-router-peer-key-value\",\n },\n ImportPolicies = new[]\n {\n rp_import.Name,\n },\n ExportPolicies = new[]\n {\n rp_export.Name,\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n rp_export,\n rp_import,\n routerInterface,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tnetwork, err := compute.NewNetwork(ctx, \"network\", \u0026compute.NetworkArgs{\n\t\t\tName: pulumi.String(\"my-router-net\"),\n\t\t\tAutoCreateSubnetworks: pulumi.Bool(false),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tsubnetwork, err := compute.NewSubnetwork(ctx, \"subnetwork\", \u0026compute.SubnetworkArgs{\n\t\t\tName: pulumi.String(\"my-router-subnet\"),\n\t\t\tNetwork: network.SelfLink,\n\t\t\tIpCidrRange: pulumi.String(\"10.0.0.0/16\"),\n\t\t\tRegion: pulumi.String(\"us-central1\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = compute.NewAddress(ctx, \"address\", \u0026compute.AddressArgs{\n\t\t\tName: pulumi.String(\"my-router\"),\n\t\t\tRegion: subnetwork.Region,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tvpnGateway, err := compute.NewHaVpnGateway(ctx, \"vpn_gateway\", \u0026compute.HaVpnGatewayArgs{\n\t\t\tName: pulumi.String(\"my-router-gateway\"),\n\t\t\tNetwork: network.SelfLink,\n\t\t\tRegion: subnetwork.Region,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texternalGateway, err := compute.NewExternalVpnGateway(ctx, \"external_gateway\", \u0026compute.ExternalVpnGatewayArgs{\n\t\t\tName: pulumi.String(\"my-router-external-gateway\"),\n\t\t\tRedundancyType: pulumi.String(\"SINGLE_IP_INTERNALLY_REDUNDANT\"),\n\t\t\tDescription: pulumi.String(\"An externally managed VPN gateway\"),\n\t\t\tInterfaces: compute.ExternalVpnGatewayInterfaceArray{\n\t\t\t\t\u0026compute.ExternalVpnGatewayInterfaceArgs{\n\t\t\t\t\tId: pulumi.Int(0),\n\t\t\t\t\tIpAddress: pulumi.String(\"8.8.8.8\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\trouter, err := compute.NewRouter(ctx, \"router\", \u0026compute.RouterArgs{\n\t\t\tName: pulumi.String(\"my-router\"),\n\t\t\tRegion: subnetwork.Region,\n\t\t\tNetwork: network.SelfLink,\n\t\t\tBgp: \u0026compute.RouterBgpArgs{\n\t\t\t\tAsn: pulumi.Int(64514),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tvpnTunnel, err := compute.NewVPNTunnel(ctx, \"vpn_tunnel\", \u0026compute.VPNTunnelArgs{\n\t\t\tName: pulumi.String(\"my-router\"),\n\t\t\tRegion: subnetwork.Region,\n\t\t\tVpnGateway: vpnGateway.ID(),\n\t\t\tPeerExternalGateway: externalGateway.ID(),\n\t\t\tPeerExternalGatewayInterface: pulumi.Int(0),\n\t\t\tSharedSecret: pulumi.String(\"unguessable\"),\n\t\t\tRouter: router.Name,\n\t\t\tVpnGatewayInterface: pulumi.Int(0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\trouterInterface, err := compute.NewRouterInterface(ctx, \"router_interface\", \u0026compute.RouterInterfaceArgs{\n\t\t\tName: pulumi.String(\"my-router\"),\n\t\t\tRouter: router.Name,\n\t\t\tRegion: router.Region,\n\t\t\tVpnTunnel: vpnTunnel.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = compute.NewRouterRoutePolicy(ctx, \"rp-export\", \u0026compute.RouterRoutePolicyArgs{\n\t\t\tName: pulumi.String(\"my-router-rp-export\"),\n\t\t\tRouter: router.Name,\n\t\t\tRegion: router.Region,\n\t\t\tType: pulumi.String(\"ROUTE_POLICY_TYPE_EXPORT\"),\n\t\t\tTerms: compute.RouterRoutePolicyTermArray{\n\t\t\t\t\u0026compute.RouterRoutePolicyTermArgs{\n\t\t\t\t\tPriority: pulumi.Int(2),\n\t\t\t\t\tMatch: \u0026compute.RouterRoutePolicyTermMatchArgs{\n\t\t\t\t\t\tExpression: pulumi.String(\"destination == '10.0.0.0/12'\"),\n\t\t\t\t\t\tTitle: pulumi.String(\"export_expression\"),\n\t\t\t\t\t\tDescription: pulumi.String(\"acceptance expression for export\"),\n\t\t\t\t\t},\n\t\t\t\t\tActions: compute.RouterRoutePolicyTermActionArray{\n\t\t\t\t\t\t\u0026compute.RouterRoutePolicyTermActionArgs{\n\t\t\t\t\t\t\tExpression: pulumi.String(\"accept()\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\trouterInterface,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = compute.NewRouterRoutePolicy(ctx, \"rp-import\", \u0026compute.RouterRoutePolicyArgs{\n\t\t\tName: pulumi.String(\"my-router-rp-import\"),\n\t\t\tRouter: router.Name,\n\t\t\tRegion: router.Region,\n\t\t\tType: pulumi.String(\"ROUTE_POLICY_TYPE_IMPORT\"),\n\t\t\tTerms: compute.RouterRoutePolicyTermArray{\n\t\t\t\t\u0026compute.RouterRoutePolicyTermArgs{\n\t\t\t\t\tPriority: pulumi.Int(1),\n\t\t\t\t\tMatch: \u0026compute.RouterRoutePolicyTermMatchArgs{\n\t\t\t\t\t\tExpression: pulumi.String(\"destination == '10.0.0.0/12'\"),\n\t\t\t\t\t\tTitle: pulumi.String(\"import_expression\"),\n\t\t\t\t\t\tDescription: pulumi.String(\"acceptance expression for import\"),\n\t\t\t\t\t},\n\t\t\t\t\tActions: compute.RouterRoutePolicyTermActionArray{\n\t\t\t\t\t\t\u0026compute.RouterRoutePolicyTermActionArgs{\n\t\t\t\t\t\t\tExpression: pulumi.String(\"accept()\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\trouterInterface,\n\t\t\trp_export,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = compute.NewRouterPeer(ctx, \"router_peer\", \u0026compute.RouterPeerArgs{\n\t\t\tName: pulumi.String(\"my-router-peer\"),\n\t\t\tRouter: router.Name,\n\t\t\tRegion: router.Region,\n\t\t\tPeerAsn: pulumi.Int(65515),\n\t\t\tAdvertisedRoutePriority: pulumi.Int(100),\n\t\t\tInterface: routerInterface.Name,\n\t\t\tMd5AuthenticationKey: \u0026compute.RouterPeerMd5AuthenticationKeyArgs{\n\t\t\t\tName: pulumi.String(\"my-router-peer-key\"),\n\t\t\t\tKey: pulumi.String(\"my-router-peer-key-value\"),\n\t\t\t},\n\t\t\tImportPolicies: pulumi.StringArray{\n\t\t\t\trp_import.Name,\n\t\t\t},\n\t\t\tExportPolicies: pulumi.StringArray{\n\t\t\t\trp_export.Name,\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\trp_export,\n\t\t\trp_import,\n\t\t\trouterInterface,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.compute.Network;\nimport com.pulumi.gcp.compute.NetworkArgs;\nimport com.pulumi.gcp.compute.Subnetwork;\nimport com.pulumi.gcp.compute.SubnetworkArgs;\nimport com.pulumi.gcp.compute.Address;\nimport com.pulumi.gcp.compute.AddressArgs;\nimport com.pulumi.gcp.compute.HaVpnGateway;\nimport com.pulumi.gcp.compute.HaVpnGatewayArgs;\nimport com.pulumi.gcp.compute.ExternalVpnGateway;\nimport com.pulumi.gcp.compute.ExternalVpnGatewayArgs;\nimport com.pulumi.gcp.compute.inputs.ExternalVpnGatewayInterfaceArgs;\nimport com.pulumi.gcp.compute.Router;\nimport com.pulumi.gcp.compute.RouterArgs;\nimport com.pulumi.gcp.compute.inputs.RouterBgpArgs;\nimport com.pulumi.gcp.compute.VPNTunnel;\nimport com.pulumi.gcp.compute.VPNTunnelArgs;\nimport com.pulumi.gcp.compute.RouterInterface;\nimport com.pulumi.gcp.compute.RouterInterfaceArgs;\nimport com.pulumi.gcp.compute.RouterRoutePolicy;\nimport com.pulumi.gcp.compute.RouterRoutePolicyArgs;\nimport com.pulumi.gcp.compute.inputs.RouterRoutePolicyTermArgs;\nimport com.pulumi.gcp.compute.inputs.RouterRoutePolicyTermMatchArgs;\nimport com.pulumi.gcp.compute.RouterPeer;\nimport com.pulumi.gcp.compute.RouterPeerArgs;\nimport com.pulumi.gcp.compute.inputs.RouterPeerMd5AuthenticationKeyArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var network = new Network(\"network\", NetworkArgs.builder()\n .name(\"my-router-net\")\n .autoCreateSubnetworks(false)\n .build());\n\n var subnetwork = new Subnetwork(\"subnetwork\", SubnetworkArgs.builder()\n .name(\"my-router-subnet\")\n .network(network.selfLink())\n .ipCidrRange(\"10.0.0.0/16\")\n .region(\"us-central1\")\n .build());\n\n var address = new Address(\"address\", AddressArgs.builder()\n .name(\"my-router\")\n .region(subnetwork.region())\n .build());\n\n var vpnGateway = new HaVpnGateway(\"vpnGateway\", HaVpnGatewayArgs.builder()\n .name(\"my-router-gateway\")\n .network(network.selfLink())\n .region(subnetwork.region())\n .build());\n\n var externalGateway = new ExternalVpnGateway(\"externalGateway\", ExternalVpnGatewayArgs.builder()\n .name(\"my-router-external-gateway\")\n .redundancyType(\"SINGLE_IP_INTERNALLY_REDUNDANT\")\n .description(\"An externally managed VPN gateway\")\n .interfaces(ExternalVpnGatewayInterfaceArgs.builder()\n .id(0)\n .ipAddress(\"8.8.8.8\")\n .build())\n .build());\n\n var router = new Router(\"router\", RouterArgs.builder()\n .name(\"my-router\")\n .region(subnetwork.region())\n .network(network.selfLink())\n .bgp(RouterBgpArgs.builder()\n .asn(64514)\n .build())\n .build());\n\n var vpnTunnel = new VPNTunnel(\"vpnTunnel\", VPNTunnelArgs.builder()\n .name(\"my-router\")\n .region(subnetwork.region())\n .vpnGateway(vpnGateway.id())\n .peerExternalGateway(externalGateway.id())\n .peerExternalGatewayInterface(0)\n .sharedSecret(\"unguessable\")\n .router(router.name())\n .vpnGatewayInterface(0)\n .build());\n\n var routerInterface = new RouterInterface(\"routerInterface\", RouterInterfaceArgs.builder()\n .name(\"my-router\")\n .router(router.name())\n .region(router.region())\n .vpnTunnel(vpnTunnel.name())\n .build());\n\n var rp_export = new RouterRoutePolicy(\"rp-export\", RouterRoutePolicyArgs.builder()\n .name(\"my-router-rp-export\")\n .router(router.name())\n .region(router.region())\n .type(\"ROUTE_POLICY_TYPE_EXPORT\")\n .terms(RouterRoutePolicyTermArgs.builder()\n .priority(2)\n .match(RouterRoutePolicyTermMatchArgs.builder()\n .expression(\"destination == '10.0.0.0/12'\")\n .title(\"export_expression\")\n .description(\"acceptance expression for export\")\n .build())\n .actions(RouterRoutePolicyTermActionArgs.builder()\n .expression(\"accept()\")\n .build())\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(routerInterface)\n .build());\n\n var rp_import = new RouterRoutePolicy(\"rp-import\", RouterRoutePolicyArgs.builder()\n .name(\"my-router-rp-import\")\n .router(router.name())\n .region(router.region())\n .type(\"ROUTE_POLICY_TYPE_IMPORT\")\n .terms(RouterRoutePolicyTermArgs.builder()\n .priority(1)\n .match(RouterRoutePolicyTermMatchArgs.builder()\n .expression(\"destination == '10.0.0.0/12'\")\n .title(\"import_expression\")\n .description(\"acceptance expression for import\")\n .build())\n .actions(RouterRoutePolicyTermActionArgs.builder()\n .expression(\"accept()\")\n .build())\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn( \n routerInterface,\n rp_export)\n .build());\n\n var routerPeer = new RouterPeer(\"routerPeer\", RouterPeerArgs.builder()\n .name(\"my-router-peer\")\n .router(router.name())\n .region(router.region())\n .peerAsn(65515)\n .advertisedRoutePriority(100)\n .interface_(routerInterface.name())\n .md5AuthenticationKey(RouterPeerMd5AuthenticationKeyArgs.builder()\n .name(\"my-router-peer-key\")\n .key(\"my-router-peer-key-value\")\n .build())\n .importPolicies(rp_import.name())\n .exportPolicies(rp_export.name())\n .build(), CustomResourceOptions.builder()\n .dependsOn( \n rp_export,\n rp_import,\n routerInterface)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n network:\n type: gcp:compute:Network\n properties:\n name: my-router-net\n autoCreateSubnetworks: false\n subnetwork:\n type: gcp:compute:Subnetwork\n properties:\n name: my-router-subnet\n network: ${network.selfLink}\n ipCidrRange: 10.0.0.0/16\n region: us-central1\n address:\n type: gcp:compute:Address\n properties:\n name: my-router\n region: ${subnetwork.region}\n vpnGateway:\n type: gcp:compute:HaVpnGateway\n name: vpn_gateway\n properties:\n name: my-router-gateway\n network: ${network.selfLink}\n region: ${subnetwork.region}\n externalGateway:\n type: gcp:compute:ExternalVpnGateway\n name: external_gateway\n properties:\n name: my-router-external-gateway\n redundancyType: SINGLE_IP_INTERNALLY_REDUNDANT\n description: An externally managed VPN gateway\n interfaces:\n - id: 0\n ipAddress: 8.8.8.8\n router:\n type: gcp:compute:Router\n properties:\n name: my-router\n region: ${subnetwork.region}\n network: ${network.selfLink}\n bgp:\n asn: 64514\n vpnTunnel:\n type: gcp:compute:VPNTunnel\n name: vpn_tunnel\n properties:\n name: my-router\n region: ${subnetwork.region}\n vpnGateway: ${vpnGateway.id}\n peerExternalGateway: ${externalGateway.id}\n peerExternalGatewayInterface: 0\n sharedSecret: unguessable\n router: ${router.name}\n vpnGatewayInterface: 0\n routerInterface:\n type: gcp:compute:RouterInterface\n name: router_interface\n properties:\n name: my-router\n router: ${router.name}\n region: ${router.region}\n vpnTunnel: ${vpnTunnel.name}\n rp-export:\n type: gcp:compute:RouterRoutePolicy\n properties:\n name: my-router-rp-export\n router: ${router.name}\n region: ${router.region}\n type: ROUTE_POLICY_TYPE_EXPORT\n terms:\n - priority: 2\n match:\n expression: destination == '10.0.0.0/12'\n title: export_expression\n description: acceptance expression for export\n actions:\n - expression: accept()\n options:\n dependsOn:\n - ${routerInterface}\n rp-import:\n type: gcp:compute:RouterRoutePolicy\n properties:\n name: my-router-rp-import\n router: ${router.name}\n region: ${router.region}\n type: ROUTE_POLICY_TYPE_IMPORT\n terms:\n - priority: 1\n match:\n expression: destination == '10.0.0.0/12'\n title: import_expression\n description: acceptance expression for import\n actions:\n - expression: accept()\n options:\n dependsOn:\n - ${routerInterface}\n - ${[\"rp-export\"]}\n routerPeer:\n type: gcp:compute:RouterPeer\n name: router_peer\n properties:\n name: my-router-peer\n router: ${router.name}\n region: ${router.region}\n peerAsn: 65515\n advertisedRoutePriority: 100\n interface: ${routerInterface.name}\n md5AuthenticationKey:\n name: my-router-peer-key\n key: my-router-peer-key-value\n importPolicies:\n - ${[\"rp-import\"].name}\n exportPolicies:\n - ${[\"rp-export\"].name}\n options:\n dependsOn:\n - ${[\"rp-export\"]}\n - ${[\"rp-import\"]}\n - ${routerInterface}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nRouterBgpPeer can be imported using any of these accepted formats:\n\n* `projects/{{project}}/regions/{{region}}/routers/{{router}}/{{name}}`\n\n* `{{project}}/{{region}}/{{router}}/{{name}}`\n\n* `{{region}}/{{router}}/{{name}}`\n\n* `{{router}}/{{name}}`\n\nWhen using the `pulumi import` command, RouterBgpPeer can be imported using one of the formats above. For example:\n\n```sh\n$ pulumi import gcp:compute/routerPeer:RouterPeer default projects/{{project}}/regions/{{region}}/routers/{{router}}/{{name}}\n```\n\n```sh\n$ pulumi import gcp:compute/routerPeer:RouterPeer default {{project}}/{{region}}/{{router}}/{{name}}\n```\n\n```sh\n$ pulumi import gcp:compute/routerPeer:RouterPeer default {{region}}/{{router}}/{{name}}\n```\n\n```sh\n$ pulumi import gcp:compute/routerPeer:RouterPeer default {{router}}/{{name}}\n```\n\n", "properties": { "advertiseMode": { "type": "string", @@ -187281,6 +189263,10 @@ "type": "string", "description": "IPv6 address of the interface inside Google Cloud Platform.\nThe address must be in the range 2600:2d00:0:2::/64 or 2600:2d00:0:3::/64.\nIf you do not specify the next hop addresses, Google Cloud automatically\nassigns unused addresses from the 2600:2d00:0:2::/64 or 2600:2d00:0:3::/64 range for you.\n" }, + "isCustomLearnedPrioritySet": { + "type": "boolean", + "description": "An internal boolean field for provider use.\n" + }, "managementType": { "type": "string", "description": "The resource that configures and manages this BGP peer.\n* `MANAGED_BY_USER` is the default value and can be managed by\nyou or other users\n* `MANAGED_BY_ATTACHMENT` is a BGP peer that is configured and\nmanaged by Cloud Interconnect, specifically by an\nInterconnectAttachment of type PARTNER. Google automatically\ncreates, updates, and deletes this type of BGP peer when the\nPARTNER InterconnectAttachment is created, updated,\nor deleted.\n" @@ -187324,6 +189310,10 @@ "routerApplianceInstance": { "type": "string", "description": "The URI of the VM instance that is used as third-party router appliances\nsuch as Next Gen Firewalls, Virtual Routers, or Router Appliances.\nThe VM instance must be located in zones contained in the same region as\nthis Cloud Router. The VM instance is the peer side of the BGP session.\n" + }, + "zeroCustomLearnedRoutePriority": { + "type": "boolean", + "description": "The user-defined zero-custom-learned-route-priority for a custom-learned-route-priority in BGP session.\nThis value has to be set true to force the custom_learned_route_priority to be 0.\n" } }, "required": [ @@ -187333,6 +189323,7 @@ "ipAddress", "ipv4NexthopAddress", "ipv6NexthopAddress", + "isCustomLearnedPrioritySet", "managementType", "name", "peerAsn", @@ -187467,6 +189458,10 @@ "routerApplianceInstance": { "type": "string", "description": "The URI of the VM instance that is used as third-party router appliances\nsuch as Next Gen Firewalls, Virtual Routers, or Router Appliances.\nThe VM instance must be located in zones contained in the same region as\nthis Cloud Router. The VM instance is the peer side of the BGP session.\n" + }, + "zeroCustomLearnedRoutePriority": { + "type": "boolean", + "description": "The user-defined zero-custom-learned-route-priority for a custom-learned-route-priority in BGP session.\nThis value has to be set true to force the custom_learned_route_priority to be 0.\n" } }, "requiredInputs": [ @@ -187557,6 +189552,10 @@ "type": "string", "description": "IPv6 address of the interface inside Google Cloud Platform.\nThe address must be in the range 2600:2d00:0:2::/64 or 2600:2d00:0:3::/64.\nIf you do not specify the next hop addresses, Google Cloud automatically\nassigns unused addresses from the 2600:2d00:0:2::/64 or 2600:2d00:0:3::/64 range for you.\n" }, + "isCustomLearnedPrioritySet": { + "type": "boolean", + "description": "An internal boolean field for provider use.\n" + }, "managementType": { "type": "string", "description": "The resource that configures and manages this BGP peer.\n* `MANAGED_BY_USER` is the default value and can be managed by\nyou or other users\n* `MANAGED_BY_ATTACHMENT` is a BGP peer that is configured and\nmanaged by Cloud Interconnect, specifically by an\nInterconnectAttachment of type PARTNER. Google automatically\ncreates, updates, and deletes this type of BGP peer when the\nPARTNER InterconnectAttachment is created, updated,\nor deleted.\n" @@ -187604,6 +189603,10 @@ "routerApplianceInstance": { "type": "string", "description": "The URI of the VM instance that is used as third-party router appliances\nsuch as Next Gen Firewalls, Virtual Routers, or Router Appliances.\nThe VM instance must be located in zones contained in the same region as\nthis Cloud Router. The VM instance is the peer side of the BGP session.\n" + }, + "zeroCustomLearnedRoutePriority": { + "type": "boolean", + "description": "The user-defined zero-custom-learned-route-priority for a custom-learned-route-priority in BGP session.\nThis value has to be set true to force the custom_learned_route_priority to be 0.\n" } }, "type": "object" @@ -218693,6 +220696,13 @@ "description": "The combination of labels configured directly on the resource\nand default labels configured on the provider.\n", "secret": true }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "A map of resource manager tags. Resource manager tag keys and values have the same definition as resource manager tags.\nKeys must be in the format tagKeys/{tag_key_id}, and values are in the format tagValues/456. The field is ignored when\nempty. The field is immutable and causes resource replacement when mutated. This field is only set at create time and\nmodifying this field after creation will trigger recreation. To apply tags to an existing resource, see the\n'google_tags_tag_value' resource.\n" + }, "tier": { "type": "string", "description": "The service tier of the instance.\nPossible values include: STANDARD, PREMIUM, BASIC_HDD, BASIC_SSD, HIGH_SCALE_SSD, ZONAL, REGIONAL and ENTERPRISE\n" @@ -218775,6 +220785,14 @@ "description": "Either NFSv3, for using NFS version 3 as file sharing protocol, or NFSv4.1, for using NFS version 4.1 as file sharing\nprotocol. NFSv4.1 can be used with HIGH_SCALE_SSD, ZONAL, REGIONAL and ENTERPRISE. The default is NFSv3. Default value:\n\"NFS_V3\" Possible values: [\"NFS_V3\", \"NFS_V4_1\"]\n", "willReplaceOnChanges": true }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "A map of resource manager tags. Resource manager tag keys and values have the same definition as resource manager tags.\nKeys must be in the format tagKeys/{tag_key_id}, and values are in the format tagValues/456. The field is ignored when\nempty. The field is immutable and causes resource replacement when mutated. This field is only set at create time and\nmodifying this field after creation will trigger recreation. To apply tags to an existing resource, see the\n'google_tags_tag_value' resource.\n", + "willReplaceOnChanges": true + }, "tier": { "type": "string", "description": "The service tier of the instance.\nPossible values include: STANDARD, PREMIUM, BASIC_HDD, BASIC_SSD, HIGH_SCALE_SSD, ZONAL, REGIONAL and ENTERPRISE\n", @@ -218877,6 +220895,14 @@ "description": "The combination of labels configured directly on the resource\nand default labels configured on the provider.\n", "secret": true }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "A map of resource manager tags. Resource manager tag keys and values have the same definition as resource manager tags.\nKeys must be in the format tagKeys/{tag_key_id}, and values are in the format tagValues/456. The field is ignored when\nempty. The field is immutable and causes resource replacement when mutated. This field is only set at create time and\nmodifying this field after creation will trigger recreation. To apply tags to an existing resource, see the\n'google_tags_tag_value' resource.\n", + "willReplaceOnChanges": true + }, "tier": { "type": "string", "description": "The service tier of the instance.\nPossible values include: STANDARD, PREMIUM, BASIC_HDD, BASIC_SSD, HIGH_SCALE_SSD, ZONAL, REGIONAL and ENTERPRISE\n", @@ -222463,7 +224489,7 @@ } }, "gcp:gemini/codeRepositoryIndex:CodeRepositoryIndex": { - "description": "## Example Usage\n\n### Gemini Code Repository Index Basic\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst example = new gcp.gemini.CodeRepositoryIndex(\"example\", {\n location: \"us-central1\",\n codeRepositoryIndexId: \"\",\n kmsKey: \"projects/projectExample/locations/locationExample/keyRings/keyRingExample/cryptoKeys/cryptoKeyExample\",\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nexample = gcp.gemini.CodeRepositoryIndex(\"example\",\n location=\"us-central1\",\n code_repository_index_id=\"\",\n kms_key=\"projects/projectExample/locations/locationExample/keyRings/keyRingExample/cryptoKeys/cryptoKeyExample\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Gcp.Gemini.CodeRepositoryIndex(\"example\", new()\n {\n Location = \"us-central1\",\n CodeRepositoryIndexId = \"\",\n KmsKey = \"projects/projectExample/locations/locationExample/keyRings/keyRingExample/cryptoKeys/cryptoKeyExample\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/gemini\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := gemini.NewCodeRepositoryIndex(ctx, \"example\", \u0026gemini.CodeRepositoryIndexArgs{\n\t\t\tLocation: pulumi.String(\"us-central1\"),\n\t\t\tCodeRepositoryIndexId: pulumi.String(\"\"),\n\t\t\tKmsKey: pulumi.String(\"projects/projectExample/locations/locationExample/keyRings/keyRingExample/cryptoKeys/cryptoKeyExample\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.gemini.CodeRepositoryIndex;\nimport com.pulumi.gcp.gemini.CodeRepositoryIndexArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new CodeRepositoryIndex(\"example\", CodeRepositoryIndexArgs.builder()\n .location(\"us-central1\")\n .codeRepositoryIndexId(\"\")\n .kmsKey(\"projects/projectExample/locations/locationExample/keyRings/keyRingExample/cryptoKeys/cryptoKeyExample\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: gcp:gemini:CodeRepositoryIndex\n properties:\n location: us-central1\n codeRepositoryIndexId: \"\"\n kmsKey: projects/projectExample/locations/locationExample/keyRings/keyRingExample/cryptoKeys/cryptoKeyExample\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nCodeRepositoryIndex can be imported using any of these accepted formats:\n\n* `projects/{{project}}/locations/{{location}}/codeRepositoryIndexes/{{code_repository_index_id}}`\n\n* `{{project}}/{{location}}/{{code_repository_index_id}}`\n\n* `{{location}}/{{code_repository_index_id}}`\n\nWhen using the `pulumi import` command, CodeRepositoryIndex can be imported using one of the formats above. For example:\n\n```sh\n$ pulumi import gcp:gemini/codeRepositoryIndex:CodeRepositoryIndex default projects/{{project}}/locations/{{location}}/codeRepositoryIndexes/{{code_repository_index_id}}\n```\n\n```sh\n$ pulumi import gcp:gemini/codeRepositoryIndex:CodeRepositoryIndex default {{project}}/{{location}}/{{code_repository_index_id}}\n```\n\n```sh\n$ pulumi import gcp:gemini/codeRepositoryIndex:CodeRepositoryIndex default {{location}}/{{code_repository_index_id}}\n```\n\n", + "description": "The resource for managing Code Repository Index for Gemini Code Assist.\n\n\nTo get more information about CodeRepositoryIndex, see:\n\n* [API documentation](https://cloud.google.com/gemini/docs/api/reference/rest/v1/projects.locations.codeRepositoryIndexes)\n* How-to Guides\n * [Gemini Code Assist overview](https://cloud.google.com/gemini/docs/codeassist/overview)\n\n## Example Usage\n\n### Gemini Code Repository Index Basic\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst example = new gcp.gemini.CodeRepositoryIndex(\"example\", {\n location: \"us-central1\",\n codeRepositoryIndexId: \"code-repository-index-example\",\n kmsKey: \"projects/projectExample/locations/locationExample/keyRings/keyRingExample/cryptoKeys/cryptoKeyExample\",\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nexample = gcp.gemini.CodeRepositoryIndex(\"example\",\n location=\"us-central1\",\n code_repository_index_id=\"code-repository-index-example\",\n kms_key=\"projects/projectExample/locations/locationExample/keyRings/keyRingExample/cryptoKeys/cryptoKeyExample\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Gcp.Gemini.CodeRepositoryIndex(\"example\", new()\n {\n Location = \"us-central1\",\n CodeRepositoryIndexId = \"code-repository-index-example\",\n KmsKey = \"projects/projectExample/locations/locationExample/keyRings/keyRingExample/cryptoKeys/cryptoKeyExample\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/gemini\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := gemini.NewCodeRepositoryIndex(ctx, \"example\", \u0026gemini.CodeRepositoryIndexArgs{\n\t\t\tLocation: pulumi.String(\"us-central1\"),\n\t\t\tCodeRepositoryIndexId: pulumi.String(\"code-repository-index-example\"),\n\t\t\tKmsKey: pulumi.String(\"projects/projectExample/locations/locationExample/keyRings/keyRingExample/cryptoKeys/cryptoKeyExample\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.gemini.CodeRepositoryIndex;\nimport com.pulumi.gcp.gemini.CodeRepositoryIndexArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new CodeRepositoryIndex(\"example\", CodeRepositoryIndexArgs.builder()\n .location(\"us-central1\")\n .codeRepositoryIndexId(\"code-repository-index-example\")\n .kmsKey(\"projects/projectExample/locations/locationExample/keyRings/keyRingExample/cryptoKeys/cryptoKeyExample\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: gcp:gemini:CodeRepositoryIndex\n properties:\n location: us-central1\n codeRepositoryIndexId: code-repository-index-example\n kmsKey: projects/projectExample/locations/locationExample/keyRings/keyRingExample/cryptoKeys/cryptoKeyExample\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nCodeRepositoryIndex can be imported using any of these accepted formats:\n\n* `projects/{{project}}/locations/{{location}}/codeRepositoryIndexes/{{code_repository_index_id}}`\n\n* `{{project}}/{{location}}/{{code_repository_index_id}}`\n\n* `{{location}}/{{code_repository_index_id}}`\n\nWhen using the `pulumi import` command, CodeRepositoryIndex can be imported using one of the formats above. For example:\n\n```sh\n$ pulumi import gcp:gemini/codeRepositoryIndex:CodeRepositoryIndex default projects/{{project}}/locations/{{location}}/codeRepositoryIndexes/{{code_repository_index_id}}\n```\n\n```sh\n$ pulumi import gcp:gemini/codeRepositoryIndex:CodeRepositoryIndex default {{project}}/{{location}}/{{code_repository_index_id}}\n```\n\n```sh\n$ pulumi import gcp:gemini/codeRepositoryIndex:CodeRepositoryIndex default {{location}}/{{code_repository_index_id}}\n```\n\n", "properties": { "codeRepositoryIndexId": { "type": "string", @@ -222487,7 +224513,7 @@ }, "kmsKey": { "type": "string", - "description": "Optional. Immutable. Customer-managed encryption key name, in the format\nprojects/*/locations/*/keyRings/*/cryptoKeys/*.\n" + "description": "Optional. Immutable. Customer-managed encryption key name, in the format\n`projects/*/locations/*/keyRings/*/cryptoKeys/*`.\n" }, "labels": { "type": "object", @@ -222518,7 +224544,7 @@ }, "state": { "type": "string", - "description": "Output only. Code Repository Index instance State.\nPossible values:\nSTATE_UNSPECIFIED\nCREATING\nACTIVE\nDELETING\nSUSPENDED\n" + "description": "Output only. Code Repository Index instance State.\nPossible values are: `STATE_UNSPECIFIED`, `CREATING`, `ACTIVE`, `DELETING`, `SUSPENDED`.\n" }, "updateTime": { "type": "string", @@ -222548,7 +224574,7 @@ }, "kmsKey": { "type": "string", - "description": "Optional. Immutable. Customer-managed encryption key name, in the format\nprojects/*/locations/*/keyRings/*/cryptoKeys/*.\n", + "description": "Optional. Immutable. Customer-managed encryption key name, in the format\n`projects/*/locations/*/keyRings/*/cryptoKeys/*`.\n", "willReplaceOnChanges": true }, "labels": { @@ -222599,7 +224625,7 @@ }, "kmsKey": { "type": "string", - "description": "Optional. Immutable. Customer-managed encryption key name, in the format\nprojects/*/locations/*/keyRings/*/cryptoKeys/*.\n", + "description": "Optional. Immutable. Customer-managed encryption key name, in the format\n`projects/*/locations/*/keyRings/*/cryptoKeys/*`.\n", "willReplaceOnChanges": true }, "labels": { @@ -222633,7 +224659,7 @@ }, "state": { "type": "string", - "description": "Output only. Code Repository Index instance State.\nPossible values:\nSTATE_UNSPECIFIED\nCREATING\nACTIVE\nDELETING\nSUSPENDED\n" + "description": "Output only. Code Repository Index instance State.\nPossible values are: `STATE_UNSPECIFIED`, `CREATING`, `ACTIVE`, `DELETING`, `SUSPENDED`.\n" }, "updateTime": { "type": "string", @@ -222644,7 +224670,7 @@ } }, "gcp:gemini/repositoryGroup:RepositoryGroup": { - "description": "## Example Usage\n\n## Import\n\nRepositoryGroup can be imported using any of these accepted formats:\n\n* `projects/{{project}}/locations/{{location}}/codeRepositoryIndexes/{{code_repository_index}}/repositoryGroups/{{repository_group_id}}`\n\n* `{{project}}/{{location}}/{{code_repository_index}}/{{repository_group_id}}`\n\n* `{{location}}/{{code_repository_index}}/{{repository_group_id}}`\n\nWhen using the `pulumi import` command, RepositoryGroup can be imported using one of the formats above. For example:\n\n```sh\n$ pulumi import gcp:gemini/repositoryGroup:RepositoryGroup default projects/{{project}}/locations/{{location}}/codeRepositoryIndexes/{{code_repository_index}}/repositoryGroups/{{repository_group_id}}\n```\n\n```sh\n$ pulumi import gcp:gemini/repositoryGroup:RepositoryGroup default {{project}}/{{location}}/{{code_repository_index}}/{{repository_group_id}}\n```\n\n```sh\n$ pulumi import gcp:gemini/repositoryGroup:RepositoryGroup default {{location}}/{{code_repository_index}}/{{repository_group_id}}\n```\n\n", + "description": "The resource for managing Repository Group for Gemini Code Assist.\n\n\nTo get more information about RepositoryGroup, see:\n\n* [API documentation](https://cloud.google.com/gemini/docs/api/reference/rest/v1/projects.locations.codeRepositoryIndexes.repositoryGroups)\n\n## Example Usage\n\n### Gemini Repository Group Basic\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst example = new gcp.gemini.RepositoryGroup(\"example\", {\n location: \"us-central1\",\n codeRepositoryIndex: \"example-cri\",\n repositoryGroupId: \"example-repository-group\",\n repositories: [{\n resource: \"projects/example-project/locations/us-central1/connections/example-connection/gitRepositoryLinks/example-repo\",\n branchPattern: \"main\",\n }],\n labels: {\n label1: \"value1\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nexample = gcp.gemini.RepositoryGroup(\"example\",\n location=\"us-central1\",\n code_repository_index=\"example-cri\",\n repository_group_id=\"example-repository-group\",\n repositories=[{\n \"resource\": \"projects/example-project/locations/us-central1/connections/example-connection/gitRepositoryLinks/example-repo\",\n \"branch_pattern\": \"main\",\n }],\n labels={\n \"label1\": \"value1\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Gcp.Gemini.RepositoryGroup(\"example\", new()\n {\n Location = \"us-central1\",\n CodeRepositoryIndex = \"example-cri\",\n RepositoryGroupId = \"example-repository-group\",\n Repositories = new[]\n {\n new Gcp.Gemini.Inputs.RepositoryGroupRepositoryArgs\n {\n Resource = \"projects/example-project/locations/us-central1/connections/example-connection/gitRepositoryLinks/example-repo\",\n BranchPattern = \"main\",\n },\n },\n Labels = \n {\n { \"label1\", \"value1\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/gemini\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := gemini.NewRepositoryGroup(ctx, \"example\", \u0026gemini.RepositoryGroupArgs{\n\t\t\tLocation: pulumi.String(\"us-central1\"),\n\t\t\tCodeRepositoryIndex: pulumi.String(\"example-cri\"),\n\t\t\tRepositoryGroupId: pulumi.String(\"example-repository-group\"),\n\t\t\tRepositories: gemini.RepositoryGroupRepositoryArray{\n\t\t\t\t\u0026gemini.RepositoryGroupRepositoryArgs{\n\t\t\t\t\tResource: pulumi.String(\"projects/example-project/locations/us-central1/connections/example-connection/gitRepositoryLinks/example-repo\"),\n\t\t\t\t\tBranchPattern: pulumi.String(\"main\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tLabels: pulumi.StringMap{\n\t\t\t\t\"label1\": pulumi.String(\"value1\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.gemini.RepositoryGroup;\nimport com.pulumi.gcp.gemini.RepositoryGroupArgs;\nimport com.pulumi.gcp.gemini.inputs.RepositoryGroupRepositoryArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new RepositoryGroup(\"example\", RepositoryGroupArgs.builder()\n .location(\"us-central1\")\n .codeRepositoryIndex(\"example-cri\")\n .repositoryGroupId(\"example-repository-group\")\n .repositories(RepositoryGroupRepositoryArgs.builder()\n .resource(\"projects/example-project/locations/us-central1/connections/example-connection/gitRepositoryLinks/example-repo\")\n .branchPattern(\"main\")\n .build())\n .labels(Map.of(\"label1\", \"value1\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: gcp:gemini:RepositoryGroup\n properties:\n location: us-central1\n codeRepositoryIndex: example-cri\n repositoryGroupId: example-repository-group\n repositories:\n - resource: projects/example-project/locations/us-central1/connections/example-connection/gitRepositoryLinks/example-repo\n branchPattern: main\n labels:\n label1: value1\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nRepositoryGroup can be imported using any of these accepted formats:\n\n* `projects/{{project}}/locations/{{location}}/codeRepositoryIndexes/{{code_repository_index}}/repositoryGroups/{{repository_group_id}}`\n\n* `{{project}}/{{location}}/{{code_repository_index}}/{{repository_group_id}}`\n\n* `{{location}}/{{code_repository_index}}/{{repository_group_id}}`\n\nWhen using the `pulumi import` command, RepositoryGroup can be imported using one of the formats above. For example:\n\n```sh\n$ pulumi import gcp:gemini/repositoryGroup:RepositoryGroup default projects/{{project}}/locations/{{location}}/codeRepositoryIndexes/{{code_repository_index}}/repositoryGroups/{{repository_group_id}}\n```\n\n```sh\n$ pulumi import gcp:gemini/repositoryGroup:RepositoryGroup default {{project}}/{{location}}/{{code_repository_index}}/{{repository_group_id}}\n```\n\n```sh\n$ pulumi import gcp:gemini/repositoryGroup:RepositoryGroup default {{location}}/{{code_repository_index}}/{{repository_group_id}}\n```\n\n", "properties": { "codeRepositoryIndex": { "type": "string", @@ -222652,7 +224678,7 @@ }, "createTime": { "type": "string", - "description": "Output only. Create time stamp\n" + "description": "Output only. Create time stamp.\n" }, "effectiveLabels": { "type": "object", @@ -222667,7 +224693,7 @@ "additionalProperties": { "type": "string" }, - "description": "Optional. Labels as key value pairs **Note**: This field is non-authoritative, and will only manage the labels present\nin your configuration. Please refer to the field 'effective_labels' for all of the labels present on the resource.\n" + "description": "Optional. Labels as key value pairs. **Note**: This field is non-authoritative, and will only manage the labels present\nin your configuration. Please refer to the field 'effective_labels' for all of the labels present on the resource.\n" }, "location": { "type": "string", @@ -222675,7 +224701,7 @@ }, "name": { "type": "string", - "description": "Immutable. Identifier. name of resource\n" + "description": "Immutable. Identifier. Name of Repository Group.\n" }, "project": { "type": "string" @@ -222693,7 +224719,7 @@ "items": { "$ref": "#/types/gcp:gemini/RepositoryGroupRepository:RepositoryGroupRepository" }, - "description": "Required. List of repositories to group\nStructure is documented below.\n" + "description": "Required. List of repositories to group.\nStructure is documented below.\n" }, "repositoryGroupId": { "type": "string", @@ -222701,7 +224727,7 @@ }, "updateTime": { "type": "string", - "description": "Output only. Update time stamp\n" + "description": "Output only. Update time stamp.\n" } }, "required": [ @@ -222727,7 +224753,7 @@ "additionalProperties": { "type": "string" }, - "description": "Optional. Labels as key value pairs **Note**: This field is non-authoritative, and will only manage the labels present\nin your configuration. Please refer to the field 'effective_labels' for all of the labels present on the resource.\n" + "description": "Optional. Labels as key value pairs. **Note**: This field is non-authoritative, and will only manage the labels present\nin your configuration. Please refer to the field 'effective_labels' for all of the labels present on the resource.\n" }, "location": { "type": "string", @@ -222743,7 +224769,7 @@ "items": { "$ref": "#/types/gcp:gemini/RepositoryGroupRepository:RepositoryGroupRepository" }, - "description": "Required. List of repositories to group\nStructure is documented below.\n" + "description": "Required. List of repositories to group.\nStructure is documented below.\n" }, "repositoryGroupId": { "type": "string", @@ -222767,7 +224793,7 @@ }, "createTime": { "type": "string", - "description": "Output only. Create time stamp\n" + "description": "Output only. Create time stamp.\n" }, "effectiveLabels": { "type": "object", @@ -222782,7 +224808,7 @@ "additionalProperties": { "type": "string" }, - "description": "Optional. Labels as key value pairs **Note**: This field is non-authoritative, and will only manage the labels present\nin your configuration. Please refer to the field 'effective_labels' for all of the labels present on the resource.\n" + "description": "Optional. Labels as key value pairs. **Note**: This field is non-authoritative, and will only manage the labels present\nin your configuration. Please refer to the field 'effective_labels' for all of the labels present on the resource.\n" }, "location": { "type": "string", @@ -222791,7 +224817,7 @@ }, "name": { "type": "string", - "description": "Immutable. Identifier. name of resource\n" + "description": "Immutable. Identifier. Name of Repository Group.\n" }, "project": { "type": "string", @@ -222810,7 +224836,7 @@ "items": { "$ref": "#/types/gcp:gemini/RepositoryGroupRepository:RepositoryGroupRepository" }, - "description": "Required. List of repositories to group\nStructure is documented below.\n" + "description": "Required. List of repositories to group.\nStructure is documented below.\n" }, "repositoryGroupId": { "type": "string", @@ -222819,14 +224845,14 @@ }, "updateTime": { "type": "string", - "description": "Output only. Update time stamp\n" + "description": "Output only. Update time stamp.\n" } }, "type": "object" } }, "gcp:gemini/repositoryGroupIamBinding:RepositoryGroupIamBinding": { - "description": "\n\n## Import\n\nFor all import syntaxes, the \"resource in question\" can take any of the following forms:\n\n* projects/{{project}}/locations/{{location}}/codeRepositoryIndexes/{{code_repository_index}}/repositoryGroups/{{repository_group_id}}\n\n* {{project}}/{{location}}/{{code_repository_index}}/{{repository_group_id}}\n\n* {{location}}/{{code_repository_index}}/{{repository_group_id}}\n\n* {{repository_group_id}}\n\nAny variables not passed in the import command will be taken from the provider configuration.\n\nGemini for Google Cloud repositorygroup IAM resources can be imported using the resource identifiers, role, and member.\n\nIAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g.\n\n```sh\n$ pulumi import gcp:gemini/repositoryGroupIamBinding:RepositoryGroupIamBinding editor \"projects/{{project}}/locations/{{location}}/codeRepositoryIndexes/{{code_repository_index}}/repositoryGroups/{{repository_group_id}} roles/cloudaicompanion.repositoryGroupsUser user:jane@example.com\"\n```\n\nIAM binding imports use space-delimited identifiers: the resource in question and the role, e.g.\n\n```sh\n$ pulumi import gcp:gemini/repositoryGroupIamBinding:RepositoryGroupIamBinding editor \"projects/{{project}}/locations/{{location}}/codeRepositoryIndexes/{{code_repository_index}}/repositoryGroups/{{repository_group_id}} roles/cloudaicompanion.repositoryGroupsUser\"\n```\n\nIAM policy imports use the identifier of the resource in question, e.g.\n\n```sh\n$ pulumi import gcp:gemini/repositoryGroupIamBinding:RepositoryGroupIamBinding editor projects/{{project}}/locations/{{location}}/codeRepositoryIndexes/{{code_repository_index}}/repositoryGroups/{{repository_group_id}}\n```\n\n-\u003e **Custom Roles** If you're importing a IAM resource with a custom role, make sure to use the\n\n full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`.\n\n", + "description": "Three different resources help you manage your IAM policy for Gemini for Google Cloud RepositoryGroup. Each of these resources serves a different use case:\n\n* `gcp.gemini.RepositoryGroupIamPolicy`: Authoritative. Sets the IAM policy for the repositorygroup and replaces any existing policy already attached.\n* `gcp.gemini.RepositoryGroupIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the repositorygroup are preserved.\n* `gcp.gemini.RepositoryGroupIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the repositorygroup are preserved.\n\nA data source can be used to retrieve policy data in advent you do not need creation\n\n* `gcp.gemini.RepositoryGroupIamPolicy`: Retrieves the IAM policy for the repositorygroup\n\n\u003e **Note:** `gcp.gemini.RepositoryGroupIamPolicy` **cannot** be used in conjunction with `gcp.gemini.RepositoryGroupIamBinding` and `gcp.gemini.RepositoryGroupIamMember` or they will fight over what your policy should be.\n\n\u003e **Note:** `gcp.gemini.RepositoryGroupIamBinding` resources **can be** used in conjunction with `gcp.gemini.RepositoryGroupIamMember` resources **only if** they do not grant privilege to the same role.\n\n\n\n## gcp.gemini.RepositoryGroupIamPolicy\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst admin = gcp.organizations.getIAMPolicy({\n bindings: [{\n role: \"roles/cloudaicompanion.repositoryGroupsUser\",\n members: [\"user:jane@example.com\"],\n }],\n});\nconst policy = new gcp.gemini.RepositoryGroupIamPolicy(\"policy\", {\n project: example.project,\n location: example.location,\n codeRepositoryIndex: example.codeRepositoryIndex,\n repositoryGroupId: example.repositoryGroupId,\n policyData: admin.then(admin =\u003e admin.policyData),\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nadmin = gcp.organizations.get_iam_policy(bindings=[{\n \"role\": \"roles/cloudaicompanion.repositoryGroupsUser\",\n \"members\": [\"user:jane@example.com\"],\n}])\npolicy = gcp.gemini.RepositoryGroupIamPolicy(\"policy\",\n project=example[\"project\"],\n location=example[\"location\"],\n code_repository_index=example[\"codeRepositoryIndex\"],\n repository_group_id=example[\"repositoryGroupId\"],\n policy_data=admin.policy_data)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var admin = Gcp.Organizations.GetIAMPolicy.Invoke(new()\n {\n Bindings = new[]\n {\n new Gcp.Organizations.Inputs.GetIAMPolicyBindingInputArgs\n {\n Role = \"roles/cloudaicompanion.repositoryGroupsUser\",\n Members = new[]\n {\n \"user:jane@example.com\",\n },\n },\n },\n });\n\n var policy = new Gcp.Gemini.RepositoryGroupIamPolicy(\"policy\", new()\n {\n Project = example.Project,\n Location = example.Location,\n CodeRepositoryIndex = example.CodeRepositoryIndex,\n RepositoryGroupId = example.RepositoryGroupId,\n PolicyData = admin.Apply(getIAMPolicyResult =\u003e getIAMPolicyResult.PolicyData),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/gemini\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tadmin, err := organizations.LookupIAMPolicy(ctx, \u0026organizations.LookupIAMPolicyArgs{\n\t\t\tBindings: []organizations.GetIAMPolicyBinding{\n\t\t\t\t{\n\t\t\t\t\tRole: \"roles/cloudaicompanion.repositoryGroupsUser\",\n\t\t\t\t\tMembers: []string{\n\t\t\t\t\t\t\"user:jane@example.com\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = gemini.NewRepositoryGroupIamPolicy(ctx, \"policy\", \u0026gemini.RepositoryGroupIamPolicyArgs{\n\t\t\tProject: pulumi.Any(example.Project),\n\t\t\tLocation: pulumi.Any(example.Location),\n\t\t\tCodeRepositoryIndex: pulumi.Any(example.CodeRepositoryIndex),\n\t\t\tRepositoryGroupId: pulumi.Any(example.RepositoryGroupId),\n\t\t\tPolicyData: pulumi.String(admin.PolicyData),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.organizations.OrganizationsFunctions;\nimport com.pulumi.gcp.organizations.inputs.GetIAMPolicyArgs;\nimport com.pulumi.gcp.gemini.RepositoryGroupIamPolicy;\nimport com.pulumi.gcp.gemini.RepositoryGroupIamPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var admin = OrganizationsFunctions.getIAMPolicy(GetIAMPolicyArgs.builder()\n .bindings(GetIAMPolicyBindingArgs.builder()\n .role(\"roles/cloudaicompanion.repositoryGroupsUser\")\n .members(\"user:jane@example.com\")\n .build())\n .build());\n\n var policy = new RepositoryGroupIamPolicy(\"policy\", RepositoryGroupIamPolicyArgs.builder()\n .project(example.project())\n .location(example.location())\n .codeRepositoryIndex(example.codeRepositoryIndex())\n .repositoryGroupId(example.repositoryGroupId())\n .policyData(admin.applyValue(getIAMPolicyResult -\u003e getIAMPolicyResult.policyData()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n policy:\n type: gcp:gemini:RepositoryGroupIamPolicy\n properties:\n project: ${example.project}\n location: ${example.location}\n codeRepositoryIndex: ${example.codeRepositoryIndex}\n repositoryGroupId: ${example.repositoryGroupId}\n policyData: ${admin.policyData}\nvariables:\n admin:\n fn::invoke:\n function: gcp:organizations:getIAMPolicy\n arguments:\n bindings:\n - role: roles/cloudaicompanion.repositoryGroupsUser\n members:\n - user:jane@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## gcp.gemini.RepositoryGroupIamBinding\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst binding = new gcp.gemini.RepositoryGroupIamBinding(\"binding\", {\n project: example.project,\n location: example.location,\n codeRepositoryIndex: example.codeRepositoryIndex,\n repositoryGroupId: example.repositoryGroupId,\n role: \"roles/cloudaicompanion.repositoryGroupsUser\",\n members: [\"user:jane@example.com\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nbinding = gcp.gemini.RepositoryGroupIamBinding(\"binding\",\n project=example[\"project\"],\n location=example[\"location\"],\n code_repository_index=example[\"codeRepositoryIndex\"],\n repository_group_id=example[\"repositoryGroupId\"],\n role=\"roles/cloudaicompanion.repositoryGroupsUser\",\n members=[\"user:jane@example.com\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var binding = new Gcp.Gemini.RepositoryGroupIamBinding(\"binding\", new()\n {\n Project = example.Project,\n Location = example.Location,\n CodeRepositoryIndex = example.CodeRepositoryIndex,\n RepositoryGroupId = example.RepositoryGroupId,\n Role = \"roles/cloudaicompanion.repositoryGroupsUser\",\n Members = new[]\n {\n \"user:jane@example.com\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/gemini\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := gemini.NewRepositoryGroupIamBinding(ctx, \"binding\", \u0026gemini.RepositoryGroupIamBindingArgs{\n\t\t\tProject: pulumi.Any(example.Project),\n\t\t\tLocation: pulumi.Any(example.Location),\n\t\t\tCodeRepositoryIndex: pulumi.Any(example.CodeRepositoryIndex),\n\t\t\tRepositoryGroupId: pulumi.Any(example.RepositoryGroupId),\n\t\t\tRole: pulumi.String(\"roles/cloudaicompanion.repositoryGroupsUser\"),\n\t\t\tMembers: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"user:jane@example.com\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.gemini.RepositoryGroupIamBinding;\nimport com.pulumi.gcp.gemini.RepositoryGroupIamBindingArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var binding = new RepositoryGroupIamBinding(\"binding\", RepositoryGroupIamBindingArgs.builder()\n .project(example.project())\n .location(example.location())\n .codeRepositoryIndex(example.codeRepositoryIndex())\n .repositoryGroupId(example.repositoryGroupId())\n .role(\"roles/cloudaicompanion.repositoryGroupsUser\")\n .members(\"user:jane@example.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n binding:\n type: gcp:gemini:RepositoryGroupIamBinding\n properties:\n project: ${example.project}\n location: ${example.location}\n codeRepositoryIndex: ${example.codeRepositoryIndex}\n repositoryGroupId: ${example.repositoryGroupId}\n role: roles/cloudaicompanion.repositoryGroupsUser\n members:\n - user:jane@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## gcp.gemini.RepositoryGroupIamMember\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst member = new gcp.gemini.RepositoryGroupIamMember(\"member\", {\n project: example.project,\n location: example.location,\n codeRepositoryIndex: example.codeRepositoryIndex,\n repositoryGroupId: example.repositoryGroupId,\n role: \"roles/cloudaicompanion.repositoryGroupsUser\",\n member: \"user:jane@example.com\",\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nmember = gcp.gemini.RepositoryGroupIamMember(\"member\",\n project=example[\"project\"],\n location=example[\"location\"],\n code_repository_index=example[\"codeRepositoryIndex\"],\n repository_group_id=example[\"repositoryGroupId\"],\n role=\"roles/cloudaicompanion.repositoryGroupsUser\",\n member=\"user:jane@example.com\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var member = new Gcp.Gemini.RepositoryGroupIamMember(\"member\", new()\n {\n Project = example.Project,\n Location = example.Location,\n CodeRepositoryIndex = example.CodeRepositoryIndex,\n RepositoryGroupId = example.RepositoryGroupId,\n Role = \"roles/cloudaicompanion.repositoryGroupsUser\",\n Member = \"user:jane@example.com\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/gemini\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := gemini.NewRepositoryGroupIamMember(ctx, \"member\", \u0026gemini.RepositoryGroupIamMemberArgs{\n\t\t\tProject: pulumi.Any(example.Project),\n\t\t\tLocation: pulumi.Any(example.Location),\n\t\t\tCodeRepositoryIndex: pulumi.Any(example.CodeRepositoryIndex),\n\t\t\tRepositoryGroupId: pulumi.Any(example.RepositoryGroupId),\n\t\t\tRole: pulumi.String(\"roles/cloudaicompanion.repositoryGroupsUser\"),\n\t\t\tMember: pulumi.String(\"user:jane@example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.gemini.RepositoryGroupIamMember;\nimport com.pulumi.gcp.gemini.RepositoryGroupIamMemberArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var member = new RepositoryGroupIamMember(\"member\", RepositoryGroupIamMemberArgs.builder()\n .project(example.project())\n .location(example.location())\n .codeRepositoryIndex(example.codeRepositoryIndex())\n .repositoryGroupId(example.repositoryGroupId())\n .role(\"roles/cloudaicompanion.repositoryGroupsUser\")\n .member(\"user:jane@example.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n member:\n type: gcp:gemini:RepositoryGroupIamMember\n properties:\n project: ${example.project}\n location: ${example.location}\n codeRepositoryIndex: ${example.codeRepositoryIndex}\n repositoryGroupId: ${example.repositoryGroupId}\n role: roles/cloudaicompanion.repositoryGroupsUser\n member: user:jane@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n\n## This resource supports User Project Overrides.\n\n-\n\n# IAM policy for Gemini for Google Cloud RepositoryGroup\nThree different resources help you manage your IAM policy for Gemini for Google Cloud RepositoryGroup. Each of these resources serves a different use case:\n\n* `gcp.gemini.RepositoryGroupIamPolicy`: Authoritative. Sets the IAM policy for the repositorygroup and replaces any existing policy already attached.\n* `gcp.gemini.RepositoryGroupIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the repositorygroup are preserved.\n* `gcp.gemini.RepositoryGroupIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the repositorygroup are preserved.\n\nA data source can be used to retrieve policy data in advent you do not need creation\n\n* `gcp.gemini.RepositoryGroupIamPolicy`: Retrieves the IAM policy for the repositorygroup\n\n\u003e **Note:** `gcp.gemini.RepositoryGroupIamPolicy` **cannot** be used in conjunction with `gcp.gemini.RepositoryGroupIamBinding` and `gcp.gemini.RepositoryGroupIamMember` or they will fight over what your policy should be.\n\n\u003e **Note:** `gcp.gemini.RepositoryGroupIamBinding` resources **can be** used in conjunction with `gcp.gemini.RepositoryGroupIamMember` resources **only if** they do not grant privilege to the same role.\n\n\n\n## gcp.gemini.RepositoryGroupIamPolicy\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst admin = gcp.organizations.getIAMPolicy({\n bindings: [{\n role: \"roles/cloudaicompanion.repositoryGroupsUser\",\n members: [\"user:jane@example.com\"],\n }],\n});\nconst policy = new gcp.gemini.RepositoryGroupIamPolicy(\"policy\", {\n project: example.project,\n location: example.location,\n codeRepositoryIndex: example.codeRepositoryIndex,\n repositoryGroupId: example.repositoryGroupId,\n policyData: admin.then(admin =\u003e admin.policyData),\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nadmin = gcp.organizations.get_iam_policy(bindings=[{\n \"role\": \"roles/cloudaicompanion.repositoryGroupsUser\",\n \"members\": [\"user:jane@example.com\"],\n}])\npolicy = gcp.gemini.RepositoryGroupIamPolicy(\"policy\",\n project=example[\"project\"],\n location=example[\"location\"],\n code_repository_index=example[\"codeRepositoryIndex\"],\n repository_group_id=example[\"repositoryGroupId\"],\n policy_data=admin.policy_data)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var admin = Gcp.Organizations.GetIAMPolicy.Invoke(new()\n {\n Bindings = new[]\n {\n new Gcp.Organizations.Inputs.GetIAMPolicyBindingInputArgs\n {\n Role = \"roles/cloudaicompanion.repositoryGroupsUser\",\n Members = new[]\n {\n \"user:jane@example.com\",\n },\n },\n },\n });\n\n var policy = new Gcp.Gemini.RepositoryGroupIamPolicy(\"policy\", new()\n {\n Project = example.Project,\n Location = example.Location,\n CodeRepositoryIndex = example.CodeRepositoryIndex,\n RepositoryGroupId = example.RepositoryGroupId,\n PolicyData = admin.Apply(getIAMPolicyResult =\u003e getIAMPolicyResult.PolicyData),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/gemini\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tadmin, err := organizations.LookupIAMPolicy(ctx, \u0026organizations.LookupIAMPolicyArgs{\n\t\t\tBindings: []organizations.GetIAMPolicyBinding{\n\t\t\t\t{\n\t\t\t\t\tRole: \"roles/cloudaicompanion.repositoryGroupsUser\",\n\t\t\t\t\tMembers: []string{\n\t\t\t\t\t\t\"user:jane@example.com\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = gemini.NewRepositoryGroupIamPolicy(ctx, \"policy\", \u0026gemini.RepositoryGroupIamPolicyArgs{\n\t\t\tProject: pulumi.Any(example.Project),\n\t\t\tLocation: pulumi.Any(example.Location),\n\t\t\tCodeRepositoryIndex: pulumi.Any(example.CodeRepositoryIndex),\n\t\t\tRepositoryGroupId: pulumi.Any(example.RepositoryGroupId),\n\t\t\tPolicyData: pulumi.String(admin.PolicyData),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.organizations.OrganizationsFunctions;\nimport com.pulumi.gcp.organizations.inputs.GetIAMPolicyArgs;\nimport com.pulumi.gcp.gemini.RepositoryGroupIamPolicy;\nimport com.pulumi.gcp.gemini.RepositoryGroupIamPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var admin = OrganizationsFunctions.getIAMPolicy(GetIAMPolicyArgs.builder()\n .bindings(GetIAMPolicyBindingArgs.builder()\n .role(\"roles/cloudaicompanion.repositoryGroupsUser\")\n .members(\"user:jane@example.com\")\n .build())\n .build());\n\n var policy = new RepositoryGroupIamPolicy(\"policy\", RepositoryGroupIamPolicyArgs.builder()\n .project(example.project())\n .location(example.location())\n .codeRepositoryIndex(example.codeRepositoryIndex())\n .repositoryGroupId(example.repositoryGroupId())\n .policyData(admin.applyValue(getIAMPolicyResult -\u003e getIAMPolicyResult.policyData()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n policy:\n type: gcp:gemini:RepositoryGroupIamPolicy\n properties:\n project: ${example.project}\n location: ${example.location}\n codeRepositoryIndex: ${example.codeRepositoryIndex}\n repositoryGroupId: ${example.repositoryGroupId}\n policyData: ${admin.policyData}\nvariables:\n admin:\n fn::invoke:\n function: gcp:organizations:getIAMPolicy\n arguments:\n bindings:\n - role: roles/cloudaicompanion.repositoryGroupsUser\n members:\n - user:jane@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## gcp.gemini.RepositoryGroupIamBinding\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst binding = new gcp.gemini.RepositoryGroupIamBinding(\"binding\", {\n project: example.project,\n location: example.location,\n codeRepositoryIndex: example.codeRepositoryIndex,\n repositoryGroupId: example.repositoryGroupId,\n role: \"roles/cloudaicompanion.repositoryGroupsUser\",\n members: [\"user:jane@example.com\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nbinding = gcp.gemini.RepositoryGroupIamBinding(\"binding\",\n project=example[\"project\"],\n location=example[\"location\"],\n code_repository_index=example[\"codeRepositoryIndex\"],\n repository_group_id=example[\"repositoryGroupId\"],\n role=\"roles/cloudaicompanion.repositoryGroupsUser\",\n members=[\"user:jane@example.com\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var binding = new Gcp.Gemini.RepositoryGroupIamBinding(\"binding\", new()\n {\n Project = example.Project,\n Location = example.Location,\n CodeRepositoryIndex = example.CodeRepositoryIndex,\n RepositoryGroupId = example.RepositoryGroupId,\n Role = \"roles/cloudaicompanion.repositoryGroupsUser\",\n Members = new[]\n {\n \"user:jane@example.com\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/gemini\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := gemini.NewRepositoryGroupIamBinding(ctx, \"binding\", \u0026gemini.RepositoryGroupIamBindingArgs{\n\t\t\tProject: pulumi.Any(example.Project),\n\t\t\tLocation: pulumi.Any(example.Location),\n\t\t\tCodeRepositoryIndex: pulumi.Any(example.CodeRepositoryIndex),\n\t\t\tRepositoryGroupId: pulumi.Any(example.RepositoryGroupId),\n\t\t\tRole: pulumi.String(\"roles/cloudaicompanion.repositoryGroupsUser\"),\n\t\t\tMembers: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"user:jane@example.com\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.gemini.RepositoryGroupIamBinding;\nimport com.pulumi.gcp.gemini.RepositoryGroupIamBindingArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var binding = new RepositoryGroupIamBinding(\"binding\", RepositoryGroupIamBindingArgs.builder()\n .project(example.project())\n .location(example.location())\n .codeRepositoryIndex(example.codeRepositoryIndex())\n .repositoryGroupId(example.repositoryGroupId())\n .role(\"roles/cloudaicompanion.repositoryGroupsUser\")\n .members(\"user:jane@example.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n binding:\n type: gcp:gemini:RepositoryGroupIamBinding\n properties:\n project: ${example.project}\n location: ${example.location}\n codeRepositoryIndex: ${example.codeRepositoryIndex}\n repositoryGroupId: ${example.repositoryGroupId}\n role: roles/cloudaicompanion.repositoryGroupsUser\n members:\n - user:jane@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## gcp.gemini.RepositoryGroupIamMember\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst member = new gcp.gemini.RepositoryGroupIamMember(\"member\", {\n project: example.project,\n location: example.location,\n codeRepositoryIndex: example.codeRepositoryIndex,\n repositoryGroupId: example.repositoryGroupId,\n role: \"roles/cloudaicompanion.repositoryGroupsUser\",\n member: \"user:jane@example.com\",\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nmember = gcp.gemini.RepositoryGroupIamMember(\"member\",\n project=example[\"project\"],\n location=example[\"location\"],\n code_repository_index=example[\"codeRepositoryIndex\"],\n repository_group_id=example[\"repositoryGroupId\"],\n role=\"roles/cloudaicompanion.repositoryGroupsUser\",\n member=\"user:jane@example.com\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var member = new Gcp.Gemini.RepositoryGroupIamMember(\"member\", new()\n {\n Project = example.Project,\n Location = example.Location,\n CodeRepositoryIndex = example.CodeRepositoryIndex,\n RepositoryGroupId = example.RepositoryGroupId,\n Role = \"roles/cloudaicompanion.repositoryGroupsUser\",\n Member = \"user:jane@example.com\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/gemini\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := gemini.NewRepositoryGroupIamMember(ctx, \"member\", \u0026gemini.RepositoryGroupIamMemberArgs{\n\t\t\tProject: pulumi.Any(example.Project),\n\t\t\tLocation: pulumi.Any(example.Location),\n\t\t\tCodeRepositoryIndex: pulumi.Any(example.CodeRepositoryIndex),\n\t\t\tRepositoryGroupId: pulumi.Any(example.RepositoryGroupId),\n\t\t\tRole: pulumi.String(\"roles/cloudaicompanion.repositoryGroupsUser\"),\n\t\t\tMember: pulumi.String(\"user:jane@example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.gemini.RepositoryGroupIamMember;\nimport com.pulumi.gcp.gemini.RepositoryGroupIamMemberArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var member = new RepositoryGroupIamMember(\"member\", RepositoryGroupIamMemberArgs.builder()\n .project(example.project())\n .location(example.location())\n .codeRepositoryIndex(example.codeRepositoryIndex())\n .repositoryGroupId(example.repositoryGroupId())\n .role(\"roles/cloudaicompanion.repositoryGroupsUser\")\n .member(\"user:jane@example.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n member:\n type: gcp:gemini:RepositoryGroupIamMember\n properties:\n project: ${example.project}\n location: ${example.location}\n codeRepositoryIndex: ${example.codeRepositoryIndex}\n repositoryGroupId: ${example.repositoryGroupId}\n role: roles/cloudaicompanion.repositoryGroupsUser\n member: user:jane@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nFor all import syntaxes, the \"resource in question\" can take any of the following forms:\n\n* projects/{{project}}/locations/{{location}}/codeRepositoryIndexes/{{code_repository_index}}/repositoryGroups/{{repository_group_id}}\n\n* {{project}}/{{location}}/{{code_repository_index}}/{{repository_group_id}}\n\n* {{location}}/{{code_repository_index}}/{{repository_group_id}}\n\n* {{repository_group_id}}\n\nAny variables not passed in the import command will be taken from the provider configuration.\n\nGemini for Google Cloud repositorygroup IAM resources can be imported using the resource identifiers, role, and member.\n\nIAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g.\n\n```sh\n$ pulumi import gcp:gemini/repositoryGroupIamBinding:RepositoryGroupIamBinding editor \"projects/{{project}}/locations/{{location}}/codeRepositoryIndexes/{{code_repository_index}}/repositoryGroups/{{repository_group_id}} roles/cloudaicompanion.repositoryGroupsUser user:jane@example.com\"\n```\n\nIAM binding imports use space-delimited identifiers: the resource in question and the role, e.g.\n\n```sh\n$ pulumi import gcp:gemini/repositoryGroupIamBinding:RepositoryGroupIamBinding editor \"projects/{{project}}/locations/{{location}}/codeRepositoryIndexes/{{code_repository_index}}/repositoryGroups/{{repository_group_id}} roles/cloudaicompanion.repositoryGroupsUser\"\n```\n\nIAM policy imports use the identifier of the resource in question, e.g.\n\n```sh\n$ pulumi import gcp:gemini/repositoryGroupIamBinding:RepositoryGroupIamBinding editor projects/{{project}}/locations/{{location}}/codeRepositoryIndexes/{{code_repository_index}}/repositoryGroups/{{repository_group_id}}\n```\n\n-\u003e **Custom Roles** If you're importing a IAM resource with a custom role, make sure to use the\n\n full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`.\n\n", "properties": { "codeRepositoryIndex": { "type": "string" @@ -222958,7 +224984,7 @@ } }, "gcp:gemini/repositoryGroupIamMember:RepositoryGroupIamMember": { - "description": "\n\n## Import\n\nFor all import syntaxes, the \"resource in question\" can take any of the following forms:\n\n* projects/{{project}}/locations/{{location}}/codeRepositoryIndexes/{{code_repository_index}}/repositoryGroups/{{repository_group_id}}\n\n* {{project}}/{{location}}/{{code_repository_index}}/{{repository_group_id}}\n\n* {{location}}/{{code_repository_index}}/{{repository_group_id}}\n\n* {{repository_group_id}}\n\nAny variables not passed in the import command will be taken from the provider configuration.\n\nGemini for Google Cloud repositorygroup IAM resources can be imported using the resource identifiers, role, and member.\n\nIAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g.\n\n```sh\n$ pulumi import gcp:gemini/repositoryGroupIamMember:RepositoryGroupIamMember editor \"projects/{{project}}/locations/{{location}}/codeRepositoryIndexes/{{code_repository_index}}/repositoryGroups/{{repository_group_id}} roles/cloudaicompanion.repositoryGroupsUser user:jane@example.com\"\n```\n\nIAM binding imports use space-delimited identifiers: the resource in question and the role, e.g.\n\n```sh\n$ pulumi import gcp:gemini/repositoryGroupIamMember:RepositoryGroupIamMember editor \"projects/{{project}}/locations/{{location}}/codeRepositoryIndexes/{{code_repository_index}}/repositoryGroups/{{repository_group_id}} roles/cloudaicompanion.repositoryGroupsUser\"\n```\n\nIAM policy imports use the identifier of the resource in question, e.g.\n\n```sh\n$ pulumi import gcp:gemini/repositoryGroupIamMember:RepositoryGroupIamMember editor projects/{{project}}/locations/{{location}}/codeRepositoryIndexes/{{code_repository_index}}/repositoryGroups/{{repository_group_id}}\n```\n\n-\u003e **Custom Roles** If you're importing a IAM resource with a custom role, make sure to use the\n\n full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`.\n\n", + "description": "Three different resources help you manage your IAM policy for Gemini for Google Cloud RepositoryGroup. Each of these resources serves a different use case:\n\n* `gcp.gemini.RepositoryGroupIamPolicy`: Authoritative. Sets the IAM policy for the repositorygroup and replaces any existing policy already attached.\n* `gcp.gemini.RepositoryGroupIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the repositorygroup are preserved.\n* `gcp.gemini.RepositoryGroupIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the repositorygroup are preserved.\n\nA data source can be used to retrieve policy data in advent you do not need creation\n\n* `gcp.gemini.RepositoryGroupIamPolicy`: Retrieves the IAM policy for the repositorygroup\n\n\u003e **Note:** `gcp.gemini.RepositoryGroupIamPolicy` **cannot** be used in conjunction with `gcp.gemini.RepositoryGroupIamBinding` and `gcp.gemini.RepositoryGroupIamMember` or they will fight over what your policy should be.\n\n\u003e **Note:** `gcp.gemini.RepositoryGroupIamBinding` resources **can be** used in conjunction with `gcp.gemini.RepositoryGroupIamMember` resources **only if** they do not grant privilege to the same role.\n\n\n\n## gcp.gemini.RepositoryGroupIamPolicy\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst admin = gcp.organizations.getIAMPolicy({\n bindings: [{\n role: \"roles/cloudaicompanion.repositoryGroupsUser\",\n members: [\"user:jane@example.com\"],\n }],\n});\nconst policy = new gcp.gemini.RepositoryGroupIamPolicy(\"policy\", {\n project: example.project,\n location: example.location,\n codeRepositoryIndex: example.codeRepositoryIndex,\n repositoryGroupId: example.repositoryGroupId,\n policyData: admin.then(admin =\u003e admin.policyData),\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nadmin = gcp.organizations.get_iam_policy(bindings=[{\n \"role\": \"roles/cloudaicompanion.repositoryGroupsUser\",\n \"members\": [\"user:jane@example.com\"],\n}])\npolicy = gcp.gemini.RepositoryGroupIamPolicy(\"policy\",\n project=example[\"project\"],\n location=example[\"location\"],\n code_repository_index=example[\"codeRepositoryIndex\"],\n repository_group_id=example[\"repositoryGroupId\"],\n policy_data=admin.policy_data)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var admin = Gcp.Organizations.GetIAMPolicy.Invoke(new()\n {\n Bindings = new[]\n {\n new Gcp.Organizations.Inputs.GetIAMPolicyBindingInputArgs\n {\n Role = \"roles/cloudaicompanion.repositoryGroupsUser\",\n Members = new[]\n {\n \"user:jane@example.com\",\n },\n },\n },\n });\n\n var policy = new Gcp.Gemini.RepositoryGroupIamPolicy(\"policy\", new()\n {\n Project = example.Project,\n Location = example.Location,\n CodeRepositoryIndex = example.CodeRepositoryIndex,\n RepositoryGroupId = example.RepositoryGroupId,\n PolicyData = admin.Apply(getIAMPolicyResult =\u003e getIAMPolicyResult.PolicyData),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/gemini\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tadmin, err := organizations.LookupIAMPolicy(ctx, \u0026organizations.LookupIAMPolicyArgs{\n\t\t\tBindings: []organizations.GetIAMPolicyBinding{\n\t\t\t\t{\n\t\t\t\t\tRole: \"roles/cloudaicompanion.repositoryGroupsUser\",\n\t\t\t\t\tMembers: []string{\n\t\t\t\t\t\t\"user:jane@example.com\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = gemini.NewRepositoryGroupIamPolicy(ctx, \"policy\", \u0026gemini.RepositoryGroupIamPolicyArgs{\n\t\t\tProject: pulumi.Any(example.Project),\n\t\t\tLocation: pulumi.Any(example.Location),\n\t\t\tCodeRepositoryIndex: pulumi.Any(example.CodeRepositoryIndex),\n\t\t\tRepositoryGroupId: pulumi.Any(example.RepositoryGroupId),\n\t\t\tPolicyData: pulumi.String(admin.PolicyData),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.organizations.OrganizationsFunctions;\nimport com.pulumi.gcp.organizations.inputs.GetIAMPolicyArgs;\nimport com.pulumi.gcp.gemini.RepositoryGroupIamPolicy;\nimport com.pulumi.gcp.gemini.RepositoryGroupIamPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var admin = OrganizationsFunctions.getIAMPolicy(GetIAMPolicyArgs.builder()\n .bindings(GetIAMPolicyBindingArgs.builder()\n .role(\"roles/cloudaicompanion.repositoryGroupsUser\")\n .members(\"user:jane@example.com\")\n .build())\n .build());\n\n var policy = new RepositoryGroupIamPolicy(\"policy\", RepositoryGroupIamPolicyArgs.builder()\n .project(example.project())\n .location(example.location())\n .codeRepositoryIndex(example.codeRepositoryIndex())\n .repositoryGroupId(example.repositoryGroupId())\n .policyData(admin.applyValue(getIAMPolicyResult -\u003e getIAMPolicyResult.policyData()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n policy:\n type: gcp:gemini:RepositoryGroupIamPolicy\n properties:\n project: ${example.project}\n location: ${example.location}\n codeRepositoryIndex: ${example.codeRepositoryIndex}\n repositoryGroupId: ${example.repositoryGroupId}\n policyData: ${admin.policyData}\nvariables:\n admin:\n fn::invoke:\n function: gcp:organizations:getIAMPolicy\n arguments:\n bindings:\n - role: roles/cloudaicompanion.repositoryGroupsUser\n members:\n - user:jane@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## gcp.gemini.RepositoryGroupIamBinding\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst binding = new gcp.gemini.RepositoryGroupIamBinding(\"binding\", {\n project: example.project,\n location: example.location,\n codeRepositoryIndex: example.codeRepositoryIndex,\n repositoryGroupId: example.repositoryGroupId,\n role: \"roles/cloudaicompanion.repositoryGroupsUser\",\n members: [\"user:jane@example.com\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nbinding = gcp.gemini.RepositoryGroupIamBinding(\"binding\",\n project=example[\"project\"],\n location=example[\"location\"],\n code_repository_index=example[\"codeRepositoryIndex\"],\n repository_group_id=example[\"repositoryGroupId\"],\n role=\"roles/cloudaicompanion.repositoryGroupsUser\",\n members=[\"user:jane@example.com\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var binding = new Gcp.Gemini.RepositoryGroupIamBinding(\"binding\", new()\n {\n Project = example.Project,\n Location = example.Location,\n CodeRepositoryIndex = example.CodeRepositoryIndex,\n RepositoryGroupId = example.RepositoryGroupId,\n Role = \"roles/cloudaicompanion.repositoryGroupsUser\",\n Members = new[]\n {\n \"user:jane@example.com\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/gemini\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := gemini.NewRepositoryGroupIamBinding(ctx, \"binding\", \u0026gemini.RepositoryGroupIamBindingArgs{\n\t\t\tProject: pulumi.Any(example.Project),\n\t\t\tLocation: pulumi.Any(example.Location),\n\t\t\tCodeRepositoryIndex: pulumi.Any(example.CodeRepositoryIndex),\n\t\t\tRepositoryGroupId: pulumi.Any(example.RepositoryGroupId),\n\t\t\tRole: pulumi.String(\"roles/cloudaicompanion.repositoryGroupsUser\"),\n\t\t\tMembers: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"user:jane@example.com\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.gemini.RepositoryGroupIamBinding;\nimport com.pulumi.gcp.gemini.RepositoryGroupIamBindingArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var binding = new RepositoryGroupIamBinding(\"binding\", RepositoryGroupIamBindingArgs.builder()\n .project(example.project())\n .location(example.location())\n .codeRepositoryIndex(example.codeRepositoryIndex())\n .repositoryGroupId(example.repositoryGroupId())\n .role(\"roles/cloudaicompanion.repositoryGroupsUser\")\n .members(\"user:jane@example.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n binding:\n type: gcp:gemini:RepositoryGroupIamBinding\n properties:\n project: ${example.project}\n location: ${example.location}\n codeRepositoryIndex: ${example.codeRepositoryIndex}\n repositoryGroupId: ${example.repositoryGroupId}\n role: roles/cloudaicompanion.repositoryGroupsUser\n members:\n - user:jane@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## gcp.gemini.RepositoryGroupIamMember\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst member = new gcp.gemini.RepositoryGroupIamMember(\"member\", {\n project: example.project,\n location: example.location,\n codeRepositoryIndex: example.codeRepositoryIndex,\n repositoryGroupId: example.repositoryGroupId,\n role: \"roles/cloudaicompanion.repositoryGroupsUser\",\n member: \"user:jane@example.com\",\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nmember = gcp.gemini.RepositoryGroupIamMember(\"member\",\n project=example[\"project\"],\n location=example[\"location\"],\n code_repository_index=example[\"codeRepositoryIndex\"],\n repository_group_id=example[\"repositoryGroupId\"],\n role=\"roles/cloudaicompanion.repositoryGroupsUser\",\n member=\"user:jane@example.com\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var member = new Gcp.Gemini.RepositoryGroupIamMember(\"member\", new()\n {\n Project = example.Project,\n Location = example.Location,\n CodeRepositoryIndex = example.CodeRepositoryIndex,\n RepositoryGroupId = example.RepositoryGroupId,\n Role = \"roles/cloudaicompanion.repositoryGroupsUser\",\n Member = \"user:jane@example.com\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/gemini\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := gemini.NewRepositoryGroupIamMember(ctx, \"member\", \u0026gemini.RepositoryGroupIamMemberArgs{\n\t\t\tProject: pulumi.Any(example.Project),\n\t\t\tLocation: pulumi.Any(example.Location),\n\t\t\tCodeRepositoryIndex: pulumi.Any(example.CodeRepositoryIndex),\n\t\t\tRepositoryGroupId: pulumi.Any(example.RepositoryGroupId),\n\t\t\tRole: pulumi.String(\"roles/cloudaicompanion.repositoryGroupsUser\"),\n\t\t\tMember: pulumi.String(\"user:jane@example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.gemini.RepositoryGroupIamMember;\nimport com.pulumi.gcp.gemini.RepositoryGroupIamMemberArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var member = new RepositoryGroupIamMember(\"member\", RepositoryGroupIamMemberArgs.builder()\n .project(example.project())\n .location(example.location())\n .codeRepositoryIndex(example.codeRepositoryIndex())\n .repositoryGroupId(example.repositoryGroupId())\n .role(\"roles/cloudaicompanion.repositoryGroupsUser\")\n .member(\"user:jane@example.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n member:\n type: gcp:gemini:RepositoryGroupIamMember\n properties:\n project: ${example.project}\n location: ${example.location}\n codeRepositoryIndex: ${example.codeRepositoryIndex}\n repositoryGroupId: ${example.repositoryGroupId}\n role: roles/cloudaicompanion.repositoryGroupsUser\n member: user:jane@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n\n## This resource supports User Project Overrides.\n\n-\n\n# IAM policy for Gemini for Google Cloud RepositoryGroup\nThree different resources help you manage your IAM policy for Gemini for Google Cloud RepositoryGroup. Each of these resources serves a different use case:\n\n* `gcp.gemini.RepositoryGroupIamPolicy`: Authoritative. Sets the IAM policy for the repositorygroup and replaces any existing policy already attached.\n* `gcp.gemini.RepositoryGroupIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the repositorygroup are preserved.\n* `gcp.gemini.RepositoryGroupIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the repositorygroup are preserved.\n\nA data source can be used to retrieve policy data in advent you do not need creation\n\n* `gcp.gemini.RepositoryGroupIamPolicy`: Retrieves the IAM policy for the repositorygroup\n\n\u003e **Note:** `gcp.gemini.RepositoryGroupIamPolicy` **cannot** be used in conjunction with `gcp.gemini.RepositoryGroupIamBinding` and `gcp.gemini.RepositoryGroupIamMember` or they will fight over what your policy should be.\n\n\u003e **Note:** `gcp.gemini.RepositoryGroupIamBinding` resources **can be** used in conjunction with `gcp.gemini.RepositoryGroupIamMember` resources **only if** they do not grant privilege to the same role.\n\n\n\n## gcp.gemini.RepositoryGroupIamPolicy\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst admin = gcp.organizations.getIAMPolicy({\n bindings: [{\n role: \"roles/cloudaicompanion.repositoryGroupsUser\",\n members: [\"user:jane@example.com\"],\n }],\n});\nconst policy = new gcp.gemini.RepositoryGroupIamPolicy(\"policy\", {\n project: example.project,\n location: example.location,\n codeRepositoryIndex: example.codeRepositoryIndex,\n repositoryGroupId: example.repositoryGroupId,\n policyData: admin.then(admin =\u003e admin.policyData),\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nadmin = gcp.organizations.get_iam_policy(bindings=[{\n \"role\": \"roles/cloudaicompanion.repositoryGroupsUser\",\n \"members\": [\"user:jane@example.com\"],\n}])\npolicy = gcp.gemini.RepositoryGroupIamPolicy(\"policy\",\n project=example[\"project\"],\n location=example[\"location\"],\n code_repository_index=example[\"codeRepositoryIndex\"],\n repository_group_id=example[\"repositoryGroupId\"],\n policy_data=admin.policy_data)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var admin = Gcp.Organizations.GetIAMPolicy.Invoke(new()\n {\n Bindings = new[]\n {\n new Gcp.Organizations.Inputs.GetIAMPolicyBindingInputArgs\n {\n Role = \"roles/cloudaicompanion.repositoryGroupsUser\",\n Members = new[]\n {\n \"user:jane@example.com\",\n },\n },\n },\n });\n\n var policy = new Gcp.Gemini.RepositoryGroupIamPolicy(\"policy\", new()\n {\n Project = example.Project,\n Location = example.Location,\n CodeRepositoryIndex = example.CodeRepositoryIndex,\n RepositoryGroupId = example.RepositoryGroupId,\n PolicyData = admin.Apply(getIAMPolicyResult =\u003e getIAMPolicyResult.PolicyData),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/gemini\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tadmin, err := organizations.LookupIAMPolicy(ctx, \u0026organizations.LookupIAMPolicyArgs{\n\t\t\tBindings: []organizations.GetIAMPolicyBinding{\n\t\t\t\t{\n\t\t\t\t\tRole: \"roles/cloudaicompanion.repositoryGroupsUser\",\n\t\t\t\t\tMembers: []string{\n\t\t\t\t\t\t\"user:jane@example.com\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = gemini.NewRepositoryGroupIamPolicy(ctx, \"policy\", \u0026gemini.RepositoryGroupIamPolicyArgs{\n\t\t\tProject: pulumi.Any(example.Project),\n\t\t\tLocation: pulumi.Any(example.Location),\n\t\t\tCodeRepositoryIndex: pulumi.Any(example.CodeRepositoryIndex),\n\t\t\tRepositoryGroupId: pulumi.Any(example.RepositoryGroupId),\n\t\t\tPolicyData: pulumi.String(admin.PolicyData),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.organizations.OrganizationsFunctions;\nimport com.pulumi.gcp.organizations.inputs.GetIAMPolicyArgs;\nimport com.pulumi.gcp.gemini.RepositoryGroupIamPolicy;\nimport com.pulumi.gcp.gemini.RepositoryGroupIamPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var admin = OrganizationsFunctions.getIAMPolicy(GetIAMPolicyArgs.builder()\n .bindings(GetIAMPolicyBindingArgs.builder()\n .role(\"roles/cloudaicompanion.repositoryGroupsUser\")\n .members(\"user:jane@example.com\")\n .build())\n .build());\n\n var policy = new RepositoryGroupIamPolicy(\"policy\", RepositoryGroupIamPolicyArgs.builder()\n .project(example.project())\n .location(example.location())\n .codeRepositoryIndex(example.codeRepositoryIndex())\n .repositoryGroupId(example.repositoryGroupId())\n .policyData(admin.applyValue(getIAMPolicyResult -\u003e getIAMPolicyResult.policyData()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n policy:\n type: gcp:gemini:RepositoryGroupIamPolicy\n properties:\n project: ${example.project}\n location: ${example.location}\n codeRepositoryIndex: ${example.codeRepositoryIndex}\n repositoryGroupId: ${example.repositoryGroupId}\n policyData: ${admin.policyData}\nvariables:\n admin:\n fn::invoke:\n function: gcp:organizations:getIAMPolicy\n arguments:\n bindings:\n - role: roles/cloudaicompanion.repositoryGroupsUser\n members:\n - user:jane@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## gcp.gemini.RepositoryGroupIamBinding\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst binding = new gcp.gemini.RepositoryGroupIamBinding(\"binding\", {\n project: example.project,\n location: example.location,\n codeRepositoryIndex: example.codeRepositoryIndex,\n repositoryGroupId: example.repositoryGroupId,\n role: \"roles/cloudaicompanion.repositoryGroupsUser\",\n members: [\"user:jane@example.com\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nbinding = gcp.gemini.RepositoryGroupIamBinding(\"binding\",\n project=example[\"project\"],\n location=example[\"location\"],\n code_repository_index=example[\"codeRepositoryIndex\"],\n repository_group_id=example[\"repositoryGroupId\"],\n role=\"roles/cloudaicompanion.repositoryGroupsUser\",\n members=[\"user:jane@example.com\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var binding = new Gcp.Gemini.RepositoryGroupIamBinding(\"binding\", new()\n {\n Project = example.Project,\n Location = example.Location,\n CodeRepositoryIndex = example.CodeRepositoryIndex,\n RepositoryGroupId = example.RepositoryGroupId,\n Role = \"roles/cloudaicompanion.repositoryGroupsUser\",\n Members = new[]\n {\n \"user:jane@example.com\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/gemini\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := gemini.NewRepositoryGroupIamBinding(ctx, \"binding\", \u0026gemini.RepositoryGroupIamBindingArgs{\n\t\t\tProject: pulumi.Any(example.Project),\n\t\t\tLocation: pulumi.Any(example.Location),\n\t\t\tCodeRepositoryIndex: pulumi.Any(example.CodeRepositoryIndex),\n\t\t\tRepositoryGroupId: pulumi.Any(example.RepositoryGroupId),\n\t\t\tRole: pulumi.String(\"roles/cloudaicompanion.repositoryGroupsUser\"),\n\t\t\tMembers: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"user:jane@example.com\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.gemini.RepositoryGroupIamBinding;\nimport com.pulumi.gcp.gemini.RepositoryGroupIamBindingArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var binding = new RepositoryGroupIamBinding(\"binding\", RepositoryGroupIamBindingArgs.builder()\n .project(example.project())\n .location(example.location())\n .codeRepositoryIndex(example.codeRepositoryIndex())\n .repositoryGroupId(example.repositoryGroupId())\n .role(\"roles/cloudaicompanion.repositoryGroupsUser\")\n .members(\"user:jane@example.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n binding:\n type: gcp:gemini:RepositoryGroupIamBinding\n properties:\n project: ${example.project}\n location: ${example.location}\n codeRepositoryIndex: ${example.codeRepositoryIndex}\n repositoryGroupId: ${example.repositoryGroupId}\n role: roles/cloudaicompanion.repositoryGroupsUser\n members:\n - user:jane@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## gcp.gemini.RepositoryGroupIamMember\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst member = new gcp.gemini.RepositoryGroupIamMember(\"member\", {\n project: example.project,\n location: example.location,\n codeRepositoryIndex: example.codeRepositoryIndex,\n repositoryGroupId: example.repositoryGroupId,\n role: \"roles/cloudaicompanion.repositoryGroupsUser\",\n member: \"user:jane@example.com\",\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nmember = gcp.gemini.RepositoryGroupIamMember(\"member\",\n project=example[\"project\"],\n location=example[\"location\"],\n code_repository_index=example[\"codeRepositoryIndex\"],\n repository_group_id=example[\"repositoryGroupId\"],\n role=\"roles/cloudaicompanion.repositoryGroupsUser\",\n member=\"user:jane@example.com\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var member = new Gcp.Gemini.RepositoryGroupIamMember(\"member\", new()\n {\n Project = example.Project,\n Location = example.Location,\n CodeRepositoryIndex = example.CodeRepositoryIndex,\n RepositoryGroupId = example.RepositoryGroupId,\n Role = \"roles/cloudaicompanion.repositoryGroupsUser\",\n Member = \"user:jane@example.com\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/gemini\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := gemini.NewRepositoryGroupIamMember(ctx, \"member\", \u0026gemini.RepositoryGroupIamMemberArgs{\n\t\t\tProject: pulumi.Any(example.Project),\n\t\t\tLocation: pulumi.Any(example.Location),\n\t\t\tCodeRepositoryIndex: pulumi.Any(example.CodeRepositoryIndex),\n\t\t\tRepositoryGroupId: pulumi.Any(example.RepositoryGroupId),\n\t\t\tRole: pulumi.String(\"roles/cloudaicompanion.repositoryGroupsUser\"),\n\t\t\tMember: pulumi.String(\"user:jane@example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.gemini.RepositoryGroupIamMember;\nimport com.pulumi.gcp.gemini.RepositoryGroupIamMemberArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var member = new RepositoryGroupIamMember(\"member\", RepositoryGroupIamMemberArgs.builder()\n .project(example.project())\n .location(example.location())\n .codeRepositoryIndex(example.codeRepositoryIndex())\n .repositoryGroupId(example.repositoryGroupId())\n .role(\"roles/cloudaicompanion.repositoryGroupsUser\")\n .member(\"user:jane@example.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n member:\n type: gcp:gemini:RepositoryGroupIamMember\n properties:\n project: ${example.project}\n location: ${example.location}\n codeRepositoryIndex: ${example.codeRepositoryIndex}\n repositoryGroupId: ${example.repositoryGroupId}\n role: roles/cloudaicompanion.repositoryGroupsUser\n member: user:jane@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nFor all import syntaxes, the \"resource in question\" can take any of the following forms:\n\n* projects/{{project}}/locations/{{location}}/codeRepositoryIndexes/{{code_repository_index}}/repositoryGroups/{{repository_group_id}}\n\n* {{project}}/{{location}}/{{code_repository_index}}/{{repository_group_id}}\n\n* {{location}}/{{code_repository_index}}/{{repository_group_id}}\n\n* {{repository_group_id}}\n\nAny variables not passed in the import command will be taken from the provider configuration.\n\nGemini for Google Cloud repositorygroup IAM resources can be imported using the resource identifiers, role, and member.\n\nIAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g.\n\n```sh\n$ pulumi import gcp:gemini/repositoryGroupIamMember:RepositoryGroupIamMember editor \"projects/{{project}}/locations/{{location}}/codeRepositoryIndexes/{{code_repository_index}}/repositoryGroups/{{repository_group_id}} roles/cloudaicompanion.repositoryGroupsUser user:jane@example.com\"\n```\n\nIAM binding imports use space-delimited identifiers: the resource in question and the role, e.g.\n\n```sh\n$ pulumi import gcp:gemini/repositoryGroupIamMember:RepositoryGroupIamMember editor \"projects/{{project}}/locations/{{location}}/codeRepositoryIndexes/{{code_repository_index}}/repositoryGroups/{{repository_group_id}} roles/cloudaicompanion.repositoryGroupsUser\"\n```\n\nIAM policy imports use the identifier of the resource in question, e.g.\n\n```sh\n$ pulumi import gcp:gemini/repositoryGroupIamMember:RepositoryGroupIamMember editor projects/{{project}}/locations/{{location}}/codeRepositoryIndexes/{{code_repository_index}}/repositoryGroups/{{repository_group_id}}\n```\n\n-\u003e **Custom Roles** If you're importing a IAM resource with a custom role, make sure to use the\n\n full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`.\n\n", "properties": { "codeRepositoryIndex": { "type": "string" @@ -223083,7 +225109,7 @@ } }, "gcp:gemini/repositoryGroupIamPolicy:RepositoryGroupIamPolicy": { - "description": "\n\n## Import\n\nFor all import syntaxes, the \"resource in question\" can take any of the following forms:\n\n* projects/{{project}}/locations/{{location}}/codeRepositoryIndexes/{{code_repository_index}}/repositoryGroups/{{repository_group_id}}\n\n* {{project}}/{{location}}/{{code_repository_index}}/{{repository_group_id}}\n\n* {{location}}/{{code_repository_index}}/{{repository_group_id}}\n\n* {{repository_group_id}}\n\nAny variables not passed in the import command will be taken from the provider configuration.\n\nGemini for Google Cloud repositorygroup IAM resources can be imported using the resource identifiers, role, and member.\n\nIAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g.\n\n```sh\n$ pulumi import gcp:gemini/repositoryGroupIamPolicy:RepositoryGroupIamPolicy editor \"projects/{{project}}/locations/{{location}}/codeRepositoryIndexes/{{code_repository_index}}/repositoryGroups/{{repository_group_id}} roles/cloudaicompanion.repositoryGroupsUser user:jane@example.com\"\n```\n\nIAM binding imports use space-delimited identifiers: the resource in question and the role, e.g.\n\n```sh\n$ pulumi import gcp:gemini/repositoryGroupIamPolicy:RepositoryGroupIamPolicy editor \"projects/{{project}}/locations/{{location}}/codeRepositoryIndexes/{{code_repository_index}}/repositoryGroups/{{repository_group_id}} roles/cloudaicompanion.repositoryGroupsUser\"\n```\n\nIAM policy imports use the identifier of the resource in question, e.g.\n\n```sh\n$ pulumi import gcp:gemini/repositoryGroupIamPolicy:RepositoryGroupIamPolicy editor projects/{{project}}/locations/{{location}}/codeRepositoryIndexes/{{code_repository_index}}/repositoryGroups/{{repository_group_id}}\n```\n\n-\u003e **Custom Roles** If you're importing a IAM resource with a custom role, make sure to use the\n\n full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`.\n\n", + "description": "Three different resources help you manage your IAM policy for Gemini for Google Cloud RepositoryGroup. Each of these resources serves a different use case:\n\n* `gcp.gemini.RepositoryGroupIamPolicy`: Authoritative. Sets the IAM policy for the repositorygroup and replaces any existing policy already attached.\n* `gcp.gemini.RepositoryGroupIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the repositorygroup are preserved.\n* `gcp.gemini.RepositoryGroupIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the repositorygroup are preserved.\n\nA data source can be used to retrieve policy data in advent you do not need creation\n\n* `gcp.gemini.RepositoryGroupIamPolicy`: Retrieves the IAM policy for the repositorygroup\n\n\u003e **Note:** `gcp.gemini.RepositoryGroupIamPolicy` **cannot** be used in conjunction with `gcp.gemini.RepositoryGroupIamBinding` and `gcp.gemini.RepositoryGroupIamMember` or they will fight over what your policy should be.\n\n\u003e **Note:** `gcp.gemini.RepositoryGroupIamBinding` resources **can be** used in conjunction with `gcp.gemini.RepositoryGroupIamMember` resources **only if** they do not grant privilege to the same role.\n\n\n\n## gcp.gemini.RepositoryGroupIamPolicy\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst admin = gcp.organizations.getIAMPolicy({\n bindings: [{\n role: \"roles/cloudaicompanion.repositoryGroupsUser\",\n members: [\"user:jane@example.com\"],\n }],\n});\nconst policy = new gcp.gemini.RepositoryGroupIamPolicy(\"policy\", {\n project: example.project,\n location: example.location,\n codeRepositoryIndex: example.codeRepositoryIndex,\n repositoryGroupId: example.repositoryGroupId,\n policyData: admin.then(admin =\u003e admin.policyData),\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nadmin = gcp.organizations.get_iam_policy(bindings=[{\n \"role\": \"roles/cloudaicompanion.repositoryGroupsUser\",\n \"members\": [\"user:jane@example.com\"],\n}])\npolicy = gcp.gemini.RepositoryGroupIamPolicy(\"policy\",\n project=example[\"project\"],\n location=example[\"location\"],\n code_repository_index=example[\"codeRepositoryIndex\"],\n repository_group_id=example[\"repositoryGroupId\"],\n policy_data=admin.policy_data)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var admin = Gcp.Organizations.GetIAMPolicy.Invoke(new()\n {\n Bindings = new[]\n {\n new Gcp.Organizations.Inputs.GetIAMPolicyBindingInputArgs\n {\n Role = \"roles/cloudaicompanion.repositoryGroupsUser\",\n Members = new[]\n {\n \"user:jane@example.com\",\n },\n },\n },\n });\n\n var policy = new Gcp.Gemini.RepositoryGroupIamPolicy(\"policy\", new()\n {\n Project = example.Project,\n Location = example.Location,\n CodeRepositoryIndex = example.CodeRepositoryIndex,\n RepositoryGroupId = example.RepositoryGroupId,\n PolicyData = admin.Apply(getIAMPolicyResult =\u003e getIAMPolicyResult.PolicyData),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/gemini\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tadmin, err := organizations.LookupIAMPolicy(ctx, \u0026organizations.LookupIAMPolicyArgs{\n\t\t\tBindings: []organizations.GetIAMPolicyBinding{\n\t\t\t\t{\n\t\t\t\t\tRole: \"roles/cloudaicompanion.repositoryGroupsUser\",\n\t\t\t\t\tMembers: []string{\n\t\t\t\t\t\t\"user:jane@example.com\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = gemini.NewRepositoryGroupIamPolicy(ctx, \"policy\", \u0026gemini.RepositoryGroupIamPolicyArgs{\n\t\t\tProject: pulumi.Any(example.Project),\n\t\t\tLocation: pulumi.Any(example.Location),\n\t\t\tCodeRepositoryIndex: pulumi.Any(example.CodeRepositoryIndex),\n\t\t\tRepositoryGroupId: pulumi.Any(example.RepositoryGroupId),\n\t\t\tPolicyData: pulumi.String(admin.PolicyData),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.organizations.OrganizationsFunctions;\nimport com.pulumi.gcp.organizations.inputs.GetIAMPolicyArgs;\nimport com.pulumi.gcp.gemini.RepositoryGroupIamPolicy;\nimport com.pulumi.gcp.gemini.RepositoryGroupIamPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var admin = OrganizationsFunctions.getIAMPolicy(GetIAMPolicyArgs.builder()\n .bindings(GetIAMPolicyBindingArgs.builder()\n .role(\"roles/cloudaicompanion.repositoryGroupsUser\")\n .members(\"user:jane@example.com\")\n .build())\n .build());\n\n var policy = new RepositoryGroupIamPolicy(\"policy\", RepositoryGroupIamPolicyArgs.builder()\n .project(example.project())\n .location(example.location())\n .codeRepositoryIndex(example.codeRepositoryIndex())\n .repositoryGroupId(example.repositoryGroupId())\n .policyData(admin.applyValue(getIAMPolicyResult -\u003e getIAMPolicyResult.policyData()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n policy:\n type: gcp:gemini:RepositoryGroupIamPolicy\n properties:\n project: ${example.project}\n location: ${example.location}\n codeRepositoryIndex: ${example.codeRepositoryIndex}\n repositoryGroupId: ${example.repositoryGroupId}\n policyData: ${admin.policyData}\nvariables:\n admin:\n fn::invoke:\n function: gcp:organizations:getIAMPolicy\n arguments:\n bindings:\n - role: roles/cloudaicompanion.repositoryGroupsUser\n members:\n - user:jane@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## gcp.gemini.RepositoryGroupIamBinding\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst binding = new gcp.gemini.RepositoryGroupIamBinding(\"binding\", {\n project: example.project,\n location: example.location,\n codeRepositoryIndex: example.codeRepositoryIndex,\n repositoryGroupId: example.repositoryGroupId,\n role: \"roles/cloudaicompanion.repositoryGroupsUser\",\n members: [\"user:jane@example.com\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nbinding = gcp.gemini.RepositoryGroupIamBinding(\"binding\",\n project=example[\"project\"],\n location=example[\"location\"],\n code_repository_index=example[\"codeRepositoryIndex\"],\n repository_group_id=example[\"repositoryGroupId\"],\n role=\"roles/cloudaicompanion.repositoryGroupsUser\",\n members=[\"user:jane@example.com\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var binding = new Gcp.Gemini.RepositoryGroupIamBinding(\"binding\", new()\n {\n Project = example.Project,\n Location = example.Location,\n CodeRepositoryIndex = example.CodeRepositoryIndex,\n RepositoryGroupId = example.RepositoryGroupId,\n Role = \"roles/cloudaicompanion.repositoryGroupsUser\",\n Members = new[]\n {\n \"user:jane@example.com\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/gemini\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := gemini.NewRepositoryGroupIamBinding(ctx, \"binding\", \u0026gemini.RepositoryGroupIamBindingArgs{\n\t\t\tProject: pulumi.Any(example.Project),\n\t\t\tLocation: pulumi.Any(example.Location),\n\t\t\tCodeRepositoryIndex: pulumi.Any(example.CodeRepositoryIndex),\n\t\t\tRepositoryGroupId: pulumi.Any(example.RepositoryGroupId),\n\t\t\tRole: pulumi.String(\"roles/cloudaicompanion.repositoryGroupsUser\"),\n\t\t\tMembers: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"user:jane@example.com\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.gemini.RepositoryGroupIamBinding;\nimport com.pulumi.gcp.gemini.RepositoryGroupIamBindingArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var binding = new RepositoryGroupIamBinding(\"binding\", RepositoryGroupIamBindingArgs.builder()\n .project(example.project())\n .location(example.location())\n .codeRepositoryIndex(example.codeRepositoryIndex())\n .repositoryGroupId(example.repositoryGroupId())\n .role(\"roles/cloudaicompanion.repositoryGroupsUser\")\n .members(\"user:jane@example.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n binding:\n type: gcp:gemini:RepositoryGroupIamBinding\n properties:\n project: ${example.project}\n location: ${example.location}\n codeRepositoryIndex: ${example.codeRepositoryIndex}\n repositoryGroupId: ${example.repositoryGroupId}\n role: roles/cloudaicompanion.repositoryGroupsUser\n members:\n - user:jane@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## gcp.gemini.RepositoryGroupIamMember\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst member = new gcp.gemini.RepositoryGroupIamMember(\"member\", {\n project: example.project,\n location: example.location,\n codeRepositoryIndex: example.codeRepositoryIndex,\n repositoryGroupId: example.repositoryGroupId,\n role: \"roles/cloudaicompanion.repositoryGroupsUser\",\n member: \"user:jane@example.com\",\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nmember = gcp.gemini.RepositoryGroupIamMember(\"member\",\n project=example[\"project\"],\n location=example[\"location\"],\n code_repository_index=example[\"codeRepositoryIndex\"],\n repository_group_id=example[\"repositoryGroupId\"],\n role=\"roles/cloudaicompanion.repositoryGroupsUser\",\n member=\"user:jane@example.com\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var member = new Gcp.Gemini.RepositoryGroupIamMember(\"member\", new()\n {\n Project = example.Project,\n Location = example.Location,\n CodeRepositoryIndex = example.CodeRepositoryIndex,\n RepositoryGroupId = example.RepositoryGroupId,\n Role = \"roles/cloudaicompanion.repositoryGroupsUser\",\n Member = \"user:jane@example.com\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/gemini\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := gemini.NewRepositoryGroupIamMember(ctx, \"member\", \u0026gemini.RepositoryGroupIamMemberArgs{\n\t\t\tProject: pulumi.Any(example.Project),\n\t\t\tLocation: pulumi.Any(example.Location),\n\t\t\tCodeRepositoryIndex: pulumi.Any(example.CodeRepositoryIndex),\n\t\t\tRepositoryGroupId: pulumi.Any(example.RepositoryGroupId),\n\t\t\tRole: pulumi.String(\"roles/cloudaicompanion.repositoryGroupsUser\"),\n\t\t\tMember: pulumi.String(\"user:jane@example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.gemini.RepositoryGroupIamMember;\nimport com.pulumi.gcp.gemini.RepositoryGroupIamMemberArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var member = new RepositoryGroupIamMember(\"member\", RepositoryGroupIamMemberArgs.builder()\n .project(example.project())\n .location(example.location())\n .codeRepositoryIndex(example.codeRepositoryIndex())\n .repositoryGroupId(example.repositoryGroupId())\n .role(\"roles/cloudaicompanion.repositoryGroupsUser\")\n .member(\"user:jane@example.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n member:\n type: gcp:gemini:RepositoryGroupIamMember\n properties:\n project: ${example.project}\n location: ${example.location}\n codeRepositoryIndex: ${example.codeRepositoryIndex}\n repositoryGroupId: ${example.repositoryGroupId}\n role: roles/cloudaicompanion.repositoryGroupsUser\n member: user:jane@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n\n## This resource supports User Project Overrides.\n\n-\n\n# IAM policy for Gemini for Google Cloud RepositoryGroup\nThree different resources help you manage your IAM policy for Gemini for Google Cloud RepositoryGroup. Each of these resources serves a different use case:\n\n* `gcp.gemini.RepositoryGroupIamPolicy`: Authoritative. Sets the IAM policy for the repositorygroup and replaces any existing policy already attached.\n* `gcp.gemini.RepositoryGroupIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the repositorygroup are preserved.\n* `gcp.gemini.RepositoryGroupIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the repositorygroup are preserved.\n\nA data source can be used to retrieve policy data in advent you do not need creation\n\n* `gcp.gemini.RepositoryGroupIamPolicy`: Retrieves the IAM policy for the repositorygroup\n\n\u003e **Note:** `gcp.gemini.RepositoryGroupIamPolicy` **cannot** be used in conjunction with `gcp.gemini.RepositoryGroupIamBinding` and `gcp.gemini.RepositoryGroupIamMember` or they will fight over what your policy should be.\n\n\u003e **Note:** `gcp.gemini.RepositoryGroupIamBinding` resources **can be** used in conjunction with `gcp.gemini.RepositoryGroupIamMember` resources **only if** they do not grant privilege to the same role.\n\n\n\n## gcp.gemini.RepositoryGroupIamPolicy\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst admin = gcp.organizations.getIAMPolicy({\n bindings: [{\n role: \"roles/cloudaicompanion.repositoryGroupsUser\",\n members: [\"user:jane@example.com\"],\n }],\n});\nconst policy = new gcp.gemini.RepositoryGroupIamPolicy(\"policy\", {\n project: example.project,\n location: example.location,\n codeRepositoryIndex: example.codeRepositoryIndex,\n repositoryGroupId: example.repositoryGroupId,\n policyData: admin.then(admin =\u003e admin.policyData),\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nadmin = gcp.organizations.get_iam_policy(bindings=[{\n \"role\": \"roles/cloudaicompanion.repositoryGroupsUser\",\n \"members\": [\"user:jane@example.com\"],\n}])\npolicy = gcp.gemini.RepositoryGroupIamPolicy(\"policy\",\n project=example[\"project\"],\n location=example[\"location\"],\n code_repository_index=example[\"codeRepositoryIndex\"],\n repository_group_id=example[\"repositoryGroupId\"],\n policy_data=admin.policy_data)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var admin = Gcp.Organizations.GetIAMPolicy.Invoke(new()\n {\n Bindings = new[]\n {\n new Gcp.Organizations.Inputs.GetIAMPolicyBindingInputArgs\n {\n Role = \"roles/cloudaicompanion.repositoryGroupsUser\",\n Members = new[]\n {\n \"user:jane@example.com\",\n },\n },\n },\n });\n\n var policy = new Gcp.Gemini.RepositoryGroupIamPolicy(\"policy\", new()\n {\n Project = example.Project,\n Location = example.Location,\n CodeRepositoryIndex = example.CodeRepositoryIndex,\n RepositoryGroupId = example.RepositoryGroupId,\n PolicyData = admin.Apply(getIAMPolicyResult =\u003e getIAMPolicyResult.PolicyData),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/gemini\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tadmin, err := organizations.LookupIAMPolicy(ctx, \u0026organizations.LookupIAMPolicyArgs{\n\t\t\tBindings: []organizations.GetIAMPolicyBinding{\n\t\t\t\t{\n\t\t\t\t\tRole: \"roles/cloudaicompanion.repositoryGroupsUser\",\n\t\t\t\t\tMembers: []string{\n\t\t\t\t\t\t\"user:jane@example.com\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = gemini.NewRepositoryGroupIamPolicy(ctx, \"policy\", \u0026gemini.RepositoryGroupIamPolicyArgs{\n\t\t\tProject: pulumi.Any(example.Project),\n\t\t\tLocation: pulumi.Any(example.Location),\n\t\t\tCodeRepositoryIndex: pulumi.Any(example.CodeRepositoryIndex),\n\t\t\tRepositoryGroupId: pulumi.Any(example.RepositoryGroupId),\n\t\t\tPolicyData: pulumi.String(admin.PolicyData),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.organizations.OrganizationsFunctions;\nimport com.pulumi.gcp.organizations.inputs.GetIAMPolicyArgs;\nimport com.pulumi.gcp.gemini.RepositoryGroupIamPolicy;\nimport com.pulumi.gcp.gemini.RepositoryGroupIamPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var admin = OrganizationsFunctions.getIAMPolicy(GetIAMPolicyArgs.builder()\n .bindings(GetIAMPolicyBindingArgs.builder()\n .role(\"roles/cloudaicompanion.repositoryGroupsUser\")\n .members(\"user:jane@example.com\")\n .build())\n .build());\n\n var policy = new RepositoryGroupIamPolicy(\"policy\", RepositoryGroupIamPolicyArgs.builder()\n .project(example.project())\n .location(example.location())\n .codeRepositoryIndex(example.codeRepositoryIndex())\n .repositoryGroupId(example.repositoryGroupId())\n .policyData(admin.applyValue(getIAMPolicyResult -\u003e getIAMPolicyResult.policyData()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n policy:\n type: gcp:gemini:RepositoryGroupIamPolicy\n properties:\n project: ${example.project}\n location: ${example.location}\n codeRepositoryIndex: ${example.codeRepositoryIndex}\n repositoryGroupId: ${example.repositoryGroupId}\n policyData: ${admin.policyData}\nvariables:\n admin:\n fn::invoke:\n function: gcp:organizations:getIAMPolicy\n arguments:\n bindings:\n - role: roles/cloudaicompanion.repositoryGroupsUser\n members:\n - user:jane@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## gcp.gemini.RepositoryGroupIamBinding\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst binding = new gcp.gemini.RepositoryGroupIamBinding(\"binding\", {\n project: example.project,\n location: example.location,\n codeRepositoryIndex: example.codeRepositoryIndex,\n repositoryGroupId: example.repositoryGroupId,\n role: \"roles/cloudaicompanion.repositoryGroupsUser\",\n members: [\"user:jane@example.com\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nbinding = gcp.gemini.RepositoryGroupIamBinding(\"binding\",\n project=example[\"project\"],\n location=example[\"location\"],\n code_repository_index=example[\"codeRepositoryIndex\"],\n repository_group_id=example[\"repositoryGroupId\"],\n role=\"roles/cloudaicompanion.repositoryGroupsUser\",\n members=[\"user:jane@example.com\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var binding = new Gcp.Gemini.RepositoryGroupIamBinding(\"binding\", new()\n {\n Project = example.Project,\n Location = example.Location,\n CodeRepositoryIndex = example.CodeRepositoryIndex,\n RepositoryGroupId = example.RepositoryGroupId,\n Role = \"roles/cloudaicompanion.repositoryGroupsUser\",\n Members = new[]\n {\n \"user:jane@example.com\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/gemini\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := gemini.NewRepositoryGroupIamBinding(ctx, \"binding\", \u0026gemini.RepositoryGroupIamBindingArgs{\n\t\t\tProject: pulumi.Any(example.Project),\n\t\t\tLocation: pulumi.Any(example.Location),\n\t\t\tCodeRepositoryIndex: pulumi.Any(example.CodeRepositoryIndex),\n\t\t\tRepositoryGroupId: pulumi.Any(example.RepositoryGroupId),\n\t\t\tRole: pulumi.String(\"roles/cloudaicompanion.repositoryGroupsUser\"),\n\t\t\tMembers: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"user:jane@example.com\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.gemini.RepositoryGroupIamBinding;\nimport com.pulumi.gcp.gemini.RepositoryGroupIamBindingArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var binding = new RepositoryGroupIamBinding(\"binding\", RepositoryGroupIamBindingArgs.builder()\n .project(example.project())\n .location(example.location())\n .codeRepositoryIndex(example.codeRepositoryIndex())\n .repositoryGroupId(example.repositoryGroupId())\n .role(\"roles/cloudaicompanion.repositoryGroupsUser\")\n .members(\"user:jane@example.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n binding:\n type: gcp:gemini:RepositoryGroupIamBinding\n properties:\n project: ${example.project}\n location: ${example.location}\n codeRepositoryIndex: ${example.codeRepositoryIndex}\n repositoryGroupId: ${example.repositoryGroupId}\n role: roles/cloudaicompanion.repositoryGroupsUser\n members:\n - user:jane@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## gcp.gemini.RepositoryGroupIamMember\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst member = new gcp.gemini.RepositoryGroupIamMember(\"member\", {\n project: example.project,\n location: example.location,\n codeRepositoryIndex: example.codeRepositoryIndex,\n repositoryGroupId: example.repositoryGroupId,\n role: \"roles/cloudaicompanion.repositoryGroupsUser\",\n member: \"user:jane@example.com\",\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nmember = gcp.gemini.RepositoryGroupIamMember(\"member\",\n project=example[\"project\"],\n location=example[\"location\"],\n code_repository_index=example[\"codeRepositoryIndex\"],\n repository_group_id=example[\"repositoryGroupId\"],\n role=\"roles/cloudaicompanion.repositoryGroupsUser\",\n member=\"user:jane@example.com\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var member = new Gcp.Gemini.RepositoryGroupIamMember(\"member\", new()\n {\n Project = example.Project,\n Location = example.Location,\n CodeRepositoryIndex = example.CodeRepositoryIndex,\n RepositoryGroupId = example.RepositoryGroupId,\n Role = \"roles/cloudaicompanion.repositoryGroupsUser\",\n Member = \"user:jane@example.com\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/gemini\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := gemini.NewRepositoryGroupIamMember(ctx, \"member\", \u0026gemini.RepositoryGroupIamMemberArgs{\n\t\t\tProject: pulumi.Any(example.Project),\n\t\t\tLocation: pulumi.Any(example.Location),\n\t\t\tCodeRepositoryIndex: pulumi.Any(example.CodeRepositoryIndex),\n\t\t\tRepositoryGroupId: pulumi.Any(example.RepositoryGroupId),\n\t\t\tRole: pulumi.String(\"roles/cloudaicompanion.repositoryGroupsUser\"),\n\t\t\tMember: pulumi.String(\"user:jane@example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.gemini.RepositoryGroupIamMember;\nimport com.pulumi.gcp.gemini.RepositoryGroupIamMemberArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var member = new RepositoryGroupIamMember(\"member\", RepositoryGroupIamMemberArgs.builder()\n .project(example.project())\n .location(example.location())\n .codeRepositoryIndex(example.codeRepositoryIndex())\n .repositoryGroupId(example.repositoryGroupId())\n .role(\"roles/cloudaicompanion.repositoryGroupsUser\")\n .member(\"user:jane@example.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n member:\n type: gcp:gemini:RepositoryGroupIamMember\n properties:\n project: ${example.project}\n location: ${example.location}\n codeRepositoryIndex: ${example.codeRepositoryIndex}\n repositoryGroupId: ${example.repositoryGroupId}\n role: roles/cloudaicompanion.repositoryGroupsUser\n member: user:jane@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nFor all import syntaxes, the \"resource in question\" can take any of the following forms:\n\n* projects/{{project}}/locations/{{location}}/codeRepositoryIndexes/{{code_repository_index}}/repositoryGroups/{{repository_group_id}}\n\n* {{project}}/{{location}}/{{code_repository_index}}/{{repository_group_id}}\n\n* {{location}}/{{code_repository_index}}/{{repository_group_id}}\n\n* {{repository_group_id}}\n\nAny variables not passed in the import command will be taken from the provider configuration.\n\nGemini for Google Cloud repositorygroup IAM resources can be imported using the resource identifiers, role, and member.\n\nIAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g.\n\n```sh\n$ pulumi import gcp:gemini/repositoryGroupIamPolicy:RepositoryGroupIamPolicy editor \"projects/{{project}}/locations/{{location}}/codeRepositoryIndexes/{{code_repository_index}}/repositoryGroups/{{repository_group_id}} roles/cloudaicompanion.repositoryGroupsUser user:jane@example.com\"\n```\n\nIAM binding imports use space-delimited identifiers: the resource in question and the role, e.g.\n\n```sh\n$ pulumi import gcp:gemini/repositoryGroupIamPolicy:RepositoryGroupIamPolicy editor \"projects/{{project}}/locations/{{location}}/codeRepositoryIndexes/{{code_repository_index}}/repositoryGroups/{{repository_group_id}} roles/cloudaicompanion.repositoryGroupsUser\"\n```\n\nIAM policy imports use the identifier of the resource in question, e.g.\n\n```sh\n$ pulumi import gcp:gemini/repositoryGroupIamPolicy:RepositoryGroupIamPolicy editor projects/{{project}}/locations/{{location}}/codeRepositoryIndexes/{{code_repository_index}}/repositoryGroups/{{repository_group_id}}\n```\n\n-\u003e **Custom Roles** If you're importing a IAM resource with a custom role, make sure to use the\n\n full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`.\n\n", "properties": { "codeRepositoryIndex": { "type": "string" @@ -253134,12 +255160,20 @@ } }, "gcp:networksecurity/securityProfile:SecurityProfile": { - "description": "A security profile defines the behavior associated to a profile type.\n\n\nTo get more information about SecurityProfile, see:\n\n* [API documentation](https://cloud.google.com/firewall/docs/reference/network-security/rest/v1/organizations.locations.securityProfiles)\n* How-to Guides\n * [Create and manage security profiles](https://cloud.google.com/firewall/docs/configure-security-profiles)\n\n## Example Usage\n\n### Network Security Security Profile Basic\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst _default = new gcp.networksecurity.SecurityProfile(\"default\", {\n name: \"my-security-profile\",\n parent: \"organizations/123456789\",\n description: \"my description\",\n type: \"THREAT_PREVENTION\",\n labels: {\n foo: \"bar\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\ndefault = gcp.networksecurity.SecurityProfile(\"default\",\n name=\"my-security-profile\",\n parent=\"organizations/123456789\",\n description=\"my description\",\n type=\"THREAT_PREVENTION\",\n labels={\n \"foo\": \"bar\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = new Gcp.NetworkSecurity.SecurityProfile(\"default\", new()\n {\n Name = \"my-security-profile\",\n Parent = \"organizations/123456789\",\n Description = \"my description\",\n Type = \"THREAT_PREVENTION\",\n Labels = \n {\n { \"foo\", \"bar\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := networksecurity.NewSecurityProfile(ctx, \"default\", \u0026networksecurity.SecurityProfileArgs{\n\t\t\tName: pulumi.String(\"my-security-profile\"),\n\t\t\tParent: pulumi.String(\"organizations/123456789\"),\n\t\t\tDescription: pulumi.String(\"my description\"),\n\t\t\tType: pulumi.String(\"THREAT_PREVENTION\"),\n\t\t\tLabels: pulumi.StringMap{\n\t\t\t\t\"foo\": pulumi.String(\"bar\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.networksecurity.SecurityProfile;\nimport com.pulumi.gcp.networksecurity.SecurityProfileArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var default_ = new SecurityProfile(\"default\", SecurityProfileArgs.builder()\n .name(\"my-security-profile\")\n .parent(\"organizations/123456789\")\n .description(\"my description\")\n .type(\"THREAT_PREVENTION\")\n .labels(Map.of(\"foo\", \"bar\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: gcp:networksecurity:SecurityProfile\n properties:\n name: my-security-profile\n parent: organizations/123456789\n description: my description\n type: THREAT_PREVENTION\n labels:\n foo: bar\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Network Security Security Profile Overrides\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst _default = new gcp.networksecurity.SecurityProfile(\"default\", {\n name: \"my-security-profile\",\n parent: \"organizations/123456789\",\n description: \"my description\",\n type: \"THREAT_PREVENTION\",\n threatPreventionProfile: {\n severityOverrides: [\n {\n action: \"ALLOW\",\n severity: \"INFORMATIONAL\",\n },\n {\n action: \"DENY\",\n severity: \"HIGH\",\n },\n ],\n threatOverrides: [{\n action: \"ALLOW\",\n threatId: \"280647\",\n }],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\ndefault = gcp.networksecurity.SecurityProfile(\"default\",\n name=\"my-security-profile\",\n parent=\"organizations/123456789\",\n description=\"my description\",\n type=\"THREAT_PREVENTION\",\n threat_prevention_profile={\n \"severity_overrides\": [\n {\n \"action\": \"ALLOW\",\n \"severity\": \"INFORMATIONAL\",\n },\n {\n \"action\": \"DENY\",\n \"severity\": \"HIGH\",\n },\n ],\n \"threat_overrides\": [{\n \"action\": \"ALLOW\",\n \"threat_id\": \"280647\",\n }],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = new Gcp.NetworkSecurity.SecurityProfile(\"default\", new()\n {\n Name = \"my-security-profile\",\n Parent = \"organizations/123456789\",\n Description = \"my description\",\n Type = \"THREAT_PREVENTION\",\n ThreatPreventionProfile = new Gcp.NetworkSecurity.Inputs.SecurityProfileThreatPreventionProfileArgs\n {\n SeverityOverrides = new[]\n {\n new Gcp.NetworkSecurity.Inputs.SecurityProfileThreatPreventionProfileSeverityOverrideArgs\n {\n Action = \"ALLOW\",\n Severity = \"INFORMATIONAL\",\n },\n new Gcp.NetworkSecurity.Inputs.SecurityProfileThreatPreventionProfileSeverityOverrideArgs\n {\n Action = \"DENY\",\n Severity = \"HIGH\",\n },\n },\n ThreatOverrides = new[]\n {\n new Gcp.NetworkSecurity.Inputs.SecurityProfileThreatPreventionProfileThreatOverrideArgs\n {\n Action = \"ALLOW\",\n ThreatId = \"280647\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := networksecurity.NewSecurityProfile(ctx, \"default\", \u0026networksecurity.SecurityProfileArgs{\n\t\t\tName: pulumi.String(\"my-security-profile\"),\n\t\t\tParent: pulumi.String(\"organizations/123456789\"),\n\t\t\tDescription: pulumi.String(\"my description\"),\n\t\t\tType: pulumi.String(\"THREAT_PREVENTION\"),\n\t\t\tThreatPreventionProfile: \u0026networksecurity.SecurityProfileThreatPreventionProfileArgs{\n\t\t\t\tSeverityOverrides: networksecurity.SecurityProfileThreatPreventionProfileSeverityOverrideArray{\n\t\t\t\t\t\u0026networksecurity.SecurityProfileThreatPreventionProfileSeverityOverrideArgs{\n\t\t\t\t\t\tAction: pulumi.String(\"ALLOW\"),\n\t\t\t\t\t\tSeverity: pulumi.String(\"INFORMATIONAL\"),\n\t\t\t\t\t},\n\t\t\t\t\t\u0026networksecurity.SecurityProfileThreatPreventionProfileSeverityOverrideArgs{\n\t\t\t\t\t\tAction: pulumi.String(\"DENY\"),\n\t\t\t\t\t\tSeverity: pulumi.String(\"HIGH\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tThreatOverrides: networksecurity.SecurityProfileThreatPreventionProfileThreatOverrideArray{\n\t\t\t\t\t\u0026networksecurity.SecurityProfileThreatPreventionProfileThreatOverrideArgs{\n\t\t\t\t\t\tAction: pulumi.String(\"ALLOW\"),\n\t\t\t\t\t\tThreatId: pulumi.String(\"280647\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.networksecurity.SecurityProfile;\nimport com.pulumi.gcp.networksecurity.SecurityProfileArgs;\nimport com.pulumi.gcp.networksecurity.inputs.SecurityProfileThreatPreventionProfileArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var default_ = new SecurityProfile(\"default\", SecurityProfileArgs.builder()\n .name(\"my-security-profile\")\n .parent(\"organizations/123456789\")\n .description(\"my description\")\n .type(\"THREAT_PREVENTION\")\n .threatPreventionProfile(SecurityProfileThreatPreventionProfileArgs.builder()\n .severityOverrides( \n SecurityProfileThreatPreventionProfileSeverityOverrideArgs.builder()\n .action(\"ALLOW\")\n .severity(\"INFORMATIONAL\")\n .build(),\n SecurityProfileThreatPreventionProfileSeverityOverrideArgs.builder()\n .action(\"DENY\")\n .severity(\"HIGH\")\n .build())\n .threatOverrides(SecurityProfileThreatPreventionProfileThreatOverrideArgs.builder()\n .action(\"ALLOW\")\n .threatId(\"280647\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: gcp:networksecurity:SecurityProfile\n properties:\n name: my-security-profile\n parent: organizations/123456789\n description: my description\n type: THREAT_PREVENTION\n threatPreventionProfile:\n severityOverrides:\n - action: ALLOW\n severity: INFORMATIONAL\n - action: DENY\n severity: HIGH\n threatOverrides:\n - action: ALLOW\n threatId: '280647'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nSecurityProfile can be imported using any of these accepted formats:\n\n* `{{parent}}/locations/{{location}}/securityProfiles/{{name}}`\n\nWhen using the `pulumi import` command, SecurityProfile can be imported using one of the formats above. For example:\n\n```sh\n$ pulumi import gcp:networksecurity/securityProfile:SecurityProfile default {{parent}}/locations/{{location}}/securityProfiles/{{name}}\n```\n\n", + "description": "A security profile defines the behavior associated to a profile type.\n\n\nTo get more information about SecurityProfile, see:\n\n* [API documentation](https://cloud.google.com/firewall/docs/reference/network-security/rest/v1/organizations.locations.securityProfiles)\n* How-to Guides\n * [Create and manage security profiles](https://cloud.google.com/firewall/docs/configure-security-profiles)\n\n## Example Usage\n\n### Network Security Security Profile Basic\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst _default = new gcp.networksecurity.SecurityProfile(\"default\", {\n name: \"my-security-profile\",\n parent: \"organizations/123456789\",\n description: \"my description\",\n type: \"THREAT_PREVENTION\",\n labels: {\n foo: \"bar\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\ndefault = gcp.networksecurity.SecurityProfile(\"default\",\n name=\"my-security-profile\",\n parent=\"organizations/123456789\",\n description=\"my description\",\n type=\"THREAT_PREVENTION\",\n labels={\n \"foo\": \"bar\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = new Gcp.NetworkSecurity.SecurityProfile(\"default\", new()\n {\n Name = \"my-security-profile\",\n Parent = \"organizations/123456789\",\n Description = \"my description\",\n Type = \"THREAT_PREVENTION\",\n Labels = \n {\n { \"foo\", \"bar\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := networksecurity.NewSecurityProfile(ctx, \"default\", \u0026networksecurity.SecurityProfileArgs{\n\t\t\tName: pulumi.String(\"my-security-profile\"),\n\t\t\tParent: pulumi.String(\"organizations/123456789\"),\n\t\t\tDescription: pulumi.String(\"my description\"),\n\t\t\tType: pulumi.String(\"THREAT_PREVENTION\"),\n\t\t\tLabels: pulumi.StringMap{\n\t\t\t\t\"foo\": pulumi.String(\"bar\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.networksecurity.SecurityProfile;\nimport com.pulumi.gcp.networksecurity.SecurityProfileArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var default_ = new SecurityProfile(\"default\", SecurityProfileArgs.builder()\n .name(\"my-security-profile\")\n .parent(\"organizations/123456789\")\n .description(\"my description\")\n .type(\"THREAT_PREVENTION\")\n .labels(Map.of(\"foo\", \"bar\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: gcp:networksecurity:SecurityProfile\n properties:\n name: my-security-profile\n parent: organizations/123456789\n description: my description\n type: THREAT_PREVENTION\n labels:\n foo: bar\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Network Security Security Profile Overrides\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst _default = new gcp.networksecurity.SecurityProfile(\"default\", {\n name: \"my-security-profile\",\n parent: \"organizations/123456789\",\n description: \"my description\",\n type: \"THREAT_PREVENTION\",\n threatPreventionProfile: {\n severityOverrides: [\n {\n action: \"ALLOW\",\n severity: \"INFORMATIONAL\",\n },\n {\n action: \"DENY\",\n severity: \"HIGH\",\n },\n ],\n threatOverrides: [{\n action: \"ALLOW\",\n threatId: \"280647\",\n }],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\ndefault = gcp.networksecurity.SecurityProfile(\"default\",\n name=\"my-security-profile\",\n parent=\"organizations/123456789\",\n description=\"my description\",\n type=\"THREAT_PREVENTION\",\n threat_prevention_profile={\n \"severity_overrides\": [\n {\n \"action\": \"ALLOW\",\n \"severity\": \"INFORMATIONAL\",\n },\n {\n \"action\": \"DENY\",\n \"severity\": \"HIGH\",\n },\n ],\n \"threat_overrides\": [{\n \"action\": \"ALLOW\",\n \"threat_id\": \"280647\",\n }],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = new Gcp.NetworkSecurity.SecurityProfile(\"default\", new()\n {\n Name = \"my-security-profile\",\n Parent = \"organizations/123456789\",\n Description = \"my description\",\n Type = \"THREAT_PREVENTION\",\n ThreatPreventionProfile = new Gcp.NetworkSecurity.Inputs.SecurityProfileThreatPreventionProfileArgs\n {\n SeverityOverrides = new[]\n {\n new Gcp.NetworkSecurity.Inputs.SecurityProfileThreatPreventionProfileSeverityOverrideArgs\n {\n Action = \"ALLOW\",\n Severity = \"INFORMATIONAL\",\n },\n new Gcp.NetworkSecurity.Inputs.SecurityProfileThreatPreventionProfileSeverityOverrideArgs\n {\n Action = \"DENY\",\n Severity = \"HIGH\",\n },\n },\n ThreatOverrides = new[]\n {\n new Gcp.NetworkSecurity.Inputs.SecurityProfileThreatPreventionProfileThreatOverrideArgs\n {\n Action = \"ALLOW\",\n ThreatId = \"280647\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := networksecurity.NewSecurityProfile(ctx, \"default\", \u0026networksecurity.SecurityProfileArgs{\n\t\t\tName: pulumi.String(\"my-security-profile\"),\n\t\t\tParent: pulumi.String(\"organizations/123456789\"),\n\t\t\tDescription: pulumi.String(\"my description\"),\n\t\t\tType: pulumi.String(\"THREAT_PREVENTION\"),\n\t\t\tThreatPreventionProfile: \u0026networksecurity.SecurityProfileThreatPreventionProfileArgs{\n\t\t\t\tSeverityOverrides: networksecurity.SecurityProfileThreatPreventionProfileSeverityOverrideArray{\n\t\t\t\t\t\u0026networksecurity.SecurityProfileThreatPreventionProfileSeverityOverrideArgs{\n\t\t\t\t\t\tAction: pulumi.String(\"ALLOW\"),\n\t\t\t\t\t\tSeverity: pulumi.String(\"INFORMATIONAL\"),\n\t\t\t\t\t},\n\t\t\t\t\t\u0026networksecurity.SecurityProfileThreatPreventionProfileSeverityOverrideArgs{\n\t\t\t\t\t\tAction: pulumi.String(\"DENY\"),\n\t\t\t\t\t\tSeverity: pulumi.String(\"HIGH\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tThreatOverrides: networksecurity.SecurityProfileThreatPreventionProfileThreatOverrideArray{\n\t\t\t\t\t\u0026networksecurity.SecurityProfileThreatPreventionProfileThreatOverrideArgs{\n\t\t\t\t\t\tAction: pulumi.String(\"ALLOW\"),\n\t\t\t\t\t\tThreatId: pulumi.String(\"280647\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.networksecurity.SecurityProfile;\nimport com.pulumi.gcp.networksecurity.SecurityProfileArgs;\nimport com.pulumi.gcp.networksecurity.inputs.SecurityProfileThreatPreventionProfileArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var default_ = new SecurityProfile(\"default\", SecurityProfileArgs.builder()\n .name(\"my-security-profile\")\n .parent(\"organizations/123456789\")\n .description(\"my description\")\n .type(\"THREAT_PREVENTION\")\n .threatPreventionProfile(SecurityProfileThreatPreventionProfileArgs.builder()\n .severityOverrides( \n SecurityProfileThreatPreventionProfileSeverityOverrideArgs.builder()\n .action(\"ALLOW\")\n .severity(\"INFORMATIONAL\")\n .build(),\n SecurityProfileThreatPreventionProfileSeverityOverrideArgs.builder()\n .action(\"DENY\")\n .severity(\"HIGH\")\n .build())\n .threatOverrides(SecurityProfileThreatPreventionProfileThreatOverrideArgs.builder()\n .action(\"ALLOW\")\n .threatId(\"280647\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: gcp:networksecurity:SecurityProfile\n properties:\n name: my-security-profile\n parent: organizations/123456789\n description: my description\n type: THREAT_PREVENTION\n threatPreventionProfile:\n severityOverrides:\n - action: ALLOW\n severity: INFORMATIONAL\n - action: DENY\n severity: HIGH\n threatOverrides:\n - action: ALLOW\n threatId: '280647'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Network Security Security Profile Mirroring\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst _default = new gcp.compute.Network(\"default\", {\n name: \"my-network\",\n autoCreateSubnetworks: false,\n});\nconst defaultMirroringDeploymentGroup = new gcp.networksecurity.MirroringDeploymentGroup(\"default\", {\n mirroringDeploymentGroupId: \"my-dg\",\n location: \"global\",\n network: _default.id,\n});\nconst defaultMirroringEndpointGroup = new gcp.networksecurity.MirroringEndpointGroup(\"default\", {\n mirroringEndpointGroupId: \"my-eg\",\n location: \"global\",\n mirroringDeploymentGroup: defaultMirroringDeploymentGroup.id,\n});\nconst defaultSecurityProfile = new gcp.networksecurity.SecurityProfile(\"default\", {\n name: \"my-security-profile\",\n parent: \"organizations/123456789\",\n description: \"my description\",\n type: \"CUSTOM_MIRRORING\",\n customMirroringProfile: {\n mirroringEndpointGroup: defaultMirroringEndpointGroup.id,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\ndefault = gcp.compute.Network(\"default\",\n name=\"my-network\",\n auto_create_subnetworks=False)\ndefault_mirroring_deployment_group = gcp.networksecurity.MirroringDeploymentGroup(\"default\",\n mirroring_deployment_group_id=\"my-dg\",\n location=\"global\",\n network=default.id)\ndefault_mirroring_endpoint_group = gcp.networksecurity.MirroringEndpointGroup(\"default\",\n mirroring_endpoint_group_id=\"my-eg\",\n location=\"global\",\n mirroring_deployment_group=default_mirroring_deployment_group.id)\ndefault_security_profile = gcp.networksecurity.SecurityProfile(\"default\",\n name=\"my-security-profile\",\n parent=\"organizations/123456789\",\n description=\"my description\",\n type=\"CUSTOM_MIRRORING\",\n custom_mirroring_profile={\n \"mirroring_endpoint_group\": default_mirroring_endpoint_group.id,\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = new Gcp.Compute.Network(\"default\", new()\n {\n Name = \"my-network\",\n AutoCreateSubnetworks = false,\n });\n\n var defaultMirroringDeploymentGroup = new Gcp.NetworkSecurity.MirroringDeploymentGroup(\"default\", new()\n {\n MirroringDeploymentGroupId = \"my-dg\",\n Location = \"global\",\n Network = @default.Id,\n });\n\n var defaultMirroringEndpointGroup = new Gcp.NetworkSecurity.MirroringEndpointGroup(\"default\", new()\n {\n MirroringEndpointGroupId = \"my-eg\",\n Location = \"global\",\n MirroringDeploymentGroup = defaultMirroringDeploymentGroup.Id,\n });\n\n var defaultSecurityProfile = new Gcp.NetworkSecurity.SecurityProfile(\"default\", new()\n {\n Name = \"my-security-profile\",\n Parent = \"organizations/123456789\",\n Description = \"my description\",\n Type = \"CUSTOM_MIRRORING\",\n CustomMirroringProfile = new Gcp.NetworkSecurity.Inputs.SecurityProfileCustomMirroringProfileArgs\n {\n MirroringEndpointGroup = defaultMirroringEndpointGroup.Id,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := compute.NewNetwork(ctx, \"default\", \u0026compute.NetworkArgs{\n\t\t\tName: pulumi.String(\"my-network\"),\n\t\t\tAutoCreateSubnetworks: pulumi.Bool(false),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tdefaultMirroringDeploymentGroup, err := networksecurity.NewMirroringDeploymentGroup(ctx, \"default\", \u0026networksecurity.MirroringDeploymentGroupArgs{\n\t\t\tMirroringDeploymentGroupId: pulumi.String(\"my-dg\"),\n\t\t\tLocation: pulumi.String(\"global\"),\n\t\t\tNetwork: _default.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tdefaultMirroringEndpointGroup, err := networksecurity.NewMirroringEndpointGroup(ctx, \"default\", \u0026networksecurity.MirroringEndpointGroupArgs{\n\t\t\tMirroringEndpointGroupId: pulumi.String(\"my-eg\"),\n\t\t\tLocation: pulumi.String(\"global\"),\n\t\t\tMirroringDeploymentGroup: defaultMirroringDeploymentGroup.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = networksecurity.NewSecurityProfile(ctx, \"default\", \u0026networksecurity.SecurityProfileArgs{\n\t\t\tName: pulumi.String(\"my-security-profile\"),\n\t\t\tParent: pulumi.String(\"organizations/123456789\"),\n\t\t\tDescription: pulumi.String(\"my description\"),\n\t\t\tType: pulumi.String(\"CUSTOM_MIRRORING\"),\n\t\t\tCustomMirroringProfile: \u0026networksecurity.SecurityProfileCustomMirroringProfileArgs{\n\t\t\t\tMirroringEndpointGroup: defaultMirroringEndpointGroup.ID(),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.compute.Network;\nimport com.pulumi.gcp.compute.NetworkArgs;\nimport com.pulumi.gcp.networksecurity.MirroringDeploymentGroup;\nimport com.pulumi.gcp.networksecurity.MirroringDeploymentGroupArgs;\nimport com.pulumi.gcp.networksecurity.MirroringEndpointGroup;\nimport com.pulumi.gcp.networksecurity.MirroringEndpointGroupArgs;\nimport com.pulumi.gcp.networksecurity.SecurityProfile;\nimport com.pulumi.gcp.networksecurity.SecurityProfileArgs;\nimport com.pulumi.gcp.networksecurity.inputs.SecurityProfileCustomMirroringProfileArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var default_ = new Network(\"default\", NetworkArgs.builder()\n .name(\"my-network\")\n .autoCreateSubnetworks(false)\n .build());\n\n var defaultMirroringDeploymentGroup = new MirroringDeploymentGroup(\"defaultMirroringDeploymentGroup\", MirroringDeploymentGroupArgs.builder()\n .mirroringDeploymentGroupId(\"my-dg\")\n .location(\"global\")\n .network(default_.id())\n .build());\n\n var defaultMirroringEndpointGroup = new MirroringEndpointGroup(\"defaultMirroringEndpointGroup\", MirroringEndpointGroupArgs.builder()\n .mirroringEndpointGroupId(\"my-eg\")\n .location(\"global\")\n .mirroringDeploymentGroup(defaultMirroringDeploymentGroup.id())\n .build());\n\n var defaultSecurityProfile = new SecurityProfile(\"defaultSecurityProfile\", SecurityProfileArgs.builder()\n .name(\"my-security-profile\")\n .parent(\"organizations/123456789\")\n .description(\"my description\")\n .type(\"CUSTOM_MIRRORING\")\n .customMirroringProfile(SecurityProfileCustomMirroringProfileArgs.builder()\n .mirroringEndpointGroup(defaultMirroringEndpointGroup.id())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: gcp:compute:Network\n properties:\n name: my-network\n autoCreateSubnetworks: false\n defaultMirroringDeploymentGroup:\n type: gcp:networksecurity:MirroringDeploymentGroup\n name: default\n properties:\n mirroringDeploymentGroupId: my-dg\n location: global\n network: ${default.id}\n defaultMirroringEndpointGroup:\n type: gcp:networksecurity:MirroringEndpointGroup\n name: default\n properties:\n mirroringEndpointGroupId: my-eg\n location: global\n mirroringDeploymentGroup: ${defaultMirroringDeploymentGroup.id}\n defaultSecurityProfile:\n type: gcp:networksecurity:SecurityProfile\n name: default\n properties:\n name: my-security-profile\n parent: organizations/123456789\n description: my description\n type: CUSTOM_MIRRORING\n customMirroringProfile:\n mirroringEndpointGroup: ${defaultMirroringEndpointGroup.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Network Security Security Profile Intercept\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst _default = new gcp.compute.Network(\"default\", {\n name: \"my-network\",\n autoCreateSubnetworks: false,\n});\nconst defaultInterceptDeploymentGroup = new gcp.networksecurity.InterceptDeploymentGroup(\"default\", {\n interceptDeploymentGroupId: \"my-dg\",\n location: \"global\",\n network: _default.id,\n});\nconst defaultInterceptEndpointGroup = new gcp.networksecurity.InterceptEndpointGroup(\"default\", {\n interceptEndpointGroupId: \"my-eg\",\n location: \"global\",\n interceptDeploymentGroup: defaultInterceptDeploymentGroup.id,\n});\nconst defaultSecurityProfile = new gcp.networksecurity.SecurityProfile(\"default\", {\n name: \"my-security-profile\",\n parent: \"organizations/123456789\",\n description: \"my description\",\n type: \"CUSTOM_INTERCEPT\",\n customInterceptProfile: {\n interceptEndpointGroup: defaultInterceptEndpointGroup.id,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\ndefault = gcp.compute.Network(\"default\",\n name=\"my-network\",\n auto_create_subnetworks=False)\ndefault_intercept_deployment_group = gcp.networksecurity.InterceptDeploymentGroup(\"default\",\n intercept_deployment_group_id=\"my-dg\",\n location=\"global\",\n network=default.id)\ndefault_intercept_endpoint_group = gcp.networksecurity.InterceptEndpointGroup(\"default\",\n intercept_endpoint_group_id=\"my-eg\",\n location=\"global\",\n intercept_deployment_group=default_intercept_deployment_group.id)\ndefault_security_profile = gcp.networksecurity.SecurityProfile(\"default\",\n name=\"my-security-profile\",\n parent=\"organizations/123456789\",\n description=\"my description\",\n type=\"CUSTOM_INTERCEPT\",\n custom_intercept_profile={\n \"intercept_endpoint_group\": default_intercept_endpoint_group.id,\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = new Gcp.Compute.Network(\"default\", new()\n {\n Name = \"my-network\",\n AutoCreateSubnetworks = false,\n });\n\n var defaultInterceptDeploymentGroup = new Gcp.NetworkSecurity.InterceptDeploymentGroup(\"default\", new()\n {\n InterceptDeploymentGroupId = \"my-dg\",\n Location = \"global\",\n Network = @default.Id,\n });\n\n var defaultInterceptEndpointGroup = new Gcp.NetworkSecurity.InterceptEndpointGroup(\"default\", new()\n {\n InterceptEndpointGroupId = \"my-eg\",\n Location = \"global\",\n InterceptDeploymentGroup = defaultInterceptDeploymentGroup.Id,\n });\n\n var defaultSecurityProfile = new Gcp.NetworkSecurity.SecurityProfile(\"default\", new()\n {\n Name = \"my-security-profile\",\n Parent = \"organizations/123456789\",\n Description = \"my description\",\n Type = \"CUSTOM_INTERCEPT\",\n CustomInterceptProfile = new Gcp.NetworkSecurity.Inputs.SecurityProfileCustomInterceptProfileArgs\n {\n InterceptEndpointGroup = defaultInterceptEndpointGroup.Id,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := compute.NewNetwork(ctx, \"default\", \u0026compute.NetworkArgs{\n\t\t\tName: pulumi.String(\"my-network\"),\n\t\t\tAutoCreateSubnetworks: pulumi.Bool(false),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tdefaultInterceptDeploymentGroup, err := networksecurity.NewInterceptDeploymentGroup(ctx, \"default\", \u0026networksecurity.InterceptDeploymentGroupArgs{\n\t\t\tInterceptDeploymentGroupId: pulumi.String(\"my-dg\"),\n\t\t\tLocation: pulumi.String(\"global\"),\n\t\t\tNetwork: _default.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tdefaultInterceptEndpointGroup, err := networksecurity.NewInterceptEndpointGroup(ctx, \"default\", \u0026networksecurity.InterceptEndpointGroupArgs{\n\t\t\tInterceptEndpointGroupId: pulumi.String(\"my-eg\"),\n\t\t\tLocation: pulumi.String(\"global\"),\n\t\t\tInterceptDeploymentGroup: defaultInterceptDeploymentGroup.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = networksecurity.NewSecurityProfile(ctx, \"default\", \u0026networksecurity.SecurityProfileArgs{\n\t\t\tName: pulumi.String(\"my-security-profile\"),\n\t\t\tParent: pulumi.String(\"organizations/123456789\"),\n\t\t\tDescription: pulumi.String(\"my description\"),\n\t\t\tType: pulumi.String(\"CUSTOM_INTERCEPT\"),\n\t\t\tCustomInterceptProfile: \u0026networksecurity.SecurityProfileCustomInterceptProfileArgs{\n\t\t\t\tInterceptEndpointGroup: defaultInterceptEndpointGroup.ID(),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.compute.Network;\nimport com.pulumi.gcp.compute.NetworkArgs;\nimport com.pulumi.gcp.networksecurity.InterceptDeploymentGroup;\nimport com.pulumi.gcp.networksecurity.InterceptDeploymentGroupArgs;\nimport com.pulumi.gcp.networksecurity.InterceptEndpointGroup;\nimport com.pulumi.gcp.networksecurity.InterceptEndpointGroupArgs;\nimport com.pulumi.gcp.networksecurity.SecurityProfile;\nimport com.pulumi.gcp.networksecurity.SecurityProfileArgs;\nimport com.pulumi.gcp.networksecurity.inputs.SecurityProfileCustomInterceptProfileArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var default_ = new Network(\"default\", NetworkArgs.builder()\n .name(\"my-network\")\n .autoCreateSubnetworks(false)\n .build());\n\n var defaultInterceptDeploymentGroup = new InterceptDeploymentGroup(\"defaultInterceptDeploymentGroup\", InterceptDeploymentGroupArgs.builder()\n .interceptDeploymentGroupId(\"my-dg\")\n .location(\"global\")\n .network(default_.id())\n .build());\n\n var defaultInterceptEndpointGroup = new InterceptEndpointGroup(\"defaultInterceptEndpointGroup\", InterceptEndpointGroupArgs.builder()\n .interceptEndpointGroupId(\"my-eg\")\n .location(\"global\")\n .interceptDeploymentGroup(defaultInterceptDeploymentGroup.id())\n .build());\n\n var defaultSecurityProfile = new SecurityProfile(\"defaultSecurityProfile\", SecurityProfileArgs.builder()\n .name(\"my-security-profile\")\n .parent(\"organizations/123456789\")\n .description(\"my description\")\n .type(\"CUSTOM_INTERCEPT\")\n .customInterceptProfile(SecurityProfileCustomInterceptProfileArgs.builder()\n .interceptEndpointGroup(defaultInterceptEndpointGroup.id())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: gcp:compute:Network\n properties:\n name: my-network\n autoCreateSubnetworks: false\n defaultInterceptDeploymentGroup:\n type: gcp:networksecurity:InterceptDeploymentGroup\n name: default\n properties:\n interceptDeploymentGroupId: my-dg\n location: global\n network: ${default.id}\n defaultInterceptEndpointGroup:\n type: gcp:networksecurity:InterceptEndpointGroup\n name: default\n properties:\n interceptEndpointGroupId: my-eg\n location: global\n interceptDeploymentGroup: ${defaultInterceptDeploymentGroup.id}\n defaultSecurityProfile:\n type: gcp:networksecurity:SecurityProfile\n name: default\n properties:\n name: my-security-profile\n parent: organizations/123456789\n description: my description\n type: CUSTOM_INTERCEPT\n customInterceptProfile:\n interceptEndpointGroup: ${defaultInterceptEndpointGroup.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nSecurityProfile can be imported using any of these accepted formats:\n\n* `{{parent}}/locations/{{location}}/securityProfiles/{{name}}`\n\nWhen using the `pulumi import` command, SecurityProfile can be imported using one of the formats above. For example:\n\n```sh\n$ pulumi import gcp:networksecurity/securityProfile:SecurityProfile default {{parent}}/locations/{{location}}/securityProfiles/{{name}}\n```\n\n", "properties": { "createTime": { "type": "string", "description": "Time the security profile was created in UTC.\n" }, + "customInterceptProfile": { + "$ref": "#/types/gcp:networksecurity/SecurityProfileCustomInterceptProfile:SecurityProfileCustomInterceptProfile", + "description": "The configuration for defining the Intercept Endpoint Group used to\nintercept traffic to third-party firewall appliances.\nStructure is documented below.\n" + }, + "customMirroringProfile": { + "$ref": "#/types/gcp:networksecurity/SecurityProfileCustomMirroringProfile:SecurityProfileCustomMirroringProfile", + "description": "The configuration for defining the Mirroring Endpoint Group used to\nmirror traffic to third-party collectors.\nStructure is documented below.\n" + }, "description": { "type": "string", "description": "An optional description of the security profile. The Max length is 512 characters.\n" @@ -253193,7 +255227,7 @@ }, "type": { "type": "string", - "description": "The type of security profile.\nPossible values are: `THREAT_PREVENTION`.\n" + "description": "The type of security profile.\nPossible values are: `THREAT_PREVENTION`, `CUSTOM_MIRRORING`, `CUSTOM_INTERCEPT`.\n" }, "updateTime": { "type": "string", @@ -253211,6 +255245,14 @@ "updateTime" ], "inputProperties": { + "customInterceptProfile": { + "$ref": "#/types/gcp:networksecurity/SecurityProfileCustomInterceptProfile:SecurityProfileCustomInterceptProfile", + "description": "The configuration for defining the Intercept Endpoint Group used to\nintercept traffic to third-party firewall appliances.\nStructure is documented below.\n" + }, + "customMirroringProfile": { + "$ref": "#/types/gcp:networksecurity/SecurityProfileCustomMirroringProfile:SecurityProfileCustomMirroringProfile", + "description": "The configuration for defining the Mirroring Endpoint Group used to\nmirror traffic to third-party collectors.\nStructure is documented below.\n" + }, "description": { "type": "string", "description": "An optional description of the security profile. The Max length is 512 characters.\n" @@ -253243,7 +255285,7 @@ }, "type": { "type": "string", - "description": "The type of security profile.\nPossible values are: `THREAT_PREVENTION`.\n", + "description": "The type of security profile.\nPossible values are: `THREAT_PREVENTION`, `CUSTOM_MIRRORING`, `CUSTOM_INTERCEPT`.\n", "willReplaceOnChanges": true } }, @@ -253257,6 +255299,14 @@ "type": "string", "description": "Time the security profile was created in UTC.\n" }, + "customInterceptProfile": { + "$ref": "#/types/gcp:networksecurity/SecurityProfileCustomInterceptProfile:SecurityProfileCustomInterceptProfile", + "description": "The configuration for defining the Intercept Endpoint Group used to\nintercept traffic to third-party firewall appliances.\nStructure is documented below.\n" + }, + "customMirroringProfile": { + "$ref": "#/types/gcp:networksecurity/SecurityProfileCustomMirroringProfile:SecurityProfileCustomMirroringProfile", + "description": "The configuration for defining the Mirroring Endpoint Group used to\nmirror traffic to third-party collectors.\nStructure is documented below.\n" + }, "description": { "type": "string", "description": "An optional description of the security profile. The Max length is 512 characters.\n" @@ -253313,7 +255363,7 @@ }, "type": { "type": "string", - "description": "The type of security profile.\nPossible values are: `THREAT_PREVENTION`.\n", + "description": "The type of security profile.\nPossible values are: `THREAT_PREVENTION`, `CUSTOM_MIRRORING`, `CUSTOM_INTERCEPT`.\n", "willReplaceOnChanges": true }, "updateTime": { @@ -253325,12 +255375,20 @@ } }, "gcp:networksecurity/securityProfileGroup:SecurityProfileGroup": { - "description": "A security profile group defines a container for security profiles.\n\n\nTo get more information about SecurityProfileGroup, see:\n\n* [API documentation](https://cloud.google.com/firewall/docs/reference/network-security/rest/v1/organizations.locations.securityProfileGroups)\n* How-to Guides\n * [Create and manage security profile groups](https://cloud.google.com/firewall/docs/configure-security-profile-groups)\n * [Security profile groups overview](https://cloud.google.com/firewall/docs/about-security-profile-groups)\n\n## Example Usage\n\n### Network Security Security Profile Group Basic\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst securityProfile = new gcp.networksecurity.SecurityProfile(\"security_profile\", {\n name: \"sec-profile\",\n type: \"THREAT_PREVENTION\",\n parent: \"organizations/123456789\",\n location: \"global\",\n});\nconst _default = new gcp.networksecurity.SecurityProfileGroup(\"default\", {\n name: \"sec-profile-group\",\n parent: \"organizations/123456789\",\n description: \"my description\",\n threatPreventionProfile: securityProfile.id,\n labels: {\n foo: \"bar\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nsecurity_profile = gcp.networksecurity.SecurityProfile(\"security_profile\",\n name=\"sec-profile\",\n type=\"THREAT_PREVENTION\",\n parent=\"organizations/123456789\",\n location=\"global\")\ndefault = gcp.networksecurity.SecurityProfileGroup(\"default\",\n name=\"sec-profile-group\",\n parent=\"organizations/123456789\",\n description=\"my description\",\n threat_prevention_profile=security_profile.id,\n labels={\n \"foo\": \"bar\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var securityProfile = new Gcp.NetworkSecurity.SecurityProfile(\"security_profile\", new()\n {\n Name = \"sec-profile\",\n Type = \"THREAT_PREVENTION\",\n Parent = \"organizations/123456789\",\n Location = \"global\",\n });\n\n var @default = new Gcp.NetworkSecurity.SecurityProfileGroup(\"default\", new()\n {\n Name = \"sec-profile-group\",\n Parent = \"organizations/123456789\",\n Description = \"my description\",\n ThreatPreventionProfile = securityProfile.Id,\n Labels = \n {\n { \"foo\", \"bar\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tsecurityProfile, err := networksecurity.NewSecurityProfile(ctx, \"security_profile\", \u0026networksecurity.SecurityProfileArgs{\n\t\t\tName: pulumi.String(\"sec-profile\"),\n\t\t\tType: pulumi.String(\"THREAT_PREVENTION\"),\n\t\t\tParent: pulumi.String(\"organizations/123456789\"),\n\t\t\tLocation: pulumi.String(\"global\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = networksecurity.NewSecurityProfileGroup(ctx, \"default\", \u0026networksecurity.SecurityProfileGroupArgs{\n\t\t\tName: pulumi.String(\"sec-profile-group\"),\n\t\t\tParent: pulumi.String(\"organizations/123456789\"),\n\t\t\tDescription: pulumi.String(\"my description\"),\n\t\t\tThreatPreventionProfile: securityProfile.ID(),\n\t\t\tLabels: pulumi.StringMap{\n\t\t\t\t\"foo\": pulumi.String(\"bar\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.networksecurity.SecurityProfile;\nimport com.pulumi.gcp.networksecurity.SecurityProfileArgs;\nimport com.pulumi.gcp.networksecurity.SecurityProfileGroup;\nimport com.pulumi.gcp.networksecurity.SecurityProfileGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var securityProfile = new SecurityProfile(\"securityProfile\", SecurityProfileArgs.builder()\n .name(\"sec-profile\")\n .type(\"THREAT_PREVENTION\")\n .parent(\"organizations/123456789\")\n .location(\"global\")\n .build());\n\n var default_ = new SecurityProfileGroup(\"default\", SecurityProfileGroupArgs.builder()\n .name(\"sec-profile-group\")\n .parent(\"organizations/123456789\")\n .description(\"my description\")\n .threatPreventionProfile(securityProfile.id())\n .labels(Map.of(\"foo\", \"bar\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: gcp:networksecurity:SecurityProfileGroup\n properties:\n name: sec-profile-group\n parent: organizations/123456789\n description: my description\n threatPreventionProfile: ${securityProfile.id}\n labels:\n foo: bar\n securityProfile:\n type: gcp:networksecurity:SecurityProfile\n name: security_profile\n properties:\n name: sec-profile\n type: THREAT_PREVENTION\n parent: organizations/123456789\n location: global\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nSecurityProfileGroup can be imported using any of these accepted formats:\n\n* `{{parent}}/locations/{{location}}/securityProfileGroups/{{name}}`\n\nWhen using the `pulumi import` command, SecurityProfileGroup can be imported using one of the formats above. For example:\n\n```sh\n$ pulumi import gcp:networksecurity/securityProfileGroup:SecurityProfileGroup default {{parent}}/locations/{{location}}/securityProfileGroups/{{name}}\n```\n\n", + "description": "A security profile group defines a container for security profiles.\n\n\nTo get more information about SecurityProfileGroup, see:\n\n* [API documentation](https://cloud.google.com/firewall/docs/reference/network-security/rest/v1/organizations.locations.securityProfileGroups)\n* How-to Guides\n * [Create and manage security profile groups](https://cloud.google.com/firewall/docs/configure-security-profile-groups)\n * [Security profile groups overview](https://cloud.google.com/firewall/docs/about-security-profile-groups)\n\n## Example Usage\n\n### Network Security Security Profile Group Basic\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst securityProfile = new gcp.networksecurity.SecurityProfile(\"security_profile\", {\n name: \"sec-profile\",\n type: \"THREAT_PREVENTION\",\n parent: \"organizations/123456789\",\n location: \"global\",\n});\nconst _default = new gcp.networksecurity.SecurityProfileGroup(\"default\", {\n name: \"sec-profile-group\",\n parent: \"organizations/123456789\",\n description: \"my description\",\n threatPreventionProfile: securityProfile.id,\n labels: {\n foo: \"bar\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nsecurity_profile = gcp.networksecurity.SecurityProfile(\"security_profile\",\n name=\"sec-profile\",\n type=\"THREAT_PREVENTION\",\n parent=\"organizations/123456789\",\n location=\"global\")\ndefault = gcp.networksecurity.SecurityProfileGroup(\"default\",\n name=\"sec-profile-group\",\n parent=\"organizations/123456789\",\n description=\"my description\",\n threat_prevention_profile=security_profile.id,\n labels={\n \"foo\": \"bar\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var securityProfile = new Gcp.NetworkSecurity.SecurityProfile(\"security_profile\", new()\n {\n Name = \"sec-profile\",\n Type = \"THREAT_PREVENTION\",\n Parent = \"organizations/123456789\",\n Location = \"global\",\n });\n\n var @default = new Gcp.NetworkSecurity.SecurityProfileGroup(\"default\", new()\n {\n Name = \"sec-profile-group\",\n Parent = \"organizations/123456789\",\n Description = \"my description\",\n ThreatPreventionProfile = securityProfile.Id,\n Labels = \n {\n { \"foo\", \"bar\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tsecurityProfile, err := networksecurity.NewSecurityProfile(ctx, \"security_profile\", \u0026networksecurity.SecurityProfileArgs{\n\t\t\tName: pulumi.String(\"sec-profile\"),\n\t\t\tType: pulumi.String(\"THREAT_PREVENTION\"),\n\t\t\tParent: pulumi.String(\"organizations/123456789\"),\n\t\t\tLocation: pulumi.String(\"global\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = networksecurity.NewSecurityProfileGroup(ctx, \"default\", \u0026networksecurity.SecurityProfileGroupArgs{\n\t\t\tName: pulumi.String(\"sec-profile-group\"),\n\t\t\tParent: pulumi.String(\"organizations/123456789\"),\n\t\t\tDescription: pulumi.String(\"my description\"),\n\t\t\tThreatPreventionProfile: securityProfile.ID(),\n\t\t\tLabels: pulumi.StringMap{\n\t\t\t\t\"foo\": pulumi.String(\"bar\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.networksecurity.SecurityProfile;\nimport com.pulumi.gcp.networksecurity.SecurityProfileArgs;\nimport com.pulumi.gcp.networksecurity.SecurityProfileGroup;\nimport com.pulumi.gcp.networksecurity.SecurityProfileGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var securityProfile = new SecurityProfile(\"securityProfile\", SecurityProfileArgs.builder()\n .name(\"sec-profile\")\n .type(\"THREAT_PREVENTION\")\n .parent(\"organizations/123456789\")\n .location(\"global\")\n .build());\n\n var default_ = new SecurityProfileGroup(\"default\", SecurityProfileGroupArgs.builder()\n .name(\"sec-profile-group\")\n .parent(\"organizations/123456789\")\n .description(\"my description\")\n .threatPreventionProfile(securityProfile.id())\n .labels(Map.of(\"foo\", \"bar\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: gcp:networksecurity:SecurityProfileGroup\n properties:\n name: sec-profile-group\n parent: organizations/123456789\n description: my description\n threatPreventionProfile: ${securityProfile.id}\n labels:\n foo: bar\n securityProfile:\n type: gcp:networksecurity:SecurityProfile\n name: security_profile\n properties:\n name: sec-profile\n type: THREAT_PREVENTION\n parent: organizations/123456789\n location: global\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Network Security Security Profile Group Mirroring\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst _default = new gcp.compute.Network(\"default\", {\n name: \"network\",\n autoCreateSubnetworks: false,\n});\nconst defaultMirroringDeploymentGroup = new gcp.networksecurity.MirroringDeploymentGroup(\"default\", {\n mirroringDeploymentGroupId: \"deployment-group\",\n location: \"global\",\n network: _default.id,\n});\nconst defaultMirroringEndpointGroup = new gcp.networksecurity.MirroringEndpointGroup(\"default\", {\n mirroringEndpointGroupId: \"endpoint-group\",\n location: \"global\",\n mirroringDeploymentGroup: defaultMirroringDeploymentGroup.id,\n});\nconst defaultSecurityProfile = new gcp.networksecurity.SecurityProfile(\"default\", {\n name: \"sec-profile\",\n parent: \"organizations/123456789\",\n description: \"my description\",\n type: \"CUSTOM_MIRRORING\",\n customMirroringProfile: {\n mirroringEndpointGroup: defaultMirroringEndpointGroup.id,\n },\n});\nconst defaultSecurityProfileGroup = new gcp.networksecurity.SecurityProfileGroup(\"default\", {\n name: \"sec-profile-group\",\n parent: \"organizations/123456789\",\n description: \"my description\",\n customMirroringProfile: defaultSecurityProfile.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\ndefault = gcp.compute.Network(\"default\",\n name=\"network\",\n auto_create_subnetworks=False)\ndefault_mirroring_deployment_group = gcp.networksecurity.MirroringDeploymentGroup(\"default\",\n mirroring_deployment_group_id=\"deployment-group\",\n location=\"global\",\n network=default.id)\ndefault_mirroring_endpoint_group = gcp.networksecurity.MirroringEndpointGroup(\"default\",\n mirroring_endpoint_group_id=\"endpoint-group\",\n location=\"global\",\n mirroring_deployment_group=default_mirroring_deployment_group.id)\ndefault_security_profile = gcp.networksecurity.SecurityProfile(\"default\",\n name=\"sec-profile\",\n parent=\"organizations/123456789\",\n description=\"my description\",\n type=\"CUSTOM_MIRRORING\",\n custom_mirroring_profile={\n \"mirroring_endpoint_group\": default_mirroring_endpoint_group.id,\n })\ndefault_security_profile_group = gcp.networksecurity.SecurityProfileGroup(\"default\",\n name=\"sec-profile-group\",\n parent=\"organizations/123456789\",\n description=\"my description\",\n custom_mirroring_profile=default_security_profile.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = new Gcp.Compute.Network(\"default\", new()\n {\n Name = \"network\",\n AutoCreateSubnetworks = false,\n });\n\n var defaultMirroringDeploymentGroup = new Gcp.NetworkSecurity.MirroringDeploymentGroup(\"default\", new()\n {\n MirroringDeploymentGroupId = \"deployment-group\",\n Location = \"global\",\n Network = @default.Id,\n });\n\n var defaultMirroringEndpointGroup = new Gcp.NetworkSecurity.MirroringEndpointGroup(\"default\", new()\n {\n MirroringEndpointGroupId = \"endpoint-group\",\n Location = \"global\",\n MirroringDeploymentGroup = defaultMirroringDeploymentGroup.Id,\n });\n\n var defaultSecurityProfile = new Gcp.NetworkSecurity.SecurityProfile(\"default\", new()\n {\n Name = \"sec-profile\",\n Parent = \"organizations/123456789\",\n Description = \"my description\",\n Type = \"CUSTOM_MIRRORING\",\n CustomMirroringProfile = new Gcp.NetworkSecurity.Inputs.SecurityProfileCustomMirroringProfileArgs\n {\n MirroringEndpointGroup = defaultMirroringEndpointGroup.Id,\n },\n });\n\n var defaultSecurityProfileGroup = new Gcp.NetworkSecurity.SecurityProfileGroup(\"default\", new()\n {\n Name = \"sec-profile-group\",\n Parent = \"organizations/123456789\",\n Description = \"my description\",\n CustomMirroringProfile = defaultSecurityProfile.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := compute.NewNetwork(ctx, \"default\", \u0026compute.NetworkArgs{\n\t\t\tName: pulumi.String(\"network\"),\n\t\t\tAutoCreateSubnetworks: pulumi.Bool(false),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tdefaultMirroringDeploymentGroup, err := networksecurity.NewMirroringDeploymentGroup(ctx, \"default\", \u0026networksecurity.MirroringDeploymentGroupArgs{\n\t\t\tMirroringDeploymentGroupId: pulumi.String(\"deployment-group\"),\n\t\t\tLocation: pulumi.String(\"global\"),\n\t\t\tNetwork: _default.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tdefaultMirroringEndpointGroup, err := networksecurity.NewMirroringEndpointGroup(ctx, \"default\", \u0026networksecurity.MirroringEndpointGroupArgs{\n\t\t\tMirroringEndpointGroupId: pulumi.String(\"endpoint-group\"),\n\t\t\tLocation: pulumi.String(\"global\"),\n\t\t\tMirroringDeploymentGroup: defaultMirroringDeploymentGroup.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tdefaultSecurityProfile, err := networksecurity.NewSecurityProfile(ctx, \"default\", \u0026networksecurity.SecurityProfileArgs{\n\t\t\tName: pulumi.String(\"sec-profile\"),\n\t\t\tParent: pulumi.String(\"organizations/123456789\"),\n\t\t\tDescription: pulumi.String(\"my description\"),\n\t\t\tType: pulumi.String(\"CUSTOM_MIRRORING\"),\n\t\t\tCustomMirroringProfile: \u0026networksecurity.SecurityProfileCustomMirroringProfileArgs{\n\t\t\t\tMirroringEndpointGroup: defaultMirroringEndpointGroup.ID(),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = networksecurity.NewSecurityProfileGroup(ctx, \"default\", \u0026networksecurity.SecurityProfileGroupArgs{\n\t\t\tName: pulumi.String(\"sec-profile-group\"),\n\t\t\tParent: pulumi.String(\"organizations/123456789\"),\n\t\t\tDescription: pulumi.String(\"my description\"),\n\t\t\tCustomMirroringProfile: defaultSecurityProfile.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.compute.Network;\nimport com.pulumi.gcp.compute.NetworkArgs;\nimport com.pulumi.gcp.networksecurity.MirroringDeploymentGroup;\nimport com.pulumi.gcp.networksecurity.MirroringDeploymentGroupArgs;\nimport com.pulumi.gcp.networksecurity.MirroringEndpointGroup;\nimport com.pulumi.gcp.networksecurity.MirroringEndpointGroupArgs;\nimport com.pulumi.gcp.networksecurity.SecurityProfile;\nimport com.pulumi.gcp.networksecurity.SecurityProfileArgs;\nimport com.pulumi.gcp.networksecurity.inputs.SecurityProfileCustomMirroringProfileArgs;\nimport com.pulumi.gcp.networksecurity.SecurityProfileGroup;\nimport com.pulumi.gcp.networksecurity.SecurityProfileGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var default_ = new Network(\"default\", NetworkArgs.builder()\n .name(\"network\")\n .autoCreateSubnetworks(false)\n .build());\n\n var defaultMirroringDeploymentGroup = new MirroringDeploymentGroup(\"defaultMirroringDeploymentGroup\", MirroringDeploymentGroupArgs.builder()\n .mirroringDeploymentGroupId(\"deployment-group\")\n .location(\"global\")\n .network(default_.id())\n .build());\n\n var defaultMirroringEndpointGroup = new MirroringEndpointGroup(\"defaultMirroringEndpointGroup\", MirroringEndpointGroupArgs.builder()\n .mirroringEndpointGroupId(\"endpoint-group\")\n .location(\"global\")\n .mirroringDeploymentGroup(defaultMirroringDeploymentGroup.id())\n .build());\n\n var defaultSecurityProfile = new SecurityProfile(\"defaultSecurityProfile\", SecurityProfileArgs.builder()\n .name(\"sec-profile\")\n .parent(\"organizations/123456789\")\n .description(\"my description\")\n .type(\"CUSTOM_MIRRORING\")\n .customMirroringProfile(SecurityProfileCustomMirroringProfileArgs.builder()\n .mirroringEndpointGroup(defaultMirroringEndpointGroup.id())\n .build())\n .build());\n\n var defaultSecurityProfileGroup = new SecurityProfileGroup(\"defaultSecurityProfileGroup\", SecurityProfileGroupArgs.builder()\n .name(\"sec-profile-group\")\n .parent(\"organizations/123456789\")\n .description(\"my description\")\n .customMirroringProfile(defaultSecurityProfile.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: gcp:compute:Network\n properties:\n name: network\n autoCreateSubnetworks: false\n defaultMirroringDeploymentGroup:\n type: gcp:networksecurity:MirroringDeploymentGroup\n name: default\n properties:\n mirroringDeploymentGroupId: deployment-group\n location: global\n network: ${default.id}\n defaultMirroringEndpointGroup:\n type: gcp:networksecurity:MirroringEndpointGroup\n name: default\n properties:\n mirroringEndpointGroupId: endpoint-group\n location: global\n mirroringDeploymentGroup: ${defaultMirroringDeploymentGroup.id}\n defaultSecurityProfile:\n type: gcp:networksecurity:SecurityProfile\n name: default\n properties:\n name: sec-profile\n parent: organizations/123456789\n description: my description\n type: CUSTOM_MIRRORING\n customMirroringProfile:\n mirroringEndpointGroup: ${defaultMirroringEndpointGroup.id}\n defaultSecurityProfileGroup:\n type: gcp:networksecurity:SecurityProfileGroup\n name: default\n properties:\n name: sec-profile-group\n parent: organizations/123456789\n description: my description\n customMirroringProfile: ${defaultSecurityProfile.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Network Security Security Profile Group Intercept\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst _default = new gcp.compute.Network(\"default\", {\n name: \"network\",\n autoCreateSubnetworks: false,\n});\nconst defaultInterceptDeploymentGroup = new gcp.networksecurity.InterceptDeploymentGroup(\"default\", {\n interceptDeploymentGroupId: \"deployment-group\",\n location: \"global\",\n network: _default.id,\n});\nconst defaultInterceptEndpointGroup = new gcp.networksecurity.InterceptEndpointGroup(\"default\", {\n interceptEndpointGroupId: \"endpoint-group\",\n location: \"global\",\n interceptDeploymentGroup: defaultInterceptDeploymentGroup.id,\n});\nconst defaultSecurityProfile = new gcp.networksecurity.SecurityProfile(\"default\", {\n name: \"sec-profile\",\n parent: \"organizations/123456789\",\n description: \"my description\",\n type: \"CUSTOM_INTERCEPT\",\n customInterceptProfile: {\n interceptEndpointGroup: defaultInterceptEndpointGroup.id,\n },\n});\nconst defaultSecurityProfileGroup = new gcp.networksecurity.SecurityProfileGroup(\"default\", {\n name: \"sec-profile-group\",\n parent: \"organizations/123456789\",\n description: \"my description\",\n customInterceptProfile: defaultSecurityProfile.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\ndefault = gcp.compute.Network(\"default\",\n name=\"network\",\n auto_create_subnetworks=False)\ndefault_intercept_deployment_group = gcp.networksecurity.InterceptDeploymentGroup(\"default\",\n intercept_deployment_group_id=\"deployment-group\",\n location=\"global\",\n network=default.id)\ndefault_intercept_endpoint_group = gcp.networksecurity.InterceptEndpointGroup(\"default\",\n intercept_endpoint_group_id=\"endpoint-group\",\n location=\"global\",\n intercept_deployment_group=default_intercept_deployment_group.id)\ndefault_security_profile = gcp.networksecurity.SecurityProfile(\"default\",\n name=\"sec-profile\",\n parent=\"organizations/123456789\",\n description=\"my description\",\n type=\"CUSTOM_INTERCEPT\",\n custom_intercept_profile={\n \"intercept_endpoint_group\": default_intercept_endpoint_group.id,\n })\ndefault_security_profile_group = gcp.networksecurity.SecurityProfileGroup(\"default\",\n name=\"sec-profile-group\",\n parent=\"organizations/123456789\",\n description=\"my description\",\n custom_intercept_profile=default_security_profile.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = new Gcp.Compute.Network(\"default\", new()\n {\n Name = \"network\",\n AutoCreateSubnetworks = false,\n });\n\n var defaultInterceptDeploymentGroup = new Gcp.NetworkSecurity.InterceptDeploymentGroup(\"default\", new()\n {\n InterceptDeploymentGroupId = \"deployment-group\",\n Location = \"global\",\n Network = @default.Id,\n });\n\n var defaultInterceptEndpointGroup = new Gcp.NetworkSecurity.InterceptEndpointGroup(\"default\", new()\n {\n InterceptEndpointGroupId = \"endpoint-group\",\n Location = \"global\",\n InterceptDeploymentGroup = defaultInterceptDeploymentGroup.Id,\n });\n\n var defaultSecurityProfile = new Gcp.NetworkSecurity.SecurityProfile(\"default\", new()\n {\n Name = \"sec-profile\",\n Parent = \"organizations/123456789\",\n Description = \"my description\",\n Type = \"CUSTOM_INTERCEPT\",\n CustomInterceptProfile = new Gcp.NetworkSecurity.Inputs.SecurityProfileCustomInterceptProfileArgs\n {\n InterceptEndpointGroup = defaultInterceptEndpointGroup.Id,\n },\n });\n\n var defaultSecurityProfileGroup = new Gcp.NetworkSecurity.SecurityProfileGroup(\"default\", new()\n {\n Name = \"sec-profile-group\",\n Parent = \"organizations/123456789\",\n Description = \"my description\",\n CustomInterceptProfile = defaultSecurityProfile.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := compute.NewNetwork(ctx, \"default\", \u0026compute.NetworkArgs{\n\t\t\tName: pulumi.String(\"network\"),\n\t\t\tAutoCreateSubnetworks: pulumi.Bool(false),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tdefaultInterceptDeploymentGroup, err := networksecurity.NewInterceptDeploymentGroup(ctx, \"default\", \u0026networksecurity.InterceptDeploymentGroupArgs{\n\t\t\tInterceptDeploymentGroupId: pulumi.String(\"deployment-group\"),\n\t\t\tLocation: pulumi.String(\"global\"),\n\t\t\tNetwork: _default.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tdefaultInterceptEndpointGroup, err := networksecurity.NewInterceptEndpointGroup(ctx, \"default\", \u0026networksecurity.InterceptEndpointGroupArgs{\n\t\t\tInterceptEndpointGroupId: pulumi.String(\"endpoint-group\"),\n\t\t\tLocation: pulumi.String(\"global\"),\n\t\t\tInterceptDeploymentGroup: defaultInterceptDeploymentGroup.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tdefaultSecurityProfile, err := networksecurity.NewSecurityProfile(ctx, \"default\", \u0026networksecurity.SecurityProfileArgs{\n\t\t\tName: pulumi.String(\"sec-profile\"),\n\t\t\tParent: pulumi.String(\"organizations/123456789\"),\n\t\t\tDescription: pulumi.String(\"my description\"),\n\t\t\tType: pulumi.String(\"CUSTOM_INTERCEPT\"),\n\t\t\tCustomInterceptProfile: \u0026networksecurity.SecurityProfileCustomInterceptProfileArgs{\n\t\t\t\tInterceptEndpointGroup: defaultInterceptEndpointGroup.ID(),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = networksecurity.NewSecurityProfileGroup(ctx, \"default\", \u0026networksecurity.SecurityProfileGroupArgs{\n\t\t\tName: pulumi.String(\"sec-profile-group\"),\n\t\t\tParent: pulumi.String(\"organizations/123456789\"),\n\t\t\tDescription: pulumi.String(\"my description\"),\n\t\t\tCustomInterceptProfile: defaultSecurityProfile.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.compute.Network;\nimport com.pulumi.gcp.compute.NetworkArgs;\nimport com.pulumi.gcp.networksecurity.InterceptDeploymentGroup;\nimport com.pulumi.gcp.networksecurity.InterceptDeploymentGroupArgs;\nimport com.pulumi.gcp.networksecurity.InterceptEndpointGroup;\nimport com.pulumi.gcp.networksecurity.InterceptEndpointGroupArgs;\nimport com.pulumi.gcp.networksecurity.SecurityProfile;\nimport com.pulumi.gcp.networksecurity.SecurityProfileArgs;\nimport com.pulumi.gcp.networksecurity.inputs.SecurityProfileCustomInterceptProfileArgs;\nimport com.pulumi.gcp.networksecurity.SecurityProfileGroup;\nimport com.pulumi.gcp.networksecurity.SecurityProfileGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var default_ = new Network(\"default\", NetworkArgs.builder()\n .name(\"network\")\n .autoCreateSubnetworks(false)\n .build());\n\n var defaultInterceptDeploymentGroup = new InterceptDeploymentGroup(\"defaultInterceptDeploymentGroup\", InterceptDeploymentGroupArgs.builder()\n .interceptDeploymentGroupId(\"deployment-group\")\n .location(\"global\")\n .network(default_.id())\n .build());\n\n var defaultInterceptEndpointGroup = new InterceptEndpointGroup(\"defaultInterceptEndpointGroup\", InterceptEndpointGroupArgs.builder()\n .interceptEndpointGroupId(\"endpoint-group\")\n .location(\"global\")\n .interceptDeploymentGroup(defaultInterceptDeploymentGroup.id())\n .build());\n\n var defaultSecurityProfile = new SecurityProfile(\"defaultSecurityProfile\", SecurityProfileArgs.builder()\n .name(\"sec-profile\")\n .parent(\"organizations/123456789\")\n .description(\"my description\")\n .type(\"CUSTOM_INTERCEPT\")\n .customInterceptProfile(SecurityProfileCustomInterceptProfileArgs.builder()\n .interceptEndpointGroup(defaultInterceptEndpointGroup.id())\n .build())\n .build());\n\n var defaultSecurityProfileGroup = new SecurityProfileGroup(\"defaultSecurityProfileGroup\", SecurityProfileGroupArgs.builder()\n .name(\"sec-profile-group\")\n .parent(\"organizations/123456789\")\n .description(\"my description\")\n .customInterceptProfile(defaultSecurityProfile.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: gcp:compute:Network\n properties:\n name: network\n autoCreateSubnetworks: false\n defaultInterceptDeploymentGroup:\n type: gcp:networksecurity:InterceptDeploymentGroup\n name: default\n properties:\n interceptDeploymentGroupId: deployment-group\n location: global\n network: ${default.id}\n defaultInterceptEndpointGroup:\n type: gcp:networksecurity:InterceptEndpointGroup\n name: default\n properties:\n interceptEndpointGroupId: endpoint-group\n location: global\n interceptDeploymentGroup: ${defaultInterceptDeploymentGroup.id}\n defaultSecurityProfile:\n type: gcp:networksecurity:SecurityProfile\n name: default\n properties:\n name: sec-profile\n parent: organizations/123456789\n description: my description\n type: CUSTOM_INTERCEPT\n customInterceptProfile:\n interceptEndpointGroup: ${defaultInterceptEndpointGroup.id}\n defaultSecurityProfileGroup:\n type: gcp:networksecurity:SecurityProfileGroup\n name: default\n properties:\n name: sec-profile-group\n parent: organizations/123456789\n description: my description\n customInterceptProfile: ${defaultSecurityProfile.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nSecurityProfileGroup can be imported using any of these accepted formats:\n\n* `{{parent}}/locations/{{location}}/securityProfileGroups/{{name}}`\n\nWhen using the `pulumi import` command, SecurityProfileGroup can be imported using one of the formats above. For example:\n\n```sh\n$ pulumi import gcp:networksecurity/securityProfileGroup:SecurityProfileGroup default {{parent}}/locations/{{location}}/securityProfileGroups/{{name}}\n```\n\n", "properties": { "createTime": { "type": "string", "description": "Time the security profile group was created in UTC.\n" }, + "customInterceptProfile": { + "type": "string", + "description": "Reference to a SecurityProfile with the CustomIntercept configuration.\n" + }, + "customMirroringProfile": { + "type": "string", + "description": "Reference to a SecurityProfile with the custom mirroring configuration for the SecurityProfileGroup.\n" + }, "description": { "type": "string", "description": "An optional description of the profile. The Max length is 512 characters.\n" @@ -253392,6 +255450,14 @@ "updateTime" ], "inputProperties": { + "customInterceptProfile": { + "type": "string", + "description": "Reference to a SecurityProfile with the CustomIntercept configuration.\n" + }, + "customMirroringProfile": { + "type": "string", + "description": "Reference to a SecurityProfile with the custom mirroring configuration for the SecurityProfileGroup.\n" + }, "description": { "type": "string", "description": "An optional description of the profile. The Max length is 512 characters.\n" @@ -253430,6 +255496,14 @@ "type": "string", "description": "Time the security profile group was created in UTC.\n" }, + "customInterceptProfile": { + "type": "string", + "description": "Reference to a SecurityProfile with the CustomIntercept configuration.\n" + }, + "customMirroringProfile": { + "type": "string", + "description": "Reference to a SecurityProfile with the custom mirroring configuration for the SecurityProfileGroup.\n" + }, "description": { "type": "string", "description": "An optional description of the profile. The Max length is 512 characters.\n" @@ -261654,6 +263728,113 @@ "type": "object" } }, + "gcp:parametermanager/parameterVersion:ParameterVersion": { + "description": "## Example Usage\n\n### Parameter Version Basic\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst parameter_basic = new gcp.parametermanager.Parameter(\"parameter-basic\", {parameterId: \"parameter\"});\nconst parameter_version_basic = new gcp.parametermanager.ParameterVersion(\"parameter-version-basic\", {\n parameter: parameter_basic.id,\n parameterVersionId: \"parameter_version\",\n parameterData: \"app-parameter-version-data\",\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nparameter_basic = gcp.parametermanager.Parameter(\"parameter-basic\", parameter_id=\"parameter\")\nparameter_version_basic = gcp.parametermanager.ParameterVersion(\"parameter-version-basic\",\n parameter=parameter_basic.id,\n parameter_version_id=\"parameter_version\",\n parameter_data=\"app-parameter-version-data\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var parameter_basic = new Gcp.ParameterManager.Parameter(\"parameter-basic\", new()\n {\n ParameterId = \"parameter\",\n });\n\n var parameter_version_basic = new Gcp.ParameterManager.ParameterVersion(\"parameter-version-basic\", new()\n {\n Parameter = parameter_basic.Id,\n ParameterVersionId = \"parameter_version\",\n ParameterData = \"app-parameter-version-data\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/parametermanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := parametermanager.NewParameter(ctx, \"parameter-basic\", \u0026parametermanager.ParameterArgs{\n\t\t\tParameterId: pulumi.String(\"parameter\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = parametermanager.NewParameterVersion(ctx, \"parameter-version-basic\", \u0026parametermanager.ParameterVersionArgs{\n\t\t\tParameter: parameter_basic.ID(),\n\t\t\tParameterVersionId: pulumi.String(\"parameter_version\"),\n\t\t\tParameterData: pulumi.String(\"app-parameter-version-data\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.parametermanager.Parameter;\nimport com.pulumi.gcp.parametermanager.ParameterArgs;\nimport com.pulumi.gcp.parametermanager.ParameterVersion;\nimport com.pulumi.gcp.parametermanager.ParameterVersionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var parameter_basic = new Parameter(\"parameter-basic\", ParameterArgs.builder()\n .parameterId(\"parameter\")\n .build());\n\n var parameter_version_basic = new ParameterVersion(\"parameter-version-basic\", ParameterVersionArgs.builder()\n .parameter(parameter_basic.id())\n .parameterVersionId(\"parameter_version\")\n .parameterData(\"app-parameter-version-data\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n parameter-basic:\n type: gcp:parametermanager:Parameter\n properties:\n parameterId: parameter\n parameter-version-basic:\n type: gcp:parametermanager:ParameterVersion\n properties:\n parameter: ${[\"parameter-basic\"].id}\n parameterVersionId: parameter_version\n parameterData: app-parameter-version-data\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Parameter Version With Json Format\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst parameter_basic = new gcp.parametermanager.Parameter(\"parameter-basic\", {\n parameterId: \"parameter\",\n format: \"JSON\",\n});\nconst parameter_version_with_json_format = new gcp.parametermanager.ParameterVersion(\"parameter-version-with-json-format\", {\n parameter: parameter_basic.id,\n parameterVersionId: \"parameter_version\",\n parameterData: JSON.stringify({\n key1: \"val1\",\n key2: \"val2\",\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_gcp as gcp\n\nparameter_basic = gcp.parametermanager.Parameter(\"parameter-basic\",\n parameter_id=\"parameter\",\n format=\"JSON\")\nparameter_version_with_json_format = gcp.parametermanager.ParameterVersion(\"parameter-version-with-json-format\",\n parameter=parameter_basic.id,\n parameter_version_id=\"parameter_version\",\n parameter_data=json.dumps({\n \"key1\": \"val1\",\n \"key2\": \"val2\",\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var parameter_basic = new Gcp.ParameterManager.Parameter(\"parameter-basic\", new()\n {\n ParameterId = \"parameter\",\n Format = \"JSON\",\n });\n\n var parameter_version_with_json_format = new Gcp.ParameterManager.ParameterVersion(\"parameter-version-with-json-format\", new()\n {\n Parameter = parameter_basic.Id,\n ParameterVersionId = \"parameter_version\",\n ParameterData = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"key1\"] = \"val1\",\n [\"key2\"] = \"val2\",\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/parametermanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := parametermanager.NewParameter(ctx, \"parameter-basic\", \u0026parametermanager.ParameterArgs{\n\t\t\tParameterId: pulumi.String(\"parameter\"),\n\t\t\tFormat: pulumi.String(\"JSON\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"key1\": \"val1\",\n\t\t\t\"key2\": \"val2\",\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = parametermanager.NewParameterVersion(ctx, \"parameter-version-with-json-format\", \u0026parametermanager.ParameterVersionArgs{\n\t\t\tParameter: parameter_basic.ID(),\n\t\t\tParameterVersionId: pulumi.String(\"parameter_version\"),\n\t\t\tParameterData: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.parametermanager.Parameter;\nimport com.pulumi.gcp.parametermanager.ParameterArgs;\nimport com.pulumi.gcp.parametermanager.ParameterVersion;\nimport com.pulumi.gcp.parametermanager.ParameterVersionArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var parameter_basic = new Parameter(\"parameter-basic\", ParameterArgs.builder()\n .parameterId(\"parameter\")\n .format(\"JSON\")\n .build());\n\n var parameter_version_with_json_format = new ParameterVersion(\"parameter-version-with-json-format\", ParameterVersionArgs.builder()\n .parameter(parameter_basic.id())\n .parameterVersionId(\"parameter_version\")\n .parameterData(serializeJson(\n jsonObject(\n jsonProperty(\"key1\", \"val1\"),\n jsonProperty(\"key2\", \"val2\")\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n parameter-basic:\n type: gcp:parametermanager:Parameter\n properties:\n parameterId: parameter\n format: JSON\n parameter-version-with-json-format:\n type: gcp:parametermanager:ParameterVersion\n properties:\n parameter: ${[\"parameter-basic\"].id}\n parameterVersionId: parameter_version\n parameterData:\n fn::toJSON:\n key1: val1\n key2: val2\n```\n\u003c!--End PulumiCodeChooser --\u003e\n## Import\n\nParameterVersion can be imported using any of these accepted formats:\n\n* `projects/{{project}}/locations/global/parameters/{{parameter_id}}/versions/{{parameter_version_id}}`\n\nWhen using the `pulumi import` command, ParameterVersion can be imported using one of the formats above. For example:\n\n```sh\n$ pulumi import gcp:parametermanager/parameterVersion:ParameterVersion default projects/{{project}}/locations/global/parameters/{{parameter_id}}/versions/{{parameter_version_id}}\n```\n\n", + "properties": { + "createTime": { + "type": "string", + "description": "The time at which the Parameter Version was created.\n" + }, + "disabled": { + "type": "boolean", + "description": "The current state of Parameter Version. This field is only applicable for updating Parameter Version.\n" + }, + "name": { + "type": "string", + "description": "The resource name of the Parameter Version. Format:\n`projects/{{project}}/locations/global/parameters/{{parameter_id}}/versions/{{parameter_version_id}}`\n" + }, + "parameter": { + "type": "string", + "description": "Parameter Manager Parameter resource.\n" + }, + "parameterData": { + "type": "string", + "description": "The Parameter data.\n**Note**: This property is sensitive and will not be displayed in the plan.\n", + "secret": true + }, + "parameterVersionId": { + "type": "string", + "description": "Version ID of the Parameter Version Resource. This must be unique within the Parameter.\n\n\n- - -\n" + }, + "updateTime": { + "type": "string", + "description": "The time at which the Parameter Version was updated.\n" + } + }, + "required": [ + "createTime", + "name", + "parameter", + "parameterData", + "parameterVersionId", + "updateTime" + ], + "inputProperties": { + "disabled": { + "type": "boolean", + "description": "The current state of Parameter Version. This field is only applicable for updating Parameter Version.\n" + }, + "parameter": { + "type": "string", + "description": "Parameter Manager Parameter resource.\n", + "willReplaceOnChanges": true + }, + "parameterData": { + "type": "string", + "description": "The Parameter data.\n**Note**: This property is sensitive and will not be displayed in the plan.\n", + "secret": true, + "willReplaceOnChanges": true + }, + "parameterVersionId": { + "type": "string", + "description": "Version ID of the Parameter Version Resource. This must be unique within the Parameter.\n\n\n- - -\n", + "willReplaceOnChanges": true + } + }, + "requiredInputs": [ + "parameter", + "parameterData", + "parameterVersionId" + ], + "stateInputs": { + "description": "Input properties used for looking up and filtering ParameterVersion resources.\n", + "properties": { + "createTime": { + "type": "string", + "description": "The time at which the Parameter Version was created.\n" + }, + "disabled": { + "type": "boolean", + "description": "The current state of Parameter Version. This field is only applicable for updating Parameter Version.\n" + }, + "name": { + "type": "string", + "description": "The resource name of the Parameter Version. Format:\n`projects/{{project}}/locations/global/parameters/{{parameter_id}}/versions/{{parameter_version_id}}`\n" + }, + "parameter": { + "type": "string", + "description": "Parameter Manager Parameter resource.\n", + "willReplaceOnChanges": true + }, + "parameterData": { + "type": "string", + "description": "The Parameter data.\n**Note**: This property is sensitive and will not be displayed in the plan.\n", + "secret": true, + "willReplaceOnChanges": true + }, + "parameterVersionId": { + "type": "string", + "description": "Version ID of the Parameter Version Resource. This must be unique within the Parameter.\n\n\n- - -\n", + "willReplaceOnChanges": true + }, + "updateTime": { + "type": "string", + "description": "The time at which the Parameter Version was updated.\n" + } + }, + "type": "object" + } + }, "gcp:parametermanager/regionalParameter:RegionalParameter": { "description": "## Example Usage\n\n### Regional Parameter Basic\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst regional_parameter_basic = new gcp.parametermanager.RegionalParameter(\"regional-parameter-basic\", {\n parameterId: \"regional_parameter\",\n location: \"us-central1\",\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nregional_parameter_basic = gcp.parametermanager.RegionalParameter(\"regional-parameter-basic\",\n parameter_id=\"regional_parameter\",\n location=\"us-central1\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var regional_parameter_basic = new Gcp.ParameterManager.RegionalParameter(\"regional-parameter-basic\", new()\n {\n ParameterId = \"regional_parameter\",\n Location = \"us-central1\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/parametermanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := parametermanager.NewRegionalParameter(ctx, \"regional-parameter-basic\", \u0026parametermanager.RegionalParameterArgs{\n\t\t\tParameterId: pulumi.String(\"regional_parameter\"),\n\t\t\tLocation: pulumi.String(\"us-central1\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.parametermanager.RegionalParameter;\nimport com.pulumi.gcp.parametermanager.RegionalParameterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var regional_parameter_basic = new RegionalParameter(\"regional-parameter-basic\", RegionalParameterArgs.builder()\n .parameterId(\"regional_parameter\")\n .location(\"us-central1\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n regional-parameter-basic:\n type: gcp:parametermanager:RegionalParameter\n properties:\n parameterId: regional_parameter\n location: us-central1\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Regional Parameter With Format\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst regional_parameter_with_format = new gcp.parametermanager.RegionalParameter(\"regional-parameter-with-format\", {\n parameterId: \"regional_parameter\",\n location: \"us-central1\",\n format: \"JSON\",\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nregional_parameter_with_format = gcp.parametermanager.RegionalParameter(\"regional-parameter-with-format\",\n parameter_id=\"regional_parameter\",\n location=\"us-central1\",\n format=\"JSON\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var regional_parameter_with_format = new Gcp.ParameterManager.RegionalParameter(\"regional-parameter-with-format\", new()\n {\n ParameterId = \"regional_parameter\",\n Location = \"us-central1\",\n Format = \"JSON\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/parametermanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := parametermanager.NewRegionalParameter(ctx, \"regional-parameter-with-format\", \u0026parametermanager.RegionalParameterArgs{\n\t\t\tParameterId: pulumi.String(\"regional_parameter\"),\n\t\t\tLocation: pulumi.String(\"us-central1\"),\n\t\t\tFormat: pulumi.String(\"JSON\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.parametermanager.RegionalParameter;\nimport com.pulumi.gcp.parametermanager.RegionalParameterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var regional_parameter_with_format = new RegionalParameter(\"regional-parameter-with-format\", RegionalParameterArgs.builder()\n .parameterId(\"regional_parameter\")\n .location(\"us-central1\")\n .format(\"JSON\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n regional-parameter-with-format:\n type: gcp:parametermanager:RegionalParameter\n properties:\n parameterId: regional_parameter\n location: us-central1\n format: JSON\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Regional Parameter With Labels\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst regional_parameter_with_labels = new gcp.parametermanager.RegionalParameter(\"regional-parameter-with-labels\", {\n parameterId: \"regional_parameter\",\n location: \"us-central1\",\n labels: {\n key1: \"val1\",\n key2: \"val2\",\n key3: \"val3\",\n key4: \"val4\",\n key5: \"val5\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nregional_parameter_with_labels = gcp.parametermanager.RegionalParameter(\"regional-parameter-with-labels\",\n parameter_id=\"regional_parameter\",\n location=\"us-central1\",\n labels={\n \"key1\": \"val1\",\n \"key2\": \"val2\",\n \"key3\": \"val3\",\n \"key4\": \"val4\",\n \"key5\": \"val5\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var regional_parameter_with_labels = new Gcp.ParameterManager.RegionalParameter(\"regional-parameter-with-labels\", new()\n {\n ParameterId = \"regional_parameter\",\n Location = \"us-central1\",\n Labels = \n {\n { \"key1\", \"val1\" },\n { \"key2\", \"val2\" },\n { \"key3\", \"val3\" },\n { \"key4\", \"val4\" },\n { \"key5\", \"val5\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/parametermanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := parametermanager.NewRegionalParameter(ctx, \"regional-parameter-with-labels\", \u0026parametermanager.RegionalParameterArgs{\n\t\t\tParameterId: pulumi.String(\"regional_parameter\"),\n\t\t\tLocation: pulumi.String(\"us-central1\"),\n\t\t\tLabels: pulumi.StringMap{\n\t\t\t\t\"key1\": pulumi.String(\"val1\"),\n\t\t\t\t\"key2\": pulumi.String(\"val2\"),\n\t\t\t\t\"key3\": pulumi.String(\"val3\"),\n\t\t\t\t\"key4\": pulumi.String(\"val4\"),\n\t\t\t\t\"key5\": pulumi.String(\"val5\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.parametermanager.RegionalParameter;\nimport com.pulumi.gcp.parametermanager.RegionalParameterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var regional_parameter_with_labels = new RegionalParameter(\"regional-parameter-with-labels\", RegionalParameterArgs.builder()\n .parameterId(\"regional_parameter\")\n .location(\"us-central1\")\n .labels(Map.ofEntries(\n Map.entry(\"key1\", \"val1\"),\n Map.entry(\"key2\", \"val2\"),\n Map.entry(\"key3\", \"val3\"),\n Map.entry(\"key4\", \"val4\"),\n Map.entry(\"key5\", \"val5\")\n ))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n regional-parameter-with-labels:\n type: gcp:parametermanager:RegionalParameter\n properties:\n parameterId: regional_parameter\n location: us-central1\n labels:\n key1: val1\n key2: val2\n key3: val3\n key4: val4\n key5: val5\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nRegionalParameter can be imported using any of these accepted formats:\n\n* `projects/{{project}}/locations/{{location}}/parameters/{{parameter_id}}`\n\n* `{{project}}/{{location}}/{{parameter_id}}`\n\n* `{{location}}/{{parameter_id}}`\n\nWhen using the `pulumi import` command, RegionalParameter can be imported using one of the formats above. For example:\n\n```sh\n$ pulumi import gcp:parametermanager/regionalParameter:RegionalParameter default projects/{{project}}/locations/{{location}}/parameters/{{parameter_id}}\n```\n\n```sh\n$ pulumi import gcp:parametermanager/regionalParameter:RegionalParameter default {{project}}/{{location}}/{{parameter_id}}\n```\n\n```sh\n$ pulumi import gcp:parametermanager/regionalParameter:RegionalParameter default {{location}}/{{parameter_id}}\n```\n\n", "properties": { @@ -261830,7 +264011,7 @@ } }, "gcp:parametermanager/regionalParameterVersion:RegionalParameterVersion": { - "description": "## Example Usage\n\n### Regional Parameter Version Basic\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst regional_parameter_basic = new gcp.parametermanager.RegionalParameter(\"regional-parameter-basic\", {\n parameterId: \"regional_parameter\",\n location: \"us-central1\",\n});\nconst regional_parameter_version_basic = new gcp.parametermanager.RegionalParameterVersion(\"regional-parameter-version-basic\", {\n parameter: regional_parameter_basic.id,\n parameterVersionId: \"regional_parameter_version\",\n parameterData: \"regional-parameter-version-data\",\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nregional_parameter_basic = gcp.parametermanager.RegionalParameter(\"regional-parameter-basic\",\n parameter_id=\"regional_parameter\",\n location=\"us-central1\")\nregional_parameter_version_basic = gcp.parametermanager.RegionalParameterVersion(\"regional-parameter-version-basic\",\n parameter=regional_parameter_basic.id,\n parameter_version_id=\"regional_parameter_version\",\n parameter_data=\"regional-parameter-version-data\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var regional_parameter_basic = new Gcp.ParameterManager.RegionalParameter(\"regional-parameter-basic\", new()\n {\n ParameterId = \"regional_parameter\",\n Location = \"us-central1\",\n });\n\n var regional_parameter_version_basic = new Gcp.ParameterManager.RegionalParameterVersion(\"regional-parameter-version-basic\", new()\n {\n Parameter = regional_parameter_basic.Id,\n ParameterVersionId = \"regional_parameter_version\",\n ParameterData = \"regional-parameter-version-data\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/parametermanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := parametermanager.NewRegionalParameter(ctx, \"regional-parameter-basic\", \u0026parametermanager.RegionalParameterArgs{\n\t\t\tParameterId: pulumi.String(\"regional_parameter\"),\n\t\t\tLocation: pulumi.String(\"us-central1\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = parametermanager.NewRegionalParameterVersion(ctx, \"regional-parameter-version-basic\", \u0026parametermanager.RegionalParameterVersionArgs{\n\t\t\tParameter: regional_parameter_basic.ID(),\n\t\t\tParameterVersionId: pulumi.String(\"regional_parameter_version\"),\n\t\t\tParameterData: pulumi.String(\"regional-parameter-version-data\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.parametermanager.RegionalParameter;\nimport com.pulumi.gcp.parametermanager.RegionalParameterArgs;\nimport com.pulumi.gcp.parametermanager.RegionalParameterVersion;\nimport com.pulumi.gcp.parametermanager.RegionalParameterVersionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var regional_parameter_basic = new RegionalParameter(\"regional-parameter-basic\", RegionalParameterArgs.builder()\n .parameterId(\"regional_parameter\")\n .location(\"us-central1\")\n .build());\n\n var regional_parameter_version_basic = new RegionalParameterVersion(\"regional-parameter-version-basic\", RegionalParameterVersionArgs.builder()\n .parameter(regional_parameter_basic.id())\n .parameterVersionId(\"regional_parameter_version\")\n .parameterData(\"regional-parameter-version-data\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n regional-parameter-basic:\n type: gcp:parametermanager:RegionalParameter\n properties:\n parameterId: regional_parameter\n location: us-central1\n regional-parameter-version-basic:\n type: gcp:parametermanager:RegionalParameterVersion\n properties:\n parameter: ${[\"regional-parameter-basic\"].id}\n parameterVersionId: regional_parameter_version\n parameterData: regional-parameter-version-data\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Regional Parameter Version With Json Format\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\nimport * as std from \"@pulumi/std\";\n\nconst regional_parameter_basic = new gcp.parametermanager.RegionalParameter(\"regional-parameter-basic\", {\n parameterId: \"regional_parameter\",\n format: \"JSON\",\n location: \"us-central1\",\n});\nconst regional_parameter_version_with_json_format = new gcp.parametermanager.RegionalParameterVersion(\"regional-parameter-version-with-json-format\", {\n parameter: regional_parameter_basic.id,\n parameterVersionId: \"regional_parameter_version\",\n parameterData: std.file({\n input: \"parameter_data_json_format.yaml\",\n }).then(invoke =\u003e invoke.result),\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\nimport pulumi_std as std\n\nregional_parameter_basic = gcp.parametermanager.RegionalParameter(\"regional-parameter-basic\",\n parameter_id=\"regional_parameter\",\n format=\"JSON\",\n location=\"us-central1\")\nregional_parameter_version_with_json_format = gcp.parametermanager.RegionalParameterVersion(\"regional-parameter-version-with-json-format\",\n parameter=regional_parameter_basic.id,\n parameter_version_id=\"regional_parameter_version\",\n parameter_data=std.file(input=\"parameter_data_json_format.yaml\").result)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var regional_parameter_basic = new Gcp.ParameterManager.RegionalParameter(\"regional-parameter-basic\", new()\n {\n ParameterId = \"regional_parameter\",\n Format = \"JSON\",\n Location = \"us-central1\",\n });\n\n var regional_parameter_version_with_json_format = new Gcp.ParameterManager.RegionalParameterVersion(\"regional-parameter-version-with-json-format\", new()\n {\n Parameter = regional_parameter_basic.Id,\n ParameterVersionId = \"regional_parameter_version\",\n ParameterData = Std.File.Invoke(new()\n {\n Input = \"parameter_data_json_format.yaml\",\n }).Apply(invoke =\u003e invoke.Result),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/parametermanager\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := parametermanager.NewRegionalParameter(ctx, \"regional-parameter-basic\", \u0026parametermanager.RegionalParameterArgs{\n\t\t\tParameterId: pulumi.String(\"regional_parameter\"),\n\t\t\tFormat: pulumi.String(\"JSON\"),\n\t\t\tLocation: pulumi.String(\"us-central1\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinvokeFile, err := std.File(ctx, \u0026std.FileArgs{\n\t\t\tInput: \"parameter_data_json_format.yaml\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = parametermanager.NewRegionalParameterVersion(ctx, \"regional-parameter-version-with-json-format\", \u0026parametermanager.RegionalParameterVersionArgs{\n\t\t\tParameter: regional_parameter_basic.ID(),\n\t\t\tParameterVersionId: pulumi.String(\"regional_parameter_version\"),\n\t\t\tParameterData: pulumi.String(invokeFile.Result),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.parametermanager.RegionalParameter;\nimport com.pulumi.gcp.parametermanager.RegionalParameterArgs;\nimport com.pulumi.gcp.parametermanager.RegionalParameterVersion;\nimport com.pulumi.gcp.parametermanager.RegionalParameterVersionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var regional_parameter_basic = new RegionalParameter(\"regional-parameter-basic\", RegionalParameterArgs.builder()\n .parameterId(\"regional_parameter\")\n .format(\"JSON\")\n .location(\"us-central1\")\n .build());\n\n var regional_parameter_version_with_json_format = new RegionalParameterVersion(\"regional-parameter-version-with-json-format\", RegionalParameterVersionArgs.builder()\n .parameter(regional_parameter_basic.id())\n .parameterVersionId(\"regional_parameter_version\")\n .parameterData(StdFunctions.file(FileArgs.builder()\n .input(\"parameter_data_json_format.yaml\")\n .build()).result())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n regional-parameter-basic:\n type: gcp:parametermanager:RegionalParameter\n properties:\n parameterId: regional_parameter\n format: JSON\n location: us-central1\n regional-parameter-version-with-json-format:\n type: gcp:parametermanager:RegionalParameterVersion\n properties:\n parameter: ${[\"regional-parameter-basic\"].id}\n parameterVersionId: regional_parameter_version\n parameterData:\n fn::invoke:\n function: std:file\n arguments:\n input: parameter_data_json_format.yaml\n return: result\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Regional Parameter Version With Yaml Format\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\nimport * as std from \"@pulumi/std\";\n\nconst regional_parameter_basic = new gcp.parametermanager.RegionalParameter(\"regional-parameter-basic\", {\n parameterId: \"regional_parameter\",\n format: \"YAML\",\n location: \"us-central1\",\n});\nconst regional_parameter_version_with_yaml_format = new gcp.parametermanager.RegionalParameterVersion(\"regional-parameter-version-with-yaml-format\", {\n parameter: regional_parameter_basic.id,\n parameterVersionId: \"regional_parameter_version\",\n parameterData: std.file({\n input: \"parameter_data_yaml_format.yaml\",\n }).then(invoke =\u003e invoke.result),\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\nimport pulumi_std as std\n\nregional_parameter_basic = gcp.parametermanager.RegionalParameter(\"regional-parameter-basic\",\n parameter_id=\"regional_parameter\",\n format=\"YAML\",\n location=\"us-central1\")\nregional_parameter_version_with_yaml_format = gcp.parametermanager.RegionalParameterVersion(\"regional-parameter-version-with-yaml-format\",\n parameter=regional_parameter_basic.id,\n parameter_version_id=\"regional_parameter_version\",\n parameter_data=std.file(input=\"parameter_data_yaml_format.yaml\").result)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var regional_parameter_basic = new Gcp.ParameterManager.RegionalParameter(\"regional-parameter-basic\", new()\n {\n ParameterId = \"regional_parameter\",\n Format = \"YAML\",\n Location = \"us-central1\",\n });\n\n var regional_parameter_version_with_yaml_format = new Gcp.ParameterManager.RegionalParameterVersion(\"regional-parameter-version-with-yaml-format\", new()\n {\n Parameter = regional_parameter_basic.Id,\n ParameterVersionId = \"regional_parameter_version\",\n ParameterData = Std.File.Invoke(new()\n {\n Input = \"parameter_data_yaml_format.yaml\",\n }).Apply(invoke =\u003e invoke.Result),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/parametermanager\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := parametermanager.NewRegionalParameter(ctx, \"regional-parameter-basic\", \u0026parametermanager.RegionalParameterArgs{\n\t\t\tParameterId: pulumi.String(\"regional_parameter\"),\n\t\t\tFormat: pulumi.String(\"YAML\"),\n\t\t\tLocation: pulumi.String(\"us-central1\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinvokeFile, err := std.File(ctx, \u0026std.FileArgs{\n\t\t\tInput: \"parameter_data_yaml_format.yaml\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = parametermanager.NewRegionalParameterVersion(ctx, \"regional-parameter-version-with-yaml-format\", \u0026parametermanager.RegionalParameterVersionArgs{\n\t\t\tParameter: regional_parameter_basic.ID(),\n\t\t\tParameterVersionId: pulumi.String(\"regional_parameter_version\"),\n\t\t\tParameterData: pulumi.String(invokeFile.Result),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.parametermanager.RegionalParameter;\nimport com.pulumi.gcp.parametermanager.RegionalParameterArgs;\nimport com.pulumi.gcp.parametermanager.RegionalParameterVersion;\nimport com.pulumi.gcp.parametermanager.RegionalParameterVersionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var regional_parameter_basic = new RegionalParameter(\"regional-parameter-basic\", RegionalParameterArgs.builder()\n .parameterId(\"regional_parameter\")\n .format(\"YAML\")\n .location(\"us-central1\")\n .build());\n\n var regional_parameter_version_with_yaml_format = new RegionalParameterVersion(\"regional-parameter-version-with-yaml-format\", RegionalParameterVersionArgs.builder()\n .parameter(regional_parameter_basic.id())\n .parameterVersionId(\"regional_parameter_version\")\n .parameterData(StdFunctions.file(FileArgs.builder()\n .input(\"parameter_data_yaml_format.yaml\")\n .build()).result())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n regional-parameter-basic:\n type: gcp:parametermanager:RegionalParameter\n properties:\n parameterId: regional_parameter\n format: YAML\n location: us-central1\n regional-parameter-version-with-yaml-format:\n type: gcp:parametermanager:RegionalParameterVersion\n properties:\n parameter: ${[\"regional-parameter-basic\"].id}\n parameterVersionId: regional_parameter_version\n parameterData:\n fn::invoke:\n function: std:file\n arguments:\n input: parameter_data_yaml_format.yaml\n return: result\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nRegionalParameterVersion can be imported using any of these accepted formats:\n\n* `projects/{{project}}/locations/{{location}}/parameters/{{parameter_id}}/versions/{{parameter_version_id}}`\n\nWhen using the `pulumi import` command, RegionalParameterVersion can be imported using one of the formats above. For example:\n\n```sh\n$ pulumi import gcp:parametermanager/regionalParameterVersion:RegionalParameterVersion default projects/{{project}}/locations/{{location}}/parameters/{{parameter_id}}/versions/{{parameter_version_id}}\n```\n\n", + "description": "## Example Usage\n\n### Regional Parameter Version Basic\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst regional_parameter_basic = new gcp.parametermanager.RegionalParameter(\"regional-parameter-basic\", {\n parameterId: \"regional_parameter\",\n location: \"us-central1\",\n});\nconst regional_parameter_version_basic = new gcp.parametermanager.RegionalParameterVersion(\"regional-parameter-version-basic\", {\n parameter: regional_parameter_basic.id,\n parameterVersionId: \"regional_parameter_version\",\n parameterData: \"regional-parameter-version-data\",\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nregional_parameter_basic = gcp.parametermanager.RegionalParameter(\"regional-parameter-basic\",\n parameter_id=\"regional_parameter\",\n location=\"us-central1\")\nregional_parameter_version_basic = gcp.parametermanager.RegionalParameterVersion(\"regional-parameter-version-basic\",\n parameter=regional_parameter_basic.id,\n parameter_version_id=\"regional_parameter_version\",\n parameter_data=\"regional-parameter-version-data\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var regional_parameter_basic = new Gcp.ParameterManager.RegionalParameter(\"regional-parameter-basic\", new()\n {\n ParameterId = \"regional_parameter\",\n Location = \"us-central1\",\n });\n\n var regional_parameter_version_basic = new Gcp.ParameterManager.RegionalParameterVersion(\"regional-parameter-version-basic\", new()\n {\n Parameter = regional_parameter_basic.Id,\n ParameterVersionId = \"regional_parameter_version\",\n ParameterData = \"regional-parameter-version-data\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/parametermanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := parametermanager.NewRegionalParameter(ctx, \"regional-parameter-basic\", \u0026parametermanager.RegionalParameterArgs{\n\t\t\tParameterId: pulumi.String(\"regional_parameter\"),\n\t\t\tLocation: pulumi.String(\"us-central1\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = parametermanager.NewRegionalParameterVersion(ctx, \"regional-parameter-version-basic\", \u0026parametermanager.RegionalParameterVersionArgs{\n\t\t\tParameter: regional_parameter_basic.ID(),\n\t\t\tParameterVersionId: pulumi.String(\"regional_parameter_version\"),\n\t\t\tParameterData: pulumi.String(\"regional-parameter-version-data\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.parametermanager.RegionalParameter;\nimport com.pulumi.gcp.parametermanager.RegionalParameterArgs;\nimport com.pulumi.gcp.parametermanager.RegionalParameterVersion;\nimport com.pulumi.gcp.parametermanager.RegionalParameterVersionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var regional_parameter_basic = new RegionalParameter(\"regional-parameter-basic\", RegionalParameterArgs.builder()\n .parameterId(\"regional_parameter\")\n .location(\"us-central1\")\n .build());\n\n var regional_parameter_version_basic = new RegionalParameterVersion(\"regional-parameter-version-basic\", RegionalParameterVersionArgs.builder()\n .parameter(regional_parameter_basic.id())\n .parameterVersionId(\"regional_parameter_version\")\n .parameterData(\"regional-parameter-version-data\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n regional-parameter-basic:\n type: gcp:parametermanager:RegionalParameter\n properties:\n parameterId: regional_parameter\n location: us-central1\n regional-parameter-version-basic:\n type: gcp:parametermanager:RegionalParameterVersion\n properties:\n parameter: ${[\"regional-parameter-basic\"].id}\n parameterVersionId: regional_parameter_version\n parameterData: regional-parameter-version-data\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Regional Parameter Version With Json Format\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst regional_parameter_basic = new gcp.parametermanager.RegionalParameter(\"regional-parameter-basic\", {\n parameterId: \"regional_parameter\",\n format: \"JSON\",\n location: \"us-central1\",\n});\nconst regional_parameter_version_with_json_format = new gcp.parametermanager.RegionalParameterVersion(\"regional-parameter-version-with-json-format\", {\n parameter: regional_parameter_basic.id,\n parameterVersionId: \"regional_parameter_version\",\n parameterData: JSON.stringify({\n key1: \"val1\",\n key2: \"val2\",\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_gcp as gcp\n\nregional_parameter_basic = gcp.parametermanager.RegionalParameter(\"regional-parameter-basic\",\n parameter_id=\"regional_parameter\",\n format=\"JSON\",\n location=\"us-central1\")\nregional_parameter_version_with_json_format = gcp.parametermanager.RegionalParameterVersion(\"regional-parameter-version-with-json-format\",\n parameter=regional_parameter_basic.id,\n parameter_version_id=\"regional_parameter_version\",\n parameter_data=json.dumps({\n \"key1\": \"val1\",\n \"key2\": \"val2\",\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var regional_parameter_basic = new Gcp.ParameterManager.RegionalParameter(\"regional-parameter-basic\", new()\n {\n ParameterId = \"regional_parameter\",\n Format = \"JSON\",\n Location = \"us-central1\",\n });\n\n var regional_parameter_version_with_json_format = new Gcp.ParameterManager.RegionalParameterVersion(\"regional-parameter-version-with-json-format\", new()\n {\n Parameter = regional_parameter_basic.Id,\n ParameterVersionId = \"regional_parameter_version\",\n ParameterData = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"key1\"] = \"val1\",\n [\"key2\"] = \"val2\",\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/parametermanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := parametermanager.NewRegionalParameter(ctx, \"regional-parameter-basic\", \u0026parametermanager.RegionalParameterArgs{\n\t\t\tParameterId: pulumi.String(\"regional_parameter\"),\n\t\t\tFormat: pulumi.String(\"JSON\"),\n\t\t\tLocation: pulumi.String(\"us-central1\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"key1\": \"val1\",\n\t\t\t\"key2\": \"val2\",\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = parametermanager.NewRegionalParameterVersion(ctx, \"regional-parameter-version-with-json-format\", \u0026parametermanager.RegionalParameterVersionArgs{\n\t\t\tParameter: regional_parameter_basic.ID(),\n\t\t\tParameterVersionId: pulumi.String(\"regional_parameter_version\"),\n\t\t\tParameterData: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.parametermanager.RegionalParameter;\nimport com.pulumi.gcp.parametermanager.RegionalParameterArgs;\nimport com.pulumi.gcp.parametermanager.RegionalParameterVersion;\nimport com.pulumi.gcp.parametermanager.RegionalParameterVersionArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var regional_parameter_basic = new RegionalParameter(\"regional-parameter-basic\", RegionalParameterArgs.builder()\n .parameterId(\"regional_parameter\")\n .format(\"JSON\")\n .location(\"us-central1\")\n .build());\n\n var regional_parameter_version_with_json_format = new RegionalParameterVersion(\"regional-parameter-version-with-json-format\", RegionalParameterVersionArgs.builder()\n .parameter(regional_parameter_basic.id())\n .parameterVersionId(\"regional_parameter_version\")\n .parameterData(serializeJson(\n jsonObject(\n jsonProperty(\"key1\", \"val1\"),\n jsonProperty(\"key2\", \"val2\")\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n regional-parameter-basic:\n type: gcp:parametermanager:RegionalParameter\n properties:\n parameterId: regional_parameter\n format: JSON\n location: us-central1\n regional-parameter-version-with-json-format:\n type: gcp:parametermanager:RegionalParameterVersion\n properties:\n parameter: ${[\"regional-parameter-basic\"].id}\n parameterVersionId: regional_parameter_version\n parameterData:\n fn::toJSON:\n key1: val1\n key2: val2\n```\n\u003c!--End PulumiCodeChooser --\u003e\n## Import\n\nRegionalParameterVersion can be imported using any of these accepted formats:\n\n* `projects/{{project}}/locations/{{location}}/parameters/{{parameter_id}}/versions/{{parameter_version_id}}`\n\nWhen using the `pulumi import` command, RegionalParameterVersion can be imported using one of the formats above. For example:\n\n```sh\n$ pulumi import gcp:parametermanager/regionalParameterVersion:RegionalParameterVersion default projects/{{project}}/locations/{{location}}/parameters/{{parameter_id}}/versions/{{parameter_version_id}}\n```\n\n", "properties": { "createTime": { "type": "string", @@ -264472,7 +266653,7 @@ } }, "gcp:pubsub/topic:Topic": { - "description": "A named resource to which messages are sent by publishers.\n\n\nTo get more information about Topic, see:\n\n* [API documentation](https://cloud.google.com/pubsub/docs/reference/rest/v1/projects.topics)\n* How-to Guides\n * [Managing Topics](https://cloud.google.com/pubsub/docs/admin#managing_topics)\n\n\u003e **Note:** You can retrieve the email of the Google Managed Pub/Sub Service Account used for forwarding\nby using the `gcp.projects.ServiceIdentity` resource.\n\n## Example Usage\n\n### Pubsub Topic Basic\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst example = new gcp.pubsub.Topic(\"example\", {\n name: \"example-topic\",\n labels: {\n foo: \"bar\",\n },\n messageRetentionDuration: \"86600s\",\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nexample = gcp.pubsub.Topic(\"example\",\n name=\"example-topic\",\n labels={\n \"foo\": \"bar\",\n },\n message_retention_duration=\"86600s\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Gcp.PubSub.Topic(\"example\", new()\n {\n Name = \"example-topic\",\n Labels = \n {\n { \"foo\", \"bar\" },\n },\n MessageRetentionDuration = \"86600s\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/pubsub\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := pubsub.NewTopic(ctx, \"example\", \u0026pubsub.TopicArgs{\n\t\t\tName: pulumi.String(\"example-topic\"),\n\t\t\tLabels: pulumi.StringMap{\n\t\t\t\t\"foo\": pulumi.String(\"bar\"),\n\t\t\t},\n\t\t\tMessageRetentionDuration: pulumi.String(\"86600s\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.pubsub.Topic;\nimport com.pulumi.gcp.pubsub.TopicArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Topic(\"example\", TopicArgs.builder()\n .name(\"example-topic\")\n .labels(Map.of(\"foo\", \"bar\"))\n .messageRetentionDuration(\"86600s\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: gcp:pubsub:Topic\n properties:\n name: example-topic\n labels:\n foo: bar\n messageRetentionDuration: 86600s\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Pubsub Topic Cmek\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst keyRing = new gcp.kms.KeyRing(\"key_ring\", {\n name: \"example-keyring\",\n location: \"global\",\n});\nconst cryptoKey = new gcp.kms.CryptoKey(\"crypto_key\", {\n name: \"example-key\",\n keyRing: keyRing.id,\n});\nconst example = new gcp.pubsub.Topic(\"example\", {\n name: \"example-topic\",\n kmsKeyName: cryptoKey.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nkey_ring = gcp.kms.KeyRing(\"key_ring\",\n name=\"example-keyring\",\n location=\"global\")\ncrypto_key = gcp.kms.CryptoKey(\"crypto_key\",\n name=\"example-key\",\n key_ring=key_ring.id)\nexample = gcp.pubsub.Topic(\"example\",\n name=\"example-topic\",\n kms_key_name=crypto_key.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var keyRing = new Gcp.Kms.KeyRing(\"key_ring\", new()\n {\n Name = \"example-keyring\",\n Location = \"global\",\n });\n\n var cryptoKey = new Gcp.Kms.CryptoKey(\"crypto_key\", new()\n {\n Name = \"example-key\",\n KeyRing = keyRing.Id,\n });\n\n var example = new Gcp.PubSub.Topic(\"example\", new()\n {\n Name = \"example-topic\",\n KmsKeyName = cryptoKey.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/kms\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/pubsub\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tkeyRing, err := kms.NewKeyRing(ctx, \"key_ring\", \u0026kms.KeyRingArgs{\n\t\t\tName: pulumi.String(\"example-keyring\"),\n\t\t\tLocation: pulumi.String(\"global\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcryptoKey, err := kms.NewCryptoKey(ctx, \"crypto_key\", \u0026kms.CryptoKeyArgs{\n\t\t\tName: pulumi.String(\"example-key\"),\n\t\t\tKeyRing: keyRing.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = pubsub.NewTopic(ctx, \"example\", \u0026pubsub.TopicArgs{\n\t\t\tName: pulumi.String(\"example-topic\"),\n\t\t\tKmsKeyName: cryptoKey.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.kms.KeyRing;\nimport com.pulumi.gcp.kms.KeyRingArgs;\nimport com.pulumi.gcp.kms.CryptoKey;\nimport com.pulumi.gcp.kms.CryptoKeyArgs;\nimport com.pulumi.gcp.pubsub.Topic;\nimport com.pulumi.gcp.pubsub.TopicArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var keyRing = new KeyRing(\"keyRing\", KeyRingArgs.builder()\n .name(\"example-keyring\")\n .location(\"global\")\n .build());\n\n var cryptoKey = new CryptoKey(\"cryptoKey\", CryptoKeyArgs.builder()\n .name(\"example-key\")\n .keyRing(keyRing.id())\n .build());\n\n var example = new Topic(\"example\", TopicArgs.builder()\n .name(\"example-topic\")\n .kmsKeyName(cryptoKey.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: gcp:pubsub:Topic\n properties:\n name: example-topic\n kmsKeyName: ${cryptoKey.id}\n cryptoKey:\n type: gcp:kms:CryptoKey\n name: crypto_key\n properties:\n name: example-key\n keyRing: ${keyRing.id}\n keyRing:\n type: gcp:kms:KeyRing\n name: key_ring\n properties:\n name: example-keyring\n location: global\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Pubsub Topic Geo Restricted\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst example = new gcp.pubsub.Topic(\"example\", {\n name: \"example-topic\",\n messageStoragePolicy: {\n allowedPersistenceRegions: [\"europe-west3\"],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nexample = gcp.pubsub.Topic(\"example\",\n name=\"example-topic\",\n message_storage_policy={\n \"allowed_persistence_regions\": [\"europe-west3\"],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Gcp.PubSub.Topic(\"example\", new()\n {\n Name = \"example-topic\",\n MessageStoragePolicy = new Gcp.PubSub.Inputs.TopicMessageStoragePolicyArgs\n {\n AllowedPersistenceRegions = new[]\n {\n \"europe-west3\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/pubsub\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := pubsub.NewTopic(ctx, \"example\", \u0026pubsub.TopicArgs{\n\t\t\tName: pulumi.String(\"example-topic\"),\n\t\t\tMessageStoragePolicy: \u0026pubsub.TopicMessageStoragePolicyArgs{\n\t\t\t\tAllowedPersistenceRegions: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"europe-west3\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.pubsub.Topic;\nimport com.pulumi.gcp.pubsub.TopicArgs;\nimport com.pulumi.gcp.pubsub.inputs.TopicMessageStoragePolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Topic(\"example\", TopicArgs.builder()\n .name(\"example-topic\")\n .messageStoragePolicy(TopicMessageStoragePolicyArgs.builder()\n .allowedPersistenceRegions(\"europe-west3\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: gcp:pubsub:Topic\n properties:\n name: example-topic\n messageStoragePolicy:\n allowedPersistenceRegions:\n - europe-west3\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Pubsub Topic Schema Settings\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst example = new gcp.pubsub.Schema(\"example\", {\n name: \"example\",\n type: \"AVRO\",\n definition: `{\n \"type\" : \"record\",\n \"name\" : \"Avro\",\n \"fields\" : [\n {\n \"name\" : \"StringField\",\n \"type\" : \"string\"\n },\n {\n \"name\" : \"IntField\",\n \"type\" : \"int\"\n }\n ]\n}\n`,\n});\nconst exampleTopic = new gcp.pubsub.Topic(\"example\", {\n name: \"example-topic\",\n schemaSettings: {\n schema: \"projects/my-project-name/schemas/example\",\n encoding: \"JSON\",\n },\n}, {\n dependsOn: [example],\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nexample = gcp.pubsub.Schema(\"example\",\n name=\"example\",\n type=\"AVRO\",\n definition=\"\"\"{\n \"type\" : \"record\",\n \"name\" : \"Avro\",\n \"fields\" : [\n {\n \"name\" : \"StringField\",\n \"type\" : \"string\"\n },\n {\n \"name\" : \"IntField\",\n \"type\" : \"int\"\n }\n ]\n}\n\"\"\")\nexample_topic = gcp.pubsub.Topic(\"example\",\n name=\"example-topic\",\n schema_settings={\n \"schema\": \"projects/my-project-name/schemas/example\",\n \"encoding\": \"JSON\",\n },\n opts = pulumi.ResourceOptions(depends_on=[example]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Gcp.PubSub.Schema(\"example\", new()\n {\n Name = \"example\",\n Type = \"AVRO\",\n Definition = @\"{\n \"\"type\"\" : \"\"record\"\",\n \"\"name\"\" : \"\"Avro\"\",\n \"\"fields\"\" : [\n {\n \"\"name\"\" : \"\"StringField\"\",\n \"\"type\"\" : \"\"string\"\"\n },\n {\n \"\"name\"\" : \"\"IntField\"\",\n \"\"type\"\" : \"\"int\"\"\n }\n ]\n}\n\",\n });\n\n var exampleTopic = new Gcp.PubSub.Topic(\"example\", new()\n {\n Name = \"example-topic\",\n SchemaSettings = new Gcp.PubSub.Inputs.TopicSchemaSettingsArgs\n {\n Schema = \"projects/my-project-name/schemas/example\",\n Encoding = \"JSON\",\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n example,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/pubsub\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := pubsub.NewSchema(ctx, \"example\", \u0026pubsub.SchemaArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"AVRO\"),\n\t\t\tDefinition: pulumi.String(`{\n \"type\" : \"record\",\n \"name\" : \"Avro\",\n \"fields\" : [\n {\n \"name\" : \"StringField\",\n \"type\" : \"string\"\n },\n {\n \"name\" : \"IntField\",\n \"type\" : \"int\"\n }\n ]\n}\n`),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = pubsub.NewTopic(ctx, \"example\", \u0026pubsub.TopicArgs{\n\t\t\tName: pulumi.String(\"example-topic\"),\n\t\t\tSchemaSettings: \u0026pubsub.TopicSchemaSettingsArgs{\n\t\t\t\tSchema: pulumi.String(\"projects/my-project-name/schemas/example\"),\n\t\t\t\tEncoding: pulumi.String(\"JSON\"),\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texample,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.pubsub.Schema;\nimport com.pulumi.gcp.pubsub.SchemaArgs;\nimport com.pulumi.gcp.pubsub.Topic;\nimport com.pulumi.gcp.pubsub.TopicArgs;\nimport com.pulumi.gcp.pubsub.inputs.TopicSchemaSettingsArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Schema(\"example\", SchemaArgs.builder()\n .name(\"example\")\n .type(\"AVRO\")\n .definition(\"\"\"\n{\n \"type\" : \"record\",\n \"name\" : \"Avro\",\n \"fields\" : [\n {\n \"name\" : \"StringField\",\n \"type\" : \"string\"\n },\n {\n \"name\" : \"IntField\",\n \"type\" : \"int\"\n }\n ]\n}\n \"\"\")\n .build());\n\n var exampleTopic = new Topic(\"exampleTopic\", TopicArgs.builder()\n .name(\"example-topic\")\n .schemaSettings(TopicSchemaSettingsArgs.builder()\n .schema(\"projects/my-project-name/schemas/example\")\n .encoding(\"JSON\")\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(example)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: gcp:pubsub:Schema\n properties:\n name: example\n type: AVRO\n definition: |\n {\n \"type\" : \"record\",\n \"name\" : \"Avro\",\n \"fields\" : [\n {\n \"name\" : \"StringField\",\n \"type\" : \"string\"\n },\n {\n \"name\" : \"IntField\",\n \"type\" : \"int\"\n }\n ]\n }\n exampleTopic:\n type: gcp:pubsub:Topic\n name: example\n properties:\n name: example-topic\n schemaSettings:\n schema: projects/my-project-name/schemas/example\n encoding: JSON\n options:\n dependsOn:\n - ${example}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Pubsub Topic Ingestion Kinesis\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst example = new gcp.pubsub.Topic(\"example\", {\n name: \"example-topic\",\n ingestionDataSourceSettings: {\n awsKinesis: {\n streamArn: \"arn:aws:kinesis:us-west-2:111111111111:stream/fake-stream-name\",\n consumerArn: \"arn:aws:kinesis:us-west-2:111111111111:stream/fake-stream-name/consumer/consumer-1:1111111111\",\n awsRoleArn: \"arn:aws:iam::111111111111:role/fake-role-name\",\n gcpServiceAccount: \"fake-service-account@fake-gcp-project.iam.gserviceaccount.com\",\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nexample = gcp.pubsub.Topic(\"example\",\n name=\"example-topic\",\n ingestion_data_source_settings={\n \"aws_kinesis\": {\n \"stream_arn\": \"arn:aws:kinesis:us-west-2:111111111111:stream/fake-stream-name\",\n \"consumer_arn\": \"arn:aws:kinesis:us-west-2:111111111111:stream/fake-stream-name/consumer/consumer-1:1111111111\",\n \"aws_role_arn\": \"arn:aws:iam::111111111111:role/fake-role-name\",\n \"gcp_service_account\": \"fake-service-account@fake-gcp-project.iam.gserviceaccount.com\",\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Gcp.PubSub.Topic(\"example\", new()\n {\n Name = \"example-topic\",\n IngestionDataSourceSettings = new Gcp.PubSub.Inputs.TopicIngestionDataSourceSettingsArgs\n {\n AwsKinesis = new Gcp.PubSub.Inputs.TopicIngestionDataSourceSettingsAwsKinesisArgs\n {\n StreamArn = \"arn:aws:kinesis:us-west-2:111111111111:stream/fake-stream-name\",\n ConsumerArn = \"arn:aws:kinesis:us-west-2:111111111111:stream/fake-stream-name/consumer/consumer-1:1111111111\",\n AwsRoleArn = \"arn:aws:iam::111111111111:role/fake-role-name\",\n GcpServiceAccount = \"fake-service-account@fake-gcp-project.iam.gserviceaccount.com\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/pubsub\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := pubsub.NewTopic(ctx, \"example\", \u0026pubsub.TopicArgs{\n\t\t\tName: pulumi.String(\"example-topic\"),\n\t\t\tIngestionDataSourceSettings: \u0026pubsub.TopicIngestionDataSourceSettingsArgs{\n\t\t\t\tAwsKinesis: \u0026pubsub.TopicIngestionDataSourceSettingsAwsKinesisArgs{\n\t\t\t\t\tStreamArn: pulumi.String(\"arn:aws:kinesis:us-west-2:111111111111:stream/fake-stream-name\"),\n\t\t\t\t\tConsumerArn: pulumi.String(\"arn:aws:kinesis:us-west-2:111111111111:stream/fake-stream-name/consumer/consumer-1:1111111111\"),\n\t\t\t\t\tAwsRoleArn: pulumi.String(\"arn:aws:iam::111111111111:role/fake-role-name\"),\n\t\t\t\t\tGcpServiceAccount: pulumi.String(\"fake-service-account@fake-gcp-project.iam.gserviceaccount.com\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.pubsub.Topic;\nimport com.pulumi.gcp.pubsub.TopicArgs;\nimport com.pulumi.gcp.pubsub.inputs.TopicIngestionDataSourceSettingsArgs;\nimport com.pulumi.gcp.pubsub.inputs.TopicIngestionDataSourceSettingsAwsKinesisArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Topic(\"example\", TopicArgs.builder()\n .name(\"example-topic\")\n .ingestionDataSourceSettings(TopicIngestionDataSourceSettingsArgs.builder()\n .awsKinesis(TopicIngestionDataSourceSettingsAwsKinesisArgs.builder()\n .streamArn(\"arn:aws:kinesis:us-west-2:111111111111:stream/fake-stream-name\")\n .consumerArn(\"arn:aws:kinesis:us-west-2:111111111111:stream/fake-stream-name/consumer/consumer-1:1111111111\")\n .awsRoleArn(\"arn:aws:iam::111111111111:role/fake-role-name\")\n .gcpServiceAccount(\"fake-service-account@fake-gcp-project.iam.gserviceaccount.com\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: gcp:pubsub:Topic\n properties:\n name: example-topic\n ingestionDataSourceSettings:\n awsKinesis:\n streamArn: arn:aws:kinesis:us-west-2:111111111111:stream/fake-stream-name\n consumerArn: arn:aws:kinesis:us-west-2:111111111111:stream/fake-stream-name/consumer/consumer-1:1111111111\n awsRoleArn: arn:aws:iam::111111111111:role/fake-role-name\n gcpServiceAccount: fake-service-account@fake-gcp-project.iam.gserviceaccount.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Pubsub Topic Ingestion Cloud Storage\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst example = new gcp.pubsub.Topic(\"example\", {\n name: \"example-topic\",\n ingestionDataSourceSettings: {\n cloudStorage: {\n bucket: \"test-bucket\",\n textFormat: {\n delimiter: \" \",\n },\n minimumObjectCreateTime: \"2024-01-01T00:00:00Z\",\n matchGlob: \"foo/**\",\n },\n platformLogsSettings: {\n severity: \"WARNING\",\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nexample = gcp.pubsub.Topic(\"example\",\n name=\"example-topic\",\n ingestion_data_source_settings={\n \"cloud_storage\": {\n \"bucket\": \"test-bucket\",\n \"text_format\": {\n \"delimiter\": \" \",\n },\n \"minimum_object_create_time\": \"2024-01-01T00:00:00Z\",\n \"match_glob\": \"foo/**\",\n },\n \"platform_logs_settings\": {\n \"severity\": \"WARNING\",\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Gcp.PubSub.Topic(\"example\", new()\n {\n Name = \"example-topic\",\n IngestionDataSourceSettings = new Gcp.PubSub.Inputs.TopicIngestionDataSourceSettingsArgs\n {\n CloudStorage = new Gcp.PubSub.Inputs.TopicIngestionDataSourceSettingsCloudStorageArgs\n {\n Bucket = \"test-bucket\",\n TextFormat = new Gcp.PubSub.Inputs.TopicIngestionDataSourceSettingsCloudStorageTextFormatArgs\n {\n Delimiter = \" \",\n },\n MinimumObjectCreateTime = \"2024-01-01T00:00:00Z\",\n MatchGlob = \"foo/**\",\n },\n PlatformLogsSettings = new Gcp.PubSub.Inputs.TopicIngestionDataSourceSettingsPlatformLogsSettingsArgs\n {\n Severity = \"WARNING\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/pubsub\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := pubsub.NewTopic(ctx, \"example\", \u0026pubsub.TopicArgs{\n\t\t\tName: pulumi.String(\"example-topic\"),\n\t\t\tIngestionDataSourceSettings: \u0026pubsub.TopicIngestionDataSourceSettingsArgs{\n\t\t\t\tCloudStorage: \u0026pubsub.TopicIngestionDataSourceSettingsCloudStorageArgs{\n\t\t\t\t\tBucket: pulumi.String(\"test-bucket\"),\n\t\t\t\t\tTextFormat: \u0026pubsub.TopicIngestionDataSourceSettingsCloudStorageTextFormatArgs{\n\t\t\t\t\t\tDelimiter: pulumi.String(\" \"),\n\t\t\t\t\t},\n\t\t\t\t\tMinimumObjectCreateTime: pulumi.String(\"2024-01-01T00:00:00Z\"),\n\t\t\t\t\tMatchGlob: pulumi.String(\"foo/**\"),\n\t\t\t\t},\n\t\t\t\tPlatformLogsSettings: \u0026pubsub.TopicIngestionDataSourceSettingsPlatformLogsSettingsArgs{\n\t\t\t\t\tSeverity: pulumi.String(\"WARNING\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.pubsub.Topic;\nimport com.pulumi.gcp.pubsub.TopicArgs;\nimport com.pulumi.gcp.pubsub.inputs.TopicIngestionDataSourceSettingsArgs;\nimport com.pulumi.gcp.pubsub.inputs.TopicIngestionDataSourceSettingsCloudStorageArgs;\nimport com.pulumi.gcp.pubsub.inputs.TopicIngestionDataSourceSettingsCloudStorageTextFormatArgs;\nimport com.pulumi.gcp.pubsub.inputs.TopicIngestionDataSourceSettingsPlatformLogsSettingsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Topic(\"example\", TopicArgs.builder()\n .name(\"example-topic\")\n .ingestionDataSourceSettings(TopicIngestionDataSourceSettingsArgs.builder()\n .cloudStorage(TopicIngestionDataSourceSettingsCloudStorageArgs.builder()\n .bucket(\"test-bucket\")\n .textFormat(TopicIngestionDataSourceSettingsCloudStorageTextFormatArgs.builder()\n .delimiter(\" \")\n .build())\n .minimumObjectCreateTime(\"2024-01-01T00:00:00Z\")\n .matchGlob(\"foo/**\")\n .build())\n .platformLogsSettings(TopicIngestionDataSourceSettingsPlatformLogsSettingsArgs.builder()\n .severity(\"WARNING\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: gcp:pubsub:Topic\n properties:\n name: example-topic\n ingestionDataSourceSettings:\n cloudStorage:\n bucket: test-bucket\n textFormat:\n delimiter: ' '\n minimumObjectCreateTime: 2024-01-01T00:00:00Z\n matchGlob: foo/**\n platformLogsSettings:\n severity: WARNING\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nTopic can be imported using any of these accepted formats:\n\n* `projects/{{project}}/topics/{{name}}`\n\n* `{{project}}/{{name}}`\n\n* `{{name}}`\n\nWhen using the `pulumi import` command, Topic can be imported using one of the formats above. For example:\n\n```sh\n$ pulumi import gcp:pubsub/topic:Topic default projects/{{project}}/topics/{{name}}\n```\n\n```sh\n$ pulumi import gcp:pubsub/topic:Topic default {{project}}/{{name}}\n```\n\n```sh\n$ pulumi import gcp:pubsub/topic:Topic default {{name}}\n```\n\n", + "description": "A named resource to which messages are sent by publishers.\n\n\nTo get more information about Topic, see:\n\n* [API documentation](https://cloud.google.com/pubsub/docs/reference/rest/v1/projects.topics)\n* How-to Guides\n * [Managing Topics](https://cloud.google.com/pubsub/docs/admin#managing_topics)\n\n\u003e **Note:** You can retrieve the email of the Google Managed Pub/Sub Service Account used for forwarding\nby using the `gcp.projects.ServiceIdentity` resource.\n\n## Example Usage\n\n### Pubsub Topic Basic\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst example = new gcp.pubsub.Topic(\"example\", {\n name: \"example-topic\",\n labels: {\n foo: \"bar\",\n },\n messageRetentionDuration: \"86600s\",\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nexample = gcp.pubsub.Topic(\"example\",\n name=\"example-topic\",\n labels={\n \"foo\": \"bar\",\n },\n message_retention_duration=\"86600s\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Gcp.PubSub.Topic(\"example\", new()\n {\n Name = \"example-topic\",\n Labels = \n {\n { \"foo\", \"bar\" },\n },\n MessageRetentionDuration = \"86600s\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/pubsub\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := pubsub.NewTopic(ctx, \"example\", \u0026pubsub.TopicArgs{\n\t\t\tName: pulumi.String(\"example-topic\"),\n\t\t\tLabels: pulumi.StringMap{\n\t\t\t\t\"foo\": pulumi.String(\"bar\"),\n\t\t\t},\n\t\t\tMessageRetentionDuration: pulumi.String(\"86600s\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.pubsub.Topic;\nimport com.pulumi.gcp.pubsub.TopicArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Topic(\"example\", TopicArgs.builder()\n .name(\"example-topic\")\n .labels(Map.of(\"foo\", \"bar\"))\n .messageRetentionDuration(\"86600s\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: gcp:pubsub:Topic\n properties:\n name: example-topic\n labels:\n foo: bar\n messageRetentionDuration: 86600s\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Pubsub Topic Cmek\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst keyRing = new gcp.kms.KeyRing(\"key_ring\", {\n name: \"example-keyring\",\n location: \"global\",\n});\nconst cryptoKey = new gcp.kms.CryptoKey(\"crypto_key\", {\n name: \"example-key\",\n keyRing: keyRing.id,\n});\nconst example = new gcp.pubsub.Topic(\"example\", {\n name: \"example-topic\",\n kmsKeyName: cryptoKey.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nkey_ring = gcp.kms.KeyRing(\"key_ring\",\n name=\"example-keyring\",\n location=\"global\")\ncrypto_key = gcp.kms.CryptoKey(\"crypto_key\",\n name=\"example-key\",\n key_ring=key_ring.id)\nexample = gcp.pubsub.Topic(\"example\",\n name=\"example-topic\",\n kms_key_name=crypto_key.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var keyRing = new Gcp.Kms.KeyRing(\"key_ring\", new()\n {\n Name = \"example-keyring\",\n Location = \"global\",\n });\n\n var cryptoKey = new Gcp.Kms.CryptoKey(\"crypto_key\", new()\n {\n Name = \"example-key\",\n KeyRing = keyRing.Id,\n });\n\n var example = new Gcp.PubSub.Topic(\"example\", new()\n {\n Name = \"example-topic\",\n KmsKeyName = cryptoKey.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/kms\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/pubsub\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tkeyRing, err := kms.NewKeyRing(ctx, \"key_ring\", \u0026kms.KeyRingArgs{\n\t\t\tName: pulumi.String(\"example-keyring\"),\n\t\t\tLocation: pulumi.String(\"global\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcryptoKey, err := kms.NewCryptoKey(ctx, \"crypto_key\", \u0026kms.CryptoKeyArgs{\n\t\t\tName: pulumi.String(\"example-key\"),\n\t\t\tKeyRing: keyRing.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = pubsub.NewTopic(ctx, \"example\", \u0026pubsub.TopicArgs{\n\t\t\tName: pulumi.String(\"example-topic\"),\n\t\t\tKmsKeyName: cryptoKey.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.kms.KeyRing;\nimport com.pulumi.gcp.kms.KeyRingArgs;\nimport com.pulumi.gcp.kms.CryptoKey;\nimport com.pulumi.gcp.kms.CryptoKeyArgs;\nimport com.pulumi.gcp.pubsub.Topic;\nimport com.pulumi.gcp.pubsub.TopicArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var keyRing = new KeyRing(\"keyRing\", KeyRingArgs.builder()\n .name(\"example-keyring\")\n .location(\"global\")\n .build());\n\n var cryptoKey = new CryptoKey(\"cryptoKey\", CryptoKeyArgs.builder()\n .name(\"example-key\")\n .keyRing(keyRing.id())\n .build());\n\n var example = new Topic(\"example\", TopicArgs.builder()\n .name(\"example-topic\")\n .kmsKeyName(cryptoKey.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: gcp:pubsub:Topic\n properties:\n name: example-topic\n kmsKeyName: ${cryptoKey.id}\n cryptoKey:\n type: gcp:kms:CryptoKey\n name: crypto_key\n properties:\n name: example-key\n keyRing: ${keyRing.id}\n keyRing:\n type: gcp:kms:KeyRing\n name: key_ring\n properties:\n name: example-keyring\n location: global\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Pubsub Topic Geo Restricted\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst example = new gcp.pubsub.Topic(\"example\", {\n name: \"example-topic\",\n messageStoragePolicy: {\n allowedPersistenceRegions: [\"europe-west3\"],\n enforceInTransit: true,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nexample = gcp.pubsub.Topic(\"example\",\n name=\"example-topic\",\n message_storage_policy={\n \"allowed_persistence_regions\": [\"europe-west3\"],\n \"enforce_in_transit\": True,\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Gcp.PubSub.Topic(\"example\", new()\n {\n Name = \"example-topic\",\n MessageStoragePolicy = new Gcp.PubSub.Inputs.TopicMessageStoragePolicyArgs\n {\n AllowedPersistenceRegions = new[]\n {\n \"europe-west3\",\n },\n EnforceInTransit = true,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/pubsub\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := pubsub.NewTopic(ctx, \"example\", \u0026pubsub.TopicArgs{\n\t\t\tName: pulumi.String(\"example-topic\"),\n\t\t\tMessageStoragePolicy: \u0026pubsub.TopicMessageStoragePolicyArgs{\n\t\t\t\tAllowedPersistenceRegions: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"europe-west3\"),\n\t\t\t\t},\n\t\t\t\tEnforceInTransit: pulumi.Bool(true),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.pubsub.Topic;\nimport com.pulumi.gcp.pubsub.TopicArgs;\nimport com.pulumi.gcp.pubsub.inputs.TopicMessageStoragePolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Topic(\"example\", TopicArgs.builder()\n .name(\"example-topic\")\n .messageStoragePolicy(TopicMessageStoragePolicyArgs.builder()\n .allowedPersistenceRegions(\"europe-west3\")\n .enforceInTransit(true)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: gcp:pubsub:Topic\n properties:\n name: example-topic\n messageStoragePolicy:\n allowedPersistenceRegions:\n - europe-west3\n enforceInTransit: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Pubsub Topic Schema Settings\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst example = new gcp.pubsub.Schema(\"example\", {\n name: \"example\",\n type: \"AVRO\",\n definition: `{\n \"type\" : \"record\",\n \"name\" : \"Avro\",\n \"fields\" : [\n {\n \"name\" : \"StringField\",\n \"type\" : \"string\"\n },\n {\n \"name\" : \"IntField\",\n \"type\" : \"int\"\n }\n ]\n}\n`,\n});\nconst exampleTopic = new gcp.pubsub.Topic(\"example\", {\n name: \"example-topic\",\n schemaSettings: {\n schema: \"projects/my-project-name/schemas/example\",\n encoding: \"JSON\",\n },\n}, {\n dependsOn: [example],\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nexample = gcp.pubsub.Schema(\"example\",\n name=\"example\",\n type=\"AVRO\",\n definition=\"\"\"{\n \"type\" : \"record\",\n \"name\" : \"Avro\",\n \"fields\" : [\n {\n \"name\" : \"StringField\",\n \"type\" : \"string\"\n },\n {\n \"name\" : \"IntField\",\n \"type\" : \"int\"\n }\n ]\n}\n\"\"\")\nexample_topic = gcp.pubsub.Topic(\"example\",\n name=\"example-topic\",\n schema_settings={\n \"schema\": \"projects/my-project-name/schemas/example\",\n \"encoding\": \"JSON\",\n },\n opts = pulumi.ResourceOptions(depends_on=[example]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Gcp.PubSub.Schema(\"example\", new()\n {\n Name = \"example\",\n Type = \"AVRO\",\n Definition = @\"{\n \"\"type\"\" : \"\"record\"\",\n \"\"name\"\" : \"\"Avro\"\",\n \"\"fields\"\" : [\n {\n \"\"name\"\" : \"\"StringField\"\",\n \"\"type\"\" : \"\"string\"\"\n },\n {\n \"\"name\"\" : \"\"IntField\"\",\n \"\"type\"\" : \"\"int\"\"\n }\n ]\n}\n\",\n });\n\n var exampleTopic = new Gcp.PubSub.Topic(\"example\", new()\n {\n Name = \"example-topic\",\n SchemaSettings = new Gcp.PubSub.Inputs.TopicSchemaSettingsArgs\n {\n Schema = \"projects/my-project-name/schemas/example\",\n Encoding = \"JSON\",\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n example,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/pubsub\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := pubsub.NewSchema(ctx, \"example\", \u0026pubsub.SchemaArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"AVRO\"),\n\t\t\tDefinition: pulumi.String(`{\n \"type\" : \"record\",\n \"name\" : \"Avro\",\n \"fields\" : [\n {\n \"name\" : \"StringField\",\n \"type\" : \"string\"\n },\n {\n \"name\" : \"IntField\",\n \"type\" : \"int\"\n }\n ]\n}\n`),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = pubsub.NewTopic(ctx, \"example\", \u0026pubsub.TopicArgs{\n\t\t\tName: pulumi.String(\"example-topic\"),\n\t\t\tSchemaSettings: \u0026pubsub.TopicSchemaSettingsArgs{\n\t\t\t\tSchema: pulumi.String(\"projects/my-project-name/schemas/example\"),\n\t\t\t\tEncoding: pulumi.String(\"JSON\"),\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texample,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.pubsub.Schema;\nimport com.pulumi.gcp.pubsub.SchemaArgs;\nimport com.pulumi.gcp.pubsub.Topic;\nimport com.pulumi.gcp.pubsub.TopicArgs;\nimport com.pulumi.gcp.pubsub.inputs.TopicSchemaSettingsArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Schema(\"example\", SchemaArgs.builder()\n .name(\"example\")\n .type(\"AVRO\")\n .definition(\"\"\"\n{\n \"type\" : \"record\",\n \"name\" : \"Avro\",\n \"fields\" : [\n {\n \"name\" : \"StringField\",\n \"type\" : \"string\"\n },\n {\n \"name\" : \"IntField\",\n \"type\" : \"int\"\n }\n ]\n}\n \"\"\")\n .build());\n\n var exampleTopic = new Topic(\"exampleTopic\", TopicArgs.builder()\n .name(\"example-topic\")\n .schemaSettings(TopicSchemaSettingsArgs.builder()\n .schema(\"projects/my-project-name/schemas/example\")\n .encoding(\"JSON\")\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(example)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: gcp:pubsub:Schema\n properties:\n name: example\n type: AVRO\n definition: |\n {\n \"type\" : \"record\",\n \"name\" : \"Avro\",\n \"fields\" : [\n {\n \"name\" : \"StringField\",\n \"type\" : \"string\"\n },\n {\n \"name\" : \"IntField\",\n \"type\" : \"int\"\n }\n ]\n }\n exampleTopic:\n type: gcp:pubsub:Topic\n name: example\n properties:\n name: example-topic\n schemaSettings:\n schema: projects/my-project-name/schemas/example\n encoding: JSON\n options:\n dependsOn:\n - ${example}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Pubsub Topic Ingestion Kinesis\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst example = new gcp.pubsub.Topic(\"example\", {\n name: \"example-topic\",\n ingestionDataSourceSettings: {\n awsKinesis: {\n streamArn: \"arn:aws:kinesis:us-west-2:111111111111:stream/fake-stream-name\",\n consumerArn: \"arn:aws:kinesis:us-west-2:111111111111:stream/fake-stream-name/consumer/consumer-1:1111111111\",\n awsRoleArn: \"arn:aws:iam::111111111111:role/fake-role-name\",\n gcpServiceAccount: \"fake-service-account@fake-gcp-project.iam.gserviceaccount.com\",\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nexample = gcp.pubsub.Topic(\"example\",\n name=\"example-topic\",\n ingestion_data_source_settings={\n \"aws_kinesis\": {\n \"stream_arn\": \"arn:aws:kinesis:us-west-2:111111111111:stream/fake-stream-name\",\n \"consumer_arn\": \"arn:aws:kinesis:us-west-2:111111111111:stream/fake-stream-name/consumer/consumer-1:1111111111\",\n \"aws_role_arn\": \"arn:aws:iam::111111111111:role/fake-role-name\",\n \"gcp_service_account\": \"fake-service-account@fake-gcp-project.iam.gserviceaccount.com\",\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Gcp.PubSub.Topic(\"example\", new()\n {\n Name = \"example-topic\",\n IngestionDataSourceSettings = new Gcp.PubSub.Inputs.TopicIngestionDataSourceSettingsArgs\n {\n AwsKinesis = new Gcp.PubSub.Inputs.TopicIngestionDataSourceSettingsAwsKinesisArgs\n {\n StreamArn = \"arn:aws:kinesis:us-west-2:111111111111:stream/fake-stream-name\",\n ConsumerArn = \"arn:aws:kinesis:us-west-2:111111111111:stream/fake-stream-name/consumer/consumer-1:1111111111\",\n AwsRoleArn = \"arn:aws:iam::111111111111:role/fake-role-name\",\n GcpServiceAccount = \"fake-service-account@fake-gcp-project.iam.gserviceaccount.com\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/pubsub\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := pubsub.NewTopic(ctx, \"example\", \u0026pubsub.TopicArgs{\n\t\t\tName: pulumi.String(\"example-topic\"),\n\t\t\tIngestionDataSourceSettings: \u0026pubsub.TopicIngestionDataSourceSettingsArgs{\n\t\t\t\tAwsKinesis: \u0026pubsub.TopicIngestionDataSourceSettingsAwsKinesisArgs{\n\t\t\t\t\tStreamArn: pulumi.String(\"arn:aws:kinesis:us-west-2:111111111111:stream/fake-stream-name\"),\n\t\t\t\t\tConsumerArn: pulumi.String(\"arn:aws:kinesis:us-west-2:111111111111:stream/fake-stream-name/consumer/consumer-1:1111111111\"),\n\t\t\t\t\tAwsRoleArn: pulumi.String(\"arn:aws:iam::111111111111:role/fake-role-name\"),\n\t\t\t\t\tGcpServiceAccount: pulumi.String(\"fake-service-account@fake-gcp-project.iam.gserviceaccount.com\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.pubsub.Topic;\nimport com.pulumi.gcp.pubsub.TopicArgs;\nimport com.pulumi.gcp.pubsub.inputs.TopicIngestionDataSourceSettingsArgs;\nimport com.pulumi.gcp.pubsub.inputs.TopicIngestionDataSourceSettingsAwsKinesisArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Topic(\"example\", TopicArgs.builder()\n .name(\"example-topic\")\n .ingestionDataSourceSettings(TopicIngestionDataSourceSettingsArgs.builder()\n .awsKinesis(TopicIngestionDataSourceSettingsAwsKinesisArgs.builder()\n .streamArn(\"arn:aws:kinesis:us-west-2:111111111111:stream/fake-stream-name\")\n .consumerArn(\"arn:aws:kinesis:us-west-2:111111111111:stream/fake-stream-name/consumer/consumer-1:1111111111\")\n .awsRoleArn(\"arn:aws:iam::111111111111:role/fake-role-name\")\n .gcpServiceAccount(\"fake-service-account@fake-gcp-project.iam.gserviceaccount.com\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: gcp:pubsub:Topic\n properties:\n name: example-topic\n ingestionDataSourceSettings:\n awsKinesis:\n streamArn: arn:aws:kinesis:us-west-2:111111111111:stream/fake-stream-name\n consumerArn: arn:aws:kinesis:us-west-2:111111111111:stream/fake-stream-name/consumer/consumer-1:1111111111\n awsRoleArn: arn:aws:iam::111111111111:role/fake-role-name\n gcpServiceAccount: fake-service-account@fake-gcp-project.iam.gserviceaccount.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Pubsub Topic Ingestion Cloud Storage\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst example = new gcp.pubsub.Topic(\"example\", {\n name: \"example-topic\",\n ingestionDataSourceSettings: {\n cloudStorage: {\n bucket: \"test-bucket\",\n textFormat: {\n delimiter: \" \",\n },\n minimumObjectCreateTime: \"2024-01-01T00:00:00Z\",\n matchGlob: \"foo/**\",\n },\n platformLogsSettings: {\n severity: \"WARNING\",\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nexample = gcp.pubsub.Topic(\"example\",\n name=\"example-topic\",\n ingestion_data_source_settings={\n \"cloud_storage\": {\n \"bucket\": \"test-bucket\",\n \"text_format\": {\n \"delimiter\": \" \",\n },\n \"minimum_object_create_time\": \"2024-01-01T00:00:00Z\",\n \"match_glob\": \"foo/**\",\n },\n \"platform_logs_settings\": {\n \"severity\": \"WARNING\",\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Gcp.PubSub.Topic(\"example\", new()\n {\n Name = \"example-topic\",\n IngestionDataSourceSettings = new Gcp.PubSub.Inputs.TopicIngestionDataSourceSettingsArgs\n {\n CloudStorage = new Gcp.PubSub.Inputs.TopicIngestionDataSourceSettingsCloudStorageArgs\n {\n Bucket = \"test-bucket\",\n TextFormat = new Gcp.PubSub.Inputs.TopicIngestionDataSourceSettingsCloudStorageTextFormatArgs\n {\n Delimiter = \" \",\n },\n MinimumObjectCreateTime = \"2024-01-01T00:00:00Z\",\n MatchGlob = \"foo/**\",\n },\n PlatformLogsSettings = new Gcp.PubSub.Inputs.TopicIngestionDataSourceSettingsPlatformLogsSettingsArgs\n {\n Severity = \"WARNING\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/pubsub\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := pubsub.NewTopic(ctx, \"example\", \u0026pubsub.TopicArgs{\n\t\t\tName: pulumi.String(\"example-topic\"),\n\t\t\tIngestionDataSourceSettings: \u0026pubsub.TopicIngestionDataSourceSettingsArgs{\n\t\t\t\tCloudStorage: \u0026pubsub.TopicIngestionDataSourceSettingsCloudStorageArgs{\n\t\t\t\t\tBucket: pulumi.String(\"test-bucket\"),\n\t\t\t\t\tTextFormat: \u0026pubsub.TopicIngestionDataSourceSettingsCloudStorageTextFormatArgs{\n\t\t\t\t\t\tDelimiter: pulumi.String(\" \"),\n\t\t\t\t\t},\n\t\t\t\t\tMinimumObjectCreateTime: pulumi.String(\"2024-01-01T00:00:00Z\"),\n\t\t\t\t\tMatchGlob: pulumi.String(\"foo/**\"),\n\t\t\t\t},\n\t\t\t\tPlatformLogsSettings: \u0026pubsub.TopicIngestionDataSourceSettingsPlatformLogsSettingsArgs{\n\t\t\t\t\tSeverity: pulumi.String(\"WARNING\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.pubsub.Topic;\nimport com.pulumi.gcp.pubsub.TopicArgs;\nimport com.pulumi.gcp.pubsub.inputs.TopicIngestionDataSourceSettingsArgs;\nimport com.pulumi.gcp.pubsub.inputs.TopicIngestionDataSourceSettingsCloudStorageArgs;\nimport com.pulumi.gcp.pubsub.inputs.TopicIngestionDataSourceSettingsCloudStorageTextFormatArgs;\nimport com.pulumi.gcp.pubsub.inputs.TopicIngestionDataSourceSettingsPlatformLogsSettingsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Topic(\"example\", TopicArgs.builder()\n .name(\"example-topic\")\n .ingestionDataSourceSettings(TopicIngestionDataSourceSettingsArgs.builder()\n .cloudStorage(TopicIngestionDataSourceSettingsCloudStorageArgs.builder()\n .bucket(\"test-bucket\")\n .textFormat(TopicIngestionDataSourceSettingsCloudStorageTextFormatArgs.builder()\n .delimiter(\" \")\n .build())\n .minimumObjectCreateTime(\"2024-01-01T00:00:00Z\")\n .matchGlob(\"foo/**\")\n .build())\n .platformLogsSettings(TopicIngestionDataSourceSettingsPlatformLogsSettingsArgs.builder()\n .severity(\"WARNING\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: gcp:pubsub:Topic\n properties:\n name: example-topic\n ingestionDataSourceSettings:\n cloudStorage:\n bucket: test-bucket\n textFormat:\n delimiter: ' '\n minimumObjectCreateTime: 2024-01-01T00:00:00Z\n matchGlob: foo/**\n platformLogsSettings:\n severity: WARNING\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Pubsub Topic Ingestion Azure Event Hubs\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst example = new gcp.pubsub.Topic(\"example\", {\n name: \"example-topic\",\n ingestionDataSourceSettings: {\n azureEventHubs: {\n resourceGroup: \"azure-ingestion-resource-group\",\n namespace: \"azure-ingestion-namespace\",\n eventHub: \"azure-ingestion-event-hub\",\n clientId: \"aZZZZZZZ-YYYY-HHHH-GGGG-abcdef569123\",\n tenantId: \"0XXXXXXX-YYYY-HHHH-GGGG-123456789123\",\n subscriptionId: \"bXXXXXXX-YYYY-HHHH-GGGG-123456789123\",\n gcpServiceAccount: \"fake-service-account@fake-gcp-project.iam.gserviceaccount.com\",\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nexample = gcp.pubsub.Topic(\"example\",\n name=\"example-topic\",\n ingestion_data_source_settings={\n \"azure_event_hubs\": {\n \"resource_group\": \"azure-ingestion-resource-group\",\n \"namespace\": \"azure-ingestion-namespace\",\n \"event_hub\": \"azure-ingestion-event-hub\",\n \"client_id\": \"aZZZZZZZ-YYYY-HHHH-GGGG-abcdef569123\",\n \"tenant_id\": \"0XXXXXXX-YYYY-HHHH-GGGG-123456789123\",\n \"subscription_id\": \"bXXXXXXX-YYYY-HHHH-GGGG-123456789123\",\n \"gcp_service_account\": \"fake-service-account@fake-gcp-project.iam.gserviceaccount.com\",\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Gcp.PubSub.Topic(\"example\", new()\n {\n Name = \"example-topic\",\n IngestionDataSourceSettings = new Gcp.PubSub.Inputs.TopicIngestionDataSourceSettingsArgs\n {\n AzureEventHubs = new Gcp.PubSub.Inputs.TopicIngestionDataSourceSettingsAzureEventHubsArgs\n {\n ResourceGroup = \"azure-ingestion-resource-group\",\n Namespace = \"azure-ingestion-namespace\",\n EventHub = \"azure-ingestion-event-hub\",\n ClientId = \"aZZZZZZZ-YYYY-HHHH-GGGG-abcdef569123\",\n TenantId = \"0XXXXXXX-YYYY-HHHH-GGGG-123456789123\",\n SubscriptionId = \"bXXXXXXX-YYYY-HHHH-GGGG-123456789123\",\n GcpServiceAccount = \"fake-service-account@fake-gcp-project.iam.gserviceaccount.com\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/pubsub\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := pubsub.NewTopic(ctx, \"example\", \u0026pubsub.TopicArgs{\n\t\t\tName: pulumi.String(\"example-topic\"),\n\t\t\tIngestionDataSourceSettings: \u0026pubsub.TopicIngestionDataSourceSettingsArgs{\n\t\t\t\tAzureEventHubs: \u0026pubsub.TopicIngestionDataSourceSettingsAzureEventHubsArgs{\n\t\t\t\t\tResourceGroup: pulumi.String(\"azure-ingestion-resource-group\"),\n\t\t\t\t\tNamespace: pulumi.String(\"azure-ingestion-namespace\"),\n\t\t\t\t\tEventHub: pulumi.String(\"azure-ingestion-event-hub\"),\n\t\t\t\t\tClientId: pulumi.String(\"aZZZZZZZ-YYYY-HHHH-GGGG-abcdef569123\"),\n\t\t\t\t\tTenantId: pulumi.String(\"0XXXXXXX-YYYY-HHHH-GGGG-123456789123\"),\n\t\t\t\t\tSubscriptionId: pulumi.String(\"bXXXXXXX-YYYY-HHHH-GGGG-123456789123\"),\n\t\t\t\t\tGcpServiceAccount: pulumi.String(\"fake-service-account@fake-gcp-project.iam.gserviceaccount.com\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.pubsub.Topic;\nimport com.pulumi.gcp.pubsub.TopicArgs;\nimport com.pulumi.gcp.pubsub.inputs.TopicIngestionDataSourceSettingsArgs;\nimport com.pulumi.gcp.pubsub.inputs.TopicIngestionDataSourceSettingsAzureEventHubsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Topic(\"example\", TopicArgs.builder()\n .name(\"example-topic\")\n .ingestionDataSourceSettings(TopicIngestionDataSourceSettingsArgs.builder()\n .azureEventHubs(TopicIngestionDataSourceSettingsAzureEventHubsArgs.builder()\n .resourceGroup(\"azure-ingestion-resource-group\")\n .namespace(\"azure-ingestion-namespace\")\n .eventHub(\"azure-ingestion-event-hub\")\n .clientId(\"aZZZZZZZ-YYYY-HHHH-GGGG-abcdef569123\")\n .tenantId(\"0XXXXXXX-YYYY-HHHH-GGGG-123456789123\")\n .subscriptionId(\"bXXXXXXX-YYYY-HHHH-GGGG-123456789123\")\n .gcpServiceAccount(\"fake-service-account@fake-gcp-project.iam.gserviceaccount.com\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: gcp:pubsub:Topic\n properties:\n name: example-topic\n ingestionDataSourceSettings:\n azureEventHubs:\n resourceGroup: azure-ingestion-resource-group\n namespace: azure-ingestion-namespace\n eventHub: azure-ingestion-event-hub\n clientId: aZZZZZZZ-YYYY-HHHH-GGGG-abcdef569123\n tenantId: 0XXXXXXX-YYYY-HHHH-GGGG-123456789123\n subscriptionId: bXXXXXXX-YYYY-HHHH-GGGG-123456789123\n gcpServiceAccount: fake-service-account@fake-gcp-project.iam.gserviceaccount.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nTopic can be imported using any of these accepted formats:\n\n* `projects/{{project}}/topics/{{name}}`\n\n* `{{project}}/{{name}}`\n\n* `{{name}}`\n\nWhen using the `pulumi import` command, Topic can be imported using one of the formats above. For example:\n\n```sh\n$ pulumi import gcp:pubsub/topic:Topic default projects/{{project}}/topics/{{name}}\n```\n\n```sh\n$ pulumi import gcp:pubsub/topic:Topic default {{project}}/{{name}}\n```\n\n```sh\n$ pulumi import gcp:pubsub/topic:Topic default {{name}}\n```\n\n", "properties": { "effectiveLabels": { "type": "object", @@ -265098,7 +267279,7 @@ "properties": { "authorizationMode": { "type": "string", - "description": "Optional. The authorization mode of the Redis cluster. If not provided, auth feature is disabled for the cluster.\nDefault value: \"AUTH_MODE_DISABLED\" Possible values: [\"AUTH_MODE_UNSPECIFIED\", \"AUTH_MODE_IAM_AUTH\",\n\"AUTH_MODE_DISABLED\"]\n" + "description": "Optional. The authorization mode of the Redis cluster. If not provided, auth feature is disabled for the cluster.\nDefault value is `AUTH_MODE_DISABLED`.\nPossible values are: `AUTH_MODE_UNSPECIFIED`, `AUTH_MODE_IAM_AUTH`, `AUTH_MODE_DISABLED`.\n" }, "createTime": { "type": "string", @@ -265106,11 +267287,11 @@ }, "crossClusterReplicationConfig": { "$ref": "#/types/gcp:redis/ClusterCrossClusterReplicationConfig:ClusterCrossClusterReplicationConfig", - "description": "Cross cluster replication config\n" + "description": "Cross cluster replication config\nStructure is documented below.\n" }, "deletionProtectionEnabled": { "type": "boolean", - "description": "Optional. Indicates if the cluster is deletion protected or not. If the value if set to true, any delete cluster\noperation will fail. Default value is true.\n" + "description": "Optional. Indicates if the cluster is deletion protected or not.\nIf the value if set to true, any delete cluster operation will fail.\nDefault value is true.\n" }, "discoveryEndpoints": { "type": "array", @@ -265121,7 +267302,7 @@ }, "maintenancePolicy": { "$ref": "#/types/gcp:redis/ClusterMaintenancePolicy:ClusterMaintenancePolicy", - "description": "Maintenance policy for a cluster\n" + "description": "Maintenance policy for a cluster\nStructure is documented below.\n" }, "maintenanceSchedules": { "type": "array", @@ -265132,22 +267313,23 @@ }, "name": { "type": "string", - "description": "Unique name of the resource in this scope including project and location using the form:\nprojects/{projectId}/locations/{locationId}/clusters/{clusterId}\n" + "description": "Unique name of the resource in this scope including project and location using the form:\nprojects/{projectId}/locations/{locationId}/clusters/{clusterId}\n\n\n- - -\n" }, "nodeType": { "type": "string", - "description": "The nodeType for the Redis cluster. If not provided, REDIS_HIGHMEM_MEDIUM will be used as default Possible values:\n[\"REDIS_SHARED_CORE_NANO\", \"REDIS_HIGHMEM_MEDIUM\", \"REDIS_HIGHMEM_XLARGE\", \"REDIS_STANDARD_SMALL\"]\n" + "description": "The nodeType for the Redis cluster.\nIf not provided, REDIS_HIGHMEM_MEDIUM will be used as default\nPossible values are: `REDIS_SHARED_CORE_NANO`, `REDIS_HIGHMEM_MEDIUM`, `REDIS_HIGHMEM_XLARGE`, `REDIS_STANDARD_SMALL`.\n" }, "persistenceConfig": { "$ref": "#/types/gcp:redis/ClusterPersistenceConfig:ClusterPersistenceConfig", - "description": "Persistence config (RDB, AOF) for the cluster.\n" + "description": "Persistence config (RDB, AOF) for the cluster.\nStructure is documented below.\n" }, "preciseSizeGb": { "type": "number", "description": "Output only. Redis memory precise size in GB for the entire cluster.\n" }, "project": { - "type": "string" + "type": "string", + "description": "The ID of the project in which the resource belongs.\nIf it is not provided, the provider project is used.\n" }, "pscConfigs": { "type": "array", @@ -265163,12 +267345,19 @@ }, "description": "Output only. PSC connections for discovery of the cluster topology and accessing the cluster.\nStructure is documented below.\n" }, + "pscServiceAttachments": { + "type": "array", + "items": { + "$ref": "#/types/gcp:redis/ClusterPscServiceAttachment:ClusterPscServiceAttachment" + }, + "description": "Service attachment details to configure Psc connections.\nStructure is documented below.\n" + }, "redisConfigs": { "type": "object", "additionalProperties": { "type": "string" }, - "description": "Configure Redis Cluster behavior using a subset of native Redis configuration parameters. Please check Memorystore\ndocumentation for the list of supported parameters:\nhttps://cloud.google.com/memorystore/docs/cluster/supported-instance-configurations\n" + "description": "Configure Redis Cluster behavior using a subset of native Redis configuration parameters.\nPlease check Memorystore documentation for the list of supported parameters:\nhttps://cloud.google.com/memorystore/docs/cluster/supported-instance-configurations\n" }, "region": { "type": "string", @@ -265199,7 +267388,7 @@ }, "transitEncryptionMode": { "type": "string", - "description": "Optional. The in-transit encryption for the Redis cluster. If not provided, encryption is disabled for the cluster.\nDefault value: \"TRANSIT_ENCRYPTION_MODE_DISABLED\" Possible values: [\"TRANSIT_ENCRYPTION_MODE_UNSPECIFIED\",\n\"TRANSIT_ENCRYPTION_MODE_DISABLED\", \"TRANSIT_ENCRYPTION_MODE_SERVER_AUTHENTICATION\"]\n" + "description": "Optional. The in-transit encryption for the Redis cluster.\nIf not provided, encryption is disabled for the cluster.\nDefault value is `TRANSIT_ENCRYPTION_MODE_DISABLED`.\nPossible values are: `TRANSIT_ENCRYPTION_MODE_UNSPECIFIED`, `TRANSIT_ENCRYPTION_MODE_DISABLED`, `TRANSIT_ENCRYPTION_MODE_SERVER_AUTHENTICATION`.\n" }, "uid": { "type": "string", @@ -265207,7 +267396,7 @@ }, "zoneDistributionConfig": { "$ref": "#/types/gcp:redis/ClusterZoneDistributionConfig:ClusterZoneDistributionConfig", - "description": "Immutable. Zone distribution config for Memorystore Redis cluster.\n" + "description": "Immutable. Zone distribution config for Memorystore Redis cluster.\nStructure is documented below.\n" } }, "required": [ @@ -265220,49 +267409,51 @@ "persistenceConfig", "preciseSizeGb", "project", - "pscConfigs", "pscConnections", + "pscServiceAttachments", "region", "shardCount", "sizeGb", "state", "stateInfos", - "uid" + "uid", + "zoneDistributionConfig" ], "inputProperties": { "authorizationMode": { "type": "string", - "description": "Optional. The authorization mode of the Redis cluster. If not provided, auth feature is disabled for the cluster.\nDefault value: \"AUTH_MODE_DISABLED\" Possible values: [\"AUTH_MODE_UNSPECIFIED\", \"AUTH_MODE_IAM_AUTH\",\n\"AUTH_MODE_DISABLED\"]\n", + "description": "Optional. The authorization mode of the Redis cluster. If not provided, auth feature is disabled for the cluster.\nDefault value is `AUTH_MODE_DISABLED`.\nPossible values are: `AUTH_MODE_UNSPECIFIED`, `AUTH_MODE_IAM_AUTH`, `AUTH_MODE_DISABLED`.\n", "willReplaceOnChanges": true }, "crossClusterReplicationConfig": { "$ref": "#/types/gcp:redis/ClusterCrossClusterReplicationConfig:ClusterCrossClusterReplicationConfig", - "description": "Cross cluster replication config\n" + "description": "Cross cluster replication config\nStructure is documented below.\n" }, "deletionProtectionEnabled": { "type": "boolean", - "description": "Optional. Indicates if the cluster is deletion protected or not. If the value if set to true, any delete cluster\noperation will fail. Default value is true.\n" + "description": "Optional. Indicates if the cluster is deletion protected or not.\nIf the value if set to true, any delete cluster operation will fail.\nDefault value is true.\n" }, "maintenancePolicy": { "$ref": "#/types/gcp:redis/ClusterMaintenancePolicy:ClusterMaintenancePolicy", - "description": "Maintenance policy for a cluster\n" + "description": "Maintenance policy for a cluster\nStructure is documented below.\n" }, "name": { "type": "string", - "description": "Unique name of the resource in this scope including project and location using the form:\nprojects/{projectId}/locations/{locationId}/clusters/{clusterId}\n", + "description": "Unique name of the resource in this scope including project and location using the form:\nprojects/{projectId}/locations/{locationId}/clusters/{clusterId}\n\n\n- - -\n", "willReplaceOnChanges": true }, "nodeType": { "type": "string", - "description": "The nodeType for the Redis cluster. If not provided, REDIS_HIGHMEM_MEDIUM will be used as default Possible values:\n[\"REDIS_SHARED_CORE_NANO\", \"REDIS_HIGHMEM_MEDIUM\", \"REDIS_HIGHMEM_XLARGE\", \"REDIS_STANDARD_SMALL\"]\n", + "description": "The nodeType for the Redis cluster.\nIf not provided, REDIS_HIGHMEM_MEDIUM will be used as default\nPossible values are: `REDIS_SHARED_CORE_NANO`, `REDIS_HIGHMEM_MEDIUM`, `REDIS_HIGHMEM_XLARGE`, `REDIS_STANDARD_SMALL`.\n", "willReplaceOnChanges": true }, "persistenceConfig": { "$ref": "#/types/gcp:redis/ClusterPersistenceConfig:ClusterPersistenceConfig", - "description": "Persistence config (RDB, AOF) for the cluster.\n" + "description": "Persistence config (RDB, AOF) for the cluster.\nStructure is documented below.\n" }, "project": { "type": "string", + "description": "The ID of the project in which the resource belongs.\nIf it is not provided, the provider project is used.\n", "willReplaceOnChanges": true }, "pscConfigs": { @@ -265277,7 +267468,7 @@ "additionalProperties": { "type": "string" }, - "description": "Configure Redis Cluster behavior using a subset of native Redis configuration parameters. Please check Memorystore\ndocumentation for the list of supported parameters:\nhttps://cloud.google.com/memorystore/docs/cluster/supported-instance-configurations\n" + "description": "Configure Redis Cluster behavior using a subset of native Redis configuration parameters.\nPlease check Memorystore documentation for the list of supported parameters:\nhttps://cloud.google.com/memorystore/docs/cluster/supported-instance-configurations\n" }, "region": { "type": "string", @@ -265294,17 +267485,16 @@ }, "transitEncryptionMode": { "type": "string", - "description": "Optional. The in-transit encryption for the Redis cluster. If not provided, encryption is disabled for the cluster.\nDefault value: \"TRANSIT_ENCRYPTION_MODE_DISABLED\" Possible values: [\"TRANSIT_ENCRYPTION_MODE_UNSPECIFIED\",\n\"TRANSIT_ENCRYPTION_MODE_DISABLED\", \"TRANSIT_ENCRYPTION_MODE_SERVER_AUTHENTICATION\"]\n", + "description": "Optional. The in-transit encryption for the Redis cluster.\nIf not provided, encryption is disabled for the cluster.\nDefault value is `TRANSIT_ENCRYPTION_MODE_DISABLED`.\nPossible values are: `TRANSIT_ENCRYPTION_MODE_UNSPECIFIED`, `TRANSIT_ENCRYPTION_MODE_DISABLED`, `TRANSIT_ENCRYPTION_MODE_SERVER_AUTHENTICATION`.\n", "willReplaceOnChanges": true }, "zoneDistributionConfig": { "$ref": "#/types/gcp:redis/ClusterZoneDistributionConfig:ClusterZoneDistributionConfig", - "description": "Immutable. Zone distribution config for Memorystore Redis cluster.\n", + "description": "Immutable. Zone distribution config for Memorystore Redis cluster.\nStructure is documented below.\n", "willReplaceOnChanges": true } }, "requiredInputs": [ - "pscConfigs", "shardCount" ], "stateInputs": { @@ -265312,7 +267502,7 @@ "properties": { "authorizationMode": { "type": "string", - "description": "Optional. The authorization mode of the Redis cluster. If not provided, auth feature is disabled for the cluster.\nDefault value: \"AUTH_MODE_DISABLED\" Possible values: [\"AUTH_MODE_UNSPECIFIED\", \"AUTH_MODE_IAM_AUTH\",\n\"AUTH_MODE_DISABLED\"]\n", + "description": "Optional. The authorization mode of the Redis cluster. If not provided, auth feature is disabled for the cluster.\nDefault value is `AUTH_MODE_DISABLED`.\nPossible values are: `AUTH_MODE_UNSPECIFIED`, `AUTH_MODE_IAM_AUTH`, `AUTH_MODE_DISABLED`.\n", "willReplaceOnChanges": true }, "createTime": { @@ -265321,11 +267511,11 @@ }, "crossClusterReplicationConfig": { "$ref": "#/types/gcp:redis/ClusterCrossClusterReplicationConfig:ClusterCrossClusterReplicationConfig", - "description": "Cross cluster replication config\n" + "description": "Cross cluster replication config\nStructure is documented below.\n" }, "deletionProtectionEnabled": { "type": "boolean", - "description": "Optional. Indicates if the cluster is deletion protected or not. If the value if set to true, any delete cluster\noperation will fail. Default value is true.\n" + "description": "Optional. Indicates if the cluster is deletion protected or not.\nIf the value if set to true, any delete cluster operation will fail.\nDefault value is true.\n" }, "discoveryEndpoints": { "type": "array", @@ -265336,7 +267526,7 @@ }, "maintenancePolicy": { "$ref": "#/types/gcp:redis/ClusterMaintenancePolicy:ClusterMaintenancePolicy", - "description": "Maintenance policy for a cluster\n" + "description": "Maintenance policy for a cluster\nStructure is documented below.\n" }, "maintenanceSchedules": { "type": "array", @@ -265347,17 +267537,17 @@ }, "name": { "type": "string", - "description": "Unique name of the resource in this scope including project and location using the form:\nprojects/{projectId}/locations/{locationId}/clusters/{clusterId}\n", + "description": "Unique name of the resource in this scope including project and location using the form:\nprojects/{projectId}/locations/{locationId}/clusters/{clusterId}\n\n\n- - -\n", "willReplaceOnChanges": true }, "nodeType": { "type": "string", - "description": "The nodeType for the Redis cluster. If not provided, REDIS_HIGHMEM_MEDIUM will be used as default Possible values:\n[\"REDIS_SHARED_CORE_NANO\", \"REDIS_HIGHMEM_MEDIUM\", \"REDIS_HIGHMEM_XLARGE\", \"REDIS_STANDARD_SMALL\"]\n", + "description": "The nodeType for the Redis cluster.\nIf not provided, REDIS_HIGHMEM_MEDIUM will be used as default\nPossible values are: `REDIS_SHARED_CORE_NANO`, `REDIS_HIGHMEM_MEDIUM`, `REDIS_HIGHMEM_XLARGE`, `REDIS_STANDARD_SMALL`.\n", "willReplaceOnChanges": true }, "persistenceConfig": { "$ref": "#/types/gcp:redis/ClusterPersistenceConfig:ClusterPersistenceConfig", - "description": "Persistence config (RDB, AOF) for the cluster.\n" + "description": "Persistence config (RDB, AOF) for the cluster.\nStructure is documented below.\n" }, "preciseSizeGb": { "type": "number", @@ -265365,6 +267555,7 @@ }, "project": { "type": "string", + "description": "The ID of the project in which the resource belongs.\nIf it is not provided, the provider project is used.\n", "willReplaceOnChanges": true }, "pscConfigs": { @@ -265381,12 +267572,19 @@ }, "description": "Output only. PSC connections for discovery of the cluster topology and accessing the cluster.\nStructure is documented below.\n" }, + "pscServiceAttachments": { + "type": "array", + "items": { + "$ref": "#/types/gcp:redis/ClusterPscServiceAttachment:ClusterPscServiceAttachment" + }, + "description": "Service attachment details to configure Psc connections.\nStructure is documented below.\n" + }, "redisConfigs": { "type": "object", "additionalProperties": { "type": "string" }, - "description": "Configure Redis Cluster behavior using a subset of native Redis configuration parameters. Please check Memorystore\ndocumentation for the list of supported parameters:\nhttps://cloud.google.com/memorystore/docs/cluster/supported-instance-configurations\n" + "description": "Configure Redis Cluster behavior using a subset of native Redis configuration parameters.\nPlease check Memorystore documentation for the list of supported parameters:\nhttps://cloud.google.com/memorystore/docs/cluster/supported-instance-configurations\n" }, "region": { "type": "string", @@ -265418,7 +267616,7 @@ }, "transitEncryptionMode": { "type": "string", - "description": "Optional. The in-transit encryption for the Redis cluster. If not provided, encryption is disabled for the cluster.\nDefault value: \"TRANSIT_ENCRYPTION_MODE_DISABLED\" Possible values: [\"TRANSIT_ENCRYPTION_MODE_UNSPECIFIED\",\n\"TRANSIT_ENCRYPTION_MODE_DISABLED\", \"TRANSIT_ENCRYPTION_MODE_SERVER_AUTHENTICATION\"]\n", + "description": "Optional. The in-transit encryption for the Redis cluster.\nIf not provided, encryption is disabled for the cluster.\nDefault value is `TRANSIT_ENCRYPTION_MODE_DISABLED`.\nPossible values are: `TRANSIT_ENCRYPTION_MODE_UNSPECIFIED`, `TRANSIT_ENCRYPTION_MODE_DISABLED`, `TRANSIT_ENCRYPTION_MODE_SERVER_AUTHENTICATION`.\n", "willReplaceOnChanges": true }, "uid": { @@ -265427,8 +267625,88 @@ }, "zoneDistributionConfig": { "$ref": "#/types/gcp:redis/ClusterZoneDistributionConfig:ClusterZoneDistributionConfig", - "description": "Immutable. Zone distribution config for Memorystore Redis cluster.\n", + "description": "Immutable. Zone distribution config for Memorystore Redis cluster.\nStructure is documented below.\n", + "willReplaceOnChanges": true + } + }, + "type": "object" + } + }, + "gcp:redis/clusterUserCreatedConnections:ClusterUserCreatedConnections": { + "description": "## Example Usage\n\n### Redis Cluster User Created Connections\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst network1 = new gcp.compute.Network(\"network1\", {\n name: \"net1\",\n autoCreateSubnetworks: false,\n});\nconst subnetNetwork1 = new gcp.compute.Subnetwork(\"subnet_network1\", {\n name: \"subnet-net1\",\n ipCidrRange: \"10.0.0.248/29\",\n region: \"us-central1\",\n network: network1.id,\n});\nconst ip1Network1 = new gcp.compute.Address(\"ip1_network1\", {\n name: \"ip1-net1\",\n region: \"us-central1\",\n subnetwork: subnetNetwork1.id,\n addressType: \"INTERNAL\",\n purpose: \"GCE_ENDPOINT\",\n});\n// redis cluster without endpoint\nconst cluster_user_connCluster = new gcp.redis.Cluster(\"cluster-user-conn\", {\n name: \"cluster-user-conn\",\n shardCount: 3,\n region: \"us-central1\",\n replicaCount: 0,\n deletionProtectionEnabled: false,\n});\nconst forwardingRule1Network1 = new gcp.compute.ForwardingRule(\"forwarding_rule1_network1\", {\n name: \"fwd1-net1\",\n region: \"us-central1\",\n ipAddress: ip1Network1.id,\n loadBalancingScheme: \"\",\n network: network1.id,\n target: cluster_user_connCluster.pscServiceAttachments.apply(pscServiceAttachments =\u003e pscServiceAttachments[0].serviceAttachment),\n});\nconst ip2Network1 = new gcp.compute.Address(\"ip2_network1\", {\n name: \"ip2-net1\",\n region: \"us-central1\",\n subnetwork: subnetNetwork1.id,\n addressType: \"INTERNAL\",\n purpose: \"GCE_ENDPOINT\",\n});\nconst forwardingRule2Network1 = new gcp.compute.ForwardingRule(\"forwarding_rule2_network1\", {\n name: \"fwd2-net1\",\n region: \"us-central1\",\n ipAddress: ip2Network1.id,\n loadBalancingScheme: \"\",\n network: network1.id,\n target: cluster_user_connCluster.pscServiceAttachments.apply(pscServiceAttachments =\u003e pscServiceAttachments[1].serviceAttachment),\n});\nconst network2 = new gcp.compute.Network(\"network2\", {\n name: \"network2\",\n autoCreateSubnetworks: false,\n});\nconst subnetNetwork2 = new gcp.compute.Subnetwork(\"subnet_network2\", {\n name: \"subnet-net2\",\n ipCidrRange: \"10.0.0.248/29\",\n region: \"us-central1\",\n network: network2.id,\n});\nconst ip1Network2 = new gcp.compute.Address(\"ip1_network2\", {\n name: \"ip1-net2\",\n region: \"us-central1\",\n subnetwork: subnetNetwork2.id,\n addressType: \"INTERNAL\",\n purpose: \"GCE_ENDPOINT\",\n});\nconst forwardingRule1Network2 = new gcp.compute.ForwardingRule(\"forwarding_rule1_network2\", {\n name: \"fwd1-net2\",\n region: \"us-central1\",\n ipAddress: ip1Network2.id,\n loadBalancingScheme: \"\",\n network: network2.id,\n target: cluster_user_connCluster.pscServiceAttachments.apply(pscServiceAttachments =\u003e pscServiceAttachments[0].serviceAttachment),\n});\nconst ip2Network2 = new gcp.compute.Address(\"ip2_network2\", {\n name: \"ip2-net2\",\n region: \"us-central1\",\n subnetwork: subnetNetwork2.id,\n addressType: \"INTERNAL\",\n purpose: \"GCE_ENDPOINT\",\n});\nconst forwardingRule2Network2 = new gcp.compute.ForwardingRule(\"forwarding_rule2_network2\", {\n name: \"fwd2-net2\",\n region: \"us-central1\",\n ipAddress: ip2Network2.id,\n loadBalancingScheme: \"\",\n network: network2.id,\n target: cluster_user_connCluster.pscServiceAttachments.apply(pscServiceAttachments =\u003e pscServiceAttachments[1].serviceAttachment),\n});\nconst project = gcp.organizations.getProject({});\nconst cluster_user_conn = new gcp.redis.ClusterUserCreatedConnections(\"cluster-user-conn\", {\n name: \"cluster-user-conn\",\n region: \"us-central1\",\n clusterEndpoints: [\n {\n connections: [\n {\n pscConnection: {\n pscConnectionId: forwardingRule1Network1.pscConnectionId,\n address: ip1Network1.address,\n forwardingRule: forwardingRule1Network1.id,\n network: network1.id,\n projectId: project.then(project =\u003e project.projectId),\n serviceAttachment: cluster_user_connCluster.pscServiceAttachments.apply(pscServiceAttachments =\u003e pscServiceAttachments[0].serviceAttachment),\n },\n },\n {\n pscConnection: {\n pscConnectionId: forwardingRule2Network1.pscConnectionId,\n address: ip2Network1.address,\n forwardingRule: forwardingRule2Network1.id,\n network: network1.id,\n serviceAttachment: cluster_user_connCluster.pscServiceAttachments.apply(pscServiceAttachments =\u003e pscServiceAttachments[1].serviceAttachment),\n },\n },\n ],\n },\n {\n connections: [\n {\n pscConnection: {\n pscConnectionId: forwardingRule1Network2.pscConnectionId,\n address: ip1Network2.address,\n forwardingRule: forwardingRule1Network2.id,\n network: network2.id,\n serviceAttachment: cluster_user_connCluster.pscServiceAttachments.apply(pscServiceAttachments =\u003e pscServiceAttachments[0].serviceAttachment),\n },\n },\n {\n pscConnection: {\n pscConnectionId: forwardingRule2Network2.pscConnectionId,\n address: ip2Network2.address,\n forwardingRule: forwardingRule2Network2.id,\n network: network2.id,\n serviceAttachment: cluster_user_connCluster.pscServiceAttachments.apply(pscServiceAttachments =\u003e pscServiceAttachments[1].serviceAttachment),\n },\n },\n ],\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nnetwork1 = gcp.compute.Network(\"network1\",\n name=\"net1\",\n auto_create_subnetworks=False)\nsubnet_network1 = gcp.compute.Subnetwork(\"subnet_network1\",\n name=\"subnet-net1\",\n ip_cidr_range=\"10.0.0.248/29\",\n region=\"us-central1\",\n network=network1.id)\nip1_network1 = gcp.compute.Address(\"ip1_network1\",\n name=\"ip1-net1\",\n region=\"us-central1\",\n subnetwork=subnet_network1.id,\n address_type=\"INTERNAL\",\n purpose=\"GCE_ENDPOINT\")\n# redis cluster without endpoint\ncluster_user_conn_cluster = gcp.redis.Cluster(\"cluster-user-conn\",\n name=\"cluster-user-conn\",\n shard_count=3,\n region=\"us-central1\",\n replica_count=0,\n deletion_protection_enabled=False)\nforwarding_rule1_network1 = gcp.compute.ForwardingRule(\"forwarding_rule1_network1\",\n name=\"fwd1-net1\",\n region=\"us-central1\",\n ip_address=ip1_network1.id,\n load_balancing_scheme=\"\",\n network=network1.id,\n target=cluster_user_conn_cluster.psc_service_attachments[0].service_attachment)\nip2_network1 = gcp.compute.Address(\"ip2_network1\",\n name=\"ip2-net1\",\n region=\"us-central1\",\n subnetwork=subnet_network1.id,\n address_type=\"INTERNAL\",\n purpose=\"GCE_ENDPOINT\")\nforwarding_rule2_network1 = gcp.compute.ForwardingRule(\"forwarding_rule2_network1\",\n name=\"fwd2-net1\",\n region=\"us-central1\",\n ip_address=ip2_network1.id,\n load_balancing_scheme=\"\",\n network=network1.id,\n target=cluster_user_conn_cluster.psc_service_attachments[1].service_attachment)\nnetwork2 = gcp.compute.Network(\"network2\",\n name=\"network2\",\n auto_create_subnetworks=False)\nsubnet_network2 = gcp.compute.Subnetwork(\"subnet_network2\",\n name=\"subnet-net2\",\n ip_cidr_range=\"10.0.0.248/29\",\n region=\"us-central1\",\n network=network2.id)\nip1_network2 = gcp.compute.Address(\"ip1_network2\",\n name=\"ip1-net2\",\n region=\"us-central1\",\n subnetwork=subnet_network2.id,\n address_type=\"INTERNAL\",\n purpose=\"GCE_ENDPOINT\")\nforwarding_rule1_network2 = gcp.compute.ForwardingRule(\"forwarding_rule1_network2\",\n name=\"fwd1-net2\",\n region=\"us-central1\",\n ip_address=ip1_network2.id,\n load_balancing_scheme=\"\",\n network=network2.id,\n target=cluster_user_conn_cluster.psc_service_attachments[0].service_attachment)\nip2_network2 = gcp.compute.Address(\"ip2_network2\",\n name=\"ip2-net2\",\n region=\"us-central1\",\n subnetwork=subnet_network2.id,\n address_type=\"INTERNAL\",\n purpose=\"GCE_ENDPOINT\")\nforwarding_rule2_network2 = gcp.compute.ForwardingRule(\"forwarding_rule2_network2\",\n name=\"fwd2-net2\",\n region=\"us-central1\",\n ip_address=ip2_network2.id,\n load_balancing_scheme=\"\",\n network=network2.id,\n target=cluster_user_conn_cluster.psc_service_attachments[1].service_attachment)\nproject = gcp.organizations.get_project()\ncluster_user_conn = gcp.redis.ClusterUserCreatedConnections(\"cluster-user-conn\",\n name=\"cluster-user-conn\",\n region=\"us-central1\",\n cluster_endpoints=[\n {\n \"connections\": [\n {\n \"psc_connection\": {\n \"psc_connection_id\": forwarding_rule1_network1.psc_connection_id,\n \"address\": ip1_network1.address,\n \"forwarding_rule\": forwarding_rule1_network1.id,\n \"network\": network1.id,\n \"project_id\": project.project_id,\n \"service_attachment\": cluster_user_conn_cluster.psc_service_attachments[0].service_attachment,\n },\n },\n {\n \"psc_connection\": {\n \"psc_connection_id\": forwarding_rule2_network1.psc_connection_id,\n \"address\": ip2_network1.address,\n \"forwarding_rule\": forwarding_rule2_network1.id,\n \"network\": network1.id,\n \"service_attachment\": cluster_user_conn_cluster.psc_service_attachments[1].service_attachment,\n },\n },\n ],\n },\n {\n \"connections\": [\n {\n \"psc_connection\": {\n \"psc_connection_id\": forwarding_rule1_network2.psc_connection_id,\n \"address\": ip1_network2.address,\n \"forwarding_rule\": forwarding_rule1_network2.id,\n \"network\": network2.id,\n \"service_attachment\": cluster_user_conn_cluster.psc_service_attachments[0].service_attachment,\n },\n },\n {\n \"psc_connection\": {\n \"psc_connection_id\": forwarding_rule2_network2.psc_connection_id,\n \"address\": ip2_network2.address,\n \"forwarding_rule\": forwarding_rule2_network2.id,\n \"network\": network2.id,\n \"service_attachment\": cluster_user_conn_cluster.psc_service_attachments[1].service_attachment,\n },\n },\n ],\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var network1 = new Gcp.Compute.Network(\"network1\", new()\n {\n Name = \"net1\",\n AutoCreateSubnetworks = false,\n });\n\n var subnetNetwork1 = new Gcp.Compute.Subnetwork(\"subnet_network1\", new()\n {\n Name = \"subnet-net1\",\n IpCidrRange = \"10.0.0.248/29\",\n Region = \"us-central1\",\n Network = network1.Id,\n });\n\n var ip1Network1 = new Gcp.Compute.Address(\"ip1_network1\", new()\n {\n Name = \"ip1-net1\",\n Region = \"us-central1\",\n Subnetwork = subnetNetwork1.Id,\n AddressType = \"INTERNAL\",\n Purpose = \"GCE_ENDPOINT\",\n });\n\n // redis cluster without endpoint\n var cluster_user_connCluster = new Gcp.Redis.Cluster(\"cluster-user-conn\", new()\n {\n Name = \"cluster-user-conn\",\n ShardCount = 3,\n Region = \"us-central1\",\n ReplicaCount = 0,\n DeletionProtectionEnabled = false,\n });\n\n var forwardingRule1Network1 = new Gcp.Compute.ForwardingRule(\"forwarding_rule1_network1\", new()\n {\n Name = \"fwd1-net1\",\n Region = \"us-central1\",\n IpAddress = ip1Network1.Id,\n LoadBalancingScheme = \"\",\n Network = network1.Id,\n Target = cluster_user_connCluster.PscServiceAttachments.Apply(pscServiceAttachments =\u003e pscServiceAttachments[0].ServiceAttachment),\n });\n\n var ip2Network1 = new Gcp.Compute.Address(\"ip2_network1\", new()\n {\n Name = \"ip2-net1\",\n Region = \"us-central1\",\n Subnetwork = subnetNetwork1.Id,\n AddressType = \"INTERNAL\",\n Purpose = \"GCE_ENDPOINT\",\n });\n\n var forwardingRule2Network1 = new Gcp.Compute.ForwardingRule(\"forwarding_rule2_network1\", new()\n {\n Name = \"fwd2-net1\",\n Region = \"us-central1\",\n IpAddress = ip2Network1.Id,\n LoadBalancingScheme = \"\",\n Network = network1.Id,\n Target = cluster_user_connCluster.PscServiceAttachments.Apply(pscServiceAttachments =\u003e pscServiceAttachments[1].ServiceAttachment),\n });\n\n var network2 = new Gcp.Compute.Network(\"network2\", new()\n {\n Name = \"network2\",\n AutoCreateSubnetworks = false,\n });\n\n var subnetNetwork2 = new Gcp.Compute.Subnetwork(\"subnet_network2\", new()\n {\n Name = \"subnet-net2\",\n IpCidrRange = \"10.0.0.248/29\",\n Region = \"us-central1\",\n Network = network2.Id,\n });\n\n var ip1Network2 = new Gcp.Compute.Address(\"ip1_network2\", new()\n {\n Name = \"ip1-net2\",\n Region = \"us-central1\",\n Subnetwork = subnetNetwork2.Id,\n AddressType = \"INTERNAL\",\n Purpose = \"GCE_ENDPOINT\",\n });\n\n var forwardingRule1Network2 = new Gcp.Compute.ForwardingRule(\"forwarding_rule1_network2\", new()\n {\n Name = \"fwd1-net2\",\n Region = \"us-central1\",\n IpAddress = ip1Network2.Id,\n LoadBalancingScheme = \"\",\n Network = network2.Id,\n Target = cluster_user_connCluster.PscServiceAttachments.Apply(pscServiceAttachments =\u003e pscServiceAttachments[0].ServiceAttachment),\n });\n\n var ip2Network2 = new Gcp.Compute.Address(\"ip2_network2\", new()\n {\n Name = \"ip2-net2\",\n Region = \"us-central1\",\n Subnetwork = subnetNetwork2.Id,\n AddressType = \"INTERNAL\",\n Purpose = \"GCE_ENDPOINT\",\n });\n\n var forwardingRule2Network2 = new Gcp.Compute.ForwardingRule(\"forwarding_rule2_network2\", new()\n {\n Name = \"fwd2-net2\",\n Region = \"us-central1\",\n IpAddress = ip2Network2.Id,\n LoadBalancingScheme = \"\",\n Network = network2.Id,\n Target = cluster_user_connCluster.PscServiceAttachments.Apply(pscServiceAttachments =\u003e pscServiceAttachments[1].ServiceAttachment),\n });\n\n var project = Gcp.Organizations.GetProject.Invoke();\n\n var cluster_user_conn = new Gcp.Redis.ClusterUserCreatedConnections(\"cluster-user-conn\", new()\n {\n Name = \"cluster-user-conn\",\n Region = \"us-central1\",\n ClusterEndpoints = new[]\n {\n new Gcp.Redis.Inputs.ClusterUserCreatedConnectionsClusterEndpointArgs\n {\n Connections = new[]\n {\n new Gcp.Redis.Inputs.ClusterUserCreatedConnectionsClusterEndpointConnectionArgs\n {\n PscConnection = new Gcp.Redis.Inputs.ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionArgs\n {\n PscConnectionId = forwardingRule1Network1.PscConnectionId,\n Address = ip1Network1.IPAddress,\n ForwardingRule = forwardingRule1Network1.Id,\n Network = network1.Id,\n ProjectId = project.Apply(getProjectResult =\u003e getProjectResult.ProjectId),\n ServiceAttachment = cluster_user_connCluster.PscServiceAttachments.Apply(pscServiceAttachments =\u003e pscServiceAttachments[0].ServiceAttachment),\n },\n },\n new Gcp.Redis.Inputs.ClusterUserCreatedConnectionsClusterEndpointConnectionArgs\n {\n PscConnection = new Gcp.Redis.Inputs.ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionArgs\n {\n PscConnectionId = forwardingRule2Network1.PscConnectionId,\n Address = ip2Network1.IPAddress,\n ForwardingRule = forwardingRule2Network1.Id,\n Network = network1.Id,\n ServiceAttachment = cluster_user_connCluster.PscServiceAttachments.Apply(pscServiceAttachments =\u003e pscServiceAttachments[1].ServiceAttachment),\n },\n },\n },\n },\n new Gcp.Redis.Inputs.ClusterUserCreatedConnectionsClusterEndpointArgs\n {\n Connections = new[]\n {\n new Gcp.Redis.Inputs.ClusterUserCreatedConnectionsClusterEndpointConnectionArgs\n {\n PscConnection = new Gcp.Redis.Inputs.ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionArgs\n {\n PscConnectionId = forwardingRule1Network2.PscConnectionId,\n Address = ip1Network2.IPAddress,\n ForwardingRule = forwardingRule1Network2.Id,\n Network = network2.Id,\n ServiceAttachment = cluster_user_connCluster.PscServiceAttachments.Apply(pscServiceAttachments =\u003e pscServiceAttachments[0].ServiceAttachment),\n },\n },\n new Gcp.Redis.Inputs.ClusterUserCreatedConnectionsClusterEndpointConnectionArgs\n {\n PscConnection = new Gcp.Redis.Inputs.ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionArgs\n {\n PscConnectionId = forwardingRule2Network2.PscConnectionId,\n Address = ip2Network2.IPAddress,\n ForwardingRule = forwardingRule2Network2.Id,\n Network = network2.Id,\n ServiceAttachment = cluster_user_connCluster.PscServiceAttachments.Apply(pscServiceAttachments =\u003e pscServiceAttachments[1].ServiceAttachment),\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/redis\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tnetwork1, err := compute.NewNetwork(ctx, \"network1\", \u0026compute.NetworkArgs{\n\t\t\tName: pulumi.String(\"net1\"),\n\t\t\tAutoCreateSubnetworks: pulumi.Bool(false),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tsubnetNetwork1, err := compute.NewSubnetwork(ctx, \"subnet_network1\", \u0026compute.SubnetworkArgs{\n\t\t\tName: pulumi.String(\"subnet-net1\"),\n\t\t\tIpCidrRange: pulumi.String(\"10.0.0.248/29\"),\n\t\t\tRegion: pulumi.String(\"us-central1\"),\n\t\t\tNetwork: network1.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tip1Network1, err := compute.NewAddress(ctx, \"ip1_network1\", \u0026compute.AddressArgs{\n\t\t\tName: pulumi.String(\"ip1-net1\"),\n\t\t\tRegion: pulumi.String(\"us-central1\"),\n\t\t\tSubnetwork: subnetNetwork1.ID(),\n\t\t\tAddressType: pulumi.String(\"INTERNAL\"),\n\t\t\tPurpose: pulumi.String(\"GCE_ENDPOINT\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// redis cluster without endpoint\n\t\t_, err = redis.NewCluster(ctx, \"cluster-user-conn\", \u0026redis.ClusterArgs{\n\t\t\tName: pulumi.String(\"cluster-user-conn\"),\n\t\t\tShardCount: pulumi.Int(3),\n\t\t\tRegion: pulumi.String(\"us-central1\"),\n\t\t\tReplicaCount: pulumi.Int(0),\n\t\t\tDeletionProtectionEnabled: pulumi.Bool(false),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tforwardingRule1Network1, err := compute.NewForwardingRule(ctx, \"forwarding_rule1_network1\", \u0026compute.ForwardingRuleArgs{\n\t\t\tName: pulumi.String(\"fwd1-net1\"),\n\t\t\tRegion: pulumi.String(\"us-central1\"),\n\t\t\tIpAddress: ip1Network1.ID(),\n\t\t\tLoadBalancingScheme: pulumi.String(\"\"),\n\t\t\tNetwork: network1.ID(),\n\t\t\tTarget: pulumi.String(cluster_user_connCluster.PscServiceAttachments.ApplyT(func(pscServiceAttachments []redis.ClusterPscServiceAttachment) (*string, error) {\n\t\t\t\treturn \u0026pscServiceAttachments[0].ServiceAttachment, nil\n\t\t\t}).(pulumi.StringPtrOutput)),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tip2Network1, err := compute.NewAddress(ctx, \"ip2_network1\", \u0026compute.AddressArgs{\n\t\t\tName: pulumi.String(\"ip2-net1\"),\n\t\t\tRegion: pulumi.String(\"us-central1\"),\n\t\t\tSubnetwork: subnetNetwork1.ID(),\n\t\t\tAddressType: pulumi.String(\"INTERNAL\"),\n\t\t\tPurpose: pulumi.String(\"GCE_ENDPOINT\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tforwardingRule2Network1, err := compute.NewForwardingRule(ctx, \"forwarding_rule2_network1\", \u0026compute.ForwardingRuleArgs{\n\t\t\tName: pulumi.String(\"fwd2-net1\"),\n\t\t\tRegion: pulumi.String(\"us-central1\"),\n\t\t\tIpAddress: ip2Network1.ID(),\n\t\t\tLoadBalancingScheme: pulumi.String(\"\"),\n\t\t\tNetwork: network1.ID(),\n\t\t\tTarget: pulumi.String(cluster_user_connCluster.PscServiceAttachments.ApplyT(func(pscServiceAttachments []redis.ClusterPscServiceAttachment) (*string, error) {\n\t\t\t\treturn \u0026pscServiceAttachments[1].ServiceAttachment, nil\n\t\t\t}).(pulumi.StringPtrOutput)),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tnetwork2, err := compute.NewNetwork(ctx, \"network2\", \u0026compute.NetworkArgs{\n\t\t\tName: pulumi.String(\"network2\"),\n\t\t\tAutoCreateSubnetworks: pulumi.Bool(false),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tsubnetNetwork2, err := compute.NewSubnetwork(ctx, \"subnet_network2\", \u0026compute.SubnetworkArgs{\n\t\t\tName: pulumi.String(\"subnet-net2\"),\n\t\t\tIpCidrRange: pulumi.String(\"10.0.0.248/29\"),\n\t\t\tRegion: pulumi.String(\"us-central1\"),\n\t\t\tNetwork: network2.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tip1Network2, err := compute.NewAddress(ctx, \"ip1_network2\", \u0026compute.AddressArgs{\n\t\t\tName: pulumi.String(\"ip1-net2\"),\n\t\t\tRegion: pulumi.String(\"us-central1\"),\n\t\t\tSubnetwork: subnetNetwork2.ID(),\n\t\t\tAddressType: pulumi.String(\"INTERNAL\"),\n\t\t\tPurpose: pulumi.String(\"GCE_ENDPOINT\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tforwardingRule1Network2, err := compute.NewForwardingRule(ctx, \"forwarding_rule1_network2\", \u0026compute.ForwardingRuleArgs{\n\t\t\tName: pulumi.String(\"fwd1-net2\"),\n\t\t\tRegion: pulumi.String(\"us-central1\"),\n\t\t\tIpAddress: ip1Network2.ID(),\n\t\t\tLoadBalancingScheme: pulumi.String(\"\"),\n\t\t\tNetwork: network2.ID(),\n\t\t\tTarget: pulumi.String(cluster_user_connCluster.PscServiceAttachments.ApplyT(func(pscServiceAttachments []redis.ClusterPscServiceAttachment) (*string, error) {\n\t\t\t\treturn \u0026pscServiceAttachments[0].ServiceAttachment, nil\n\t\t\t}).(pulumi.StringPtrOutput)),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tip2Network2, err := compute.NewAddress(ctx, \"ip2_network2\", \u0026compute.AddressArgs{\n\t\t\tName: pulumi.String(\"ip2-net2\"),\n\t\t\tRegion: pulumi.String(\"us-central1\"),\n\t\t\tSubnetwork: subnetNetwork2.ID(),\n\t\t\tAddressType: pulumi.String(\"INTERNAL\"),\n\t\t\tPurpose: pulumi.String(\"GCE_ENDPOINT\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tforwardingRule2Network2, err := compute.NewForwardingRule(ctx, \"forwarding_rule2_network2\", \u0026compute.ForwardingRuleArgs{\n\t\t\tName: pulumi.String(\"fwd2-net2\"),\n\t\t\tRegion: pulumi.String(\"us-central1\"),\n\t\t\tIpAddress: ip2Network2.ID(),\n\t\t\tLoadBalancingScheme: pulumi.String(\"\"),\n\t\t\tNetwork: network2.ID(),\n\t\t\tTarget: pulumi.String(cluster_user_connCluster.PscServiceAttachments.ApplyT(func(pscServiceAttachments []redis.ClusterPscServiceAttachment) (*string, error) {\n\t\t\t\treturn \u0026pscServiceAttachments[1].ServiceAttachment, nil\n\t\t\t}).(pulumi.StringPtrOutput)),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tproject, err := organizations.LookupProject(ctx, \u0026organizations.LookupProjectArgs{}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = redis.NewClusterUserCreatedConnections(ctx, \"cluster-user-conn\", \u0026redis.ClusterUserCreatedConnectionsArgs{\n\t\t\tName: pulumi.String(\"cluster-user-conn\"),\n\t\t\tRegion: pulumi.String(\"us-central1\"),\n\t\t\tClusterEndpoints: redis.ClusterUserCreatedConnectionsClusterEndpointArray{\n\t\t\t\t\u0026redis.ClusterUserCreatedConnectionsClusterEndpointArgs{\n\t\t\t\t\tConnections: redis.ClusterUserCreatedConnectionsClusterEndpointConnectionArray{\n\t\t\t\t\t\t\u0026redis.ClusterUserCreatedConnectionsClusterEndpointConnectionArgs{\n\t\t\t\t\t\t\tPscConnection: \u0026redis.ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionArgs{\n\t\t\t\t\t\t\t\tPscConnectionId: forwardingRule1Network1.PscConnectionId,\n\t\t\t\t\t\t\t\tAddress: ip1Network1.Address,\n\t\t\t\t\t\t\t\tForwardingRule: forwardingRule1Network1.ID(),\n\t\t\t\t\t\t\t\tNetwork: network1.ID(),\n\t\t\t\t\t\t\t\tProjectId: pulumi.String(project.ProjectId),\n\t\t\t\t\t\t\t\tServiceAttachment: cluster_user_connCluster.PscServiceAttachments.ApplyT(func(pscServiceAttachments []redis.ClusterPscServiceAttachment) (*string, error) {\n\t\t\t\t\t\t\t\t\treturn \u0026pscServiceAttachments[0].ServiceAttachment, nil\n\t\t\t\t\t\t\t\t}).(pulumi.StringPtrOutput),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026redis.ClusterUserCreatedConnectionsClusterEndpointConnectionArgs{\n\t\t\t\t\t\t\tPscConnection: \u0026redis.ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionArgs{\n\t\t\t\t\t\t\t\tPscConnectionId: forwardingRule2Network1.PscConnectionId,\n\t\t\t\t\t\t\t\tAddress: ip2Network1.Address,\n\t\t\t\t\t\t\t\tForwardingRule: forwardingRule2Network1.ID(),\n\t\t\t\t\t\t\t\tNetwork: network1.ID(),\n\t\t\t\t\t\t\t\tServiceAttachment: cluster_user_connCluster.PscServiceAttachments.ApplyT(func(pscServiceAttachments []redis.ClusterPscServiceAttachment) (*string, error) {\n\t\t\t\t\t\t\t\t\treturn \u0026pscServiceAttachments[1].ServiceAttachment, nil\n\t\t\t\t\t\t\t\t}).(pulumi.StringPtrOutput),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026redis.ClusterUserCreatedConnectionsClusterEndpointArgs{\n\t\t\t\t\tConnections: redis.ClusterUserCreatedConnectionsClusterEndpointConnectionArray{\n\t\t\t\t\t\t\u0026redis.ClusterUserCreatedConnectionsClusterEndpointConnectionArgs{\n\t\t\t\t\t\t\tPscConnection: \u0026redis.ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionArgs{\n\t\t\t\t\t\t\t\tPscConnectionId: forwardingRule1Network2.PscConnectionId,\n\t\t\t\t\t\t\t\tAddress: ip1Network2.Address,\n\t\t\t\t\t\t\t\tForwardingRule: forwardingRule1Network2.ID(),\n\t\t\t\t\t\t\t\tNetwork: network2.ID(),\n\t\t\t\t\t\t\t\tServiceAttachment: cluster_user_connCluster.PscServiceAttachments.ApplyT(func(pscServiceAttachments []redis.ClusterPscServiceAttachment) (*string, error) {\n\t\t\t\t\t\t\t\t\treturn \u0026pscServiceAttachments[0].ServiceAttachment, nil\n\t\t\t\t\t\t\t\t}).(pulumi.StringPtrOutput),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026redis.ClusterUserCreatedConnectionsClusterEndpointConnectionArgs{\n\t\t\t\t\t\t\tPscConnection: \u0026redis.ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionArgs{\n\t\t\t\t\t\t\t\tPscConnectionId: forwardingRule2Network2.PscConnectionId,\n\t\t\t\t\t\t\t\tAddress: ip2Network2.Address,\n\t\t\t\t\t\t\t\tForwardingRule: forwardingRule2Network2.ID(),\n\t\t\t\t\t\t\t\tNetwork: network2.ID(),\n\t\t\t\t\t\t\t\tServiceAttachment: cluster_user_connCluster.PscServiceAttachments.ApplyT(func(pscServiceAttachments []redis.ClusterPscServiceAttachment) (*string, error) {\n\t\t\t\t\t\t\t\t\treturn \u0026pscServiceAttachments[1].ServiceAttachment, nil\n\t\t\t\t\t\t\t\t}).(pulumi.StringPtrOutput),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.compute.Network;\nimport com.pulumi.gcp.compute.NetworkArgs;\nimport com.pulumi.gcp.compute.Subnetwork;\nimport com.pulumi.gcp.compute.SubnetworkArgs;\nimport com.pulumi.gcp.compute.Address;\nimport com.pulumi.gcp.compute.AddressArgs;\nimport com.pulumi.gcp.redis.Cluster;\nimport com.pulumi.gcp.redis.ClusterArgs;\nimport com.pulumi.gcp.compute.ForwardingRule;\nimport com.pulumi.gcp.compute.ForwardingRuleArgs;\nimport com.pulumi.gcp.organizations.OrganizationsFunctions;\nimport com.pulumi.gcp.organizations.inputs.GetProjectArgs;\nimport com.pulumi.gcp.redis.ClusterUserCreatedConnections;\nimport com.pulumi.gcp.redis.ClusterUserCreatedConnectionsArgs;\nimport com.pulumi.gcp.redis.inputs.ClusterUserCreatedConnectionsClusterEndpointArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var network1 = new Network(\"network1\", NetworkArgs.builder()\n .name(\"net1\")\n .autoCreateSubnetworks(false)\n .build());\n\n var subnetNetwork1 = new Subnetwork(\"subnetNetwork1\", SubnetworkArgs.builder()\n .name(\"subnet-net1\")\n .ipCidrRange(\"10.0.0.248/29\")\n .region(\"us-central1\")\n .network(network1.id())\n .build());\n\n var ip1Network1 = new Address(\"ip1Network1\", AddressArgs.builder()\n .name(\"ip1-net1\")\n .region(\"us-central1\")\n .subnetwork(subnetNetwork1.id())\n .addressType(\"INTERNAL\")\n .purpose(\"GCE_ENDPOINT\")\n .build());\n\n // redis cluster without endpoint\n var cluster_user_connCluster = new Cluster(\"cluster-user-connCluster\", ClusterArgs.builder()\n .name(\"cluster-user-conn\")\n .shardCount(3)\n .region(\"us-central1\")\n .replicaCount(0)\n .deletionProtectionEnabled(false)\n .build());\n\n var forwardingRule1Network1 = new ForwardingRule(\"forwardingRule1Network1\", ForwardingRuleArgs.builder()\n .name(\"fwd1-net1\")\n .region(\"us-central1\")\n .ipAddress(ip1Network1.id())\n .loadBalancingScheme(\"\")\n .network(network1.id())\n .target(cluster_user_connCluster.pscServiceAttachments().applyValue(pscServiceAttachments -\u003e pscServiceAttachments[0].serviceAttachment()))\n .build());\n\n var ip2Network1 = new Address(\"ip2Network1\", AddressArgs.builder()\n .name(\"ip2-net1\")\n .region(\"us-central1\")\n .subnetwork(subnetNetwork1.id())\n .addressType(\"INTERNAL\")\n .purpose(\"GCE_ENDPOINT\")\n .build());\n\n var forwardingRule2Network1 = new ForwardingRule(\"forwardingRule2Network1\", ForwardingRuleArgs.builder()\n .name(\"fwd2-net1\")\n .region(\"us-central1\")\n .ipAddress(ip2Network1.id())\n .loadBalancingScheme(\"\")\n .network(network1.id())\n .target(cluster_user_connCluster.pscServiceAttachments().applyValue(pscServiceAttachments -\u003e pscServiceAttachments[1].serviceAttachment()))\n .build());\n\n var network2 = new Network(\"network2\", NetworkArgs.builder()\n .name(\"network2\")\n .autoCreateSubnetworks(false)\n .build());\n\n var subnetNetwork2 = new Subnetwork(\"subnetNetwork2\", SubnetworkArgs.builder()\n .name(\"subnet-net2\")\n .ipCidrRange(\"10.0.0.248/29\")\n .region(\"us-central1\")\n .network(network2.id())\n .build());\n\n var ip1Network2 = new Address(\"ip1Network2\", AddressArgs.builder()\n .name(\"ip1-net2\")\n .region(\"us-central1\")\n .subnetwork(subnetNetwork2.id())\n .addressType(\"INTERNAL\")\n .purpose(\"GCE_ENDPOINT\")\n .build());\n\n var forwardingRule1Network2 = new ForwardingRule(\"forwardingRule1Network2\", ForwardingRuleArgs.builder()\n .name(\"fwd1-net2\")\n .region(\"us-central1\")\n .ipAddress(ip1Network2.id())\n .loadBalancingScheme(\"\")\n .network(network2.id())\n .target(cluster_user_connCluster.pscServiceAttachments().applyValue(pscServiceAttachments -\u003e pscServiceAttachments[0].serviceAttachment()))\n .build());\n\n var ip2Network2 = new Address(\"ip2Network2\", AddressArgs.builder()\n .name(\"ip2-net2\")\n .region(\"us-central1\")\n .subnetwork(subnetNetwork2.id())\n .addressType(\"INTERNAL\")\n .purpose(\"GCE_ENDPOINT\")\n .build());\n\n var forwardingRule2Network2 = new ForwardingRule(\"forwardingRule2Network2\", ForwardingRuleArgs.builder()\n .name(\"fwd2-net2\")\n .region(\"us-central1\")\n .ipAddress(ip2Network2.id())\n .loadBalancingScheme(\"\")\n .network(network2.id())\n .target(cluster_user_connCluster.pscServiceAttachments().applyValue(pscServiceAttachments -\u003e pscServiceAttachments[1].serviceAttachment()))\n .build());\n\n final var project = OrganizationsFunctions.getProject();\n\n var cluster_user_conn = new ClusterUserCreatedConnections(\"cluster-user-conn\", ClusterUserCreatedConnectionsArgs.builder()\n .name(\"cluster-user-conn\")\n .region(\"us-central1\")\n .clusterEndpoints( \n ClusterUserCreatedConnectionsClusterEndpointArgs.builder()\n .connections( \n ClusterUserCreatedConnectionsClusterEndpointConnectionArgs.builder()\n .pscConnection(ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionArgs.builder()\n .pscConnectionId(forwardingRule1Network1.pscConnectionId())\n .address(ip1Network1.address())\n .forwardingRule(forwardingRule1Network1.id())\n .network(network1.id())\n .projectId(project.applyValue(getProjectResult -\u003e getProjectResult.projectId()))\n .serviceAttachment(cluster_user_connCluster.pscServiceAttachments().applyValue(pscServiceAttachments -\u003e pscServiceAttachments[0].serviceAttachment()))\n .build())\n .build(),\n ClusterUserCreatedConnectionsClusterEndpointConnectionArgs.builder()\n .pscConnection(ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionArgs.builder()\n .pscConnectionId(forwardingRule2Network1.pscConnectionId())\n .address(ip2Network1.address())\n .forwardingRule(forwardingRule2Network1.id())\n .network(network1.id())\n .serviceAttachment(cluster_user_connCluster.pscServiceAttachments().applyValue(pscServiceAttachments -\u003e pscServiceAttachments[1].serviceAttachment()))\n .build())\n .build())\n .build(),\n ClusterUserCreatedConnectionsClusterEndpointArgs.builder()\n .connections( \n ClusterUserCreatedConnectionsClusterEndpointConnectionArgs.builder()\n .pscConnection(ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionArgs.builder()\n .pscConnectionId(forwardingRule1Network2.pscConnectionId())\n .address(ip1Network2.address())\n .forwardingRule(forwardingRule1Network2.id())\n .network(network2.id())\n .serviceAttachment(cluster_user_connCluster.pscServiceAttachments().applyValue(pscServiceAttachments -\u003e pscServiceAttachments[0].serviceAttachment()))\n .build())\n .build(),\n ClusterUserCreatedConnectionsClusterEndpointConnectionArgs.builder()\n .pscConnection(ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionArgs.builder()\n .pscConnectionId(forwardingRule2Network2.pscConnectionId())\n .address(ip2Network2.address())\n .forwardingRule(forwardingRule2Network2.id())\n .network(network2.id())\n .serviceAttachment(cluster_user_connCluster.pscServiceAttachments().applyValue(pscServiceAttachments -\u003e pscServiceAttachments[1].serviceAttachment()))\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n cluster-user-conn:\n type: gcp:redis:ClusterUserCreatedConnections\n properties:\n name: cluster-user-conn\n region: us-central1\n clusterEndpoints:\n - connections:\n - pscConnection:\n pscConnectionId: ${forwardingRule1Network1.pscConnectionId}\n address: ${ip1Network1.address}\n forwardingRule: ${forwardingRule1Network1.id}\n network: ${network1.id}\n projectId: ${project.projectId}\n serviceAttachment: ${[\"cluster-user-connCluster\"].pscServiceAttachments[0].serviceAttachment}\n - pscConnection:\n pscConnectionId: ${forwardingRule2Network1.pscConnectionId}\n address: ${ip2Network1.address}\n forwardingRule: ${forwardingRule2Network1.id}\n network: ${network1.id}\n serviceAttachment: ${[\"cluster-user-connCluster\"].pscServiceAttachments[1].serviceAttachment}\n - connections:\n - pscConnection:\n pscConnectionId: ${forwardingRule1Network2.pscConnectionId}\n address: ${ip1Network2.address}\n forwardingRule: ${forwardingRule1Network2.id}\n network: ${network2.id}\n serviceAttachment: ${[\"cluster-user-connCluster\"].pscServiceAttachments[0].serviceAttachment}\n - pscConnection:\n pscConnectionId: ${forwardingRule2Network2.pscConnectionId}\n address: ${ip2Network2.address}\n forwardingRule: ${forwardingRule2Network2.id}\n network: ${network2.id}\n serviceAttachment: ${[\"cluster-user-connCluster\"].pscServiceAttachments[1].serviceAttachment}\n forwardingRule1Network1:\n type: gcp:compute:ForwardingRule\n name: forwarding_rule1_network1\n properties:\n name: fwd1-net1\n region: us-central1\n ipAddress: ${ip1Network1.id}\n loadBalancingScheme: \"\"\n network: ${network1.id}\n target: ${[\"cluster-user-connCluster\"].pscServiceAttachments[0].serviceAttachment}\n forwardingRule2Network1:\n type: gcp:compute:ForwardingRule\n name: forwarding_rule2_network1\n properties:\n name: fwd2-net1\n region: us-central1\n ipAddress: ${ip2Network1.id}\n loadBalancingScheme: \"\"\n network: ${network1.id}\n target: ${[\"cluster-user-connCluster\"].pscServiceAttachments[1].serviceAttachment}\n ip1Network1:\n type: gcp:compute:Address\n name: ip1_network1\n properties:\n name: ip1-net1\n region: us-central1\n subnetwork: ${subnetNetwork1.id}\n addressType: INTERNAL\n purpose: GCE_ENDPOINT\n ip2Network1:\n type: gcp:compute:Address\n name: ip2_network1\n properties:\n name: ip2-net1\n region: us-central1\n subnetwork: ${subnetNetwork1.id}\n addressType: INTERNAL\n purpose: GCE_ENDPOINT\n subnetNetwork1:\n type: gcp:compute:Subnetwork\n name: subnet_network1\n properties:\n name: subnet-net1\n ipCidrRange: 10.0.0.248/29\n region: us-central1\n network: ${network1.id}\n network1:\n type: gcp:compute:Network\n properties:\n name: net1\n autoCreateSubnetworks: false\n forwardingRule1Network2:\n type: gcp:compute:ForwardingRule\n name: forwarding_rule1_network2\n properties:\n name: fwd1-net2\n region: us-central1\n ipAddress: ${ip1Network2.id}\n loadBalancingScheme: \"\"\n network: ${network2.id}\n target: ${[\"cluster-user-connCluster\"].pscServiceAttachments[0].serviceAttachment}\n forwardingRule2Network2:\n type: gcp:compute:ForwardingRule\n name: forwarding_rule2_network2\n properties:\n name: fwd2-net2\n region: us-central1\n ipAddress: ${ip2Network2.id}\n loadBalancingScheme: \"\"\n network: ${network2.id}\n target: ${[\"cluster-user-connCluster\"].pscServiceAttachments[1].serviceAttachment}\n ip1Network2:\n type: gcp:compute:Address\n name: ip1_network2\n properties:\n name: ip1-net2\n region: us-central1\n subnetwork: ${subnetNetwork2.id}\n addressType: INTERNAL\n purpose: GCE_ENDPOINT\n ip2Network2:\n type: gcp:compute:Address\n name: ip2_network2\n properties:\n name: ip2-net2\n region: us-central1\n subnetwork: ${subnetNetwork2.id}\n addressType: INTERNAL\n purpose: GCE_ENDPOINT\n subnetNetwork2:\n type: gcp:compute:Subnetwork\n name: subnet_network2\n properties:\n name: subnet-net2\n ipCidrRange: 10.0.0.248/29\n region: us-central1\n network: ${network2.id}\n network2:\n type: gcp:compute:Network\n properties:\n name: network2\n autoCreateSubnetworks: false\n # redis cluster without endpoint\n cluster-user-connCluster:\n type: gcp:redis:Cluster\n name: cluster-user-conn\n properties:\n name: cluster-user-conn\n shardCount: 3\n region: us-central1\n replicaCount: 0\n deletionProtectionEnabled: false\nvariables:\n project:\n fn::invoke:\n function: gcp:organizations:getProject\n arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Redis Cluster User And Auto Created Connections\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst network2 = new gcp.compute.Network(\"network2\", {\n name: \"network2\",\n autoCreateSubnetworks: false,\n});\nconst subnetNetwork2 = new gcp.compute.Subnetwork(\"subnet_network2\", {\n name: \"subnet-net2\",\n ipCidrRange: \"10.0.0.248/29\",\n region: \"us-central1\",\n network: network2.id,\n});\nconst ip1Network2 = new gcp.compute.Address(\"ip1_network2\", {\n name: \"ip1-net2\",\n region: \"us-central1\",\n subnetwork: subnetNetwork2.id,\n addressType: \"INTERNAL\",\n purpose: \"GCE_ENDPOINT\",\n});\nconst network1 = new gcp.compute.Network(\"network1\", {\n name: \"net1\",\n autoCreateSubnetworks: false,\n});\nconst subnetNetwork1 = new gcp.compute.Subnetwork(\"subnet_network1\", {\n name: \"subnet-net1\",\n ipCidrRange: \"10.0.0.248/29\",\n region: \"us-central1\",\n network: network1.id,\n});\nconst _default = new gcp.networkconnectivity.ServiceConnectionPolicy(\"default\", {\n name: \"scpolicy\",\n location: \"us-central1\",\n serviceClass: \"gcp-memorystore-redis\",\n description: \"my basic service connection policy\",\n network: network1.id,\n pscConfig: {\n subnetworks: [subnetNetwork1.id],\n },\n});\n// redis cluster without endpoint\nconst cluster_user_auto_connCluster = new gcp.redis.Cluster(\"cluster-user-auto-conn\", {\n name: \"cluster-user-auto-conn\",\n shardCount: 3,\n region: \"us-central1\",\n replicaCount: 0,\n deletionProtectionEnabled: false,\n pscConfigs: [{\n network: network1.id,\n }],\n}, {\n dependsOn: [_default],\n});\nconst forwardingRule1Network2 = new gcp.compute.ForwardingRule(\"forwarding_rule1_network2\", {\n name: \"fwd1-net2\",\n region: \"us-central1\",\n ipAddress: ip1Network2.id,\n loadBalancingScheme: \"\",\n network: network2.id,\n target: cluster_user_auto_connCluster.pscServiceAttachments.apply(pscServiceAttachments =\u003e pscServiceAttachments[0].serviceAttachment),\n});\nconst ip2Network2 = new gcp.compute.Address(\"ip2_network2\", {\n name: \"ip2-net2\",\n region: \"us-central1\",\n subnetwork: subnetNetwork2.id,\n addressType: \"INTERNAL\",\n purpose: \"GCE_ENDPOINT\",\n});\nconst forwardingRule2Network2 = new gcp.compute.ForwardingRule(\"forwarding_rule2_network2\", {\n name: \"fwd2-net2\",\n region: \"us-central1\",\n ipAddress: ip2Network2.id,\n loadBalancingScheme: \"\",\n network: network2.id,\n target: cluster_user_auto_connCluster.pscServiceAttachments.apply(pscServiceAttachments =\u003e pscServiceAttachments[1].serviceAttachment),\n});\nconst cluster_user_auto_conn = new gcp.redis.ClusterUserCreatedConnections(\"cluster-user-auto-conn\", {\n name: \"cluster-user-auto-conn\",\n region: \"us-central1\",\n clusterEndpoints: [{\n connections: [\n {\n pscConnection: {\n pscConnectionId: forwardingRule1Network2.pscConnectionId,\n address: ip1Network2.address,\n forwardingRule: forwardingRule1Network2.id,\n network: network2.id,\n serviceAttachment: cluster_user_auto_connCluster.pscServiceAttachments.apply(pscServiceAttachments =\u003e pscServiceAttachments[0].serviceAttachment),\n },\n },\n {\n pscConnection: {\n pscConnectionId: forwardingRule2Network2.pscConnectionId,\n address: ip2Network2.address,\n forwardingRule: forwardingRule2Network2.id,\n network: network2.id,\n serviceAttachment: cluster_user_auto_connCluster.pscServiceAttachments.apply(pscServiceAttachments =\u003e pscServiceAttachments[1].serviceAttachment),\n },\n },\n ],\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nnetwork2 = gcp.compute.Network(\"network2\",\n name=\"network2\",\n auto_create_subnetworks=False)\nsubnet_network2 = gcp.compute.Subnetwork(\"subnet_network2\",\n name=\"subnet-net2\",\n ip_cidr_range=\"10.0.0.248/29\",\n region=\"us-central1\",\n network=network2.id)\nip1_network2 = gcp.compute.Address(\"ip1_network2\",\n name=\"ip1-net2\",\n region=\"us-central1\",\n subnetwork=subnet_network2.id,\n address_type=\"INTERNAL\",\n purpose=\"GCE_ENDPOINT\")\nnetwork1 = gcp.compute.Network(\"network1\",\n name=\"net1\",\n auto_create_subnetworks=False)\nsubnet_network1 = gcp.compute.Subnetwork(\"subnet_network1\",\n name=\"subnet-net1\",\n ip_cidr_range=\"10.0.0.248/29\",\n region=\"us-central1\",\n network=network1.id)\ndefault = gcp.networkconnectivity.ServiceConnectionPolicy(\"default\",\n name=\"scpolicy\",\n location=\"us-central1\",\n service_class=\"gcp-memorystore-redis\",\n description=\"my basic service connection policy\",\n network=network1.id,\n psc_config={\n \"subnetworks\": [subnet_network1.id],\n })\n# redis cluster without endpoint\ncluster_user_auto_conn_cluster = gcp.redis.Cluster(\"cluster-user-auto-conn\",\n name=\"cluster-user-auto-conn\",\n shard_count=3,\n region=\"us-central1\",\n replica_count=0,\n deletion_protection_enabled=False,\n psc_configs=[{\n \"network\": network1.id,\n }],\n opts = pulumi.ResourceOptions(depends_on=[default]))\nforwarding_rule1_network2 = gcp.compute.ForwardingRule(\"forwarding_rule1_network2\",\n name=\"fwd1-net2\",\n region=\"us-central1\",\n ip_address=ip1_network2.id,\n load_balancing_scheme=\"\",\n network=network2.id,\n target=cluster_user_auto_conn_cluster.psc_service_attachments[0].service_attachment)\nip2_network2 = gcp.compute.Address(\"ip2_network2\",\n name=\"ip2-net2\",\n region=\"us-central1\",\n subnetwork=subnet_network2.id,\n address_type=\"INTERNAL\",\n purpose=\"GCE_ENDPOINT\")\nforwarding_rule2_network2 = gcp.compute.ForwardingRule(\"forwarding_rule2_network2\",\n name=\"fwd2-net2\",\n region=\"us-central1\",\n ip_address=ip2_network2.id,\n load_balancing_scheme=\"\",\n network=network2.id,\n target=cluster_user_auto_conn_cluster.psc_service_attachments[1].service_attachment)\ncluster_user_auto_conn = gcp.redis.ClusterUserCreatedConnections(\"cluster-user-auto-conn\",\n name=\"cluster-user-auto-conn\",\n region=\"us-central1\",\n cluster_endpoints=[{\n \"connections\": [\n {\n \"psc_connection\": {\n \"psc_connection_id\": forwarding_rule1_network2.psc_connection_id,\n \"address\": ip1_network2.address,\n \"forwarding_rule\": forwarding_rule1_network2.id,\n \"network\": network2.id,\n \"service_attachment\": cluster_user_auto_conn_cluster.psc_service_attachments[0].service_attachment,\n },\n },\n {\n \"psc_connection\": {\n \"psc_connection_id\": forwarding_rule2_network2.psc_connection_id,\n \"address\": ip2_network2.address,\n \"forwarding_rule\": forwarding_rule2_network2.id,\n \"network\": network2.id,\n \"service_attachment\": cluster_user_auto_conn_cluster.psc_service_attachments[1].service_attachment,\n },\n },\n ],\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var network2 = new Gcp.Compute.Network(\"network2\", new()\n {\n Name = \"network2\",\n AutoCreateSubnetworks = false,\n });\n\n var subnetNetwork2 = new Gcp.Compute.Subnetwork(\"subnet_network2\", new()\n {\n Name = \"subnet-net2\",\n IpCidrRange = \"10.0.0.248/29\",\n Region = \"us-central1\",\n Network = network2.Id,\n });\n\n var ip1Network2 = new Gcp.Compute.Address(\"ip1_network2\", new()\n {\n Name = \"ip1-net2\",\n Region = \"us-central1\",\n Subnetwork = subnetNetwork2.Id,\n AddressType = \"INTERNAL\",\n Purpose = \"GCE_ENDPOINT\",\n });\n\n var network1 = new Gcp.Compute.Network(\"network1\", new()\n {\n Name = \"net1\",\n AutoCreateSubnetworks = false,\n });\n\n var subnetNetwork1 = new Gcp.Compute.Subnetwork(\"subnet_network1\", new()\n {\n Name = \"subnet-net1\",\n IpCidrRange = \"10.0.0.248/29\",\n Region = \"us-central1\",\n Network = network1.Id,\n });\n\n var @default = new Gcp.NetworkConnectivity.ServiceConnectionPolicy(\"default\", new()\n {\n Name = \"scpolicy\",\n Location = \"us-central1\",\n ServiceClass = \"gcp-memorystore-redis\",\n Description = \"my basic service connection policy\",\n Network = network1.Id,\n PscConfig = new Gcp.NetworkConnectivity.Inputs.ServiceConnectionPolicyPscConfigArgs\n {\n Subnetworks = new[]\n {\n subnetNetwork1.Id,\n },\n },\n });\n\n // redis cluster without endpoint\n var cluster_user_auto_connCluster = new Gcp.Redis.Cluster(\"cluster-user-auto-conn\", new()\n {\n Name = \"cluster-user-auto-conn\",\n ShardCount = 3,\n Region = \"us-central1\",\n ReplicaCount = 0,\n DeletionProtectionEnabled = false,\n PscConfigs = new[]\n {\n new Gcp.Redis.Inputs.ClusterPscConfigArgs\n {\n Network = network1.Id,\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n @default,\n },\n });\n\n var forwardingRule1Network2 = new Gcp.Compute.ForwardingRule(\"forwarding_rule1_network2\", new()\n {\n Name = \"fwd1-net2\",\n Region = \"us-central1\",\n IpAddress = ip1Network2.Id,\n LoadBalancingScheme = \"\",\n Network = network2.Id,\n Target = cluster_user_auto_connCluster.PscServiceAttachments.Apply(pscServiceAttachments =\u003e pscServiceAttachments[0].ServiceAttachment),\n });\n\n var ip2Network2 = new Gcp.Compute.Address(\"ip2_network2\", new()\n {\n Name = \"ip2-net2\",\n Region = \"us-central1\",\n Subnetwork = subnetNetwork2.Id,\n AddressType = \"INTERNAL\",\n Purpose = \"GCE_ENDPOINT\",\n });\n\n var forwardingRule2Network2 = new Gcp.Compute.ForwardingRule(\"forwarding_rule2_network2\", new()\n {\n Name = \"fwd2-net2\",\n Region = \"us-central1\",\n IpAddress = ip2Network2.Id,\n LoadBalancingScheme = \"\",\n Network = network2.Id,\n Target = cluster_user_auto_connCluster.PscServiceAttachments.Apply(pscServiceAttachments =\u003e pscServiceAttachments[1].ServiceAttachment),\n });\n\n var cluster_user_auto_conn = new Gcp.Redis.ClusterUserCreatedConnections(\"cluster-user-auto-conn\", new()\n {\n Name = \"cluster-user-auto-conn\",\n Region = \"us-central1\",\n ClusterEndpoints = new[]\n {\n new Gcp.Redis.Inputs.ClusterUserCreatedConnectionsClusterEndpointArgs\n {\n Connections = new[]\n {\n new Gcp.Redis.Inputs.ClusterUserCreatedConnectionsClusterEndpointConnectionArgs\n {\n PscConnection = new Gcp.Redis.Inputs.ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionArgs\n {\n PscConnectionId = forwardingRule1Network2.PscConnectionId,\n Address = ip1Network2.IPAddress,\n ForwardingRule = forwardingRule1Network2.Id,\n Network = network2.Id,\n ServiceAttachment = cluster_user_auto_connCluster.PscServiceAttachments.Apply(pscServiceAttachments =\u003e pscServiceAttachments[0].ServiceAttachment),\n },\n },\n new Gcp.Redis.Inputs.ClusterUserCreatedConnectionsClusterEndpointConnectionArgs\n {\n PscConnection = new Gcp.Redis.Inputs.ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionArgs\n {\n PscConnectionId = forwardingRule2Network2.PscConnectionId,\n Address = ip2Network2.IPAddress,\n ForwardingRule = forwardingRule2Network2.Id,\n Network = network2.Id,\n ServiceAttachment = cluster_user_auto_connCluster.PscServiceAttachments.Apply(pscServiceAttachments =\u003e pscServiceAttachments[1].ServiceAttachment),\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networkconnectivity\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/redis\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tnetwork2, err := compute.NewNetwork(ctx, \"network2\", \u0026compute.NetworkArgs{\n\t\t\tName: pulumi.String(\"network2\"),\n\t\t\tAutoCreateSubnetworks: pulumi.Bool(false),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tsubnetNetwork2, err := compute.NewSubnetwork(ctx, \"subnet_network2\", \u0026compute.SubnetworkArgs{\n\t\t\tName: pulumi.String(\"subnet-net2\"),\n\t\t\tIpCidrRange: pulumi.String(\"10.0.0.248/29\"),\n\t\t\tRegion: pulumi.String(\"us-central1\"),\n\t\t\tNetwork: network2.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tip1Network2, err := compute.NewAddress(ctx, \"ip1_network2\", \u0026compute.AddressArgs{\n\t\t\tName: pulumi.String(\"ip1-net2\"),\n\t\t\tRegion: pulumi.String(\"us-central1\"),\n\t\t\tSubnetwork: subnetNetwork2.ID(),\n\t\t\tAddressType: pulumi.String(\"INTERNAL\"),\n\t\t\tPurpose: pulumi.String(\"GCE_ENDPOINT\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tnetwork1, err := compute.NewNetwork(ctx, \"network1\", \u0026compute.NetworkArgs{\n\t\t\tName: pulumi.String(\"net1\"),\n\t\t\tAutoCreateSubnetworks: pulumi.Bool(false),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tsubnetNetwork1, err := compute.NewSubnetwork(ctx, \"subnet_network1\", \u0026compute.SubnetworkArgs{\n\t\t\tName: pulumi.String(\"subnet-net1\"),\n\t\t\tIpCidrRange: pulumi.String(\"10.0.0.248/29\"),\n\t\t\tRegion: pulumi.String(\"us-central1\"),\n\t\t\tNetwork: network1.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = networkconnectivity.NewServiceConnectionPolicy(ctx, \"default\", \u0026networkconnectivity.ServiceConnectionPolicyArgs{\n\t\t\tName: pulumi.String(\"scpolicy\"),\n\t\t\tLocation: pulumi.String(\"us-central1\"),\n\t\t\tServiceClass: pulumi.String(\"gcp-memorystore-redis\"),\n\t\t\tDescription: pulumi.String(\"my basic service connection policy\"),\n\t\t\tNetwork: network1.ID(),\n\t\t\tPscConfig: \u0026networkconnectivity.ServiceConnectionPolicyPscConfigArgs{\n\t\t\t\tSubnetworks: pulumi.StringArray{\n\t\t\t\t\tsubnetNetwork1.ID(),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// redis cluster without endpoint\n\t\t_, err = redis.NewCluster(ctx, \"cluster-user-auto-conn\", \u0026redis.ClusterArgs{\n\t\t\tName: pulumi.String(\"cluster-user-auto-conn\"),\n\t\t\tShardCount: pulumi.Int(3),\n\t\t\tRegion: pulumi.String(\"us-central1\"),\n\t\t\tReplicaCount: pulumi.Int(0),\n\t\t\tDeletionProtectionEnabled: pulumi.Bool(false),\n\t\t\tPscConfigs: redis.ClusterPscConfigArray{\n\t\t\t\t\u0026redis.ClusterPscConfigArgs{\n\t\t\t\t\tNetwork: network1.ID(),\n\t\t\t\t},\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\t_default,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tforwardingRule1Network2, err := compute.NewForwardingRule(ctx, \"forwarding_rule1_network2\", \u0026compute.ForwardingRuleArgs{\n\t\t\tName: pulumi.String(\"fwd1-net2\"),\n\t\t\tRegion: pulumi.String(\"us-central1\"),\n\t\t\tIpAddress: ip1Network2.ID(),\n\t\t\tLoadBalancingScheme: pulumi.String(\"\"),\n\t\t\tNetwork: network2.ID(),\n\t\t\tTarget: pulumi.String(cluster_user_auto_connCluster.PscServiceAttachments.ApplyT(func(pscServiceAttachments []redis.ClusterPscServiceAttachment) (*string, error) {\n\t\t\t\treturn \u0026pscServiceAttachments[0].ServiceAttachment, nil\n\t\t\t}).(pulumi.StringPtrOutput)),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tip2Network2, err := compute.NewAddress(ctx, \"ip2_network2\", \u0026compute.AddressArgs{\n\t\t\tName: pulumi.String(\"ip2-net2\"),\n\t\t\tRegion: pulumi.String(\"us-central1\"),\n\t\t\tSubnetwork: subnetNetwork2.ID(),\n\t\t\tAddressType: pulumi.String(\"INTERNAL\"),\n\t\t\tPurpose: pulumi.String(\"GCE_ENDPOINT\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tforwardingRule2Network2, err := compute.NewForwardingRule(ctx, \"forwarding_rule2_network2\", \u0026compute.ForwardingRuleArgs{\n\t\t\tName: pulumi.String(\"fwd2-net2\"),\n\t\t\tRegion: pulumi.String(\"us-central1\"),\n\t\t\tIpAddress: ip2Network2.ID(),\n\t\t\tLoadBalancingScheme: pulumi.String(\"\"),\n\t\t\tNetwork: network2.ID(),\n\t\t\tTarget: pulumi.String(cluster_user_auto_connCluster.PscServiceAttachments.ApplyT(func(pscServiceAttachments []redis.ClusterPscServiceAttachment) (*string, error) {\n\t\t\t\treturn \u0026pscServiceAttachments[1].ServiceAttachment, nil\n\t\t\t}).(pulumi.StringPtrOutput)),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = redis.NewClusterUserCreatedConnections(ctx, \"cluster-user-auto-conn\", \u0026redis.ClusterUserCreatedConnectionsArgs{\n\t\t\tName: pulumi.String(\"cluster-user-auto-conn\"),\n\t\t\tRegion: pulumi.String(\"us-central1\"),\n\t\t\tClusterEndpoints: redis.ClusterUserCreatedConnectionsClusterEndpointArray{\n\t\t\t\t\u0026redis.ClusterUserCreatedConnectionsClusterEndpointArgs{\n\t\t\t\t\tConnections: redis.ClusterUserCreatedConnectionsClusterEndpointConnectionArray{\n\t\t\t\t\t\t\u0026redis.ClusterUserCreatedConnectionsClusterEndpointConnectionArgs{\n\t\t\t\t\t\t\tPscConnection: \u0026redis.ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionArgs{\n\t\t\t\t\t\t\t\tPscConnectionId: forwardingRule1Network2.PscConnectionId,\n\t\t\t\t\t\t\t\tAddress: ip1Network2.Address,\n\t\t\t\t\t\t\t\tForwardingRule: forwardingRule1Network2.ID(),\n\t\t\t\t\t\t\t\tNetwork: network2.ID(),\n\t\t\t\t\t\t\t\tServiceAttachment: cluster_user_auto_connCluster.PscServiceAttachments.ApplyT(func(pscServiceAttachments []redis.ClusterPscServiceAttachment) (*string, error) {\n\t\t\t\t\t\t\t\t\treturn \u0026pscServiceAttachments[0].ServiceAttachment, nil\n\t\t\t\t\t\t\t\t}).(pulumi.StringPtrOutput),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026redis.ClusterUserCreatedConnectionsClusterEndpointConnectionArgs{\n\t\t\t\t\t\t\tPscConnection: \u0026redis.ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionArgs{\n\t\t\t\t\t\t\t\tPscConnectionId: forwardingRule2Network2.PscConnectionId,\n\t\t\t\t\t\t\t\tAddress: ip2Network2.Address,\n\t\t\t\t\t\t\t\tForwardingRule: forwardingRule2Network2.ID(),\n\t\t\t\t\t\t\t\tNetwork: network2.ID(),\n\t\t\t\t\t\t\t\tServiceAttachment: cluster_user_auto_connCluster.PscServiceAttachments.ApplyT(func(pscServiceAttachments []redis.ClusterPscServiceAttachment) (*string, error) {\n\t\t\t\t\t\t\t\t\treturn \u0026pscServiceAttachments[1].ServiceAttachment, nil\n\t\t\t\t\t\t\t\t}).(pulumi.StringPtrOutput),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.compute.Network;\nimport com.pulumi.gcp.compute.NetworkArgs;\nimport com.pulumi.gcp.compute.Subnetwork;\nimport com.pulumi.gcp.compute.SubnetworkArgs;\nimport com.pulumi.gcp.compute.Address;\nimport com.pulumi.gcp.compute.AddressArgs;\nimport com.pulumi.gcp.networkconnectivity.ServiceConnectionPolicy;\nimport com.pulumi.gcp.networkconnectivity.ServiceConnectionPolicyArgs;\nimport com.pulumi.gcp.networkconnectivity.inputs.ServiceConnectionPolicyPscConfigArgs;\nimport com.pulumi.gcp.redis.Cluster;\nimport com.pulumi.gcp.redis.ClusterArgs;\nimport com.pulumi.gcp.redis.inputs.ClusterPscConfigArgs;\nimport com.pulumi.gcp.compute.ForwardingRule;\nimport com.pulumi.gcp.compute.ForwardingRuleArgs;\nimport com.pulumi.gcp.redis.ClusterUserCreatedConnections;\nimport com.pulumi.gcp.redis.ClusterUserCreatedConnectionsArgs;\nimport com.pulumi.gcp.redis.inputs.ClusterUserCreatedConnectionsClusterEndpointArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var network2 = new Network(\"network2\", NetworkArgs.builder()\n .name(\"network2\")\n .autoCreateSubnetworks(false)\n .build());\n\n var subnetNetwork2 = new Subnetwork(\"subnetNetwork2\", SubnetworkArgs.builder()\n .name(\"subnet-net2\")\n .ipCidrRange(\"10.0.0.248/29\")\n .region(\"us-central1\")\n .network(network2.id())\n .build());\n\n var ip1Network2 = new Address(\"ip1Network2\", AddressArgs.builder()\n .name(\"ip1-net2\")\n .region(\"us-central1\")\n .subnetwork(subnetNetwork2.id())\n .addressType(\"INTERNAL\")\n .purpose(\"GCE_ENDPOINT\")\n .build());\n\n var network1 = new Network(\"network1\", NetworkArgs.builder()\n .name(\"net1\")\n .autoCreateSubnetworks(false)\n .build());\n\n var subnetNetwork1 = new Subnetwork(\"subnetNetwork1\", SubnetworkArgs.builder()\n .name(\"subnet-net1\")\n .ipCidrRange(\"10.0.0.248/29\")\n .region(\"us-central1\")\n .network(network1.id())\n .build());\n\n var default_ = new ServiceConnectionPolicy(\"default\", ServiceConnectionPolicyArgs.builder()\n .name(\"scpolicy\")\n .location(\"us-central1\")\n .serviceClass(\"gcp-memorystore-redis\")\n .description(\"my basic service connection policy\")\n .network(network1.id())\n .pscConfig(ServiceConnectionPolicyPscConfigArgs.builder()\n .subnetworks(subnetNetwork1.id())\n .build())\n .build());\n\n // redis cluster without endpoint\n var cluster_user_auto_connCluster = new Cluster(\"cluster-user-auto-connCluster\", ClusterArgs.builder()\n .name(\"cluster-user-auto-conn\")\n .shardCount(3)\n .region(\"us-central1\")\n .replicaCount(0)\n .deletionProtectionEnabled(false)\n .pscConfigs(ClusterPscConfigArgs.builder()\n .network(network1.id())\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(default_)\n .build());\n\n var forwardingRule1Network2 = new ForwardingRule(\"forwardingRule1Network2\", ForwardingRuleArgs.builder()\n .name(\"fwd1-net2\")\n .region(\"us-central1\")\n .ipAddress(ip1Network2.id())\n .loadBalancingScheme(\"\")\n .network(network2.id())\n .target(cluster_user_auto_connCluster.pscServiceAttachments().applyValue(pscServiceAttachments -\u003e pscServiceAttachments[0].serviceAttachment()))\n .build());\n\n var ip2Network2 = new Address(\"ip2Network2\", AddressArgs.builder()\n .name(\"ip2-net2\")\n .region(\"us-central1\")\n .subnetwork(subnetNetwork2.id())\n .addressType(\"INTERNAL\")\n .purpose(\"GCE_ENDPOINT\")\n .build());\n\n var forwardingRule2Network2 = new ForwardingRule(\"forwardingRule2Network2\", ForwardingRuleArgs.builder()\n .name(\"fwd2-net2\")\n .region(\"us-central1\")\n .ipAddress(ip2Network2.id())\n .loadBalancingScheme(\"\")\n .network(network2.id())\n .target(cluster_user_auto_connCluster.pscServiceAttachments().applyValue(pscServiceAttachments -\u003e pscServiceAttachments[1].serviceAttachment()))\n .build());\n\n var cluster_user_auto_conn = new ClusterUserCreatedConnections(\"cluster-user-auto-conn\", ClusterUserCreatedConnectionsArgs.builder()\n .name(\"cluster-user-auto-conn\")\n .region(\"us-central1\")\n .clusterEndpoints(ClusterUserCreatedConnectionsClusterEndpointArgs.builder()\n .connections( \n ClusterUserCreatedConnectionsClusterEndpointConnectionArgs.builder()\n .pscConnection(ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionArgs.builder()\n .pscConnectionId(forwardingRule1Network2.pscConnectionId())\n .address(ip1Network2.address())\n .forwardingRule(forwardingRule1Network2.id())\n .network(network2.id())\n .serviceAttachment(cluster_user_auto_connCluster.pscServiceAttachments().applyValue(pscServiceAttachments -\u003e pscServiceAttachments[0].serviceAttachment()))\n .build())\n .build(),\n ClusterUserCreatedConnectionsClusterEndpointConnectionArgs.builder()\n .pscConnection(ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionArgs.builder()\n .pscConnectionId(forwardingRule2Network2.pscConnectionId())\n .address(ip2Network2.address())\n .forwardingRule(forwardingRule2Network2.id())\n .network(network2.id())\n .serviceAttachment(cluster_user_auto_connCluster.pscServiceAttachments().applyValue(pscServiceAttachments -\u003e pscServiceAttachments[1].serviceAttachment()))\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n cluster-user-auto-conn:\n type: gcp:redis:ClusterUserCreatedConnections\n properties:\n name: cluster-user-auto-conn\n region: us-central1\n clusterEndpoints:\n - connections:\n - pscConnection:\n pscConnectionId: ${forwardingRule1Network2.pscConnectionId}\n address: ${ip1Network2.address}\n forwardingRule: ${forwardingRule1Network2.id}\n network: ${network2.id}\n serviceAttachment: ${[\"cluster-user-auto-connCluster\"].pscServiceAttachments[0].serviceAttachment}\n - pscConnection:\n pscConnectionId: ${forwardingRule2Network2.pscConnectionId}\n address: ${ip2Network2.address}\n forwardingRule: ${forwardingRule2Network2.id}\n network: ${network2.id}\n serviceAttachment: ${[\"cluster-user-auto-connCluster\"].pscServiceAttachments[1].serviceAttachment}\n forwardingRule1Network2:\n type: gcp:compute:ForwardingRule\n name: forwarding_rule1_network2\n properties:\n name: fwd1-net2\n region: us-central1\n ipAddress: ${ip1Network2.id}\n loadBalancingScheme: \"\"\n network: ${network2.id}\n target: ${[\"cluster-user-auto-connCluster\"].pscServiceAttachments[0].serviceAttachment}\n forwardingRule2Network2:\n type: gcp:compute:ForwardingRule\n name: forwarding_rule2_network2\n properties:\n name: fwd2-net2\n region: us-central1\n ipAddress: ${ip2Network2.id}\n loadBalancingScheme: \"\"\n network: ${network2.id}\n target: ${[\"cluster-user-auto-connCluster\"].pscServiceAttachments[1].serviceAttachment}\n ip1Network2:\n type: gcp:compute:Address\n name: ip1_network2\n properties:\n name: ip1-net2\n region: us-central1\n subnetwork: ${subnetNetwork2.id}\n addressType: INTERNAL\n purpose: GCE_ENDPOINT\n ip2Network2:\n type: gcp:compute:Address\n name: ip2_network2\n properties:\n name: ip2-net2\n region: us-central1\n subnetwork: ${subnetNetwork2.id}\n addressType: INTERNAL\n purpose: GCE_ENDPOINT\n subnetNetwork2:\n type: gcp:compute:Subnetwork\n name: subnet_network2\n properties:\n name: subnet-net2\n ipCidrRange: 10.0.0.248/29\n region: us-central1\n network: ${network2.id}\n network2:\n type: gcp:compute:Network\n properties:\n name: network2\n autoCreateSubnetworks: false\n # redis cluster without endpoint\n cluster-user-auto-connCluster:\n type: gcp:redis:Cluster\n name: cluster-user-auto-conn\n properties:\n name: cluster-user-auto-conn\n shardCount: 3\n region: us-central1\n replicaCount: 0\n deletionProtectionEnabled: false\n pscConfigs:\n - network: ${network1.id}\n options:\n dependsOn:\n - ${default}\n default:\n type: gcp:networkconnectivity:ServiceConnectionPolicy\n properties:\n name: scpolicy\n location: us-central1\n serviceClass: gcp-memorystore-redis\n description: my basic service connection policy\n network: ${network1.id}\n pscConfig:\n subnetworks:\n - ${subnetNetwork1.id}\n subnetNetwork1:\n type: gcp:compute:Subnetwork\n name: subnet_network1\n properties:\n name: subnet-net1\n ipCidrRange: 10.0.0.248/29\n region: us-central1\n network: ${network1.id}\n network1:\n type: gcp:compute:Network\n properties:\n name: net1\n autoCreateSubnetworks: false\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nClusterUserCreatedConnections can be imported using any of these accepted formats:\n\n* `projects/{{project}}/locations/{{region}}/clusters/{{name}}`\n\n* `{{project}}/{{region}}/{{name}}`\n\n* `{{region}}/{{name}}`\n\n* `{{name}}`\n\nWhen using the `pulumi import` command, ClusterUserCreatedConnections can be imported using one of the formats above. For example:\n\n```sh\n$ pulumi import gcp:redis/clusterUserCreatedConnections:ClusterUserCreatedConnections default projects/{{project}}/locations/{{region}}/clusters/{{name}}\n```\n\n```sh\n$ pulumi import gcp:redis/clusterUserCreatedConnections:ClusterUserCreatedConnections default {{project}}/{{region}}/{{name}}\n```\n\n```sh\n$ pulumi import gcp:redis/clusterUserCreatedConnections:ClusterUserCreatedConnections default {{region}}/{{name}}\n```\n\n```sh\n$ pulumi import gcp:redis/clusterUserCreatedConnections:ClusterUserCreatedConnections default {{name}}\n```\n\n", + "properties": { + "clusterEndpoints": { + "type": "array", + "items": { + "$ref": "#/types/gcp:redis/ClusterUserCreatedConnectionsClusterEndpoint:ClusterUserCreatedConnectionsClusterEndpoint" + }, + "description": "A list of cluster endpoints\nStructure is documented below.\n" + }, + "name": { + "type": "string", + "description": "The name of the Redis cluster these endpoints should be added to.\n" + }, + "project": { + "type": "string", + "description": "The ID of the project in which the resource belongs.\nIf it is not provided, the provider project is used.\n" + }, + "region": { + "type": "string", + "description": "The name of the region of the Redis cluster these endpoints should be added to.\n\n\n- - -\n" + } + }, + "required": [ + "name", + "project", + "region" + ], + "inputProperties": { + "clusterEndpoints": { + "type": "array", + "items": { + "$ref": "#/types/gcp:redis/ClusterUserCreatedConnectionsClusterEndpoint:ClusterUserCreatedConnectionsClusterEndpoint" + }, + "description": "A list of cluster endpoints\nStructure is documented below.\n" + }, + "name": { + "type": "string", + "description": "The name of the Redis cluster these endpoints should be added to.\n" + }, + "project": { + "type": "string", + "description": "The ID of the project in which the resource belongs.\nIf it is not provided, the provider project is used.\n", + "willReplaceOnChanges": true + }, + "region": { + "type": "string", + "description": "The name of the region of the Redis cluster these endpoints should be added to.\n\n\n- - -\n" + } + }, + "requiredInputs": [ + "region" + ], + "stateInputs": { + "description": "Input properties used for looking up and filtering ClusterUserCreatedConnections resources.\n", + "properties": { + "clusterEndpoints": { + "type": "array", + "items": { + "$ref": "#/types/gcp:redis/ClusterUserCreatedConnectionsClusterEndpoint:ClusterUserCreatedConnectionsClusterEndpoint" + }, + "description": "A list of cluster endpoints\nStructure is documented below.\n" + }, + "name": { + "type": "string", + "description": "The name of the Redis cluster these endpoints should be added to.\n" + }, + "project": { + "type": "string", + "description": "The ID of the project in which the resource belongs.\nIf it is not provided, the provider project is used.\n", "willReplaceOnChanges": true + }, + "region": { + "type": "string", + "description": "The name of the region of the Redis cluster these endpoints should be added to.\n\n\n- - -\n" } }, "type": "object" @@ -295279,6 +297557,12 @@ }, "type": "array" }, + "buildConfigs": { + "items": { + "$ref": "#/types/gcp:cloudrunv2/getServiceBuildConfig:getServiceBuildConfig" + }, + "type": "array" + }, "client": { "type": "string" }, @@ -295436,6 +297720,7 @@ "required": [ "annotations", "binaryAuthorizations", + "buildConfigs", "client", "clientVersion", "conditions", @@ -295600,6 +297885,68 @@ "type": "object" } }, + "gcp:colab/getRuntimeTemplateIamPolicy:getRuntimeTemplateIamPolicy": { + "description": "Retrieves the current IAM policy data for runtimetemplate\n\n\n## example\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst policy = gcp.colab.getRuntimeTemplateIamPolicy({\n project: runtime_template.project,\n location: runtime_template.location,\n runtimeTemplate: runtime_template.name,\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\npolicy = gcp.colab.get_runtime_template_iam_policy(project=runtime_template[\"project\"],\n location=runtime_template[\"location\"],\n runtime_template=runtime_template[\"name\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var policy = Gcp.Colab.GetRuntimeTemplateIamPolicy.Invoke(new()\n {\n Project = runtime_template.Project,\n Location = runtime_template.Location,\n RuntimeTemplate = runtime_template.Name,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/colab\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := colab.LookupRuntimeTemplateIamPolicy(ctx, \u0026colab.LookupRuntimeTemplateIamPolicyArgs{\n\t\t\tProject: pulumi.StringRef(runtime_template.Project),\n\t\t\tLocation: pulumi.StringRef(runtime_template.Location),\n\t\t\tRuntimeTemplate: runtime_template.Name,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.colab.ColabFunctions;\nimport com.pulumi.gcp.colab.inputs.GetRuntimeTemplateIamPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var policy = ColabFunctions.getRuntimeTemplateIamPolicy(GetRuntimeTemplateIamPolicyArgs.builder()\n .project(runtime_template.project())\n .location(runtime_template.location())\n .runtimeTemplate(runtime_template.name())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n policy:\n fn::invoke:\n function: gcp:colab:getRuntimeTemplateIamPolicy\n arguments:\n project: ${[\"runtime-template\"].project}\n location: ${[\"runtime-template\"].location}\n runtimeTemplate: ${[\"runtime-template\"].name}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", + "inputs": { + "description": "A collection of arguments for invoking getRuntimeTemplateIamPolicy.\n", + "properties": { + "location": { + "type": "string", + "description": "The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified,\nthe value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no\nlocation is specified, it is taken from the provider configuration.\n", + "willReplaceOnChanges": true + }, + "project": { + "type": "string", + "description": "The ID of the project in which the resource belongs.\nIf it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.\n", + "willReplaceOnChanges": true + }, + "runtimeTemplate": { + "type": "string", + "description": "Used to find the parent resource to bind the IAM policy to\n", + "willReplaceOnChanges": true + } + }, + "type": "object", + "required": [ + "runtimeTemplate" + ] + }, + "outputs": { + "description": "A collection of values returned by getRuntimeTemplateIamPolicy.\n", + "properties": { + "etag": { + "description": "(Computed) The etag of the IAM policy.\n", + "type": "string" + }, + "id": { + "description": "The provider-assigned unique ID for this managed resource.\n", + "type": "string" + }, + "location": { + "type": "string" + }, + "policyData": { + "description": "(Required only by `gcp.colab.RuntimeTemplateIamPolicy`) The policy data generated by\na `gcp.organizations.getIAMPolicy` data source.\n", + "type": "string" + }, + "project": { + "type": "string" + }, + "runtimeTemplate": { + "type": "string" + } + }, + "required": [ + "etag", + "location", + "policyData", + "project", + "runtimeTemplate", + "id" + ], + "type": "object" + } + }, "gcp:composer/getEnvironment:getEnvironment": { "description": "Provides access to Cloud Composer environment configuration in a region for a given project.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst composerEnvEnvironment = new gcp.composer.Environment(\"composer_env\", {name: \"composer-environment\"});\nconst composerEnv = gcp.composer.getEnvironment({\n name: test.name,\n});\nexport const debug = composerEnv.then(composerEnv =\u003e composerEnv.configs);\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\ncomposer_env_environment = gcp.composer.Environment(\"composer_env\", name=\"composer-environment\")\ncomposer_env = gcp.composer.get_environment(name=test[\"name\"])\npulumi.export(\"debug\", composer_env.configs)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var composerEnvEnvironment = new Gcp.Composer.Environment(\"composer_env\", new()\n {\n Name = \"composer-environment\",\n });\n\n var composerEnv = Gcp.Composer.GetEnvironment.Invoke(new()\n {\n Name = test.Name,\n });\n\n return new Dictionary\u003cstring, object?\u003e\n {\n [\"debug\"] = composerEnv.Apply(getEnvironmentResult =\u003e getEnvironmentResult.Configs),\n };\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/composer\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := composer.NewEnvironment(ctx, \"composer_env\", \u0026composer.EnvironmentArgs{\n\t\t\tName: pulumi.String(\"composer-environment\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcomposerEnv, err := composer.LookupEnvironment(ctx, \u0026composer.LookupEnvironmentArgs{\n\t\t\tName: test.Name,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"debug\", composerEnv.Configs)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.composer.Environment;\nimport com.pulumi.gcp.composer.EnvironmentArgs;\nimport com.pulumi.gcp.composer.ComposerFunctions;\nimport com.pulumi.gcp.composer.inputs.GetEnvironmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var composerEnvEnvironment = new Environment(\"composerEnvEnvironment\", EnvironmentArgs.builder()\n .name(\"composer-environment\")\n .build());\n\n final var composerEnv = ComposerFunctions.getEnvironment(GetEnvironmentArgs.builder()\n .name(test.name())\n .build());\n\n ctx.export(\"debug\", composerEnv.applyValue(getEnvironmentResult -\u003e getEnvironmentResult.configs()));\n }\n}\n```\n```yaml\nresources:\n composerEnvEnvironment:\n type: gcp:composer:Environment\n name: composer_env\n properties:\n name: composer-environment\nvariables:\n composerEnv:\n fn::invoke:\n function: gcp:composer:getEnvironment\n arguments:\n name: ${test.name}\noutputs:\n debug: ${composerEnv.configs}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { @@ -298763,6 +301110,59 @@ "type": "object" } }, + "gcp:compute/getInstanceTemplateIamPolicy:getInstanceTemplateIamPolicy": { + "description": "Retrieves the current IAM policy data for instancetemplate\n\n\n## example\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst policy = gcp.compute.getInstanceTemplateIamPolicy({\n project: _default.project,\n name: _default.name,\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\npolicy = gcp.compute.get_instance_template_iam_policy(project=default[\"project\"],\n name=default[\"name\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var policy = Gcp.Compute.GetInstanceTemplateIamPolicy.Invoke(new()\n {\n Project = @default.Project,\n Name = @default.Name,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := compute.LookupInstanceTemplateIamPolicy(ctx, \u0026compute.LookupInstanceTemplateIamPolicyArgs{\n\t\t\tProject: pulumi.StringRef(_default.Project),\n\t\t\tName: _default.Name,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.compute.ComputeFunctions;\nimport com.pulumi.gcp.compute.inputs.GetInstanceTemplateIamPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var policy = ComputeFunctions.getInstanceTemplateIamPolicy(GetInstanceTemplateIamPolicyArgs.builder()\n .project(default_.project())\n .name(default_.name())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n policy:\n fn::invoke:\n function: gcp:compute:getInstanceTemplateIamPolicy\n arguments:\n project: ${default.project}\n name: ${default.name}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", + "inputs": { + "description": "A collection of arguments for invoking getInstanceTemplateIamPolicy.\n", + "properties": { + "name": { + "type": "string", + "description": "Used to find the parent resource to bind the IAM policy to\n", + "willReplaceOnChanges": true + }, + "project": { + "type": "string", + "description": "The ID of the project in which the resource belongs.\nIf it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.\n", + "willReplaceOnChanges": true + } + }, + "type": "object", + "required": [ + "name" + ] + }, + "outputs": { + "description": "A collection of values returned by getInstanceTemplateIamPolicy.\n", + "properties": { + "etag": { + "description": "(Computed) The etag of the IAM policy.\n", + "type": "string" + }, + "id": { + "description": "The provider-assigned unique ID for this managed resource.\n", + "type": "string" + }, + "name": { + "type": "string" + }, + "policyData": { + "description": "(Required only by `gcp.compute.InstanceTemplateIamPolicy`) The policy data generated by\na `gcp.organizations.getIAMPolicy` data source.\n", + "type": "string" + }, + "project": { + "type": "string" + } + }, + "required": [ + "etag", + "name", + "policyData", + "project", + "id" + ], + "type": "object" + } + }, "gcp:compute/getLBIPRanges:getLBIPRanges": { "description": "Use this data source to access IP ranges in your firewall rules.\n\nhttps://cloud.google.com/compute/docs/load-balancing/health-checks#health_check_source_ips_and_firewall_rules\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst ranges = gcp.compute.getLBIPRanges({});\nconst lb = new gcp.compute.Firewall(\"lb\", {\n name: \"lb-firewall\",\n network: main.name,\n allows: [{\n protocol: \"tcp\",\n ports: [\"80\"],\n }],\n sourceRanges: ranges.then(ranges =\u003e ranges.networks),\n targetTags: [\"InstanceBehindLoadBalancer\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nranges = gcp.compute.get_lbip_ranges()\nlb = gcp.compute.Firewall(\"lb\",\n name=\"lb-firewall\",\n network=main[\"name\"],\n allows=[{\n \"protocol\": \"tcp\",\n \"ports\": [\"80\"],\n }],\n source_ranges=ranges.networks,\n target_tags=[\"InstanceBehindLoadBalancer\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var ranges = Gcp.Compute.GetLBIPRanges.Invoke();\n\n var lb = new Gcp.Compute.Firewall(\"lb\", new()\n {\n Name = \"lb-firewall\",\n Network = main.Name,\n Allows = new[]\n {\n new Gcp.Compute.Inputs.FirewallAllowArgs\n {\n Protocol = \"tcp\",\n Ports = new[]\n {\n \"80\",\n },\n },\n },\n SourceRanges = ranges.Apply(getLBIPRangesResult =\u003e getLBIPRangesResult.Networks),\n TargetTags = new[]\n {\n \"InstanceBehindLoadBalancer\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tranges, err := compute.GetLBIPRanges(ctx, map[string]interface{}{}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = compute.NewFirewall(ctx, \"lb\", \u0026compute.FirewallArgs{\n\t\t\tName: pulumi.String(\"lb-firewall\"),\n\t\t\tNetwork: pulumi.Any(main.Name),\n\t\t\tAllows: compute.FirewallAllowArray{\n\t\t\t\t\u0026compute.FirewallAllowArgs{\n\t\t\t\t\tProtocol: pulumi.String(\"tcp\"),\n\t\t\t\t\tPorts: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"80\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tSourceRanges: interface{}(ranges.Networks),\n\t\t\tTargetTags: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"InstanceBehindLoadBalancer\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.compute.ComputeFunctions;\nimport com.pulumi.gcp.compute.Firewall;\nimport com.pulumi.gcp.compute.FirewallArgs;\nimport com.pulumi.gcp.compute.inputs.FirewallAllowArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var ranges = ComputeFunctions.getLBIPRanges();\n\n var lb = new Firewall(\"lb\", FirewallArgs.builder()\n .name(\"lb-firewall\")\n .network(main.name())\n .allows(FirewallAllowArgs.builder()\n .protocol(\"tcp\")\n .ports(\"80\")\n .build())\n .sourceRanges(ranges.applyValue(getLBIPRangesResult -\u003e getLBIPRangesResult.networks()))\n .targetTags(\"InstanceBehindLoadBalancer\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n lb:\n type: gcp:compute:Firewall\n properties:\n name: lb-firewall\n network: ${main.name}\n allows:\n - protocol: tcp\n ports:\n - '80'\n sourceRanges: ${ranges.networks}\n targetTags:\n - InstanceBehindLoadBalancer\nvariables:\n ranges:\n fn::invoke:\n function: gcp:compute:getLBIPRanges\n arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "outputs": { @@ -304445,6 +306845,12 @@ "secret": true, "type": "object" }, + "tags": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, "tier": { "type": "string" }, @@ -304466,6 +306872,7 @@ "networks", "performanceConfigs", "protocol", + "tags", "pulumiLabels", "tier", "zone", @@ -305063,6 +307470,7 @@ } }, "gcp:gemini/getRepositoryGroupIamPolicy:getRepositoryGroupIamPolicy": { + "description": "Retrieves the current IAM policy data for repositorygroup\n\n\n## example\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst policy = gcp.gemini.getRepositoryGroupIamPolicy({\n project: example.project,\n location: example.location,\n codeRepositoryIndex: example.codeRepositoryIndex,\n repositoryGroupId: example.repositoryGroupId,\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\npolicy = gcp.gemini.get_repository_group_iam_policy(project=example[\"project\"],\n location=example[\"location\"],\n code_repository_index=example[\"codeRepositoryIndex\"],\n repository_group_id=example[\"repositoryGroupId\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var policy = Gcp.Gemini.GetRepositoryGroupIamPolicy.Invoke(new()\n {\n Project = example.Project,\n Location = example.Location,\n CodeRepositoryIndex = example.CodeRepositoryIndex,\n RepositoryGroupId = example.RepositoryGroupId,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/gemini\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := gemini.LookupRepositoryGroupIamPolicy(ctx, \u0026gemini.LookupRepositoryGroupIamPolicyArgs{\n\t\t\tProject: pulumi.StringRef(example.Project),\n\t\t\tLocation: pulumi.StringRef(example.Location),\n\t\t\tCodeRepositoryIndex: example.CodeRepositoryIndex,\n\t\t\tRepositoryGroupId: example.RepositoryGroupId,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.gemini.GeminiFunctions;\nimport com.pulumi.gcp.gemini.inputs.GetRepositoryGroupIamPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var policy = GeminiFunctions.getRepositoryGroupIamPolicy(GetRepositoryGroupIamPolicyArgs.builder()\n .project(example.project())\n .location(example.location())\n .codeRepositoryIndex(example.codeRepositoryIndex())\n .repositoryGroupId(example.repositoryGroupId())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n policy:\n fn::invoke:\n function: gcp:gemini:getRepositoryGroupIamPolicy\n arguments:\n project: ${example.project}\n location: ${example.location}\n codeRepositoryIndex: ${example.codeRepositoryIndex}\n repositoryGroupId: ${example.repositoryGroupId}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { "description": "A collection of arguments for invoking getRepositoryGroupIamPolicy.\n", "properties": { @@ -307525,6 +309933,65 @@ "type": "object" } }, + "gcp:kms/getKeyHandles:getKeyHandles": { + "description": "## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst myKeyHandles = gcp.kms.getKeyHandles({\n project: \"resource-project-id\",\n location: \"us-central1\",\n resourceTypeSelector: \"storage.googleapis.com/Bucket\",\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nmy_key_handles = gcp.kms.get_key_handles(project=\"resource-project-id\",\n location=\"us-central1\",\n resource_type_selector=\"storage.googleapis.com/Bucket\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var myKeyHandles = Gcp.Kms.GetKeyHandles.Invoke(new()\n {\n Project = \"resource-project-id\",\n Location = \"us-central1\",\n ResourceTypeSelector = \"storage.googleapis.com/Bucket\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/kms\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kms.GetKeyHandles(ctx, \u0026kms.GetKeyHandlesArgs{\n\t\t\tProject: pulumi.StringRef(\"resource-project-id\"),\n\t\t\tLocation: \"us-central1\",\n\t\t\tResourceTypeSelector: \"storage.googleapis.com/Bucket\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.kms.KmsFunctions;\nimport com.pulumi.gcp.kms.inputs.GetKeyHandlesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var myKeyHandles = KmsFunctions.getKeyHandles(GetKeyHandlesArgs.builder()\n .project(\"resource-project-id\")\n .location(\"us-central1\")\n .resourceTypeSelector(\"storage.googleapis.com/Bucket\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n myKeyHandles:\n fn::invoke:\n function: gcp:kms:getKeyHandles\n arguments:\n project: resource-project-id\n location: us-central1\n resourceTypeSelector: storage.googleapis.com/Bucket\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", + "inputs": { + "description": "A collection of arguments for invoking getKeyHandles.\n", + "properties": { + "location": { + "type": "string", + "description": "The Google Cloud Platform location for the KeyHandle.\nA full list of valid locations can be found by running `gcloud kms locations list`.\n" + }, + "project": { + "type": "string", + "description": "The project in which the resource belongs. If it\nis not provided, the provider project is used.\n" + }, + "resourceTypeSelector": { + "type": "string", + "description": "The resource type by which to filter KeyHandle e.g. {SERVICE}.googleapis.com/{TYPE}. See documentation for supported resource types. \n\n- - -\n" + } + }, + "type": "object", + "required": [ + "location", + "resourceTypeSelector" + ] + }, + "outputs": { + "description": "A collection of values returned by getKeyHandles.\n", + "properties": { + "id": { + "description": "The provider-assigned unique ID for this managed resource.\n", + "type": "string" + }, + "keyHandles": { + "items": { + "$ref": "#/types/gcp:kms/getKeyHandlesKeyHandle:getKeyHandlesKeyHandle" + }, + "type": "array" + }, + "location": { + "description": "The location of the KMS Key and KeyHandle.\n", + "type": "string" + }, + "project": { + "description": "The identifier of the project where KMS KeyHandle is created.\n", + "type": "string" + }, + "resourceTypeSelector": { + "description": "Indicates the resource type that the resulting CryptoKey is meant to protect, e.g. {SERVICE}.googleapis.com/{TYPE}. See documentation for supported resource types.\n", + "type": "string" + } + }, + "required": [ + "keyHandles", + "location", + "resourceTypeSelector", + "id" + ], + "type": "object" + } + }, "gcp:kms/getKeyRingIamPolicy:getKeyRingIamPolicy": { "description": "Retrieves the current IAM policy data for a Google Cloud KMS key ring.\n\n## example\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst testKeyRingIamPolicy = gcp.kms.getKeyRingIamPolicy({\n keyRingId: \"{project_id}/{location_name}/{key_ring_name}\",\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\ntest_key_ring_iam_policy = gcp.kms.get_key_ring_iam_policy(key_ring_id=\"{project_id}/{location_name}/{key_ring_name}\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var testKeyRingIamPolicy = Gcp.Kms.GetKeyRingIamPolicy.Invoke(new()\n {\n KeyRingId = \"{project_id}/{location_name}/{key_ring_name}\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/kms\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kms.GetKeyRingIamPolicy(ctx, \u0026kms.GetKeyRingIamPolicyArgs{\n\t\t\tKeyRingId: \"{project_id}/{location_name}/{key_ring_name}\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.kms.KmsFunctions;\nimport com.pulumi.gcp.kms.inputs.GetKeyRingIamPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var testKeyRingIamPolicy = KmsFunctions.getKeyRingIamPolicy(GetKeyRingIamPolicyArgs.builder()\n .keyRingId(\"{project_id}/{location_name}/{key_ring_name}\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n testKeyRingIamPolicy:\n fn::invoke:\n function: gcp:kms:getKeyRingIamPolicy\n arguments:\n keyRingId: '{project_id}/{location_name}/{key_ring_name}'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { @@ -309836,6 +312303,129 @@ "type": "object" } }, + "gcp:organizations/getS:getS": { + "description": "Gets a list of all organizations.\nSee [the official documentation](https://cloud.google.com/resource-manager/docs/creating-managing-organization)\nand [API](https://cloud.google.com/resource-manager/reference/rest/v1/organizations/search).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst example = gcp.organizations.getS({\n filter: \"domain:example.com\",\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nexample = gcp.organizations.get_s(filter=\"domain:example.com\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Gcp.Organizations.GetS.Invoke(new()\n {\n Filter = \"domain:example.com\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := organizations.GetS(ctx, \u0026organizations.GetSArgs{\n\t\t\tFilter: pulumi.StringRef(\"domain:example.com\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.organizations.OrganizationsFunctions;\nimport com.pulumi.gcp.organizations.inputs.GetSArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = OrganizationsFunctions.getS(GetSArgs.builder()\n .filter(\"domain:example.com\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n function: gcp:organizations:getS\n arguments:\n filter: domain:example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", + "inputs": { + "description": "A collection of arguments for invoking getS.\n", + "properties": { + "filter": { + "type": "string", + "description": "An optional query string used to filter the Organizations to return in the response. Filter rules are case-insensitive. Further information can be found in the [REST API](https://cloud.google.com/resource-manager/reference/rest/v1/organizations/search#request-body).\n" + } + }, + "type": "object" + }, + "outputs": { + "description": "A collection of values returned by getS.\n", + "properties": { + "filter": { + "type": "string" + }, + "id": { + "description": "The provider-assigned unique ID for this managed resource.\n", + "type": "string" + }, + "organizations": { + "description": "A list of all retrieved organizations. Structure is defined below.\n", + "items": { + "$ref": "#/types/gcp:organizations/getSOrganization:getSOrganization" + }, + "type": "array" + } + }, + "required": [ + "organizations", + "id" + ], + "type": "object" + } + }, + "gcp:parametermanager/getParameter:getParameter": { + "description": "## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst parameterDatasource = gcp.parametermanager.getParameter({\n parameterId: \"foobar\",\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nparameter_datasource = gcp.parametermanager.get_parameter(parameter_id=\"foobar\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var parameterDatasource = Gcp.ParameterManager.GetParameter.Invoke(new()\n {\n ParameterId = \"foobar\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/parametermanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := parametermanager.LookupParameter(ctx, \u0026parametermanager.LookupParameterArgs{\n\t\t\tParameterId: \"foobar\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.parametermanager.ParametermanagerFunctions;\nimport com.pulumi.gcp.parametermanager.inputs.GetParameterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var parameterDatasource = ParametermanagerFunctions.getParameter(GetParameterArgs.builder()\n .parameterId(\"foobar\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n parameterDatasource:\n fn::invoke:\n function: gcp:parametermanager:getParameter\n arguments:\n parameterId: foobar\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", + "inputs": { + "description": "A collection of arguments for invoking getParameter.\n", + "properties": { + "parameterId": { + "type": "string", + "description": "The name of the parameter.\n" + }, + "project": { + "type": "string", + "description": "The ID of the project in which the resource belongs.\n" + } + }, + "type": "object", + "required": [ + "parameterId" + ] + }, + "outputs": { + "description": "A collection of values returned by getParameter.\n", + "properties": { + "createTime": { + "type": "string" + }, + "effectiveLabels": { + "additionalProperties": { + "type": "string" + }, + "secret": true, + "type": "object" + }, + "format": { + "type": "string" + }, + "id": { + "description": "The provider-assigned unique ID for this managed resource.\n", + "type": "string" + }, + "labels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "name": { + "type": "string" + }, + "parameterId": { + "type": "string" + }, + "policyMembers": { + "items": { + "$ref": "#/types/gcp:parametermanager/getParameterPolicyMember:getParameterPolicyMember" + }, + "type": "array" + }, + "project": { + "type": "string" + }, + "pulumiLabels": { + "additionalProperties": { + "type": "string" + }, + "secret": true, + "type": "object" + }, + "updateTime": { + "type": "string" + } + }, + "required": [ + "createTime", + "effectiveLabels", + "format", + "labels", + "name", + "parameterId", + "policyMembers", + "pulumiLabels", + "updateTime", + "id" + ], + "type": "object" + } + }, "gcp:parametermanager/getRegionalParameter:getRegionalParameter": { "description": "## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst regParameterDatasource = gcp.parametermanager.getRegionalParameter({\n parameterId: \"foobar\",\n location: \"us-central1\",\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nreg_parameter_datasource = gcp.parametermanager.get_regional_parameter(parameter_id=\"foobar\",\n location=\"us-central1\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var regParameterDatasource = Gcp.ParameterManager.GetRegionalParameter.Invoke(new()\n {\n ParameterId = \"foobar\",\n Location = \"us-central1\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/parametermanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := parametermanager.LookupRegionalParameter(ctx, \u0026parametermanager.LookupRegionalParameterArgs{\n\t\t\tParameterId: \"foobar\",\n\t\t\tLocation: \"us-central1\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.parametermanager.ParametermanagerFunctions;\nimport com.pulumi.gcp.parametermanager.inputs.GetRegionalParameterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var regParameterDatasource = ParametermanagerFunctions.getRegionalParameter(GetRegionalParameterArgs.builder()\n .parameterId(\"foobar\")\n .location(\"us-central1\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n regParameterDatasource:\n fn::invoke:\n function: gcp:parametermanager:getRegionalParameter\n arguments:\n parameterId: foobar\n location: us-central1\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { @@ -309931,6 +312521,63 @@ "type": "object" } }, + "gcp:parametermanager/getRegionalParameters:getRegionalParameters": { + "description": "## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst regional-parameters = gcp.parametermanager.getRegionalParameters({\n location: \"us-central1\",\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nregional_parameters = gcp.parametermanager.get_regional_parameters(location=\"us-central1\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var regional_parameters = Gcp.ParameterManager.GetRegionalParameters.Invoke(new()\n {\n Location = \"us-central1\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/parametermanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := parametermanager.GetRegionalParameters(ctx, \u0026parametermanager.GetRegionalParametersArgs{\n\t\t\tLocation: \"us-central1\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.parametermanager.ParametermanagerFunctions;\nimport com.pulumi.gcp.parametermanager.inputs.GetRegionalParametersArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var regional-parameters = ParametermanagerFunctions.getRegionalParameters(GetRegionalParametersArgs.builder()\n .location(\"us-central1\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n regional-parameters:\n fn::invoke:\n function: gcp:parametermanager:getRegionalParameters\n arguments:\n location: us-central1\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", + "inputs": { + "description": "A collection of arguments for invoking getRegionalParameters.\n", + "properties": { + "filter": { + "type": "string", + "description": "Filter string, adhering to the rules in List-operation filtering. List only parameters matching the filter. If filter is empty, all regional parameters are listed.\n" + }, + "location": { + "type": "string", + "description": "The location of regional parameter.\n" + }, + "project": { + "type": "string", + "description": "The ID of the project.\n" + } + }, + "type": "object", + "required": [ + "location" + ] + }, + "outputs": { + "description": "A collection of values returned by getRegionalParameters.\n", + "properties": { + "filter": { + "type": "string" + }, + "id": { + "description": "The provider-assigned unique ID for this managed resource.\n", + "type": "string" + }, + "location": { + "type": "string" + }, + "parameters": { + "description": "A list of regional parameters matching the filter. Structure is defined below.\n", + "items": { + "$ref": "#/types/gcp:parametermanager/getRegionalParametersParameter:getRegionalParametersParameter" + }, + "type": "array" + }, + "project": { + "description": "The ID of the project in which the resource belongs.\n", + "type": "string" + } + }, + "required": [ + "location", + "parameters", + "project", + "id" + ], + "type": "object" + } + }, "gcp:privilegedaccessmanager/getEntitlement:getEntitlement": { "description": "Use this data source to get information about a Google Cloud Privileged Access Manager Entitlement.\n\nTo get more information about Privileged Access Manager, see:\n\n* [API Documentation](https://cloud.google.com/iam/docs/reference/pam/rest)\n* How-to guides\n * [Official documentation](https://cloud.google.com/iam/docs/pam-overview)\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst my-entitlement = gcp.privilegedaccessmanager.getEntitlement({\n parent: \"projects/my-project\",\n location: \"global\",\n entitlementId: \"my-entitlement\",\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nmy_entitlement = gcp.privilegedaccessmanager.get_entitlement(parent=\"projects/my-project\",\n location=\"global\",\n entitlement_id=\"my-entitlement\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var my_entitlement = Gcp.PrivilegedAccessManager.GetEntitlement.Invoke(new()\n {\n Parent = \"projects/my-project\",\n Location = \"global\",\n EntitlementId = \"my-entitlement\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/privilegedaccessmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := privilegedaccessmanager.LookupEntitlement(ctx, \u0026privilegedaccessmanager.LookupEntitlementArgs{\n\t\t\tParent: pulumi.StringRef(\"projects/my-project\"),\n\t\t\tLocation: pulumi.StringRef(\"global\"),\n\t\t\tEntitlementId: pulumi.StringRef(\"my-entitlement\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.privilegedaccessmanager.PrivilegedaccessmanagerFunctions;\nimport com.pulumi.gcp.privilegedaccessmanager.inputs.GetEntitlementArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var my-entitlement = PrivilegedaccessmanagerFunctions.getEntitlement(GetEntitlementArgs.builder()\n .parent(\"projects/my-project\")\n .location(\"global\")\n .entitlementId(\"my-entitlement\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n my-entitlement:\n fn::invoke:\n function: gcp:privilegedaccessmanager:getEntitlement\n arguments:\n parent: projects/my-project\n location: global\n entitlementId: my-entitlement\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { diff --git a/provider/go.mod b/provider/go.mod index 901292094b..85f67add64 100644 --- a/provider/go.mod +++ b/provider/go.mod @@ -128,7 +128,6 @@ require ( github.com/grpc-ecosystem/go-grpc-middleware v1.3.0 // indirect github.com/grpc-ecosystem/grpc-opentracing v0.0.0-20180507213350-8e809c8a8645 // indirect github.com/hashicorp/errwrap v1.1.0 // indirect - github.com/hashicorp/go-checkpoint v0.5.0 // indirect github.com/hashicorp/go-cleanhttp v0.5.2 // indirect github.com/hashicorp/go-getter v1.7.5 // indirect github.com/hashicorp/go-hclog v1.6.3 // indirect @@ -142,13 +141,10 @@ require ( github.com/hashicorp/go-sockaddr v1.0.6 // indirect github.com/hashicorp/go-uuid v1.0.3 // indirect github.com/hashicorp/go-version v1.7.0 // indirect - github.com/hashicorp/hc-install v0.9.0 // indirect github.com/hashicorp/hcl v1.0.0 // indirect github.com/hashicorp/hcl/v2 v2.22.0 // indirect github.com/hashicorp/hil v0.0.0-20190212132231-97b3a9cdfa93 // indirect github.com/hashicorp/logutils v1.0.0 // indirect - github.com/hashicorp/terraform-exec v0.21.0 // indirect - github.com/hashicorp/terraform-json v0.23.0 // indirect github.com/hashicorp/terraform-plugin-framework v1.13.0 // indirect github.com/hashicorp/terraform-plugin-framework-validators v0.12.0 // indirect github.com/hashicorp/terraform-plugin-go v0.26.0 // indirect diff --git a/upstream b/upstream index 9e94233069..3ccfa8b3bd 160000 --- a/upstream +++ b/upstream @@ -1 +1 @@ -Subproject commit 9e94233069e2f5f4e44f637332955e78162925c8 +Subproject commit 3ccfa8b3bd9172c84bef96ec80dd2e1ac491dc20 From c70996ad4cbccd6a002cb4a75a5f40e48c08aa57 Mon Sep 17 00:00:00 2001 From: Venelin Date: Fri, 31 Jan 2025 15:51:23 +0200 Subject: [PATCH 3/6] fix retrohunt csharp name clash --- provider/resources.go | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/provider/resources.go b/provider/resources.go index 4d7652950a..d80e4673bf 100644 --- a/provider/resources.go +++ b/provider/resources.go @@ -2159,6 +2159,13 @@ func Provider() tfbridge.ProviderInfo { "google_bigquery_table": { DeleteBeforeReplace: true, }, + "google_chronicle_retrohunt": { + Fields: map[string]*tfbridge.SchemaInfo{ + "retrohunt": { + Name: "RetrohuntId", + }, + }, + }, }, DataSources: map[string]*tfbridge.DataSourceInfo{ // Access Approval From b31f24d8beb9511920d2f9fd6156d5b12acb3c75 Mon Sep 17 00:00:00 2001 From: Venelin Date: Fri, 31 Jan 2025 15:53:58 +0200 Subject: [PATCH 4/6] make tfgen --- provider/cmd/pulumi-resource-gcp/schema.json | 30 ++++++++++---------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/provider/cmd/pulumi-resource-gcp/schema.json b/provider/cmd/pulumi-resource-gcp/schema.json index 2689aa8b46..773e57d627 100644 --- a/provider/cmd/pulumi-resource-gcp/schema.json +++ b/provider/cmd/pulumi-resource-gcp/schema.json @@ -155706,6 +155706,10 @@ "gcp:chronicle/retrohunt:Retrohunt": { "description": "Retrohunt is an execution of a Rule over a time range in the past.\n\n\nTo get more information about Retrohunt, see:\n\n* [API documentation](https://cloud.google.com/chronicle/docs/reference/rest/v1alpha/projects.locations.instances.rules.retrohunts)\n* How-to Guides\n * [Google SecOps Guides](https://cloud.google.com/chronicle/docs/secops/secops-overview)\n\n## Example Usage\n\n## Import\n\nRetrohunt can be imported using any of these accepted formats:\n\n* `projects/{{project}}/locations/{{location}}/instances/{{instance}}/rules/{{rule}}/retrohunts/{{retrohunt}}`\n\n* `{{project}}/{{location}}/{{instance}}/{{rule}}/{{retrohunt}}`\n\n* `{{location}}/{{instance}}/{{rule}}/{{retrohunt}}`\n\nWhen using the `pulumi import` command, Retrohunt can be imported using one of the formats above. For example:\n\n```sh\n$ pulumi import gcp:chronicle/retrohunt:Retrohunt default projects/{{project}}/locations/{{location}}/instances/{{instance}}/rules/{{rule}}/retrohunts/{{retrohunt}}\n```\n\n```sh\n$ pulumi import gcp:chronicle/retrohunt:Retrohunt default {{project}}/{{location}}/{{instance}}/{{rule}}/{{retrohunt}}\n```\n\n```sh\n$ pulumi import gcp:chronicle/retrohunt:Retrohunt default {{location}}/{{instance}}/{{rule}}/{{retrohunt}}\n```\n\n", "properties": { + "RetrohuntId": { + "type": "string", + "description": "The retrohunt ID of the Retrohunt. A retrohunt is an execution of a Rule over a time range in the past.\n" + }, "executionIntervals": { "type": "array", "items": { @@ -155736,10 +155740,6 @@ "project": { "type": "string" }, - "retrohunt": { - "type": "string", - "description": "The retrohunt ID of the Retrohunt. A retrohunt is an execution of a Rule over a time range in the past.\n" - }, "rule": { "type": "string", "description": "The Rule ID of the rule.\n" @@ -155757,11 +155757,16 @@ "processInterval", "progressPercentage", "project", - "retrohunt", + "RetrohuntId", "rule", "state" ], "inputProperties": { + "RetrohuntId": { + "type": "string", + "description": "The retrohunt ID of the Retrohunt. A retrohunt is an execution of a Rule over a time range in the past.\n", + "willReplaceOnChanges": true + }, "instance": { "type": "string", "description": "The unique identifier for the Chronicle instance, which is the same as the customer ID.\n", @@ -155781,11 +155786,6 @@ "type": "string", "willReplaceOnChanges": true }, - "retrohunt": { - "type": "string", - "description": "The retrohunt ID of the Retrohunt. A retrohunt is an execution of a Rule over a time range in the past.\n", - "willReplaceOnChanges": true - }, "rule": { "type": "string", "description": "The Rule ID of the rule.\n", @@ -155801,6 +155801,11 @@ "stateInputs": { "description": "Input properties used for looking up and filtering Retrohunt resources.\n", "properties": { + "RetrohuntId": { + "type": "string", + "description": "The retrohunt ID of the Retrohunt. A retrohunt is an execution of a Rule over a time range in the past.\n", + "willReplaceOnChanges": true + }, "executionIntervals": { "type": "array", "items": { @@ -155835,11 +155840,6 @@ "type": "string", "willReplaceOnChanges": true }, - "retrohunt": { - "type": "string", - "description": "The retrohunt ID of the Retrohunt. A retrohunt is an execution of a Rule over a time range in the past.\n", - "willReplaceOnChanges": true - }, "rule": { "type": "string", "description": "The Rule ID of the rule.\n", From 96f9e3868944dd186398cedfa87f862264270874 Mon Sep 17 00:00:00 2001 From: Venelin Date: Fri, 31 Jan 2025 15:59:56 +0200 Subject: [PATCH 5/6] make build_sdks --- sdk/dotnet/Alloydb/Cluster.cs | 33 +- sdk/dotnet/ApiHub/ApiHubInstance.cs | 418 +++++++ .../ApiHub/Inputs/ApiHubInstanceConfigArgs.cs | 57 + .../Inputs/ApiHubInstanceConfigGetArgs.cs | 57 + .../ApiHub/Outputs/ApiHubInstanceConfig.cs | 62 + sdk/dotnet/ApiHub/README.md | 1 + sdk/dotnet/Apigee/EndpointAttachment.cs | 62 - sdk/dotnet/Apigee/Environment.cs | 21 + .../Inputs/EnvironmentPropertiesArgs.cs | 33 + .../Inputs/EnvironmentPropertiesGetArgs.cs | 33 + .../EnvironmentPropertiesPropertyArgs.cs | 32 + .../EnvironmentPropertiesPropertyGetArgs.cs | 32 + .../Apigee/Outputs/EnvironmentProperties.cs | 28 + .../Outputs/EnvironmentPropertiesProperty.cs | 35 + .../Inputs/RetrohuntExecutionIntervalArgs.cs | 36 + .../RetrohuntExecutionIntervalGetArgs.cs | 36 + .../Inputs/RetrohuntProcessIntervalArgs.cs | 34 + .../Inputs/RetrohuntProcessIntervalGetArgs.cs | 34 + .../Outputs/RetrohuntExecutionInterval.cs | 39 + .../Outputs/RetrohuntProcessInterval.cs | 37 + sdk/dotnet/Chronicle/Retrohunt.cs | 305 +++++ sdk/dotnet/CloudRunV2/GetService.cs | 4 + .../Inputs/ServiceBuildConfigArgs.cs | 81 ++ .../Inputs/ServiceBuildConfigGetArgs.cs | 81 ++ .../Outputs/GetServiceBuildConfigResult.cs | 84 ++ .../CloudRunV2/Outputs/ServiceBuildConfig.cs | 85 ++ sdk/dotnet/CloudRunV2/Service.cs | 110 ++ .../Colab/GetRuntimeTemplateIamPolicy.cs | 198 ++++ .../RuntimeNotebookRuntimeTemplateRefArgs.cs | 26 + ...untimeNotebookRuntimeTemplateRefGetArgs.cs | 26 + .../RuntimeTemplateIamBindingConditionArgs.cs | 29 + ...ntimeTemplateIamBindingConditionGetArgs.cs | 29 + .../RuntimeTemplateIamMemberConditionArgs.cs | 29 + ...untimeTemplateIamMemberConditionGetArgs.cs | 29 + .../RuntimeNotebookRuntimeTemplateRef.cs | 27 + .../RuntimeTemplateIamBindingCondition.cs | 33 + .../RuntimeTemplateIamMemberCondition.cs | 33 + sdk/dotnet/Colab/Runtime.cs | 375 ++++++ sdk/dotnet/Colab/RuntimeTemplateIamBinding.cs | 480 ++++++++ sdk/dotnet/Colab/RuntimeTemplateIamMember.cs | 468 ++++++++ sdk/dotnet/Colab/RuntimeTemplateIamPolicy.cs | 408 +++++++ sdk/dotnet/Compute/FirewallPolicyRule.cs | 110 +- sdk/dotnet/Compute/FirewallPolicyWithRules.cs | 134 ++- .../Compute/GetInstanceTemplateIamPolicy.cs | 175 +++ .../Inputs/FirewallPolicyRuleMatchArgs.cs | 26 + .../Inputs/FirewallPolicyRuleMatchGetArgs.cs | 26 + .../FirewallPolicyWithRulesRuleMatchArgs.cs | 26 + ...FirewallPolicyWithRulesRuleMatchGetArgs.cs | 26 + ...InstanceTemplateIamBindingConditionArgs.cs | 35 + ...tanceTemplateIamBindingConditionGetArgs.cs | 35 + .../InstanceTemplateIamMemberConditionArgs.cs | 35 + ...stanceTemplateIamMemberConditionGetArgs.cs | 35 + .../NetworkFirewallPolicyRuleMatchArgs.cs | 26 + .../NetworkFirewallPolicyRuleMatchGetArgs.cs | 26 + ...orkFirewallPolicyWithRulesRuleMatchArgs.cs | 26 + ...FirewallPolicyWithRulesRuleMatchGetArgs.cs | 26 + ...egionNetworkFirewallPolicyRuleMatchArgs.cs | 26 + ...onNetworkFirewallPolicyRuleMatchGetArgs.cs | 26 + ...orkFirewallPolicyWithRulesRuleMatchArgs.cs | 26 + ...FirewallPolicyWithRulesRuleMatchGetArgs.cs | 26 + .../Compute/InstanceTemplateIamBinding.cs | 656 +++++++++++ .../Compute/InstanceTemplateIamMember.cs | 644 +++++++++++ .../Compute/InstanceTemplateIamPolicy.cs | 572 ++++++++++ sdk/dotnet/Compute/InterconnectAttachment.cs | 117 ++ .../Compute/NetworkFirewallPolicyRule.cs | 113 +- .../Compute/NetworkFirewallPolicyWithRules.cs | 130 ++- .../Outputs/FirewallPolicyRuleMatch.cs | 23 + .../FirewallPolicyWithRulesRuleMatch.cs | 23 + .../InstanceTemplateIamBindingCondition.cs | 39 + .../InstanceTemplateIamMemberCondition.cs | 39 + .../Outputs/NetworkFirewallPolicyRuleMatch.cs | 23 + ...NetworkFirewallPolicyWithRulesRuleMatch.cs | 23 + .../RegionNetworkFirewallPolicyRuleMatch.cs | 23 + ...NetworkFirewallPolicyWithRulesRuleMatch.cs | 23 + sdk/dotnet/Compute/ProjectMetadataItem.cs | 6 + sdk/dotnet/Compute/PublicAdvertisedPrefix.cs | 45 + .../RegionNetworkFirewallPolicyRule.cs | 117 +- .../RegionNetworkFirewallPolicyWithRules.cs | 116 +- sdk/dotnet/Compute/RouterPeer.cs | 56 + sdk/dotnet/Config/Config.cs | 7 + sdk/dotnet/Filestore/GetInstance.cs | 4 + sdk/dotnet/Filestore/Instance.cs | 42 + sdk/dotnet/Gemini/CodeRepositoryIndex.cs | 30 +- .../Gemini/GetRepositoryGroupIamPolicy.cs | 75 ++ sdk/dotnet/Gemini/RepositoryGroup.cs | 62 +- .../Gemini/RepositoryGroupIamBinding.cs | 205 ++++ sdk/dotnet/Gemini/RepositoryGroupIamMember.cs | 205 ++++ sdk/dotnet/Gemini/RepositoryGroupIamPolicy.cs | 205 ++++ sdk/dotnet/Kms/GetKeyHandles.cs | 189 +++ .../Outputs/GetKeyHandlesKeyHandleResult.cs | 44 + ...curityProfileCustomInterceptProfileArgs.cs | 27 + ...ityProfileCustomInterceptProfileGetArgs.cs | 27 + ...curityProfileCustomMirroringProfileArgs.cs | 27 + ...ityProfileCustomMirroringProfileGetArgs.cs | 27 + .../SecurityProfileCustomInterceptProfile.cs | 28 + .../SecurityProfileCustomMirroringProfile.cs | 28 + sdk/dotnet/NetworkSecurity/SecurityProfile.cs | 142 ++- .../NetworkSecurity/SecurityProfileGroup.cs | 140 +++ sdk/dotnet/Organizations/GetS.cs | 149 +++ .../Outputs/GetSOrganizationResult.cs | 56 + sdk/dotnet/ParameterManager/GetParameter.cs | 178 +++ .../ParameterManager/GetRegionalParameters.cs | 172 +++ .../Outputs/GetParameterPolicyMemberResult.cs | 41 + ...alParametersParameterPolicyMemberResult.cs | 40 + .../GetRegionalParametersParameterResult.cs | 96 ++ .../ParameterManager/ParameterVersion.cs | 289 +++++ .../RegionalParameterVersion.cs | 40 +- sdk/dotnet/Provider.cs | 6 + .../TopicIngestionDataSourceSettingsArgs.cs | 7 + ...ionDataSourceSettingsAzureEventHubsArgs.cs | 64 ++ ...DataSourceSettingsAzureEventHubsGetArgs.cs | 64 ++ ...TopicIngestionDataSourceSettingsGetArgs.cs | 7 + .../Inputs/TopicMessageStoragePolicyArgs.cs | 9 + .../TopicMessageStoragePolicyGetArgs.cs | 9 + ...ionDataSourceSettingAzureEventHubResult.cs | 72 ++ ...etTopicIngestionDataSourceSettingResult.cs | 7 + .../GetTopicMessageStoragePolicyResult.cs | 13 +- .../TopicIngestionDataSourceSettings.cs | 8 + ...gestionDataSourceSettingsAzureEventHubs.cs | 72 ++ .../Outputs/TopicMessageStoragePolicy.cs | 13 +- sdk/dotnet/PubSub/Topic.cs | 31 + sdk/dotnet/Redis/Cluster.cs | 132 ++- .../Redis/ClusterUserCreatedConnections.cs | 555 +++++++++ .../Redis/Inputs/ClusterPscConfigArgs.cs | 2 - .../Redis/Inputs/ClusterPscConfigGetArgs.cs | 2 - .../Inputs/ClusterPscServiceAttachmentArgs.cs | 34 + .../ClusterPscServiceAttachmentGetArgs.cs | 34 + ...erCreatedConnectionsClusterEndpointArgs.cs | 32 + ...onnectionsClusterEndpointConnectionArgs.cs | 28 + ...ectionsClusterEndpointConnectionGetArgs.cs | 28 + ...sterEndpointConnectionPscConnectionArgs.cs | 81 ++ ...rEndpointConnectionPscConnectionGetArgs.cs | 81 ++ ...reatedConnectionsClusterEndpointGetArgs.cs | 32 + sdk/dotnet/Redis/Outputs/ClusterPscConfig.cs | 2 - .../Outputs/ClusterPscServiceAttachment.cs | 37 + ...erUserCreatedConnectionsClusterEndpoint.cs | 27 + ...tedConnectionsClusterEndpointConnection.cs | 29 + ...sClusterEndpointConnectionPscConnection.cs | 90 ++ sdk/go/gcp/alloydb/cluster.go | 45 +- sdk/go/gcp/apigee/endpointAttachment.go | 74 -- sdk/go/gcp/apigee/environment.go | 21 + sdk/go/gcp/apigee/pulumiTypes.go | 255 +++++ sdk/go/gcp/apihub/apiHubInstance.go | 547 +++++++++ sdk/go/gcp/apihub/init.go | 44 + sdk/go/gcp/apihub/pulumiTypes.go | 267 +++++ sdk/go/gcp/chronicle/init.go | 7 + sdk/go/gcp/chronicle/pulumiTypes.go | 290 +++++ sdk/go/gcp/chronicle/retrohunt.go | 459 ++++++++ sdk/go/gcp/cloudrunv2/getService.go | 5 + sdk/go/gcp/cloudrunv2/pulumiTypes.go | 470 ++++++++ sdk/go/gcp/cloudrunv2/service.go | 122 ++ .../gcp/colab/getRuntimeTemplateIamPolicy.go | 151 +++ sdk/go/gcp/colab/init.go | 28 + sdk/go/gcp/colab/pulumiTypes.go | 475 ++++++++ sdk/go/gcp/colab/runtime.go | 493 ++++++++ sdk/go/gcp/colab/runtimeTemplateIamBinding.go | 674 +++++++++++ sdk/go/gcp/colab/runtimeTemplateIamMember.go | 674 +++++++++++ sdk/go/gcp/colab/runtimeTemplateIamPolicy.go | 581 ++++++++++ sdk/go/gcp/compute/firewallPolicyRule.go | 110 +- sdk/go/gcp/compute/firewallPolicyWithRules.go | 114 +- .../compute/getInstanceTemplateIamPolicy.go | 137 +++ sdk/go/gcp/compute/init.go | 21 + .../gcp/compute/instanceTemplateIamBinding.go | 882 ++++++++++++++ .../gcp/compute/instanceTemplateIamMember.go | 882 ++++++++++++++ .../gcp/compute/instanceTemplateIamPolicy.go | 777 +++++++++++++ sdk/go/gcp/compute/interconnectAttachment.go | 100 ++ .../gcp/compute/networkFirewallPolicyRule.go | 123 +- .../compute/networkFirewallPolicyWithRules.go | 112 +- sdk/go/gcp/compute/projectMetadataItem.go | 6 + sdk/go/gcp/compute/publicAdvertisedPrefix.go | 56 + sdk/go/gcp/compute/pulumiTypes.go | 1016 +++++++++++------ sdk/go/gcp/compute/pulumiTypes1.go | 372 ++++++ .../regionNetworkFirewallPolicyRule.go | 127 ++- .../regionNetworkFirewallPolicyWithRules.go | 94 +- sdk/go/gcp/compute/routerPeer.go | 63 + sdk/go/gcp/config/config.go | 3 + sdk/go/gcp/filestore/getInstance.go | 5 + sdk/go/gcp/filestore/instance.go | 39 + sdk/go/gcp/gemini/codeRepositoryIndex.go | 50 +- .../gcp/gemini/getRepositoryGroupIamPolicy.go | 30 + sdk/go/gcp/gemini/repositoryGroup.go | 91 +- .../gcp/gemini/repositoryGroupIamBinding.go | 249 ++++ sdk/go/gcp/gemini/repositoryGroupIamMember.go | 249 ++++ sdk/go/gcp/gemini/repositoryGroupIamPolicy.go | 249 ++++ sdk/go/gcp/kms/getKeyHandles.go | 146 +++ sdk/go/gcp/kms/pulumiTypes.go | 125 ++ sdk/go/gcp/networksecurity/pulumiTypes.go | 290 +++++ sdk/go/gcp/networksecurity/securityProfile.go | 180 ++- .../networksecurity/securityProfileGroup.go | 158 +++ sdk/go/gcp/organizations/getS.go | 118 ++ sdk/go/gcp/organizations/pulumiTypes.go | 137 +++ sdk/go/gcp/parametermanager/getParameter.go | 156 +++ .../parametermanager/getRegionalParameters.go | 134 +++ sdk/go/gcp/parametermanager/init.go | 7 + .../gcp/parametermanager/parameterVersion.go | 421 +++++++ sdk/go/gcp/parametermanager/pulumiTypes.go | 447 ++++++++ .../regionalParameterVersion.go | 56 +- sdk/go/gcp/provider.go | 7 + sdk/go/gcp/pubsub/pulumiTypes.go | 509 +++++++++ sdk/go/gcp/pubsub/topic.go | 37 + sdk/go/gcp/redis/cluster.go | 232 ++-- .../redis/clusterUserCreatedConnections.go | 710 ++++++++++++ sdk/go/gcp/redis/init.go | 7 + sdk/go/gcp/redis/pulumiTypes.go | 672 ++++++++++- sdk/java/build.gradle | 2 +- .../src/main/java/com/pulumi/gcp/Config.java | 3 + .../main/java/com/pulumi/gcp/Provider.java | 6 + .../java/com/pulumi/gcp/ProviderArgs.java | 17 + .../java/com/pulumi/gcp/alloydb/Cluster.java | 24 +- .../com/pulumi/gcp/alloydb/ClusterArgs.java | 58 +- .../gcp/alloydb/inputs/ClusterState.java | 57 +- .../pulumi/gcp/apigee/EndpointAttachment.java | 78 -- .../com/pulumi/gcp/apigee/Environment.java | 17 + .../pulumi/gcp/apigee/EnvironmentArgs.java | 42 + .../inputs/EnvironmentPropertiesArgs.java | 99 ++ .../EnvironmentPropertiesPropertyArgs.java | 120 ++ .../gcp/apigee/inputs/EnvironmentState.java | 42 + .../apigee/outputs/EnvironmentProperties.java | 62 + .../EnvironmentPropertiesProperty.java | 78 ++ .../com/pulumi/gcp/apihub/ApiHubInstance.java | 406 +++++++ .../pulumi/gcp/apihub/ApiHubInstanceArgs.java | 281 +++++ .../inputs/ApiHubInstanceConfigArgs.java | 247 ++++ .../apihub/inputs/ApiHubInstanceState.java | 577 ++++++++++ .../apihub/outputs/ApiHubInstanceConfig.java | 147 +++ .../com/pulumi/gcp/chronicle/Retrohunt.java | 284 +++++ .../pulumi/gcp/chronicle/RetrohuntArgs.java | 282 +++++ .../RetrohuntExecutionIntervalArgs.java | 136 +++ .../inputs/RetrohuntProcessIntervalArgs.java | 133 +++ .../gcp/chronicle/inputs/RetrohuntState.java | 491 ++++++++ .../outputs/RetrohuntExecutionInterval.java | 86 ++ .../outputs/RetrohuntProcessInterval.java | 85 ++ .../com/pulumi/gcp/cloudrunv2/Service.java | 122 ++ .../pulumi/gcp/cloudrunv2/ServiceArgs.java | 38 + .../inputs/ServiceBuildConfigArgs.java | 385 +++++++ .../gcp/cloudrunv2/inputs/ServiceState.java | 38 + .../outputs/GetServiceBuildConfig.java | 244 ++++ .../cloudrunv2/outputs/GetServiceResult.java | 19 + .../outputs/ServiceBuildConfig.java | 229 ++++ .../com/pulumi/gcp/colab/ColabFunctions.java | 238 ++++ .../java/com/pulumi/gcp/colab/Runtime.java | 368 ++++++ .../com/pulumi/gcp/colab/RuntimeArgs.java | 332 ++++++ .../gcp/colab/RuntimeTemplateIamBinding.java | 520 +++++++++ .../colab/RuntimeTemplateIamBindingArgs.java | 340 ++++++ .../gcp/colab/RuntimeTemplateIamMember.java | 519 +++++++++ .../colab/RuntimeTemplateIamMemberArgs.java | 319 ++++++ .../gcp/colab/RuntimeTemplateIamPolicy.java | 475 ++++++++ .../colab/RuntimeTemplateIamPolicyArgs.java | 217 ++++ .../GetRuntimeTemplateIamPolicyArgs.java | 173 +++ .../GetRuntimeTemplateIamPolicyPlainArgs.java | 139 +++ ...RuntimeNotebookRuntimeTemplateRefArgs.java | 85 ++ .../pulumi/gcp/colab/inputs/RuntimeState.java | 322 ++++++ ...untimeTemplateIamBindingConditionArgs.java | 104 ++ .../RuntimeTemplateIamBindingState.java | 367 ++++++ ...RuntimeTemplateIamMemberConditionArgs.java | 104 ++ .../inputs/RuntimeTemplateIamMemberState.java | 346 ++++++ .../inputs/RuntimeTemplateIamPolicyState.java | 247 ++++ .../GetRuntimeTemplateIamPolicyResult.java | 151 +++ .../RuntimeNotebookRuntimeTemplateRef.java | 58 + .../RuntimeTemplateIamBindingCondition.java | 80 ++ .../RuntimeTemplateIamMemberCondition.java | 80 ++ .../pulumi/gcp/compute/ComputeFunctions.java | 218 ++++ .../gcp/compute/FirewallPolicyRule.java | 98 +- .../gcp/compute/FirewallPolicyWithRules.java | 80 +- .../compute/InstanceTemplateIamBinding.java | 782 +++++++++++++ .../InstanceTemplateIamBindingArgs.java | 316 +++++ .../compute/InstanceTemplateIamMember.java | 781 +++++++++++++ .../InstanceTemplateIamMemberArgs.java | 295 +++++ .../compute/InstanceTemplateIamPolicy.java | 727 ++++++++++++ .../InstanceTemplateIamPolicyArgs.java | 169 +++ .../gcp/compute/InterconnectAttachment.java | 80 ++ .../compute/InterconnectAttachmentArgs.java | 54 + .../compute/NetworkFirewallPolicyRule.java | 131 ++- .../NetworkFirewallPolicyWithRules.java | 82 +- .../gcp/compute/ProjectMetadataItem.java | 6 + .../gcp/compute/PublicAdvertisedPrefix.java | 56 + .../compute/PublicAdvertisedPrefixArgs.java | 45 + .../RegionNetworkFirewallPolicyRule.java | 135 ++- .../RegionNetworkFirewallPolicyWithRules.java | 70 +- .../com/pulumi/gcp/compute/RouterPeer.java | 70 ++ .../pulumi/gcp/compute/RouterPeerArgs.java | 41 + .../inputs/FirewallPolicyRuleMatchArgs.java | 129 +++ .../FirewallPolicyWithRulesRuleMatchArgs.java | 129 +++ .../GetInstanceTemplateIamPolicyArgs.java | 128 +++ ...GetInstanceTemplateIamPolicyPlainArgs.java | 106 ++ ...stanceTemplateIamBindingConditionArgs.java | 144 +++ .../InstanceTemplateIamBindingState.java | 346 ++++++ ...nstanceTemplateIamMemberConditionArgs.java | 144 +++ .../InstanceTemplateIamMemberState.java | 325 ++++++ .../InstanceTemplateIamPolicyState.java | 202 ++++ .../inputs/InterconnectAttachmentState.java | 185 +++ .../NetworkFirewallPolicyRuleMatchArgs.java | 129 +++ ...kFirewallPolicyWithRulesRuleMatchArgs.java | 129 +++ .../inputs/PublicAdvertisedPrefixState.java | 45 + ...ionNetworkFirewallPolicyRuleMatchArgs.java | 129 +++ ...kFirewallPolicyWithRulesRuleMatchArgs.java | 129 +++ .../gcp/compute/inputs/RouterPeerState.java | 78 ++ .../outputs/FirewallPolicyRuleMatch.java | 71 ++ .../FirewallPolicyWithRulesRuleMatch.java | 71 ++ .../GetInstanceTemplateIamPolicyResult.java | 136 +++ .../InstanceTemplateIamBindingCondition.java | 96 ++ .../InstanceTemplateIamMemberCondition.java | 96 ++ .../NetworkFirewallPolicyRuleMatch.java | 71 ++ ...tworkFirewallPolicyWithRulesRuleMatch.java | 71 ++ .../RegionNetworkFirewallPolicyRuleMatch.java | 71 ++ ...tworkFirewallPolicyWithRulesRuleMatch.java | 71 ++ .../com/pulumi/gcp/filestore/Instance.java | 22 + .../pulumi/gcp/filestore/InstanceArgs.java | 53 + .../gcp/filestore/inputs/InstanceState.java | 53 + .../filestore/outputs/GetInstanceResult.java | 15 + .../gcp/gemini/CodeRepositoryIndex.java | 28 +- .../gcp/gemini/CodeRepositoryIndexArgs.java | 8 +- .../pulumi/gcp/gemini/GeminiFunctions.java | 210 ++++ .../pulumi/gcp/gemini/RepositoryGroup.java | 69 +- .../gcp/gemini/RepositoryGroupArgs.java | 18 +- .../gcp/gemini/RepositoryGroupIamBinding.java | 289 +++++ .../gcp/gemini/RepositoryGroupIamMember.java | 289 +++++ .../gcp/gemini/RepositoryGroupIamPolicy.java | 289 +++++ .../inputs/CodeRepositoryIndexState.java | 36 +- .../gemini/inputs/RepositoryGroupState.java | 42 +- .../java/com/pulumi/gcp/kms/KmsFunctions.java | 213 ++++ .../gcp/kms/inputs/GetKeyHandlesArgs.java | 180 +++ .../kms/inputs/GetKeyHandlesPlainArgs.java | 145 +++ .../kms/outputs/GetKeyHandlesKeyHandle.java | 108 ++ .../gcp/kms/outputs/GetKeyHandlesResult.java | 147 +++ .../gcp/networksecurity/SecurityProfile.java | 170 ++- .../networksecurity/SecurityProfileArgs.java | 100 +- .../networksecurity/SecurityProfileGroup.java | 174 +++ .../SecurityProfileGroupArgs.java | 74 ++ ...rityProfileCustomInterceptProfileArgs.java | 89 ++ ...rityProfileCustomMirroringProfileArgs.java | 89 ++ .../inputs/SecurityProfileGroupState.java | 74 ++ .../inputs/SecurityProfileState.java | 100 +- ...SecurityProfileCustomInterceptProfile.java | 60 + ...SecurityProfileCustomMirroringProfile.java | 60 + .../organizations/OrganizationsFunctions.java | 311 +++++ .../gcp/organizations/inputs/GetSArgs.java | 83 ++ .../organizations/inputs/GetSPlainArgs.java | 72 ++ .../outputs/GetSOrganization.java | 150 +++ .../gcp/organizations/outputs/GetSResult.java | 101 ++ .../parametermanager/ParameterVersion.java | 292 +++++ .../ParameterVersionArgs.java | 217 ++++ .../ParametermanagerFunctions.java | 406 +++++++ .../RegionalParameterVersion.java | 56 +- .../inputs/GetParameterArgs.java | 124 ++ .../inputs/GetParameterPlainArgs.java | 103 ++ .../inputs/GetRegionalParametersArgs.java | 161 +++ .../GetRegionalParametersPlainArgs.java | 130 +++ .../inputs/ParameterVersionState.java | 322 ++++++ .../outputs/GetParameterPolicyMember.java | 93 ++ .../outputs/GetParameterResult.java | 214 ++++ .../GetRegionalParametersParameter.java | 288 +++++ ...gionalParametersParameterPolicyMember.java | 91 ++ .../outputs/GetRegionalParametersResult.java | 139 +++ .../java/com/pulumi/gcp/pubsub/Topic.java | 48 + .../TopicIngestionDataSourceSettingsArgs.java | 42 + ...nDataSourceSettingsAzureEventHubsArgs.java | 313 +++++ .../inputs/TopicMessageStoragePolicyArgs.java | 52 + .../GetTopicIngestionDataSourceSetting.java | 27 + ...gestionDataSourceSettingAzureEventHub.java | 200 ++++ .../outputs/GetTopicMessageStoragePolicy.java | 30 + .../TopicIngestionDataSourceSettings.java | 24 + ...stionDataSourceSettingsAzureEventHubs.java | 187 +++ .../outputs/TopicMessageStoragePolicy.java | 30 + .../java/com/pulumi/gcp/redis/Cluster.java | 101 +- .../com/pulumi/gcp/redis/ClusterArgs.java | 161 ++- .../redis/ClusterUserCreatedConnections.java | 526 +++++++++ .../ClusterUserCreatedConnectionsArgs.java | 227 ++++ .../redis/inputs/ClusterPscConfigArgs.java | 8 - .../ClusterPscServiceAttachmentArgs.java | 128 +++ .../pulumi/gcp/redis/inputs/ClusterState.java | 201 +++- ...CreatedConnectionsClusterEndpointArgs.java | 94 ++ ...nectionsClusterEndpointConnectionArgs.java | 91 ++ ...erEndpointConnectionPscConnectionArgs.java | 410 +++++++ .../ClusterUserCreatedConnectionsState.java | 223 ++++ .../gcp/redis/outputs/ClusterPscConfig.java | 4 - .../outputs/ClusterPscServiceAttachment.java | 82 ++ ...UserCreatedConnectionsClusterEndpoint.java | 60 + ...dConnectionsClusterEndpointConnection.java | 61 + ...lusterEndpointConnectionPscConnection.java | 241 ++++ sdk/nodejs/alloydb/cluster.ts | 29 +- sdk/nodejs/apigee/endpointAttachment.ts | 37 - sdk/nodejs/apigee/environment.ts | 17 + sdk/nodejs/apihub/apiHubInstance.ts | 329 ++++++ sdk/nodejs/apihub/index.ts | 25 + sdk/nodejs/chronicle/index.ts | 8 + sdk/nodejs/chronicle/retrohunt.ts | 274 +++++ sdk/nodejs/cloudrunv2/getService.ts | 1 + sdk/nodejs/cloudrunv2/service.ts | 72 ++ .../colab/getRuntimeTemplateIamPolicy.ts | 118 ++ sdk/nodejs/colab/index.ts | 37 + sdk/nodejs/colab/runtime.ts | 312 +++++ sdk/nodejs/colab/runtimeTemplateIamBinding.ts | 380 ++++++ sdk/nodejs/colab/runtimeTemplateIamMember.ts | 380 ++++++ sdk/nodejs/colab/runtimeTemplateIamPolicy.ts | 323 ++++++ sdk/nodejs/compute/firewallPolicyRule.ts | 65 +- sdk/nodejs/compute/firewallPolicyWithRules.ts | 79 +- .../compute/getInstanceTemplateIamPolicy.ts | 101 ++ sdk/nodejs/compute/index.ts | 29 + .../compute/instanceTemplateIamBinding.ts | 485 ++++++++ .../compute/instanceTemplateIamMember.ts | 485 ++++++++ .../compute/instanceTemplateIamPolicy.ts | 416 +++++++ sdk/nodejs/compute/interconnectAttachment.ts | 71 ++ .../compute/networkFirewallPolicyRule.ts | 70 +- .../compute/networkFirewallPolicyWithRules.ts | 81 +- sdk/nodejs/compute/projectMetadataItem.ts | 6 + sdk/nodejs/compute/publicAdvertisedPrefix.ts | 34 + .../regionNetworkFirewallPolicyRule.ts | 74 +- .../regionNetworkFirewallPolicyWithRules.ts | 69 +- sdk/nodejs/compute/routerPeer.ts | 43 + sdk/nodejs/config/vars.ts | 8 + sdk/nodejs/filestore/getInstance.ts | 1 + sdk/nodejs/filestore/instance.ts | 26 + sdk/nodejs/gemini/codeRepositoryIndex.ts | 30 +- .../gemini/getRepositoryGroupIamPolicy.ts | 34 + sdk/nodejs/gemini/repositoryGroup.ts | 50 +- .../gemini/repositoryGroupIamBinding.ts | 139 +++ sdk/nodejs/gemini/repositoryGroupIamMember.ts | 139 +++ sdk/nodejs/gemini/repositoryGroupIamPolicy.ts | 139 +++ sdk/nodejs/index.ts | 2 + sdk/nodejs/kms/getKeyHandles.ts | 119 ++ sdk/nodejs/kms/index.ts | 5 + sdk/nodejs/networksecurity/securityProfile.ts | 106 +- .../networksecurity/securityProfileGroup.ts | 100 ++ sdk/nodejs/organizations/getS.ts | 89 ++ sdk/nodejs/organizations/index.ts | 5 + sdk/nodejs/parametermanager/getParameter.ts | 94 ++ .../parametermanager/getRegionalParameters.ts | 104 ++ sdk/nodejs/parametermanager/index.ts | 18 + .../parametermanager/parameterVersion.ts | 225 ++++ .../regionalParameterVersion.ts | 29 +- sdk/nodejs/provider.ts | 3 + sdk/nodejs/pubsub/topic.ts | 22 + sdk/nodejs/redis/cluster.ts | 129 ++- .../redis/clusterUserCreatedConnections.ts | 430 +++++++ sdk/nodejs/redis/index.ts | 8 + sdk/nodejs/tsconfig.json | 18 + sdk/nodejs/types/input.ts | 388 ++++++- sdk/nodejs/types/output.ts | 590 +++++++++- sdk/python/pulumi_gcp/__init__.py | 91 ++ sdk/python/pulumi_gcp/alloydb/cluster.py | 82 +- sdk/python/pulumi_gcp/apigee/_inputs.py | 91 ++ .../pulumi_gcp/apigee/endpoint_attachment.py | 64 -- sdk/python/pulumi_gcp/apigee/environment.py | 54 + sdk/python/pulumi_gcp/apigee/outputs.py | 54 + sdk/python/pulumi_gcp/apihub/__init__.py | 10 + sdk/python/pulumi_gcp/apihub/_inputs.py | 154 +++ .../pulumi_gcp/apihub/api_hub_instance.py | 784 +++++++++++++ sdk/python/pulumi_gcp/apihub/outputs.py | 124 ++ sdk/python/pulumi_gcp/chronicle/__init__.py | 1 + sdk/python/pulumi_gcp/chronicle/_inputs.py | 124 ++ sdk/python/pulumi_gcp/chronicle/outputs.py | 112 ++ sdk/python/pulumi_gcp/chronicle/retrohunt.py | 645 +++++++++++ sdk/python/pulumi_gcp/cloudrunv2/_inputs.py | 197 ++++ .../pulumi_gcp/cloudrunv2/get_service.py | 13 +- sdk/python/pulumi_gcp/cloudrunv2/outputs.py | 256 +++++ sdk/python/pulumi_gcp/cloudrunv2/service.py | 159 +++ sdk/python/pulumi_gcp/colab/__init__.py | 5 + sdk/python/pulumi_gcp/colab/_inputs.py | 131 +++ .../colab/get_runtime_template_iam_policy.py | 182 +++ sdk/python/pulumi_gcp/colab/outputs.py | 92 ++ sdk/python/pulumi_gcp/colab/runtime.py | 696 +++++++++++ .../colab/runtime_template_iam_binding.py | 828 ++++++++++++++ .../colab/runtime_template_iam_member.py | 828 ++++++++++++++ .../colab/runtime_template_iam_policy.py | 667 +++++++++++ sdk/python/pulumi_gcp/compute/__init__.py | 4 + sdk/python/pulumi_gcp/compute/_inputs.py | 526 +++++++++ .../compute/firewall_policy_rule.py | 126 +- .../compute/firewall_policy_with_rules.py | 156 ++- .../get_instance_template_iam_policy.py | 159 +++ .../compute/instance_template_iam_binding.py | 998 ++++++++++++++++ .../compute/instance_template_iam_member.py | 998 ++++++++++++++++ .../compute/instance_template_iam_policy.py | 817 +++++++++++++ .../compute/interconnect_attachment.py | 191 +++- .../compute/network_firewall_policy_rule.py | 132 ++- .../network_firewall_policy_with_rules.py | 160 ++- sdk/python/pulumi_gcp/compute/outputs.py | 352 ++++++ .../compute/project_metadata_item.py | 12 + .../compute/public_advertised_prefix.py | 87 ++ .../region_network_firewall_policy_rule.py | 140 ++- ...gion_network_firewall_policy_with_rules.py | 136 ++- sdk/python/pulumi_gcp/compute/router_peer.py | 118 +- sdk/python/pulumi_gcp/config/__init__.pyi | 2 + sdk/python/pulumi_gcp/config/vars.py | 4 + .../pulumi_gcp/filestore/get_instance.py | 13 +- sdk/python/pulumi_gcp/filestore/instance.py | 75 ++ .../gemini/code_repository_index.py | 62 +- .../gemini/get_repository_group_iam_policy.py | 30 +- .../pulumi_gcp/gemini/repository_group.py | 102 +- .../gemini/repository_group_iam_binding.py | 258 +++++ .../gemini/repository_group_iam_member.py | 258 +++++ .../gemini/repository_group_iam_policy.py | 258 +++++ sdk/python/pulumi_gcp/kms/__init__.py | 1 + sdk/python/pulumi_gcp/kms/get_key_handles.py | 172 +++ sdk/python/pulumi_gcp/kms/outputs.py | 45 + .../pulumi_gcp/networksecurity/_inputs.py | 72 ++ .../pulumi_gcp/networksecurity/outputs.py | 76 ++ .../networksecurity/security_profile.py | 240 +++- .../networksecurity/security_profile_group.py | 218 ++++ .../pulumi_gcp/organizations/__init__.py | 1 + sdk/python/pulumi_gcp/organizations/get_s.py | 128 +++ .../pulumi_gcp/organizations/outputs.py | 63 + .../pulumi_gcp/parametermanager/__init__.py | 3 + .../parametermanager/get_parameter.py | 211 ++++ .../get_regional_parameters.py | 157 +++ .../pulumi_gcp/parametermanager/outputs.py | 210 ++++ .../parametermanager/parameter_version.py | 496 ++++++++ .../regional_parameter_version.py | 48 +- sdk/python/pulumi_gcp/provider.py | 20 + sdk/python/pulumi_gcp/pubsub/_inputs.py | 214 +++- sdk/python/pulumi_gcp/pubsub/outputs.py | 280 ++++- sdk/python/pulumi_gcp/pubsub/topic.py | 42 + sdk/python/pulumi_gcp/redis/__init__.py | 1 + sdk/python/pulumi_gcp/redis/_inputs.py | 348 +++++- sdk/python/pulumi_gcp/redis/cluster.py | 325 ++++-- .../redis/cluster_user_created_connections.py | 845 ++++++++++++++ sdk/python/pulumi_gcp/redis/outputs.py | 272 ++++- 516 files changed, 78639 insertions(+), 2171 deletions(-) create mode 100644 sdk/dotnet/ApiHub/ApiHubInstance.cs create mode 100644 sdk/dotnet/ApiHub/Inputs/ApiHubInstanceConfigArgs.cs create mode 100644 sdk/dotnet/ApiHub/Inputs/ApiHubInstanceConfigGetArgs.cs create mode 100644 sdk/dotnet/ApiHub/Outputs/ApiHubInstanceConfig.cs create mode 100644 sdk/dotnet/ApiHub/README.md create mode 100644 sdk/dotnet/Apigee/Inputs/EnvironmentPropertiesArgs.cs create mode 100644 sdk/dotnet/Apigee/Inputs/EnvironmentPropertiesGetArgs.cs create mode 100644 sdk/dotnet/Apigee/Inputs/EnvironmentPropertiesPropertyArgs.cs create mode 100644 sdk/dotnet/Apigee/Inputs/EnvironmentPropertiesPropertyGetArgs.cs create mode 100644 sdk/dotnet/Apigee/Outputs/EnvironmentProperties.cs create mode 100644 sdk/dotnet/Apigee/Outputs/EnvironmentPropertiesProperty.cs create mode 100644 sdk/dotnet/Chronicle/Inputs/RetrohuntExecutionIntervalArgs.cs create mode 100644 sdk/dotnet/Chronicle/Inputs/RetrohuntExecutionIntervalGetArgs.cs create mode 100644 sdk/dotnet/Chronicle/Inputs/RetrohuntProcessIntervalArgs.cs create mode 100644 sdk/dotnet/Chronicle/Inputs/RetrohuntProcessIntervalGetArgs.cs create mode 100644 sdk/dotnet/Chronicle/Outputs/RetrohuntExecutionInterval.cs create mode 100644 sdk/dotnet/Chronicle/Outputs/RetrohuntProcessInterval.cs create mode 100644 sdk/dotnet/Chronicle/Retrohunt.cs create mode 100644 sdk/dotnet/CloudRunV2/Inputs/ServiceBuildConfigArgs.cs create mode 100644 sdk/dotnet/CloudRunV2/Inputs/ServiceBuildConfigGetArgs.cs create mode 100644 sdk/dotnet/CloudRunV2/Outputs/GetServiceBuildConfigResult.cs create mode 100644 sdk/dotnet/CloudRunV2/Outputs/ServiceBuildConfig.cs create mode 100644 sdk/dotnet/Colab/GetRuntimeTemplateIamPolicy.cs create mode 100644 sdk/dotnet/Colab/Inputs/RuntimeNotebookRuntimeTemplateRefArgs.cs create mode 100644 sdk/dotnet/Colab/Inputs/RuntimeNotebookRuntimeTemplateRefGetArgs.cs create mode 100644 sdk/dotnet/Colab/Inputs/RuntimeTemplateIamBindingConditionArgs.cs create mode 100644 sdk/dotnet/Colab/Inputs/RuntimeTemplateIamBindingConditionGetArgs.cs create mode 100644 sdk/dotnet/Colab/Inputs/RuntimeTemplateIamMemberConditionArgs.cs create mode 100644 sdk/dotnet/Colab/Inputs/RuntimeTemplateIamMemberConditionGetArgs.cs create mode 100644 sdk/dotnet/Colab/Outputs/RuntimeNotebookRuntimeTemplateRef.cs create mode 100644 sdk/dotnet/Colab/Outputs/RuntimeTemplateIamBindingCondition.cs create mode 100644 sdk/dotnet/Colab/Outputs/RuntimeTemplateIamMemberCondition.cs create mode 100644 sdk/dotnet/Colab/Runtime.cs create mode 100644 sdk/dotnet/Colab/RuntimeTemplateIamBinding.cs create mode 100644 sdk/dotnet/Colab/RuntimeTemplateIamMember.cs create mode 100644 sdk/dotnet/Colab/RuntimeTemplateIamPolicy.cs create mode 100644 sdk/dotnet/Compute/GetInstanceTemplateIamPolicy.cs create mode 100644 sdk/dotnet/Compute/Inputs/InstanceTemplateIamBindingConditionArgs.cs create mode 100644 sdk/dotnet/Compute/Inputs/InstanceTemplateIamBindingConditionGetArgs.cs create mode 100644 sdk/dotnet/Compute/Inputs/InstanceTemplateIamMemberConditionArgs.cs create mode 100644 sdk/dotnet/Compute/Inputs/InstanceTemplateIamMemberConditionGetArgs.cs create mode 100644 sdk/dotnet/Compute/InstanceTemplateIamBinding.cs create mode 100644 sdk/dotnet/Compute/InstanceTemplateIamMember.cs create mode 100644 sdk/dotnet/Compute/InstanceTemplateIamPolicy.cs create mode 100644 sdk/dotnet/Compute/Outputs/InstanceTemplateIamBindingCondition.cs create mode 100644 sdk/dotnet/Compute/Outputs/InstanceTemplateIamMemberCondition.cs create mode 100644 sdk/dotnet/Kms/GetKeyHandles.cs create mode 100644 sdk/dotnet/Kms/Outputs/GetKeyHandlesKeyHandleResult.cs create mode 100644 sdk/dotnet/NetworkSecurity/Inputs/SecurityProfileCustomInterceptProfileArgs.cs create mode 100644 sdk/dotnet/NetworkSecurity/Inputs/SecurityProfileCustomInterceptProfileGetArgs.cs create mode 100644 sdk/dotnet/NetworkSecurity/Inputs/SecurityProfileCustomMirroringProfileArgs.cs create mode 100644 sdk/dotnet/NetworkSecurity/Inputs/SecurityProfileCustomMirroringProfileGetArgs.cs create mode 100644 sdk/dotnet/NetworkSecurity/Outputs/SecurityProfileCustomInterceptProfile.cs create mode 100644 sdk/dotnet/NetworkSecurity/Outputs/SecurityProfileCustomMirroringProfile.cs create mode 100644 sdk/dotnet/Organizations/GetS.cs create mode 100644 sdk/dotnet/Organizations/Outputs/GetSOrganizationResult.cs create mode 100644 sdk/dotnet/ParameterManager/GetParameter.cs create mode 100644 sdk/dotnet/ParameterManager/GetRegionalParameters.cs create mode 100644 sdk/dotnet/ParameterManager/Outputs/GetParameterPolicyMemberResult.cs create mode 100644 sdk/dotnet/ParameterManager/Outputs/GetRegionalParametersParameterPolicyMemberResult.cs create mode 100644 sdk/dotnet/ParameterManager/Outputs/GetRegionalParametersParameterResult.cs create mode 100644 sdk/dotnet/ParameterManager/ParameterVersion.cs create mode 100644 sdk/dotnet/PubSub/Inputs/TopicIngestionDataSourceSettingsAzureEventHubsArgs.cs create mode 100644 sdk/dotnet/PubSub/Inputs/TopicIngestionDataSourceSettingsAzureEventHubsGetArgs.cs create mode 100644 sdk/dotnet/PubSub/Outputs/GetTopicIngestionDataSourceSettingAzureEventHubResult.cs create mode 100644 sdk/dotnet/PubSub/Outputs/TopicIngestionDataSourceSettingsAzureEventHubs.cs create mode 100644 sdk/dotnet/Redis/ClusterUserCreatedConnections.cs create mode 100644 sdk/dotnet/Redis/Inputs/ClusterPscServiceAttachmentArgs.cs create mode 100644 sdk/dotnet/Redis/Inputs/ClusterPscServiceAttachmentGetArgs.cs create mode 100644 sdk/dotnet/Redis/Inputs/ClusterUserCreatedConnectionsClusterEndpointArgs.cs create mode 100644 sdk/dotnet/Redis/Inputs/ClusterUserCreatedConnectionsClusterEndpointConnectionArgs.cs create mode 100644 sdk/dotnet/Redis/Inputs/ClusterUserCreatedConnectionsClusterEndpointConnectionGetArgs.cs create mode 100644 sdk/dotnet/Redis/Inputs/ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionArgs.cs create mode 100644 sdk/dotnet/Redis/Inputs/ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionGetArgs.cs create mode 100644 sdk/dotnet/Redis/Inputs/ClusterUserCreatedConnectionsClusterEndpointGetArgs.cs create mode 100644 sdk/dotnet/Redis/Outputs/ClusterPscServiceAttachment.cs create mode 100644 sdk/dotnet/Redis/Outputs/ClusterUserCreatedConnectionsClusterEndpoint.cs create mode 100644 sdk/dotnet/Redis/Outputs/ClusterUserCreatedConnectionsClusterEndpointConnection.cs create mode 100644 sdk/dotnet/Redis/Outputs/ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnection.cs create mode 100644 sdk/go/gcp/apihub/apiHubInstance.go create mode 100644 sdk/go/gcp/apihub/init.go create mode 100644 sdk/go/gcp/apihub/pulumiTypes.go create mode 100644 sdk/go/gcp/chronicle/retrohunt.go create mode 100644 sdk/go/gcp/colab/getRuntimeTemplateIamPolicy.go create mode 100644 sdk/go/gcp/colab/runtime.go create mode 100644 sdk/go/gcp/colab/runtimeTemplateIamBinding.go create mode 100644 sdk/go/gcp/colab/runtimeTemplateIamMember.go create mode 100644 sdk/go/gcp/colab/runtimeTemplateIamPolicy.go create mode 100644 sdk/go/gcp/compute/getInstanceTemplateIamPolicy.go create mode 100644 sdk/go/gcp/compute/instanceTemplateIamBinding.go create mode 100644 sdk/go/gcp/compute/instanceTemplateIamMember.go create mode 100644 sdk/go/gcp/compute/instanceTemplateIamPolicy.go create mode 100644 sdk/go/gcp/kms/getKeyHandles.go create mode 100644 sdk/go/gcp/organizations/getS.go create mode 100644 sdk/go/gcp/parametermanager/getParameter.go create mode 100644 sdk/go/gcp/parametermanager/getRegionalParameters.go create mode 100644 sdk/go/gcp/parametermanager/parameterVersion.go create mode 100644 sdk/go/gcp/redis/clusterUserCreatedConnections.go create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/apigee/inputs/EnvironmentPropertiesArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/apigee/inputs/EnvironmentPropertiesPropertyArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/apigee/outputs/EnvironmentProperties.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/apigee/outputs/EnvironmentPropertiesProperty.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/apihub/ApiHubInstance.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/apihub/ApiHubInstanceArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/apihub/inputs/ApiHubInstanceConfigArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/apihub/inputs/ApiHubInstanceState.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/apihub/outputs/ApiHubInstanceConfig.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/chronicle/Retrohunt.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/chronicle/RetrohuntArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/chronicle/inputs/RetrohuntExecutionIntervalArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/chronicle/inputs/RetrohuntProcessIntervalArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/chronicle/inputs/RetrohuntState.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/chronicle/outputs/RetrohuntExecutionInterval.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/chronicle/outputs/RetrohuntProcessInterval.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/cloudrunv2/inputs/ServiceBuildConfigArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/cloudrunv2/outputs/GetServiceBuildConfig.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/cloudrunv2/outputs/ServiceBuildConfig.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/colab/ColabFunctions.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/colab/Runtime.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/colab/RuntimeArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/colab/RuntimeTemplateIamBinding.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/colab/RuntimeTemplateIamBindingArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/colab/RuntimeTemplateIamMember.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/colab/RuntimeTemplateIamMemberArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/colab/RuntimeTemplateIamPolicy.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/colab/RuntimeTemplateIamPolicyArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/colab/inputs/GetRuntimeTemplateIamPolicyArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/colab/inputs/GetRuntimeTemplateIamPolicyPlainArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/colab/inputs/RuntimeNotebookRuntimeTemplateRefArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/colab/inputs/RuntimeState.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/colab/inputs/RuntimeTemplateIamBindingConditionArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/colab/inputs/RuntimeTemplateIamBindingState.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/colab/inputs/RuntimeTemplateIamMemberConditionArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/colab/inputs/RuntimeTemplateIamMemberState.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/colab/inputs/RuntimeTemplateIamPolicyState.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/colab/outputs/GetRuntimeTemplateIamPolicyResult.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/colab/outputs/RuntimeNotebookRuntimeTemplateRef.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/colab/outputs/RuntimeTemplateIamBindingCondition.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/colab/outputs/RuntimeTemplateIamMemberCondition.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/compute/InstanceTemplateIamBinding.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/compute/InstanceTemplateIamBindingArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/compute/InstanceTemplateIamMember.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/compute/InstanceTemplateIamMemberArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/compute/InstanceTemplateIamPolicy.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/compute/InstanceTemplateIamPolicyArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/GetInstanceTemplateIamPolicyArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/GetInstanceTemplateIamPolicyPlainArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/InstanceTemplateIamBindingConditionArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/InstanceTemplateIamBindingState.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/InstanceTemplateIamMemberConditionArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/InstanceTemplateIamMemberState.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/InstanceTemplateIamPolicyState.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/GetInstanceTemplateIamPolicyResult.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/InstanceTemplateIamBindingCondition.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/InstanceTemplateIamMemberCondition.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/kms/inputs/GetKeyHandlesArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/kms/inputs/GetKeyHandlesPlainArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/kms/outputs/GetKeyHandlesKeyHandle.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/kms/outputs/GetKeyHandlesResult.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/networksecurity/inputs/SecurityProfileCustomInterceptProfileArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/networksecurity/inputs/SecurityProfileCustomMirroringProfileArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/networksecurity/outputs/SecurityProfileCustomInterceptProfile.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/networksecurity/outputs/SecurityProfileCustomMirroringProfile.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/organizations/inputs/GetSArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/organizations/inputs/GetSPlainArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/organizations/outputs/GetSOrganization.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/organizations/outputs/GetSResult.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/parametermanager/ParameterVersion.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/parametermanager/ParameterVersionArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/parametermanager/inputs/GetParameterArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/parametermanager/inputs/GetParameterPlainArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/parametermanager/inputs/GetRegionalParametersArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/parametermanager/inputs/GetRegionalParametersPlainArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/parametermanager/inputs/ParameterVersionState.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/parametermanager/outputs/GetParameterPolicyMember.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/parametermanager/outputs/GetParameterResult.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/parametermanager/outputs/GetRegionalParametersParameter.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/parametermanager/outputs/GetRegionalParametersParameterPolicyMember.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/parametermanager/outputs/GetRegionalParametersResult.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/pubsub/inputs/TopicIngestionDataSourceSettingsAzureEventHubsArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/pubsub/outputs/GetTopicIngestionDataSourceSettingAzureEventHub.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/pubsub/outputs/TopicIngestionDataSourceSettingsAzureEventHubs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/redis/ClusterUserCreatedConnections.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/redis/ClusterUserCreatedConnectionsArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/redis/inputs/ClusterPscServiceAttachmentArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/redis/inputs/ClusterUserCreatedConnectionsClusterEndpointArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/redis/inputs/ClusterUserCreatedConnectionsClusterEndpointConnectionArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/redis/inputs/ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/redis/inputs/ClusterUserCreatedConnectionsState.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/redis/outputs/ClusterPscServiceAttachment.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/redis/outputs/ClusterUserCreatedConnectionsClusterEndpoint.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/redis/outputs/ClusterUserCreatedConnectionsClusterEndpointConnection.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/redis/outputs/ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnection.java create mode 100644 sdk/nodejs/apihub/apiHubInstance.ts create mode 100644 sdk/nodejs/apihub/index.ts create mode 100644 sdk/nodejs/chronicle/retrohunt.ts create mode 100644 sdk/nodejs/colab/getRuntimeTemplateIamPolicy.ts create mode 100644 sdk/nodejs/colab/runtime.ts create mode 100644 sdk/nodejs/colab/runtimeTemplateIamBinding.ts create mode 100644 sdk/nodejs/colab/runtimeTemplateIamMember.ts create mode 100644 sdk/nodejs/colab/runtimeTemplateIamPolicy.ts create mode 100644 sdk/nodejs/compute/getInstanceTemplateIamPolicy.ts create mode 100644 sdk/nodejs/compute/instanceTemplateIamBinding.ts create mode 100644 sdk/nodejs/compute/instanceTemplateIamMember.ts create mode 100644 sdk/nodejs/compute/instanceTemplateIamPolicy.ts create mode 100644 sdk/nodejs/kms/getKeyHandles.ts create mode 100644 sdk/nodejs/organizations/getS.ts create mode 100644 sdk/nodejs/parametermanager/getParameter.ts create mode 100644 sdk/nodejs/parametermanager/getRegionalParameters.ts create mode 100644 sdk/nodejs/parametermanager/parameterVersion.ts create mode 100644 sdk/nodejs/redis/clusterUserCreatedConnections.ts create mode 100644 sdk/python/pulumi_gcp/apihub/__init__.py create mode 100644 sdk/python/pulumi_gcp/apihub/_inputs.py create mode 100644 sdk/python/pulumi_gcp/apihub/api_hub_instance.py create mode 100644 sdk/python/pulumi_gcp/apihub/outputs.py create mode 100644 sdk/python/pulumi_gcp/chronicle/retrohunt.py create mode 100644 sdk/python/pulumi_gcp/colab/get_runtime_template_iam_policy.py create mode 100644 sdk/python/pulumi_gcp/colab/runtime.py create mode 100644 sdk/python/pulumi_gcp/colab/runtime_template_iam_binding.py create mode 100644 sdk/python/pulumi_gcp/colab/runtime_template_iam_member.py create mode 100644 sdk/python/pulumi_gcp/colab/runtime_template_iam_policy.py create mode 100644 sdk/python/pulumi_gcp/compute/get_instance_template_iam_policy.py create mode 100644 sdk/python/pulumi_gcp/compute/instance_template_iam_binding.py create mode 100644 sdk/python/pulumi_gcp/compute/instance_template_iam_member.py create mode 100644 sdk/python/pulumi_gcp/compute/instance_template_iam_policy.py create mode 100644 sdk/python/pulumi_gcp/kms/get_key_handles.py create mode 100644 sdk/python/pulumi_gcp/organizations/get_s.py create mode 100644 sdk/python/pulumi_gcp/parametermanager/get_parameter.py create mode 100644 sdk/python/pulumi_gcp/parametermanager/get_regional_parameters.py create mode 100644 sdk/python/pulumi_gcp/parametermanager/parameter_version.py create mode 100644 sdk/python/pulumi_gcp/redis/cluster_user_created_connections.py diff --git a/sdk/dotnet/Alloydb/Cluster.cs b/sdk/dotnet/Alloydb/Cluster.cs index 0429cf9606..c0d7fdb4e9 100644 --- a/sdk/dotnet/Alloydb/Cluster.cs +++ b/sdk/dotnet/Alloydb/Cluster.cs @@ -294,7 +294,8 @@ public partial class Cluster : global::Pulumi.CustomResource public Output> ContinuousBackupInfos { get; private set; } = null!; /// - /// The database engine major version. This is an optional field and it's populated at the Cluster creation time. This field cannot be changed after cluster creation. + /// The database engine major version. This is an optional field and it's populated at the Cluster creation time. + /// Note: Changing this field to a higer version results in upgrading the AlloyDB cluster which is an irreversible change. /// [Output("databaseVersion")] public Output DatabaseVersion { get; private set; } = null!; @@ -445,6 +446,14 @@ public partial class Cluster : global::Pulumi.CustomResource [Output("secondaryConfig")] public Output SecondaryConfig { get; private set; } = null!; + /// + /// Set to true to skip awaiting on the major version upgrade of the cluster. + /// Possible values: true, false + /// Default value: "true" + /// + [Output("skipAwaitMajorVersionUpgrade")] + public Output SkipAwaitMajorVersionUpgrade { get; private set; } = null!; + /// /// Output only. The current serving state of the cluster. /// @@ -568,7 +577,8 @@ public InputMap Annotations public Input? ContinuousBackupConfig { get; set; } /// - /// The database engine major version. This is an optional field and it's populated at the Cluster creation time. This field cannot be changed after cluster creation. + /// The database engine major version. This is an optional field and it's populated at the Cluster creation time. + /// Note: Changing this field to a higer version results in upgrading the AlloyDB cluster which is an irreversible change. /// [Input("databaseVersion")] public Input? DatabaseVersion { get; set; } @@ -680,6 +690,14 @@ public InputMap Labels [Input("secondaryConfig")] public Input? SecondaryConfig { get; set; } + /// + /// Set to true to skip awaiting on the major version upgrade of the cluster. + /// Possible values: true, false + /// Default value: "true" + /// + [Input("skipAwaitMajorVersionUpgrade")] + public Input? SkipAwaitMajorVersionUpgrade { get; set; } + /// /// The subscrition type of cluster. /// Possible values are: `TRIAL`, `STANDARD`. @@ -767,7 +785,8 @@ public InputList ContinuousBackupInfo } /// - /// The database engine major version. This is an optional field and it's populated at the Cluster creation time. This field cannot be changed after cluster creation. + /// The database engine major version. This is an optional field and it's populated at the Cluster creation time. + /// Note: Changing this field to a higer version results in upgrading the AlloyDB cluster which is an irreversible change. /// [Input("databaseVersion")] public Input? DatabaseVersion { get; set; } @@ -961,6 +980,14 @@ public InputMap PulumiLabels [Input("secondaryConfig")] public Input? SecondaryConfig { get; set; } + /// + /// Set to true to skip awaiting on the major version upgrade of the cluster. + /// Possible values: true, false + /// Default value: "true" + /// + [Input("skipAwaitMajorVersionUpgrade")] + public Input? SkipAwaitMajorVersionUpgrade { get; set; } + /// /// Output only. The current serving state of the cluster. /// diff --git a/sdk/dotnet/ApiHub/ApiHubInstance.cs b/sdk/dotnet/ApiHub/ApiHubInstance.cs new file mode 100644 index 0000000000..62eb377d76 --- /dev/null +++ b/sdk/dotnet/ApiHub/ApiHubInstance.cs @@ -0,0 +1,418 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.ApiHub +{ + /// + /// An ApiHubInstance represents the instance resources of the API Hub. + /// Currently, only one ApiHub instance is allowed for each project. + /// Currently, updation/deletion of ApiHub instance is not allowed. + /// + /// ## Example Usage + /// + /// ### Apihub Api Hub Instance Basic + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var apihub_instance_without_search = new Gcp.ApiHub.ApiHubInstance("apihub-instance-without-search", new() + /// { + /// Location = "us-central1", + /// Config = new Gcp.ApiHub.Inputs.ApiHubInstanceConfigArgs + /// { + /// DisableSearch = true, + /// }, + /// }); + /// + /// }); + /// ``` + /// ### Apihub Api Hub Instance Full + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var apihub_instance_search = new Gcp.ApiHub.ApiHubInstance("apihub-instance-search", new() + /// { + /// Project = "my-project", + /// ApiHubInstanceId = "test-instance-full", + /// Description = "Test API hub instance", + /// Location = "us-central1", + /// Config = new Gcp.ApiHub.Inputs.ApiHubInstanceConfigArgs + /// { + /// EncryptionType = "CMEK", + /// CmekKeyName = "projects/my-project/locations/us-central1/keyRings/apihub/cryptoKeys/apihub-key", + /// DisableSearch = false, + /// VertexLocation = "us", + /// }, + /// Labels = + /// { + /// { "environment", "dev" }, + /// }, + /// }); + /// + /// }); + /// ``` + /// + /// ## Import + /// + /// ApiHubInstance can be imported using any of these accepted formats: + /// + /// * `projects/{{project}}/locations/{{location}}/apiHubInstances/{{api_hub_instance_id}}` + /// + /// * `{{project}}/{{location}}/{{api_hub_instance_id}}` + /// + /// * `{{location}}/{{api_hub_instance_id}}` + /// + /// When using the `pulumi import` command, ApiHubInstance can be imported using one of the formats above. For example: + /// + /// ```sh + /// $ pulumi import gcp:apihub/apiHubInstance:ApiHubInstance default projects/{{project}}/locations/{{location}}/apiHubInstances/{{api_hub_instance_id}} + /// ``` + /// + /// ```sh + /// $ pulumi import gcp:apihub/apiHubInstance:ApiHubInstance default {{project}}/{{location}}/{{api_hub_instance_id}} + /// ``` + /// + /// ```sh + /// $ pulumi import gcp:apihub/apiHubInstance:ApiHubInstance default {{location}}/{{api_hub_instance_id}} + /// ``` + /// + [GcpResourceType("gcp:apihub/apiHubInstance:ApiHubInstance")] + public partial class ApiHubInstance : global::Pulumi.CustomResource + { + /// + /// Optional. Identifier to assign to the Api Hub instance. Must be unique within scope of the parent resource. If the field + /// is not provided, system generated id will be used. This value should be 4-40 characters, and valid characters are + /// '/a-z[0-9]-_/'. + /// + [Output("apiHubInstanceId")] + public Output ApiHubInstanceId { get; private set; } = null!; + + /// + /// Available configurations to provision an ApiHub Instance. + /// Structure is documented below. + /// + [Output("config")] + public Output Config { get; private set; } = null!; + + /// + /// Output only. Creation timestamp. + /// + [Output("createTime")] + public Output CreateTime { get; private set; } = null!; + + /// + /// Optional. Description of the ApiHub instance. + /// + [Output("description")] + public Output Description { get; private set; } = null!; + + /// + /// All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. + /// + [Output("effectiveLabels")] + public Output> EffectiveLabels { get; private set; } = null!; + + /// + /// Optional. Instance labels to represent user-provided metadata. Refer to cloud documentation on labels for more details. + /// https://cloud.google.com/compute/docs/labeling-resources **Note**: This field is non-authoritative, and will only manage + /// the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels present on + /// the resource. + /// + [Output("labels")] + public Output?> Labels { get; private set; } = null!; + + /// + /// Resource ID segment making up resource `name`. It identifies the resource within its parent collection as described in https://google.aip.dev/122. + /// + [Output("location")] + public Output Location { get; private set; } = null!; + + /// + /// Identifier. Format: + /// `projects/{project}/locations/{location}/apiHubInstances/{apiHubInstance}`. + /// + [Output("name")] + public Output Name { get; private set; } = null!; + + [Output("project")] + public Output Project { get; private set; } = null!; + + /// + /// The combination of labels configured directly on the resource + /// and default labels configured on the provider. + /// + [Output("pulumiLabels")] + public Output> PulumiLabels { get; private set; } = null!; + + /// + /// Output only. The current state of the ApiHub instance. + /// Possible values: + /// STATE_UNSPECIFIED + /// INACTIVE + /// CREATING + /// ACTIVE + /// UPDATING + /// DELETING + /// FAILED + /// + [Output("state")] + public Output State { get; private set; } = null!; + + /// + /// Output only. Extra information about ApiHub instance state. Currently the message + /// would be populated when state is `FAILED`. + /// + [Output("stateMessage")] + public Output StateMessage { get; private set; } = null!; + + /// + /// Output only. Last update timestamp. + /// + [Output("updateTime")] + public Output UpdateTime { get; private set; } = null!; + + + /// + /// Create a ApiHubInstance resource with the given unique name, arguments, and options. + /// + /// + /// The unique name of the resource + /// The arguments used to populate this resource's properties + /// A bag of options that control this resource's behavior + public ApiHubInstance(string name, ApiHubInstanceArgs args, CustomResourceOptions? options = null) + : base("gcp:apihub/apiHubInstance:ApiHubInstance", name, args ?? new ApiHubInstanceArgs(), MakeResourceOptions(options, "")) + { + } + + private ApiHubInstance(string name, Input id, ApiHubInstanceState? state = null, CustomResourceOptions? options = null) + : base("gcp:apihub/apiHubInstance:ApiHubInstance", name, state, MakeResourceOptions(options, id)) + { + } + + private static CustomResourceOptions MakeResourceOptions(CustomResourceOptions? options, Input? id) + { + var defaultOptions = new CustomResourceOptions + { + Version = Utilities.Version, + AdditionalSecretOutputs = + { + "effectiveLabels", + "pulumiLabels", + }, + }; + var merged = CustomResourceOptions.Merge(defaultOptions, options); + // Override the ID if one was specified for consistency with other language SDKs. + merged.Id = id ?? merged.Id; + return merged; + } + /// + /// Get an existing ApiHubInstance resource's state with the given name, ID, and optional extra + /// properties used to qualify the lookup. + /// + /// + /// The unique name of the resulting resource. + /// The unique provider ID of the resource to lookup. + /// Any extra arguments used during the lookup. + /// A bag of options that control this resource's behavior + public static ApiHubInstance Get(string name, Input id, ApiHubInstanceState? state = null, CustomResourceOptions? options = null) + { + return new ApiHubInstance(name, id, state, options); + } + } + + public sealed class ApiHubInstanceArgs : global::Pulumi.ResourceArgs + { + /// + /// Optional. Identifier to assign to the Api Hub instance. Must be unique within scope of the parent resource. If the field + /// is not provided, system generated id will be used. This value should be 4-40 characters, and valid characters are + /// '/a-z[0-9]-_/'. + /// + [Input("apiHubInstanceId")] + public Input? ApiHubInstanceId { get; set; } + + /// + /// Available configurations to provision an ApiHub Instance. + /// Structure is documented below. + /// + [Input("config", required: true)] + public Input Config { get; set; } = null!; + + /// + /// Optional. Description of the ApiHub instance. + /// + [Input("description")] + public Input? Description { get; set; } + + [Input("labels")] + private InputMap? _labels; + + /// + /// Optional. Instance labels to represent user-provided metadata. Refer to cloud documentation on labels for more details. + /// https://cloud.google.com/compute/docs/labeling-resources **Note**: This field is non-authoritative, and will only manage + /// the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels present on + /// the resource. + /// + public InputMap Labels + { + get => _labels ?? (_labels = new InputMap()); + set => _labels = value; + } + + /// + /// Resource ID segment making up resource `name`. It identifies the resource within its parent collection as described in https://google.aip.dev/122. + /// + [Input("location", required: true)] + public Input Location { get; set; } = null!; + + [Input("project")] + public Input? Project { get; set; } + + public ApiHubInstanceArgs() + { + } + public static new ApiHubInstanceArgs Empty => new ApiHubInstanceArgs(); + } + + public sealed class ApiHubInstanceState : global::Pulumi.ResourceArgs + { + /// + /// Optional. Identifier to assign to the Api Hub instance. Must be unique within scope of the parent resource. If the field + /// is not provided, system generated id will be used. This value should be 4-40 characters, and valid characters are + /// '/a-z[0-9]-_/'. + /// + [Input("apiHubInstanceId")] + public Input? ApiHubInstanceId { get; set; } + + /// + /// Available configurations to provision an ApiHub Instance. + /// Structure is documented below. + /// + [Input("config")] + public Input? Config { get; set; } + + /// + /// Output only. Creation timestamp. + /// + [Input("createTime")] + public Input? CreateTime { get; set; } + + /// + /// Optional. Description of the ApiHub instance. + /// + [Input("description")] + public Input? Description { get; set; } + + [Input("effectiveLabels")] + private InputMap? _effectiveLabels; + + /// + /// All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. + /// + public InputMap EffectiveLabels + { + get => _effectiveLabels ?? (_effectiveLabels = new InputMap()); + set + { + var emptySecret = Output.CreateSecret(ImmutableDictionary.Create()); + _effectiveLabels = Output.All(value, emptySecret).Apply(v => v[0]); + } + } + + [Input("labels")] + private InputMap? _labels; + + /// + /// Optional. Instance labels to represent user-provided metadata. Refer to cloud documentation on labels for more details. + /// https://cloud.google.com/compute/docs/labeling-resources **Note**: This field is non-authoritative, and will only manage + /// the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels present on + /// the resource. + /// + public InputMap Labels + { + get => _labels ?? (_labels = new InputMap()); + set => _labels = value; + } + + /// + /// Resource ID segment making up resource `name`. It identifies the resource within its parent collection as described in https://google.aip.dev/122. + /// + [Input("location")] + public Input? Location { get; set; } + + /// + /// Identifier. Format: + /// `projects/{project}/locations/{location}/apiHubInstances/{apiHubInstance}`. + /// + [Input("name")] + public Input? Name { get; set; } + + [Input("project")] + public Input? Project { get; set; } + + [Input("pulumiLabels")] + private InputMap? _pulumiLabels; + + /// + /// The combination of labels configured directly on the resource + /// and default labels configured on the provider. + /// + public InputMap PulumiLabels + { + get => _pulumiLabels ?? (_pulumiLabels = new InputMap()); + set + { + var emptySecret = Output.CreateSecret(ImmutableDictionary.Create()); + _pulumiLabels = Output.All(value, emptySecret).Apply(v => v[0]); + } + } + + /// + /// Output only. The current state of the ApiHub instance. + /// Possible values: + /// STATE_UNSPECIFIED + /// INACTIVE + /// CREATING + /// ACTIVE + /// UPDATING + /// DELETING + /// FAILED + /// + [Input("state")] + public Input? State { get; set; } + + /// + /// Output only. Extra information about ApiHub instance state. Currently the message + /// would be populated when state is `FAILED`. + /// + [Input("stateMessage")] + public Input? StateMessage { get; set; } + + /// + /// Output only. Last update timestamp. + /// + [Input("updateTime")] + public Input? UpdateTime { get; set; } + + public ApiHubInstanceState() + { + } + public static new ApiHubInstanceState Empty => new ApiHubInstanceState(); + } +} diff --git a/sdk/dotnet/ApiHub/Inputs/ApiHubInstanceConfigArgs.cs b/sdk/dotnet/ApiHub/Inputs/ApiHubInstanceConfigArgs.cs new file mode 100644 index 0000000000..ddfd379674 --- /dev/null +++ b/sdk/dotnet/ApiHub/Inputs/ApiHubInstanceConfigArgs.cs @@ -0,0 +1,57 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.ApiHub.Inputs +{ + + public sealed class ApiHubInstanceConfigArgs : global::Pulumi.ResourceArgs + { + /// + /// Optional. The Customer Managed Encryption Key (CMEK) used for data encryption. + /// The CMEK name should follow the format of + /// `projects/([^/]+)/locations/([^/]+)/keyRings/([^/]+)/cryptoKeys/([^/]+)`, + /// where the location must match the instance location. + /// If the CMEK is not provided, a GMEK will be created for the instance. + /// + [Input("cmekKeyName")] + public Input? CmekKeyName { get; set; } + + /// + /// Optional. If true, the search will be disabled for the instance. The default value + /// is false. + /// + [Input("disableSearch")] + public Input? DisableSearch { get; set; } + + /// + /// Optional. Encryption type for the region. If the encryption type is CMEK, the + /// cmek_key_name must be provided. If no encryption type is provided, + /// GMEK will be used. + /// Possible values: + /// ENCRYPTION_TYPE_UNSPECIFIED + /// GMEK + /// CMEK + /// + [Input("encryptionType")] + public Input? EncryptionType { get; set; } + + /// + /// Optional. The name of the Vertex AI location where the data store is stored. + /// + /// - - - + /// + [Input("vertexLocation")] + public Input? VertexLocation { get; set; } + + public ApiHubInstanceConfigArgs() + { + } + public static new ApiHubInstanceConfigArgs Empty => new ApiHubInstanceConfigArgs(); + } +} diff --git a/sdk/dotnet/ApiHub/Inputs/ApiHubInstanceConfigGetArgs.cs b/sdk/dotnet/ApiHub/Inputs/ApiHubInstanceConfigGetArgs.cs new file mode 100644 index 0000000000..afd232c187 --- /dev/null +++ b/sdk/dotnet/ApiHub/Inputs/ApiHubInstanceConfigGetArgs.cs @@ -0,0 +1,57 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.ApiHub.Inputs +{ + + public sealed class ApiHubInstanceConfigGetArgs : global::Pulumi.ResourceArgs + { + /// + /// Optional. The Customer Managed Encryption Key (CMEK) used for data encryption. + /// The CMEK name should follow the format of + /// `projects/([^/]+)/locations/([^/]+)/keyRings/([^/]+)/cryptoKeys/([^/]+)`, + /// where the location must match the instance location. + /// If the CMEK is not provided, a GMEK will be created for the instance. + /// + [Input("cmekKeyName")] + public Input? CmekKeyName { get; set; } + + /// + /// Optional. If true, the search will be disabled for the instance. The default value + /// is false. + /// + [Input("disableSearch")] + public Input? DisableSearch { get; set; } + + /// + /// Optional. Encryption type for the region. If the encryption type is CMEK, the + /// cmek_key_name must be provided. If no encryption type is provided, + /// GMEK will be used. + /// Possible values: + /// ENCRYPTION_TYPE_UNSPECIFIED + /// GMEK + /// CMEK + /// + [Input("encryptionType")] + public Input? EncryptionType { get; set; } + + /// + /// Optional. The name of the Vertex AI location where the data store is stored. + /// + /// - - - + /// + [Input("vertexLocation")] + public Input? VertexLocation { get; set; } + + public ApiHubInstanceConfigGetArgs() + { + } + public static new ApiHubInstanceConfigGetArgs Empty => new ApiHubInstanceConfigGetArgs(); + } +} diff --git a/sdk/dotnet/ApiHub/Outputs/ApiHubInstanceConfig.cs b/sdk/dotnet/ApiHub/Outputs/ApiHubInstanceConfig.cs new file mode 100644 index 0000000000..2bce012a1a --- /dev/null +++ b/sdk/dotnet/ApiHub/Outputs/ApiHubInstanceConfig.cs @@ -0,0 +1,62 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.ApiHub.Outputs +{ + + [OutputType] + public sealed class ApiHubInstanceConfig + { + /// + /// Optional. The Customer Managed Encryption Key (CMEK) used for data encryption. + /// The CMEK name should follow the format of + /// `projects/([^/]+)/locations/([^/]+)/keyRings/([^/]+)/cryptoKeys/([^/]+)`, + /// where the location must match the instance location. + /// If the CMEK is not provided, a GMEK will be created for the instance. + /// + public readonly string? CmekKeyName; + /// + /// Optional. If true, the search will be disabled for the instance. The default value + /// is false. + /// + public readonly bool? DisableSearch; + /// + /// Optional. Encryption type for the region. If the encryption type is CMEK, the + /// cmek_key_name must be provided. If no encryption type is provided, + /// GMEK will be used. + /// Possible values: + /// ENCRYPTION_TYPE_UNSPECIFIED + /// GMEK + /// CMEK + /// + public readonly string? EncryptionType; + /// + /// Optional. The name of the Vertex AI location where the data store is stored. + /// + /// - - - + /// + public readonly string? VertexLocation; + + [OutputConstructor] + private ApiHubInstanceConfig( + string? cmekKeyName, + + bool? disableSearch, + + string? encryptionType, + + string? vertexLocation) + { + CmekKeyName = cmekKeyName; + DisableSearch = disableSearch; + EncryptionType = encryptionType; + VertexLocation = vertexLocation; + } + } +} diff --git a/sdk/dotnet/ApiHub/README.md b/sdk/dotnet/ApiHub/README.md new file mode 100644 index 0000000000..061b113996 --- /dev/null +++ b/sdk/dotnet/ApiHub/README.md @@ -0,0 +1 @@ +A Pulumi package for creating and managing Google Cloud Platform resources. diff --git a/sdk/dotnet/Apigee/EndpointAttachment.cs b/sdk/dotnet/Apigee/EndpointAttachment.cs index 0679a3f084..3c4a90bedb 100644 --- a/sdk/dotnet/Apigee/EndpointAttachment.cs +++ b/sdk/dotnet/Apigee/EndpointAttachment.cs @@ -18,68 +18,6 @@ namespace Pulumi.Gcp.Apigee /// * How-to Guides /// * [Creating an environment](https://cloud.google.com/apigee/docs/api-platform/get-started/create-environment) /// - /// ## Example Usage - /// - /// ### Apigee Endpoint Attachment Basic - /// - /// ```csharp - /// using System.Collections.Generic; - /// using System.Linq; - /// using Pulumi; - /// using Gcp = Pulumi.Gcp; - /// - /// return await Deployment.RunAsync(() => - /// { - /// var current = Gcp.Organizations.GetClientConfig.Invoke(); - /// - /// var apigeeNetwork = new Gcp.Compute.Network("apigee_network", new() - /// { - /// Name = "apigee-network", - /// }); - /// - /// var apigeeRange = new Gcp.Compute.GlobalAddress("apigee_range", new() - /// { - /// Name = "apigee-range", - /// Purpose = "VPC_PEERING", - /// AddressType = "INTERNAL", - /// PrefixLength = 16, - /// Network = apigeeNetwork.Id, - /// }); - /// - /// var apigeeVpcConnection = new Gcp.ServiceNetworking.Connection("apigee_vpc_connection", new() - /// { - /// Network = apigeeNetwork.Id, - /// Service = "servicenetworking.googleapis.com", - /// ReservedPeeringRanges = new[] - /// { - /// apigeeRange.Name, - /// }, - /// }); - /// - /// var apigeeOrg = new Gcp.Apigee.Organization("apigee_org", new() - /// { - /// AnalyticsRegion = "us-central1", - /// ProjectId = current.Apply(getClientConfigResult => getClientConfigResult.Project), - /// AuthorizedNetwork = apigeeNetwork.Id, - /// }, new CustomResourceOptions - /// { - /// DependsOn = - /// { - /// apigeeVpcConnection, - /// }, - /// }); - /// - /// var apigeeEndpointAttachment = new Gcp.Apigee.EndpointAttachment("apigee_endpoint_attachment", new() - /// { - /// OrgId = apigeeOrg.Id, - /// EndpointAttachmentId = "test1", - /// Location = "{google_compute_service_attachment location}", - /// ServiceAttachment = "{google_compute_service_attachment id}", - /// }); - /// - /// }); - /// ``` - /// /// ## Import /// /// EndpointAttachment can be imported using any of these accepted formats: diff --git a/sdk/dotnet/Apigee/Environment.cs b/sdk/dotnet/Apigee/Environment.cs index fdf99c8616..1fc7168129 100644 --- a/sdk/dotnet/Apigee/Environment.cs +++ b/sdk/dotnet/Apigee/Environment.cs @@ -163,6 +163,13 @@ public partial class Environment : global::Pulumi.CustomResource [Output("orgId")] public Output OrgId { get; private set; } = null!; + /// + /// Key-value pairs that may be used for customizing the environment. + /// Structure is documented below. + /// + [Output("properties")] + public Output Properties { get; private set; } = null!; + /// /// Types that can be selected for an Environment. Each of the types are /// limited by capability and capacity. Refer to Apigee's public documentation @@ -281,6 +288,13 @@ public sealed class EnvironmentArgs : global::Pulumi.ResourceArgs [Input("orgId", required: true)] public Input OrgId { get; set; } = null!; + /// + /// Key-value pairs that may be used for customizing the environment. + /// Structure is documented below. + /// + [Input("properties")] + public Input? Properties { get; set; } + /// /// Types that can be selected for an Environment. Each of the types are /// limited by capability and capacity. Refer to Apigee's public documentation @@ -361,6 +375,13 @@ public sealed class EnvironmentState : global::Pulumi.ResourceArgs [Input("orgId")] public Input? OrgId { get; set; } + /// + /// Key-value pairs that may be used for customizing the environment. + /// Structure is documented below. + /// + [Input("properties")] + public Input? Properties { get; set; } + /// /// Types that can be selected for an Environment. Each of the types are /// limited by capability and capacity. Refer to Apigee's public documentation diff --git a/sdk/dotnet/Apigee/Inputs/EnvironmentPropertiesArgs.cs b/sdk/dotnet/Apigee/Inputs/EnvironmentPropertiesArgs.cs new file mode 100644 index 0000000000..c6913d685a --- /dev/null +++ b/sdk/dotnet/Apigee/Inputs/EnvironmentPropertiesArgs.cs @@ -0,0 +1,33 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Apigee.Inputs +{ + + public sealed class EnvironmentPropertiesArgs : global::Pulumi.ResourceArgs + { + [Input("properties")] + private InputList? _properties; + + /// + /// List of all properties in the object. + /// Structure is documented below. + /// + public InputList Properties + { + get => _properties ?? (_properties = new InputList()); + set => _properties = value; + } + + public EnvironmentPropertiesArgs() + { + } + public static new EnvironmentPropertiesArgs Empty => new EnvironmentPropertiesArgs(); + } +} diff --git a/sdk/dotnet/Apigee/Inputs/EnvironmentPropertiesGetArgs.cs b/sdk/dotnet/Apigee/Inputs/EnvironmentPropertiesGetArgs.cs new file mode 100644 index 0000000000..667d186924 --- /dev/null +++ b/sdk/dotnet/Apigee/Inputs/EnvironmentPropertiesGetArgs.cs @@ -0,0 +1,33 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Apigee.Inputs +{ + + public sealed class EnvironmentPropertiesGetArgs : global::Pulumi.ResourceArgs + { + [Input("properties")] + private InputList? _properties; + + /// + /// List of all properties in the object. + /// Structure is documented below. + /// + public InputList Properties + { + get => _properties ?? (_properties = new InputList()); + set => _properties = value; + } + + public EnvironmentPropertiesGetArgs() + { + } + public static new EnvironmentPropertiesGetArgs Empty => new EnvironmentPropertiesGetArgs(); + } +} diff --git a/sdk/dotnet/Apigee/Inputs/EnvironmentPropertiesPropertyArgs.cs b/sdk/dotnet/Apigee/Inputs/EnvironmentPropertiesPropertyArgs.cs new file mode 100644 index 0000000000..f0138ea044 --- /dev/null +++ b/sdk/dotnet/Apigee/Inputs/EnvironmentPropertiesPropertyArgs.cs @@ -0,0 +1,32 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Apigee.Inputs +{ + + public sealed class EnvironmentPropertiesPropertyArgs : global::Pulumi.ResourceArgs + { + /// + /// The property key. + /// + [Input("name")] + public Input? Name { get; set; } + + /// + /// The property value. + /// + [Input("value")] + public Input? Value { get; set; } + + public EnvironmentPropertiesPropertyArgs() + { + } + public static new EnvironmentPropertiesPropertyArgs Empty => new EnvironmentPropertiesPropertyArgs(); + } +} diff --git a/sdk/dotnet/Apigee/Inputs/EnvironmentPropertiesPropertyGetArgs.cs b/sdk/dotnet/Apigee/Inputs/EnvironmentPropertiesPropertyGetArgs.cs new file mode 100644 index 0000000000..c2ff38a7b5 --- /dev/null +++ b/sdk/dotnet/Apigee/Inputs/EnvironmentPropertiesPropertyGetArgs.cs @@ -0,0 +1,32 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Apigee.Inputs +{ + + public sealed class EnvironmentPropertiesPropertyGetArgs : global::Pulumi.ResourceArgs + { + /// + /// The property key. + /// + [Input("name")] + public Input? Name { get; set; } + + /// + /// The property value. + /// + [Input("value")] + public Input? Value { get; set; } + + public EnvironmentPropertiesPropertyGetArgs() + { + } + public static new EnvironmentPropertiesPropertyGetArgs Empty => new EnvironmentPropertiesPropertyGetArgs(); + } +} diff --git a/sdk/dotnet/Apigee/Outputs/EnvironmentProperties.cs b/sdk/dotnet/Apigee/Outputs/EnvironmentProperties.cs new file mode 100644 index 0000000000..e18c435d4a --- /dev/null +++ b/sdk/dotnet/Apigee/Outputs/EnvironmentProperties.cs @@ -0,0 +1,28 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Apigee.Outputs +{ + + [OutputType] + public sealed class EnvironmentProperties + { + /// + /// List of all properties in the object. + /// Structure is documented below. + /// + public readonly ImmutableArray Properties; + + [OutputConstructor] + private EnvironmentProperties(ImmutableArray properties) + { + Properties = properties; + } + } +} diff --git a/sdk/dotnet/Apigee/Outputs/EnvironmentPropertiesProperty.cs b/sdk/dotnet/Apigee/Outputs/EnvironmentPropertiesProperty.cs new file mode 100644 index 0000000000..53109806ab --- /dev/null +++ b/sdk/dotnet/Apigee/Outputs/EnvironmentPropertiesProperty.cs @@ -0,0 +1,35 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Apigee.Outputs +{ + + [OutputType] + public sealed class EnvironmentPropertiesProperty + { + /// + /// The property key. + /// + public readonly string? Name; + /// + /// The property value. + /// + public readonly string? Value; + + [OutputConstructor] + private EnvironmentPropertiesProperty( + string? name, + + string? value) + { + Name = name; + Value = value; + } + } +} diff --git a/sdk/dotnet/Chronicle/Inputs/RetrohuntExecutionIntervalArgs.cs b/sdk/dotnet/Chronicle/Inputs/RetrohuntExecutionIntervalArgs.cs new file mode 100644 index 0000000000..2983d0d79c --- /dev/null +++ b/sdk/dotnet/Chronicle/Inputs/RetrohuntExecutionIntervalArgs.cs @@ -0,0 +1,36 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Chronicle.Inputs +{ + + public sealed class RetrohuntExecutionIntervalArgs : global::Pulumi.ResourceArgs + { + /// + /// Optional. Exclusive end of the interval. + /// If specified, a Timestamp matching this interval will have to be before the + /// end. + /// + [Input("endTime")] + public Input? EndTime { get; set; } + + /// + /// Optional. Inclusive start of the interval. + /// If specified, a Timestamp matching this interval will have to be the same + /// or after the start. + /// + [Input("startTime")] + public Input? StartTime { get; set; } + + public RetrohuntExecutionIntervalArgs() + { + } + public static new RetrohuntExecutionIntervalArgs Empty => new RetrohuntExecutionIntervalArgs(); + } +} diff --git a/sdk/dotnet/Chronicle/Inputs/RetrohuntExecutionIntervalGetArgs.cs b/sdk/dotnet/Chronicle/Inputs/RetrohuntExecutionIntervalGetArgs.cs new file mode 100644 index 0000000000..0f482ed2c3 --- /dev/null +++ b/sdk/dotnet/Chronicle/Inputs/RetrohuntExecutionIntervalGetArgs.cs @@ -0,0 +1,36 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Chronicle.Inputs +{ + + public sealed class RetrohuntExecutionIntervalGetArgs : global::Pulumi.ResourceArgs + { + /// + /// Optional. Exclusive end of the interval. + /// If specified, a Timestamp matching this interval will have to be before the + /// end. + /// + [Input("endTime")] + public Input? EndTime { get; set; } + + /// + /// Optional. Inclusive start of the interval. + /// If specified, a Timestamp matching this interval will have to be the same + /// or after the start. + /// + [Input("startTime")] + public Input? StartTime { get; set; } + + public RetrohuntExecutionIntervalGetArgs() + { + } + public static new RetrohuntExecutionIntervalGetArgs Empty => new RetrohuntExecutionIntervalGetArgs(); + } +} diff --git a/sdk/dotnet/Chronicle/Inputs/RetrohuntProcessIntervalArgs.cs b/sdk/dotnet/Chronicle/Inputs/RetrohuntProcessIntervalArgs.cs new file mode 100644 index 0000000000..cb222402e7 --- /dev/null +++ b/sdk/dotnet/Chronicle/Inputs/RetrohuntProcessIntervalArgs.cs @@ -0,0 +1,34 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Chronicle.Inputs +{ + + public sealed class RetrohuntProcessIntervalArgs : global::Pulumi.ResourceArgs + { + /// + /// Exclusive end of the interval. + /// + /// - - - + /// + [Input("endTime", required: true)] + public Input EndTime { get; set; } = null!; + + /// + /// Inclusive start of the interval. + /// + [Input("startTime", required: true)] + public Input StartTime { get; set; } = null!; + + public RetrohuntProcessIntervalArgs() + { + } + public static new RetrohuntProcessIntervalArgs Empty => new RetrohuntProcessIntervalArgs(); + } +} diff --git a/sdk/dotnet/Chronicle/Inputs/RetrohuntProcessIntervalGetArgs.cs b/sdk/dotnet/Chronicle/Inputs/RetrohuntProcessIntervalGetArgs.cs new file mode 100644 index 0000000000..1bb9fa8af0 --- /dev/null +++ b/sdk/dotnet/Chronicle/Inputs/RetrohuntProcessIntervalGetArgs.cs @@ -0,0 +1,34 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Chronicle.Inputs +{ + + public sealed class RetrohuntProcessIntervalGetArgs : global::Pulumi.ResourceArgs + { + /// + /// Exclusive end of the interval. + /// + /// - - - + /// + [Input("endTime", required: true)] + public Input EndTime { get; set; } = null!; + + /// + /// Inclusive start of the interval. + /// + [Input("startTime", required: true)] + public Input StartTime { get; set; } = null!; + + public RetrohuntProcessIntervalGetArgs() + { + } + public static new RetrohuntProcessIntervalGetArgs Empty => new RetrohuntProcessIntervalGetArgs(); + } +} diff --git a/sdk/dotnet/Chronicle/Outputs/RetrohuntExecutionInterval.cs b/sdk/dotnet/Chronicle/Outputs/RetrohuntExecutionInterval.cs new file mode 100644 index 0000000000..23356cb178 --- /dev/null +++ b/sdk/dotnet/Chronicle/Outputs/RetrohuntExecutionInterval.cs @@ -0,0 +1,39 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Chronicle.Outputs +{ + + [OutputType] + public sealed class RetrohuntExecutionInterval + { + /// + /// Optional. Exclusive end of the interval. + /// If specified, a Timestamp matching this interval will have to be before the + /// end. + /// + public readonly string? EndTime; + /// + /// Optional. Inclusive start of the interval. + /// If specified, a Timestamp matching this interval will have to be the same + /// or after the start. + /// + public readonly string? StartTime; + + [OutputConstructor] + private RetrohuntExecutionInterval( + string? endTime, + + string? startTime) + { + EndTime = endTime; + StartTime = startTime; + } + } +} diff --git a/sdk/dotnet/Chronicle/Outputs/RetrohuntProcessInterval.cs b/sdk/dotnet/Chronicle/Outputs/RetrohuntProcessInterval.cs new file mode 100644 index 0000000000..a9ab8644de --- /dev/null +++ b/sdk/dotnet/Chronicle/Outputs/RetrohuntProcessInterval.cs @@ -0,0 +1,37 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Chronicle.Outputs +{ + + [OutputType] + public sealed class RetrohuntProcessInterval + { + /// + /// Exclusive end of the interval. + /// + /// - - - + /// + public readonly string EndTime; + /// + /// Inclusive start of the interval. + /// + public readonly string StartTime; + + [OutputConstructor] + private RetrohuntProcessInterval( + string endTime, + + string startTime) + { + EndTime = endTime; + StartTime = startTime; + } + } +} diff --git a/sdk/dotnet/Chronicle/Retrohunt.cs b/sdk/dotnet/Chronicle/Retrohunt.cs new file mode 100644 index 0000000000..3e295f6764 --- /dev/null +++ b/sdk/dotnet/Chronicle/Retrohunt.cs @@ -0,0 +1,305 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Chronicle +{ + /// + /// Retrohunt is an execution of a Rule over a time range in the past. + /// + /// To get more information about Retrohunt, see: + /// + /// * [API documentation](https://cloud.google.com/chronicle/docs/reference/rest/v1alpha/projects.locations.instances.rules.retrohunts) + /// * How-to Guides + /// * [Google SecOps Guides](https://cloud.google.com/chronicle/docs/secops/secops-overview) + /// + /// ## Example Usage + /// + /// ## Import + /// + /// Retrohunt can be imported using any of these accepted formats: + /// + /// * `projects/{{project}}/locations/{{location}}/instances/{{instance}}/rules/{{rule}}/retrohunts/{{retrohunt}}` + /// + /// * `{{project}}/{{location}}/{{instance}}/{{rule}}/{{retrohunt}}` + /// + /// * `{{location}}/{{instance}}/{{rule}}/{{retrohunt}}` + /// + /// When using the `pulumi import` command, Retrohunt can be imported using one of the formats above. For example: + /// + /// ```sh + /// $ pulumi import gcp:chronicle/retrohunt:Retrohunt default projects/{{project}}/locations/{{location}}/instances/{{instance}}/rules/{{rule}}/retrohunts/{{retrohunt}} + /// ``` + /// + /// ```sh + /// $ pulumi import gcp:chronicle/retrohunt:Retrohunt default {{project}}/{{location}}/{{instance}}/{{rule}}/{{retrohunt}} + /// ``` + /// + /// ```sh + /// $ pulumi import gcp:chronicle/retrohunt:Retrohunt default {{location}}/{{instance}}/{{rule}}/{{retrohunt}} + /// ``` + /// + [GcpResourceType("gcp:chronicle/retrohunt:Retrohunt")] + public partial class Retrohunt : global::Pulumi.CustomResource + { + /// + /// The retrohunt ID of the Retrohunt. A retrohunt is an execution of a Rule over a time range in the past. + /// + [Output("RetrohuntId")] + public Output RetrohuntId { get; private set; } = null!; + + /// + /// Represents a time interval, encoded as a Timestamp start (inclusive) and a + /// Timestamp end (exclusive). + /// The start must be less than or equal to the end. + /// When the start equals the end, the interval is empty (matches no time). + /// When both start and end are unspecified, the interval matches any time. + /// Structure is documented below. + /// + [Output("executionIntervals")] + public Output> ExecutionIntervals { get; private set; } = null!; + + /// + /// The unique identifier for the Chronicle instance, which is the same as the customer ID. + /// + [Output("instance")] + public Output Instance { get; private set; } = null!; + + /// + /// The location of the resource. This is the geographical region where the Chronicle instance resides, such as "us" or "europe-west2". + /// + [Output("location")] + public Output Location { get; private set; } = null!; + + /// + /// The resource name of the retrohunt. + /// Retrohunt is the child of a rule revision. {rule} in the format below is + /// structured as {rule_id@revision_id}. + /// Format: + /// projects/{project}/locations/{location}/instances/{instance}/rules/{rule}/retrohunts/{retrohunt} + /// + [Output("name")] + public Output Name { get; private set; } = null!; + + /// + /// Represents a time interval, encoded as a Timestamp start (inclusive) and a + /// Timestamp end (exclusive). + /// The start must be less than or equal to the end. + /// When the start equals the end, the interval is empty (matches no time). + /// When both start and end are unspecified, the interval matches any time. + /// Structure is documented below. + /// + [Output("processInterval")] + public Output ProcessInterval { get; private set; } = null!; + + /// + /// Output only. Percent progress of the retrohunt towards completion, from 0.00 to 100.00. + /// + [Output("progressPercentage")] + public Output ProgressPercentage { get; private set; } = null!; + + [Output("project")] + public Output Project { get; private set; } = null!; + + /// + /// The Rule ID of the rule. + /// + [Output("rule")] + public Output Rule { get; private set; } = null!; + + /// + /// Output only. The state of the retrohunt. + /// Possible values: + /// RUNNING + /// DONE + /// CANCELLED + /// FAILED + /// + [Output("state")] + public Output State { get; private set; } = null!; + + + /// + /// Create a Retrohunt resource with the given unique name, arguments, and options. + /// + /// + /// The unique name of the resource + /// The arguments used to populate this resource's properties + /// A bag of options that control this resource's behavior + public Retrohunt(string name, RetrohuntArgs args, CustomResourceOptions? options = null) + : base("gcp:chronicle/retrohunt:Retrohunt", name, args ?? new RetrohuntArgs(), MakeResourceOptions(options, "")) + { + } + + private Retrohunt(string name, Input id, RetrohuntState? state = null, CustomResourceOptions? options = null) + : base("gcp:chronicle/retrohunt:Retrohunt", name, state, MakeResourceOptions(options, id)) + { + } + + private static CustomResourceOptions MakeResourceOptions(CustomResourceOptions? options, Input? id) + { + var defaultOptions = new CustomResourceOptions + { + Version = Utilities.Version, + }; + var merged = CustomResourceOptions.Merge(defaultOptions, options); + // Override the ID if one was specified for consistency with other language SDKs. + merged.Id = id ?? merged.Id; + return merged; + } + /// + /// Get an existing Retrohunt resource's state with the given name, ID, and optional extra + /// properties used to qualify the lookup. + /// + /// + /// The unique name of the resulting resource. + /// The unique provider ID of the resource to lookup. + /// Any extra arguments used during the lookup. + /// A bag of options that control this resource's behavior + public static Retrohunt Get(string name, Input id, RetrohuntState? state = null, CustomResourceOptions? options = null) + { + return new Retrohunt(name, id, state, options); + } + } + + public sealed class RetrohuntArgs : global::Pulumi.ResourceArgs + { + /// + /// The retrohunt ID of the Retrohunt. A retrohunt is an execution of a Rule over a time range in the past. + /// + [Input("RetrohuntId")] + public Input? RetrohuntId { get; set; } + + /// + /// The unique identifier for the Chronicle instance, which is the same as the customer ID. + /// + [Input("instance", required: true)] + public Input Instance { get; set; } = null!; + + /// + /// The location of the resource. This is the geographical region where the Chronicle instance resides, such as "us" or "europe-west2". + /// + [Input("location", required: true)] + public Input Location { get; set; } = null!; + + /// + /// Represents a time interval, encoded as a Timestamp start (inclusive) and a + /// Timestamp end (exclusive). + /// The start must be less than or equal to the end. + /// When the start equals the end, the interval is empty (matches no time). + /// When both start and end are unspecified, the interval matches any time. + /// Structure is documented below. + /// + [Input("processInterval", required: true)] + public Input ProcessInterval { get; set; } = null!; + + [Input("project")] + public Input? Project { get; set; } + + /// + /// The Rule ID of the rule. + /// + [Input("rule", required: true)] + public Input Rule { get; set; } = null!; + + public RetrohuntArgs() + { + } + public static new RetrohuntArgs Empty => new RetrohuntArgs(); + } + + public sealed class RetrohuntState : global::Pulumi.ResourceArgs + { + /// + /// The retrohunt ID of the Retrohunt. A retrohunt is an execution of a Rule over a time range in the past. + /// + [Input("RetrohuntId")] + public Input? RetrohuntId { get; set; } + + [Input("executionIntervals")] + private InputList? _executionIntervals; + + /// + /// Represents a time interval, encoded as a Timestamp start (inclusive) and a + /// Timestamp end (exclusive). + /// The start must be less than or equal to the end. + /// When the start equals the end, the interval is empty (matches no time). + /// When both start and end are unspecified, the interval matches any time. + /// Structure is documented below. + /// + public InputList ExecutionIntervals + { + get => _executionIntervals ?? (_executionIntervals = new InputList()); + set => _executionIntervals = value; + } + + /// + /// The unique identifier for the Chronicle instance, which is the same as the customer ID. + /// + [Input("instance")] + public Input? Instance { get; set; } + + /// + /// The location of the resource. This is the geographical region where the Chronicle instance resides, such as "us" or "europe-west2". + /// + [Input("location")] + public Input? Location { get; set; } + + /// + /// The resource name of the retrohunt. + /// Retrohunt is the child of a rule revision. {rule} in the format below is + /// structured as {rule_id@revision_id}. + /// Format: + /// projects/{project}/locations/{location}/instances/{instance}/rules/{rule}/retrohunts/{retrohunt} + /// + [Input("name")] + public Input? Name { get; set; } + + /// + /// Represents a time interval, encoded as a Timestamp start (inclusive) and a + /// Timestamp end (exclusive). + /// The start must be less than or equal to the end. + /// When the start equals the end, the interval is empty (matches no time). + /// When both start and end are unspecified, the interval matches any time. + /// Structure is documented below. + /// + [Input("processInterval")] + public Input? ProcessInterval { get; set; } + + /// + /// Output only. Percent progress of the retrohunt towards completion, from 0.00 to 100.00. + /// + [Input("progressPercentage")] + public Input? ProgressPercentage { get; set; } + + [Input("project")] + public Input? Project { get; set; } + + /// + /// The Rule ID of the rule. + /// + [Input("rule")] + public Input? Rule { get; set; } + + /// + /// Output only. The state of the retrohunt. + /// Possible values: + /// RUNNING + /// DONE + /// CANCELLED + /// FAILED + /// + [Input("state")] + public Input? State { get; set; } + + public RetrohuntState() + { + } + public static new RetrohuntState Empty => new RetrohuntState(); + } +} diff --git a/sdk/dotnet/CloudRunV2/GetService.cs b/sdk/dotnet/CloudRunV2/GetService.cs index 15076d1cbb..c23ce25d09 100644 --- a/sdk/dotnet/CloudRunV2/GetService.cs +++ b/sdk/dotnet/CloudRunV2/GetService.cs @@ -158,6 +158,7 @@ public sealed class GetServiceResult { public readonly ImmutableDictionary Annotations; public readonly ImmutableArray BinaryAuthorizations; + public readonly ImmutableArray BuildConfigs; public readonly string Client; public readonly string ClientVersion; public readonly ImmutableArray Conditions; @@ -206,6 +207,8 @@ private GetServiceResult( ImmutableArray binaryAuthorizations, + ImmutableArray buildConfigs, + string client, string clientVersion, @@ -284,6 +287,7 @@ private GetServiceResult( { Annotations = annotations; BinaryAuthorizations = binaryAuthorizations; + BuildConfigs = buildConfigs; Client = client; ClientVersion = clientVersion; Conditions = conditions; diff --git a/sdk/dotnet/CloudRunV2/Inputs/ServiceBuildConfigArgs.cs b/sdk/dotnet/CloudRunV2/Inputs/ServiceBuildConfigArgs.cs new file mode 100644 index 0000000000..77ed1d3384 --- /dev/null +++ b/sdk/dotnet/CloudRunV2/Inputs/ServiceBuildConfigArgs.cs @@ -0,0 +1,81 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.CloudRunV2.Inputs +{ + + public sealed class ServiceBuildConfigArgs : global::Pulumi.ResourceArgs + { + /// + /// The base image used to build the function. + /// + [Input("baseImage")] + public Input? BaseImage { get; set; } + + /// + /// Sets whether the function will receive automatic base image updates. + /// + [Input("enableAutomaticUpdates")] + public Input? EnableAutomaticUpdates { get; set; } + + [Input("environmentVariables")] + private InputMap? _environmentVariables; + + /// + /// User-provided build-time environment variables for the function. + /// + public InputMap EnvironmentVariables + { + get => _environmentVariables ?? (_environmentVariables = new InputMap()); + set => _environmentVariables = value; + } + + /// + /// The name of the function (as defined in source code) that will be executed. Defaults to the resource name suffix, if not specified. For backward compatibility, if function with given name is not found, then the system will try to use function named "function". + /// + [Input("functionTarget")] + public Input? FunctionTarget { get; set; } + + /// + /// Artifact Registry URI to store the built image. + /// + [Input("imageUri")] + public Input? ImageUri { get; set; } + + /// + /// (Output) + /// The Cloud Build name of the latest successful deployment of the function. + /// + [Input("name")] + public Input? Name { get; set; } + + /// + /// Service account to be used for building the container. The format of this field is `projects/{projectId}/serviceAccounts/{serviceAccountEmail}`. + /// + [Input("serviceAccount")] + public Input? ServiceAccount { get; set; } + + /// + /// The Cloud Storage bucket URI where the function source code is located. + /// + [Input("sourceLocation")] + public Input? SourceLocation { get; set; } + + /// + /// Name of the Cloud Build Custom Worker Pool that should be used to build the Cloud Run function. The format of this field is `projects/{project}/locations/{region}/workerPools/{workerPool}` where {project} and {region} are the project id and region respectively where the worker pool is defined and {workerPool} is the short name of the worker pool. + /// + [Input("workerPool")] + public Input? WorkerPool { get; set; } + + public ServiceBuildConfigArgs() + { + } + public static new ServiceBuildConfigArgs Empty => new ServiceBuildConfigArgs(); + } +} diff --git a/sdk/dotnet/CloudRunV2/Inputs/ServiceBuildConfigGetArgs.cs b/sdk/dotnet/CloudRunV2/Inputs/ServiceBuildConfigGetArgs.cs new file mode 100644 index 0000000000..f3e1c99003 --- /dev/null +++ b/sdk/dotnet/CloudRunV2/Inputs/ServiceBuildConfigGetArgs.cs @@ -0,0 +1,81 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.CloudRunV2.Inputs +{ + + public sealed class ServiceBuildConfigGetArgs : global::Pulumi.ResourceArgs + { + /// + /// The base image used to build the function. + /// + [Input("baseImage")] + public Input? BaseImage { get; set; } + + /// + /// Sets whether the function will receive automatic base image updates. + /// + [Input("enableAutomaticUpdates")] + public Input? EnableAutomaticUpdates { get; set; } + + [Input("environmentVariables")] + private InputMap? _environmentVariables; + + /// + /// User-provided build-time environment variables for the function. + /// + public InputMap EnvironmentVariables + { + get => _environmentVariables ?? (_environmentVariables = new InputMap()); + set => _environmentVariables = value; + } + + /// + /// The name of the function (as defined in source code) that will be executed. Defaults to the resource name suffix, if not specified. For backward compatibility, if function with given name is not found, then the system will try to use function named "function". + /// + [Input("functionTarget")] + public Input? FunctionTarget { get; set; } + + /// + /// Artifact Registry URI to store the built image. + /// + [Input("imageUri")] + public Input? ImageUri { get; set; } + + /// + /// (Output) + /// The Cloud Build name of the latest successful deployment of the function. + /// + [Input("name")] + public Input? Name { get; set; } + + /// + /// Service account to be used for building the container. The format of this field is `projects/{projectId}/serviceAccounts/{serviceAccountEmail}`. + /// + [Input("serviceAccount")] + public Input? ServiceAccount { get; set; } + + /// + /// The Cloud Storage bucket URI where the function source code is located. + /// + [Input("sourceLocation")] + public Input? SourceLocation { get; set; } + + /// + /// Name of the Cloud Build Custom Worker Pool that should be used to build the Cloud Run function. The format of this field is `projects/{project}/locations/{region}/workerPools/{workerPool}` where {project} and {region} are the project id and region respectively where the worker pool is defined and {workerPool} is the short name of the worker pool. + /// + [Input("workerPool")] + public Input? WorkerPool { get; set; } + + public ServiceBuildConfigGetArgs() + { + } + public static new ServiceBuildConfigGetArgs Empty => new ServiceBuildConfigGetArgs(); + } +} diff --git a/sdk/dotnet/CloudRunV2/Outputs/GetServiceBuildConfigResult.cs b/sdk/dotnet/CloudRunV2/Outputs/GetServiceBuildConfigResult.cs new file mode 100644 index 0000000000..26e1144134 --- /dev/null +++ b/sdk/dotnet/CloudRunV2/Outputs/GetServiceBuildConfigResult.cs @@ -0,0 +1,84 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.CloudRunV2.Outputs +{ + + [OutputType] + public sealed class GetServiceBuildConfigResult + { + /// + /// The base image used to build the function. + /// + public readonly string BaseImage; + /// + /// Sets whether the function will receive automatic base image updates. + /// + public readonly bool EnableAutomaticUpdates; + /// + /// User-provided build-time environment variables for the function. + /// + public readonly ImmutableDictionary EnvironmentVariables; + /// + /// The name of the function (as defined in source code) that will be executed. Defaults to the resource name suffix, if not specified. For backward compatibility, if function with given name is not found, then the system will try to use function named "function". + /// + public readonly string FunctionTarget; + /// + /// Artifact Registry URI to store the built image. + /// + public readonly string ImageUri; + /// + /// The name of the Cloud Run v2 Service. + /// + public readonly string Name; + /// + /// Service account to be used for building the container. The format of this field is 'projects/{projectId}/serviceAccounts/{serviceAccountEmail}'. + /// + public readonly string ServiceAccount; + /// + /// The Cloud Storage bucket URI where the function source code is located. + /// + public readonly string SourceLocation; + /// + /// Name of the Cloud Build Custom Worker Pool that should be used to build the Cloud Run function. The format of this field is 'projects/{project}/locations/{region}/workerPools/{workerPool}' where {project} and {region} are the project id and region respectively where the worker pool is defined and {workerPool} is the short name of the worker pool. + /// + public readonly string WorkerPool; + + [OutputConstructor] + private GetServiceBuildConfigResult( + string baseImage, + + bool enableAutomaticUpdates, + + ImmutableDictionary environmentVariables, + + string functionTarget, + + string imageUri, + + string name, + + string serviceAccount, + + string sourceLocation, + + string workerPool) + { + BaseImage = baseImage; + EnableAutomaticUpdates = enableAutomaticUpdates; + EnvironmentVariables = environmentVariables; + FunctionTarget = functionTarget; + ImageUri = imageUri; + Name = name; + ServiceAccount = serviceAccount; + SourceLocation = sourceLocation; + WorkerPool = workerPool; + } + } +} diff --git a/sdk/dotnet/CloudRunV2/Outputs/ServiceBuildConfig.cs b/sdk/dotnet/CloudRunV2/Outputs/ServiceBuildConfig.cs new file mode 100644 index 0000000000..876c2950d4 --- /dev/null +++ b/sdk/dotnet/CloudRunV2/Outputs/ServiceBuildConfig.cs @@ -0,0 +1,85 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.CloudRunV2.Outputs +{ + + [OutputType] + public sealed class ServiceBuildConfig + { + /// + /// The base image used to build the function. + /// + public readonly string? BaseImage; + /// + /// Sets whether the function will receive automatic base image updates. + /// + public readonly bool? EnableAutomaticUpdates; + /// + /// User-provided build-time environment variables for the function. + /// + public readonly ImmutableDictionary? EnvironmentVariables; + /// + /// The name of the function (as defined in source code) that will be executed. Defaults to the resource name suffix, if not specified. For backward compatibility, if function with given name is not found, then the system will try to use function named "function". + /// + public readonly string? FunctionTarget; + /// + /// Artifact Registry URI to store the built image. + /// + public readonly string? ImageUri; + /// + /// (Output) + /// The Cloud Build name of the latest successful deployment of the function. + /// + public readonly string? Name; + /// + /// Service account to be used for building the container. The format of this field is `projects/{projectId}/serviceAccounts/{serviceAccountEmail}`. + /// + public readonly string? ServiceAccount; + /// + /// The Cloud Storage bucket URI where the function source code is located. + /// + public readonly string? SourceLocation; + /// + /// Name of the Cloud Build Custom Worker Pool that should be used to build the Cloud Run function. The format of this field is `projects/{project}/locations/{region}/workerPools/{workerPool}` where {project} and {region} are the project id and region respectively where the worker pool is defined and {workerPool} is the short name of the worker pool. + /// + public readonly string? WorkerPool; + + [OutputConstructor] + private ServiceBuildConfig( + string? baseImage, + + bool? enableAutomaticUpdates, + + ImmutableDictionary? environmentVariables, + + string? functionTarget, + + string? imageUri, + + string? name, + + string? serviceAccount, + + string? sourceLocation, + + string? workerPool) + { + BaseImage = baseImage; + EnableAutomaticUpdates = enableAutomaticUpdates; + EnvironmentVariables = environmentVariables; + FunctionTarget = functionTarget; + ImageUri = imageUri; + Name = name; + ServiceAccount = serviceAccount; + SourceLocation = sourceLocation; + WorkerPool = workerPool; + } + } +} diff --git a/sdk/dotnet/CloudRunV2/Service.cs b/sdk/dotnet/CloudRunV2/Service.cs index 7fd8fe3f48..661d524ee4 100644 --- a/sdk/dotnet/CloudRunV2/Service.cs +++ b/sdk/dotnet/CloudRunV2/Service.cs @@ -828,6 +828,98 @@ namespace Pulumi.Gcp.CloudRunV2 /// /// }); /// ``` + /// ### Cloudrunv2 Service Function + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var project = Gcp.Organizations.GetProject.Invoke(); + /// + /// var bucket = new Gcp.Storage.Bucket("bucket", new() + /// { + /// Name = $"{project.Apply(getProjectResult => getProjectResult.ProjectId)}-gcf-source", + /// Location = "US", + /// UniformBucketLevelAccess = true, + /// }); + /// + /// var @object = new Gcp.Storage.BucketObject("object", new() + /// { + /// Name = "function-source.zip", + /// Bucket = bucket.Name, + /// Source = new FileAsset("function_source.zip"), + /// }); + /// + /// var cloudbuildServiceAccount = new Gcp.ServiceAccount.Account("cloudbuild_service_account", new() + /// { + /// AccountId = "build-sa", + /// }); + /// + /// var actAs = new Gcp.Projects.IAMMember("act_as", new() + /// { + /// Project = project.Apply(getProjectResult => getProjectResult.ProjectId), + /// Role = "roles/iam.serviceAccountUser", + /// Member = cloudbuildServiceAccount.Email.Apply(email => $"serviceAccount:{email}"), + /// }); + /// + /// var logsWriter = new Gcp.Projects.IAMMember("logs_writer", new() + /// { + /// Project = project.Apply(getProjectResult => getProjectResult.ProjectId), + /// Role = "roles/logging.logWriter", + /// Member = cloudbuildServiceAccount.Email.Apply(email => $"serviceAccount:{email}"), + /// }); + /// + /// var @default = new Gcp.CloudRunV2.Service("default", new() + /// { + /// Name = "cloudrun-service", + /// Location = "us-central1", + /// DeletionProtection = false, + /// Ingress = "INGRESS_TRAFFIC_ALL", + /// Template = new Gcp.CloudRunV2.Inputs.ServiceTemplateArgs + /// { + /// Containers = new[] + /// { + /// new Gcp.CloudRunV2.Inputs.ServiceTemplateContainerArgs + /// { + /// Image = "us-docker.pkg.dev/cloudrun/container/hello", + /// }, + /// }, + /// }, + /// BuildConfig = new Gcp.CloudRunV2.Inputs.ServiceBuildConfigArgs + /// { + /// SourceLocation = Output.Tuple(bucket.Name, @object.Name).Apply(values => + /// { + /// var bucketName = values.Item1; + /// var objectName = values.Item2; + /// return $"gs://{bucketName}/{objectName}"; + /// }), + /// FunctionTarget = "helloHttp", + /// ImageUri = "us-docker.pkg.dev/cloudrun/container/hello", + /// BaseImage = "us-central1-docker.pkg.dev/serverless-runtimes/google-22-full/runtimes/nodejs22", + /// EnableAutomaticUpdates = true, + /// WorkerPool = "worker-pool", + /// EnvironmentVariables = + /// { + /// { "FOO_KEY", "FOO_VALUE" }, + /// { "BAR_KEY", "BAR_VALUE" }, + /// }, + /// ServiceAccount = cloudbuildServiceAccount.Id, + /// }, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// actAs, + /// logsWriter, + /// }, + /// }); + /// + /// }); + /// ``` /// /// ## Import /// @@ -874,6 +966,12 @@ public partial class Service : global::Pulumi.CustomResource [Output("binaryAuthorization")] public Output BinaryAuthorization { get; private set; } = null!; + /// + /// Configuration for building a Cloud Run function. + /// + [Output("buildConfig")] + public Output BuildConfig { get; private set; } = null!; + /// /// Arbitrary identifier for the API client. /// @@ -1189,6 +1287,12 @@ public InputMap Annotations [Input("binaryAuthorization")] public Input? BinaryAuthorization { get; set; } + /// + /// Configuration for building a Cloud Run function. + /// + [Input("buildConfig")] + public Input? BuildConfig { get; set; } + /// /// Arbitrary identifier for the API client. /// @@ -1348,6 +1452,12 @@ public InputMap Annotations [Input("binaryAuthorization")] public Input? BinaryAuthorization { get; set; } + /// + /// Configuration for building a Cloud Run function. + /// + [Input("buildConfig")] + public Input? BuildConfig { get; set; } + /// /// Arbitrary identifier for the API client. /// diff --git a/sdk/dotnet/Colab/GetRuntimeTemplateIamPolicy.cs b/sdk/dotnet/Colab/GetRuntimeTemplateIamPolicy.cs new file mode 100644 index 0000000000..12a6393361 --- /dev/null +++ b/sdk/dotnet/Colab/GetRuntimeTemplateIamPolicy.cs @@ -0,0 +1,198 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Colab +{ + public static class GetRuntimeTemplateIamPolicy + { + /// + /// Retrieves the current IAM policy data for runtimetemplate + /// + /// + /// ## example + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var policy = Gcp.Colab.GetRuntimeTemplateIamPolicy.Invoke(new() + /// { + /// Project = runtime_template.Project, + /// Location = runtime_template.Location, + /// RuntimeTemplate = runtime_template.Name, + /// }); + /// + /// }); + /// ``` + /// + public static Task InvokeAsync(GetRuntimeTemplateIamPolicyArgs args, InvokeOptions? options = null) + => global::Pulumi.Deployment.Instance.InvokeAsync("gcp:colab/getRuntimeTemplateIamPolicy:getRuntimeTemplateIamPolicy", args ?? new GetRuntimeTemplateIamPolicyArgs(), options.WithDefaults()); + + /// + /// Retrieves the current IAM policy data for runtimetemplate + /// + /// + /// ## example + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var policy = Gcp.Colab.GetRuntimeTemplateIamPolicy.Invoke(new() + /// { + /// Project = runtime_template.Project, + /// Location = runtime_template.Location, + /// RuntimeTemplate = runtime_template.Name, + /// }); + /// + /// }); + /// ``` + /// + public static Output Invoke(GetRuntimeTemplateIamPolicyInvokeArgs args, InvokeOptions? options = null) + => global::Pulumi.Deployment.Instance.Invoke("gcp:colab/getRuntimeTemplateIamPolicy:getRuntimeTemplateIamPolicy", args ?? new GetRuntimeTemplateIamPolicyInvokeArgs(), options.WithDefaults()); + + /// + /// Retrieves the current IAM policy data for runtimetemplate + /// + /// + /// ## example + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var policy = Gcp.Colab.GetRuntimeTemplateIamPolicy.Invoke(new() + /// { + /// Project = runtime_template.Project, + /// Location = runtime_template.Location, + /// RuntimeTemplate = runtime_template.Name, + /// }); + /// + /// }); + /// ``` + /// + public static Output Invoke(GetRuntimeTemplateIamPolicyInvokeArgs args, InvokeOutputOptions options) + => global::Pulumi.Deployment.Instance.Invoke("gcp:colab/getRuntimeTemplateIamPolicy:getRuntimeTemplateIamPolicy", args ?? new GetRuntimeTemplateIamPolicyInvokeArgs(), options.WithDefaults()); + } + + + public sealed class GetRuntimeTemplateIamPolicyArgs : global::Pulumi.InvokeArgs + { + /// + /// The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + /// the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + /// location is specified, it is taken from the provider configuration. + /// + [Input("location")] + public string? Location { get; set; } + + /// + /// The ID of the project in which the resource belongs. + /// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + /// + [Input("project")] + public string? Project { get; set; } + + /// + /// Used to find the parent resource to bind the IAM policy to + /// + [Input("runtimeTemplate", required: true)] + public string RuntimeTemplate { get; set; } = null!; + + public GetRuntimeTemplateIamPolicyArgs() + { + } + public static new GetRuntimeTemplateIamPolicyArgs Empty => new GetRuntimeTemplateIamPolicyArgs(); + } + + public sealed class GetRuntimeTemplateIamPolicyInvokeArgs : global::Pulumi.InvokeArgs + { + /// + /// The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + /// the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + /// location is specified, it is taken from the provider configuration. + /// + [Input("location")] + public Input? Location { get; set; } + + /// + /// The ID of the project in which the resource belongs. + /// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + /// + [Input("project")] + public Input? Project { get; set; } + + /// + /// Used to find the parent resource to bind the IAM policy to + /// + [Input("runtimeTemplate", required: true)] + public Input RuntimeTemplate { get; set; } = null!; + + public GetRuntimeTemplateIamPolicyInvokeArgs() + { + } + public static new GetRuntimeTemplateIamPolicyInvokeArgs Empty => new GetRuntimeTemplateIamPolicyInvokeArgs(); + } + + + [OutputType] + public sealed class GetRuntimeTemplateIamPolicyResult + { + /// + /// (Computed) The etag of the IAM policy. + /// + public readonly string Etag; + /// + /// The provider-assigned unique ID for this managed resource. + /// + public readonly string Id; + public readonly string Location; + /// + /// (Required only by `gcp.colab.RuntimeTemplateIamPolicy`) The policy data generated by + /// a `gcp.organizations.getIAMPolicy` data source. + /// + public readonly string PolicyData; + public readonly string Project; + public readonly string RuntimeTemplate; + + [OutputConstructor] + private GetRuntimeTemplateIamPolicyResult( + string etag, + + string id, + + string location, + + string policyData, + + string project, + + string runtimeTemplate) + { + Etag = etag; + Id = id; + Location = location; + PolicyData = policyData; + Project = project; + RuntimeTemplate = runtimeTemplate; + } + } +} diff --git a/sdk/dotnet/Colab/Inputs/RuntimeNotebookRuntimeTemplateRefArgs.cs b/sdk/dotnet/Colab/Inputs/RuntimeNotebookRuntimeTemplateRefArgs.cs new file mode 100644 index 0000000000..78b385a07b --- /dev/null +++ b/sdk/dotnet/Colab/Inputs/RuntimeNotebookRuntimeTemplateRefArgs.cs @@ -0,0 +1,26 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Colab.Inputs +{ + + public sealed class RuntimeNotebookRuntimeTemplateRefArgs : global::Pulumi.ResourceArgs + { + /// + /// The resource name of the NotebookRuntimeTemplate based on which a NotebookRuntime will be created. + /// + [Input("notebookRuntimeTemplate", required: true)] + public Input NotebookRuntimeTemplate { get; set; } = null!; + + public RuntimeNotebookRuntimeTemplateRefArgs() + { + } + public static new RuntimeNotebookRuntimeTemplateRefArgs Empty => new RuntimeNotebookRuntimeTemplateRefArgs(); + } +} diff --git a/sdk/dotnet/Colab/Inputs/RuntimeNotebookRuntimeTemplateRefGetArgs.cs b/sdk/dotnet/Colab/Inputs/RuntimeNotebookRuntimeTemplateRefGetArgs.cs new file mode 100644 index 0000000000..d03b786997 --- /dev/null +++ b/sdk/dotnet/Colab/Inputs/RuntimeNotebookRuntimeTemplateRefGetArgs.cs @@ -0,0 +1,26 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Colab.Inputs +{ + + public sealed class RuntimeNotebookRuntimeTemplateRefGetArgs : global::Pulumi.ResourceArgs + { + /// + /// The resource name of the NotebookRuntimeTemplate based on which a NotebookRuntime will be created. + /// + [Input("notebookRuntimeTemplate", required: true)] + public Input NotebookRuntimeTemplate { get; set; } = null!; + + public RuntimeNotebookRuntimeTemplateRefGetArgs() + { + } + public static new RuntimeNotebookRuntimeTemplateRefGetArgs Empty => new RuntimeNotebookRuntimeTemplateRefGetArgs(); + } +} diff --git a/sdk/dotnet/Colab/Inputs/RuntimeTemplateIamBindingConditionArgs.cs b/sdk/dotnet/Colab/Inputs/RuntimeTemplateIamBindingConditionArgs.cs new file mode 100644 index 0000000000..31c6e4271a --- /dev/null +++ b/sdk/dotnet/Colab/Inputs/RuntimeTemplateIamBindingConditionArgs.cs @@ -0,0 +1,29 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Colab.Inputs +{ + + public sealed class RuntimeTemplateIamBindingConditionArgs : global::Pulumi.ResourceArgs + { + [Input("description")] + public Input? Description { get; set; } + + [Input("expression", required: true)] + public Input Expression { get; set; } = null!; + + [Input("title", required: true)] + public Input Title { get; set; } = null!; + + public RuntimeTemplateIamBindingConditionArgs() + { + } + public static new RuntimeTemplateIamBindingConditionArgs Empty => new RuntimeTemplateIamBindingConditionArgs(); + } +} diff --git a/sdk/dotnet/Colab/Inputs/RuntimeTemplateIamBindingConditionGetArgs.cs b/sdk/dotnet/Colab/Inputs/RuntimeTemplateIamBindingConditionGetArgs.cs new file mode 100644 index 0000000000..89d84ef477 --- /dev/null +++ b/sdk/dotnet/Colab/Inputs/RuntimeTemplateIamBindingConditionGetArgs.cs @@ -0,0 +1,29 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Colab.Inputs +{ + + public sealed class RuntimeTemplateIamBindingConditionGetArgs : global::Pulumi.ResourceArgs + { + [Input("description")] + public Input? Description { get; set; } + + [Input("expression", required: true)] + public Input Expression { get; set; } = null!; + + [Input("title", required: true)] + public Input Title { get; set; } = null!; + + public RuntimeTemplateIamBindingConditionGetArgs() + { + } + public static new RuntimeTemplateIamBindingConditionGetArgs Empty => new RuntimeTemplateIamBindingConditionGetArgs(); + } +} diff --git a/sdk/dotnet/Colab/Inputs/RuntimeTemplateIamMemberConditionArgs.cs b/sdk/dotnet/Colab/Inputs/RuntimeTemplateIamMemberConditionArgs.cs new file mode 100644 index 0000000000..64b26f8f6d --- /dev/null +++ b/sdk/dotnet/Colab/Inputs/RuntimeTemplateIamMemberConditionArgs.cs @@ -0,0 +1,29 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Colab.Inputs +{ + + public sealed class RuntimeTemplateIamMemberConditionArgs : global::Pulumi.ResourceArgs + { + [Input("description")] + public Input? Description { get; set; } + + [Input("expression", required: true)] + public Input Expression { get; set; } = null!; + + [Input("title", required: true)] + public Input Title { get; set; } = null!; + + public RuntimeTemplateIamMemberConditionArgs() + { + } + public static new RuntimeTemplateIamMemberConditionArgs Empty => new RuntimeTemplateIamMemberConditionArgs(); + } +} diff --git a/sdk/dotnet/Colab/Inputs/RuntimeTemplateIamMemberConditionGetArgs.cs b/sdk/dotnet/Colab/Inputs/RuntimeTemplateIamMemberConditionGetArgs.cs new file mode 100644 index 0000000000..293f82a631 --- /dev/null +++ b/sdk/dotnet/Colab/Inputs/RuntimeTemplateIamMemberConditionGetArgs.cs @@ -0,0 +1,29 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Colab.Inputs +{ + + public sealed class RuntimeTemplateIamMemberConditionGetArgs : global::Pulumi.ResourceArgs + { + [Input("description")] + public Input? Description { get; set; } + + [Input("expression", required: true)] + public Input Expression { get; set; } = null!; + + [Input("title", required: true)] + public Input Title { get; set; } = null!; + + public RuntimeTemplateIamMemberConditionGetArgs() + { + } + public static new RuntimeTemplateIamMemberConditionGetArgs Empty => new RuntimeTemplateIamMemberConditionGetArgs(); + } +} diff --git a/sdk/dotnet/Colab/Outputs/RuntimeNotebookRuntimeTemplateRef.cs b/sdk/dotnet/Colab/Outputs/RuntimeNotebookRuntimeTemplateRef.cs new file mode 100644 index 0000000000..a4a2edeea7 --- /dev/null +++ b/sdk/dotnet/Colab/Outputs/RuntimeNotebookRuntimeTemplateRef.cs @@ -0,0 +1,27 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Colab.Outputs +{ + + [OutputType] + public sealed class RuntimeNotebookRuntimeTemplateRef + { + /// + /// The resource name of the NotebookRuntimeTemplate based on which a NotebookRuntime will be created. + /// + public readonly string NotebookRuntimeTemplate; + + [OutputConstructor] + private RuntimeNotebookRuntimeTemplateRef(string notebookRuntimeTemplate) + { + NotebookRuntimeTemplate = notebookRuntimeTemplate; + } + } +} diff --git a/sdk/dotnet/Colab/Outputs/RuntimeTemplateIamBindingCondition.cs b/sdk/dotnet/Colab/Outputs/RuntimeTemplateIamBindingCondition.cs new file mode 100644 index 0000000000..bdb6a7b94d --- /dev/null +++ b/sdk/dotnet/Colab/Outputs/RuntimeTemplateIamBindingCondition.cs @@ -0,0 +1,33 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Colab.Outputs +{ + + [OutputType] + public sealed class RuntimeTemplateIamBindingCondition + { + public readonly string? Description; + public readonly string Expression; + public readonly string Title; + + [OutputConstructor] + private RuntimeTemplateIamBindingCondition( + string? description, + + string expression, + + string title) + { + Description = description; + Expression = expression; + Title = title; + } + } +} diff --git a/sdk/dotnet/Colab/Outputs/RuntimeTemplateIamMemberCondition.cs b/sdk/dotnet/Colab/Outputs/RuntimeTemplateIamMemberCondition.cs new file mode 100644 index 0000000000..86d8919fb4 --- /dev/null +++ b/sdk/dotnet/Colab/Outputs/RuntimeTemplateIamMemberCondition.cs @@ -0,0 +1,33 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Colab.Outputs +{ + + [OutputType] + public sealed class RuntimeTemplateIamMemberCondition + { + public readonly string? Description; + public readonly string Expression; + public readonly string Title; + + [OutputConstructor] + private RuntimeTemplateIamMemberCondition( + string? description, + + string expression, + + string title) + { + Description = description; + Expression = expression; + Title = title; + } + } +} diff --git a/sdk/dotnet/Colab/Runtime.cs b/sdk/dotnet/Colab/Runtime.cs new file mode 100644 index 0000000000..1182d4c247 --- /dev/null +++ b/sdk/dotnet/Colab/Runtime.cs @@ -0,0 +1,375 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Colab +{ + /// + /// 'A runtime is a Google-provisioned virtual machine (VM) that can run the code in your notebook (IPYNB file).' + /// + /// To get more information about Runtime, see: + /// + /// * [API documentation](https://cloud.google.com/vertex-ai/docs/reference/rest/v1/projects.locations.notebookRuntimes) + /// * How-to Guides + /// * [Create a runtime](https://cloud.google.com/colab/docs/create-runtime) + /// + /// ## Example Usage + /// + /// ### Colab Runtime Basic + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var myTemplate = new Gcp.Colab.RuntimeTemplate("my_template", new() + /// { + /// Name = "colab-runtime", + /// DisplayName = "Runtime template basic", + /// Location = "us-central1", + /// MachineSpec = new Gcp.Colab.Inputs.RuntimeTemplateMachineSpecArgs + /// { + /// MachineType = "e2-standard-4", + /// }, + /// NetworkSpec = new Gcp.Colab.Inputs.RuntimeTemplateNetworkSpecArgs + /// { + /// EnableInternetAccess = true, + /// }, + /// }); + /// + /// var runtime = new Gcp.Colab.Runtime("runtime", new() + /// { + /// Name = "colab-runtime", + /// Location = "us-central1", + /// NotebookRuntimeTemplateRef = new Gcp.Colab.Inputs.RuntimeNotebookRuntimeTemplateRefArgs + /// { + /// NotebookRuntimeTemplate = myTemplate.Id, + /// }, + /// DisplayName = "Runtime basic", + /// RuntimeUser = "gterraformtestuser@gmail.com", + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// myTemplate, + /// }, + /// }); + /// + /// }); + /// ``` + /// ### Colab Runtime Full + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var myTemplate = new Gcp.Colab.RuntimeTemplate("my_template", new() + /// { + /// Name = "colab-runtime", + /// DisplayName = "Runtime template full", + /// Location = "us-central1", + /// Description = "Full runtime template", + /// MachineSpec = new Gcp.Colab.Inputs.RuntimeTemplateMachineSpecArgs + /// { + /// MachineType = "n1-standard-2", + /// AcceleratorType = "NVIDIA_TESLA_T4", + /// AcceleratorCount = 1, + /// }, + /// DataPersistentDiskSpec = new Gcp.Colab.Inputs.RuntimeTemplateDataPersistentDiskSpecArgs + /// { + /// DiskType = "pd-standard", + /// DiskSizeGb = "200", + /// }, + /// NetworkSpec = new Gcp.Colab.Inputs.RuntimeTemplateNetworkSpecArgs + /// { + /// EnableInternetAccess = true, + /// }, + /// Labels = + /// { + /// { "k", "val" }, + /// }, + /// IdleShutdownConfig = new Gcp.Colab.Inputs.RuntimeTemplateIdleShutdownConfigArgs + /// { + /// IdleTimeout = "3600s", + /// }, + /// EucConfig = new Gcp.Colab.Inputs.RuntimeTemplateEucConfigArgs + /// { + /// EucDisabled = true, + /// }, + /// ShieldedVmConfig = new Gcp.Colab.Inputs.RuntimeTemplateShieldedVmConfigArgs + /// { + /// EnableSecureBoot = true, + /// }, + /// NetworkTags = new[] + /// { + /// "abc", + /// "def", + /// }, + /// EncryptionSpec = new Gcp.Colab.Inputs.RuntimeTemplateEncryptionSpecArgs + /// { + /// KmsKeyName = "my-crypto-key", + /// }, + /// }); + /// + /// var runtime = new Gcp.Colab.Runtime("runtime", new() + /// { + /// Name = "colab-runtime", + /// Location = "us-central1", + /// NotebookRuntimeTemplateRef = new Gcp.Colab.Inputs.RuntimeNotebookRuntimeTemplateRefArgs + /// { + /// NotebookRuntimeTemplate = myTemplate.Id, + /// }, + /// DisplayName = "Runtime full", + /// RuntimeUser = "gterraformtestuser@gmail.com", + /// Description = "Full runtime", + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// myTemplate, + /// }, + /// }); + /// + /// }); + /// ``` + /// + /// ## Import + /// + /// Runtime can be imported using any of these accepted formats: + /// + /// * `projects/{{project}}/locations/{{location}}/notebookRuntimes/{{name}}` + /// + /// * `{{project}}/{{location}}/{{name}}` + /// + /// * `{{location}}/{{name}}` + /// + /// When using the `pulumi import` command, Runtime can be imported using one of the formats above. For example: + /// + /// ```sh + /// $ pulumi import gcp:colab/runtime:Runtime default projects/{{project}}/locations/{{location}}/notebookRuntimes/{{name}} + /// ``` + /// + /// ```sh + /// $ pulumi import gcp:colab/runtime:Runtime default {{project}}/{{location}}/{{name}} + /// ``` + /// + /// ```sh + /// $ pulumi import gcp:colab/runtime:Runtime default {{location}}/{{name}} + /// ``` + /// + [GcpResourceType("gcp:colab/runtime:Runtime")] + public partial class Runtime : global::Pulumi.CustomResource + { + /// + /// The description of the Runtime. + /// + [Output("description")] + public Output Description { get; private set; } = null!; + + /// + /// Required. The display name of the Runtime. + /// + [Output("displayName")] + public Output DisplayName { get; private set; } = null!; + + /// + /// The location for the resource: https://cloud.google.com/colab/docs/locations + /// + /// + /// - - - + /// + [Output("location")] + public Output Location { get; private set; } = null!; + + /// + /// The resource name of the Runtime + /// + [Output("name")] + public Output Name { get; private set; } = null!; + + /// + /// 'Runtime specific information used for NotebookRuntime creation.' + /// Structure is documented below. + /// + [Output("notebookRuntimeTemplateRef")] + public Output NotebookRuntimeTemplateRef { get; private set; } = null!; + + /// + /// The ID of the project in which the resource belongs. + /// If it is not provided, the provider project is used. + /// + [Output("project")] + public Output Project { get; private set; } = null!; + + /// + /// The user email of the NotebookRuntime. + /// + [Output("runtimeUser")] + public Output RuntimeUser { get; private set; } = null!; + + + /// + /// Create a Runtime resource with the given unique name, arguments, and options. + /// + /// + /// The unique name of the resource + /// The arguments used to populate this resource's properties + /// A bag of options that control this resource's behavior + public Runtime(string name, RuntimeArgs args, CustomResourceOptions? options = null) + : base("gcp:colab/runtime:Runtime", name, args ?? new RuntimeArgs(), MakeResourceOptions(options, "")) + { + } + + private Runtime(string name, Input id, RuntimeState? state = null, CustomResourceOptions? options = null) + : base("gcp:colab/runtime:Runtime", name, state, MakeResourceOptions(options, id)) + { + } + + private static CustomResourceOptions MakeResourceOptions(CustomResourceOptions? options, Input? id) + { + var defaultOptions = new CustomResourceOptions + { + Version = Utilities.Version, + }; + var merged = CustomResourceOptions.Merge(defaultOptions, options); + // Override the ID if one was specified for consistency with other language SDKs. + merged.Id = id ?? merged.Id; + return merged; + } + /// + /// Get an existing Runtime resource's state with the given name, ID, and optional extra + /// properties used to qualify the lookup. + /// + /// + /// The unique name of the resulting resource. + /// The unique provider ID of the resource to lookup. + /// Any extra arguments used during the lookup. + /// A bag of options that control this resource's behavior + public static Runtime Get(string name, Input id, RuntimeState? state = null, CustomResourceOptions? options = null) + { + return new Runtime(name, id, state, options); + } + } + + public sealed class RuntimeArgs : global::Pulumi.ResourceArgs + { + /// + /// The description of the Runtime. + /// + [Input("description")] + public Input? Description { get; set; } + + /// + /// Required. The display name of the Runtime. + /// + [Input("displayName", required: true)] + public Input DisplayName { get; set; } = null!; + + /// + /// The location for the resource: https://cloud.google.com/colab/docs/locations + /// + /// + /// - - - + /// + [Input("location", required: true)] + public Input Location { get; set; } = null!; + + /// + /// The resource name of the Runtime + /// + [Input("name")] + public Input? Name { get; set; } + + /// + /// 'Runtime specific information used for NotebookRuntime creation.' + /// Structure is documented below. + /// + [Input("notebookRuntimeTemplateRef")] + public Input? NotebookRuntimeTemplateRef { get; set; } + + /// + /// The ID of the project in which the resource belongs. + /// If it is not provided, the provider project is used. + /// + [Input("project")] + public Input? Project { get; set; } + + /// + /// The user email of the NotebookRuntime. + /// + [Input("runtimeUser", required: true)] + public Input RuntimeUser { get; set; } = null!; + + public RuntimeArgs() + { + } + public static new RuntimeArgs Empty => new RuntimeArgs(); + } + + public sealed class RuntimeState : global::Pulumi.ResourceArgs + { + /// + /// The description of the Runtime. + /// + [Input("description")] + public Input? Description { get; set; } + + /// + /// Required. The display name of the Runtime. + /// + [Input("displayName")] + public Input? DisplayName { get; set; } + + /// + /// The location for the resource: https://cloud.google.com/colab/docs/locations + /// + /// + /// - - - + /// + [Input("location")] + public Input? Location { get; set; } + + /// + /// The resource name of the Runtime + /// + [Input("name")] + public Input? Name { get; set; } + + /// + /// 'Runtime specific information used for NotebookRuntime creation.' + /// Structure is documented below. + /// + [Input("notebookRuntimeTemplateRef")] + public Input? NotebookRuntimeTemplateRef { get; set; } + + /// + /// The ID of the project in which the resource belongs. + /// If it is not provided, the provider project is used. + /// + [Input("project")] + public Input? Project { get; set; } + + /// + /// The user email of the NotebookRuntime. + /// + [Input("runtimeUser")] + public Input? RuntimeUser { get; set; } + + public RuntimeState() + { + } + public static new RuntimeState Empty => new RuntimeState(); + } +} diff --git a/sdk/dotnet/Colab/RuntimeTemplateIamBinding.cs b/sdk/dotnet/Colab/RuntimeTemplateIamBinding.cs new file mode 100644 index 0000000000..3eaa96f39f --- /dev/null +++ b/sdk/dotnet/Colab/RuntimeTemplateIamBinding.cs @@ -0,0 +1,480 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Colab +{ + /// + /// Three different resources help you manage your IAM policy for Colab Enterprise RuntimeTemplate. Each of these resources serves a different use case: + /// + /// * `gcp.colab.RuntimeTemplateIamPolicy`: Authoritative. Sets the IAM policy for the runtimetemplate and replaces any existing policy already attached. + /// * `gcp.colab.RuntimeTemplateIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the runtimetemplate are preserved. + /// * `gcp.colab.RuntimeTemplateIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the runtimetemplate are preserved. + /// + /// A data source can be used to retrieve policy data in advent you do not need creation + /// + /// * `gcp.colab.RuntimeTemplateIamPolicy`: Retrieves the IAM policy for the runtimetemplate + /// + /// > **Note:** `gcp.colab.RuntimeTemplateIamPolicy` **cannot** be used in conjunction with `gcp.colab.RuntimeTemplateIamBinding` and `gcp.colab.RuntimeTemplateIamMember` or they will fight over what your policy should be. + /// + /// > **Note:** `gcp.colab.RuntimeTemplateIamBinding` resources **can be** used in conjunction with `gcp.colab.RuntimeTemplateIamMember` resources **only if** they do not grant privilege to the same role. + /// + /// ## gcp.colab.RuntimeTemplateIamPolicy + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var admin = Gcp.Organizations.GetIAMPolicy.Invoke(new() + /// { + /// Bindings = new[] + /// { + /// new Gcp.Organizations.Inputs.GetIAMPolicyBindingInputArgs + /// { + /// Role = "roles/viewer", + /// Members = new[] + /// { + /// "user:jane@example.com", + /// }, + /// }, + /// }, + /// }); + /// + /// var policy = new Gcp.Colab.RuntimeTemplateIamPolicy("policy", new() + /// { + /// Project = runtime_template.Project, + /// Location = runtime_template.Location, + /// RuntimeTemplate = runtime_template.Name, + /// PolicyData = admin.Apply(getIAMPolicyResult => getIAMPolicyResult.PolicyData), + /// }); + /// + /// }); + /// ``` + /// + /// ## gcp.colab.RuntimeTemplateIamBinding + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var binding = new Gcp.Colab.RuntimeTemplateIamBinding("binding", new() + /// { + /// Project = runtime_template.Project, + /// Location = runtime_template.Location, + /// RuntimeTemplate = runtime_template.Name, + /// Role = "roles/viewer", + /// Members = new[] + /// { + /// "user:jane@example.com", + /// }, + /// }); + /// + /// }); + /// ``` + /// + /// ## gcp.colab.RuntimeTemplateIamMember + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var member = new Gcp.Colab.RuntimeTemplateIamMember("member", new() + /// { + /// Project = runtime_template.Project, + /// Location = runtime_template.Location, + /// RuntimeTemplate = runtime_template.Name, + /// Role = "roles/viewer", + /// Member = "user:jane@example.com", + /// }); + /// + /// }); + /// ``` + /// + /// ## This resource supports User Project Overrides. + /// + /// - + /// + /// # IAM policy for Colab Enterprise RuntimeTemplate + /// Three different resources help you manage your IAM policy for Colab Enterprise RuntimeTemplate. Each of these resources serves a different use case: + /// + /// * `gcp.colab.RuntimeTemplateIamPolicy`: Authoritative. Sets the IAM policy for the runtimetemplate and replaces any existing policy already attached. + /// * `gcp.colab.RuntimeTemplateIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the runtimetemplate are preserved. + /// * `gcp.colab.RuntimeTemplateIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the runtimetemplate are preserved. + /// + /// A data source can be used to retrieve policy data in advent you do not need creation + /// + /// * `gcp.colab.RuntimeTemplateIamPolicy`: Retrieves the IAM policy for the runtimetemplate + /// + /// > **Note:** `gcp.colab.RuntimeTemplateIamPolicy` **cannot** be used in conjunction with `gcp.colab.RuntimeTemplateIamBinding` and `gcp.colab.RuntimeTemplateIamMember` or they will fight over what your policy should be. + /// + /// > **Note:** `gcp.colab.RuntimeTemplateIamBinding` resources **can be** used in conjunction with `gcp.colab.RuntimeTemplateIamMember` resources **only if** they do not grant privilege to the same role. + /// + /// ## gcp.colab.RuntimeTemplateIamPolicy + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var admin = Gcp.Organizations.GetIAMPolicy.Invoke(new() + /// { + /// Bindings = new[] + /// { + /// new Gcp.Organizations.Inputs.GetIAMPolicyBindingInputArgs + /// { + /// Role = "roles/viewer", + /// Members = new[] + /// { + /// "user:jane@example.com", + /// }, + /// }, + /// }, + /// }); + /// + /// var policy = new Gcp.Colab.RuntimeTemplateIamPolicy("policy", new() + /// { + /// Project = runtime_template.Project, + /// Location = runtime_template.Location, + /// RuntimeTemplate = runtime_template.Name, + /// PolicyData = admin.Apply(getIAMPolicyResult => getIAMPolicyResult.PolicyData), + /// }); + /// + /// }); + /// ``` + /// + /// ## gcp.colab.RuntimeTemplateIamBinding + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var binding = new Gcp.Colab.RuntimeTemplateIamBinding("binding", new() + /// { + /// Project = runtime_template.Project, + /// Location = runtime_template.Location, + /// RuntimeTemplate = runtime_template.Name, + /// Role = "roles/viewer", + /// Members = new[] + /// { + /// "user:jane@example.com", + /// }, + /// }); + /// + /// }); + /// ``` + /// + /// ## gcp.colab.RuntimeTemplateIamMember + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var member = new Gcp.Colab.RuntimeTemplateIamMember("member", new() + /// { + /// Project = runtime_template.Project, + /// Location = runtime_template.Location, + /// RuntimeTemplate = runtime_template.Name, + /// Role = "roles/viewer", + /// Member = "user:jane@example.com", + /// }); + /// + /// }); + /// ``` + /// + /// ## Import + /// + /// For all import syntaxes, the "resource in question" can take any of the following forms: + /// + /// * projects/{{project}}/locations/{{location}}/notebookRuntimeTemplates/{{runtime_template}} + /// + /// * {{project}}/{{location}}/{{runtime_template}} + /// + /// * {{location}}/{{runtime_template}} + /// + /// * {{runtime_template}} + /// + /// Any variables not passed in the import command will be taken from the provider configuration. + /// + /// Colab Enterprise runtimetemplate IAM resources can be imported using the resource identifiers, role, and member. + /// + /// IAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g. + /// + /// ```sh + /// $ pulumi import gcp:colab/runtimeTemplateIamBinding:RuntimeTemplateIamBinding editor "projects/{{project}}/locations/{{location}}/notebookRuntimeTemplates/{{runtime_template}} roles/viewer user:jane@example.com" + /// ``` + /// + /// IAM binding imports use space-delimited identifiers: the resource in question and the role, e.g. + /// + /// ```sh + /// $ pulumi import gcp:colab/runtimeTemplateIamBinding:RuntimeTemplateIamBinding editor "projects/{{project}}/locations/{{location}}/notebookRuntimeTemplates/{{runtime_template}} roles/viewer" + /// ``` + /// + /// IAM policy imports use the identifier of the resource in question, e.g. + /// + /// ```sh + /// $ pulumi import gcp:colab/runtimeTemplateIamBinding:RuntimeTemplateIamBinding editor projects/{{project}}/locations/{{location}}/notebookRuntimeTemplates/{{runtime_template}} + /// ``` + /// + /// -> **Custom Roles** If you're importing a IAM resource with a custom role, make sure to use the + /// + /// full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`. + /// + [GcpResourceType("gcp:colab/runtimeTemplateIamBinding:RuntimeTemplateIamBinding")] + public partial class RuntimeTemplateIamBinding : global::Pulumi.CustomResource + { + [Output("condition")] + public Output Condition { get; private set; } = null!; + + /// + /// (Computed) The etag of the IAM policy. + /// + [Output("etag")] + public Output Etag { get; private set; } = null!; + + /// + /// The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + /// the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + /// location is specified, it is taken from the provider configuration. + /// + [Output("location")] + public Output Location { get; private set; } = null!; + + /// + /// Identities that will be granted the privilege in `role`. + /// Each entry can have one of the following values: + /// * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + /// * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + /// * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + /// * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + /// * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + /// * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + /// * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + /// * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + /// * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + /// + [Output("members")] + public Output> Members { get; private set; } = null!; + + /// + /// The ID of the project in which the resource belongs. + /// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + /// + [Output("project")] + public Output Project { get; private set; } = null!; + + /// + /// The role that should be applied. Only one + /// `gcp.colab.RuntimeTemplateIamBinding` can be used per role. Note that custom roles must be of the format + /// `[projects|organizations]/{parent-name}/roles/{role-name}`. + /// + [Output("role")] + public Output Role { get; private set; } = null!; + + /// + /// Used to find the parent resource to bind the IAM policy to + /// + [Output("runtimeTemplate")] + public Output RuntimeTemplate { get; private set; } = null!; + + + /// + /// Create a RuntimeTemplateIamBinding resource with the given unique name, arguments, and options. + /// + /// + /// The unique name of the resource + /// The arguments used to populate this resource's properties + /// A bag of options that control this resource's behavior + public RuntimeTemplateIamBinding(string name, RuntimeTemplateIamBindingArgs args, CustomResourceOptions? options = null) + : base("gcp:colab/runtimeTemplateIamBinding:RuntimeTemplateIamBinding", name, args ?? new RuntimeTemplateIamBindingArgs(), MakeResourceOptions(options, "")) + { + } + + private RuntimeTemplateIamBinding(string name, Input id, RuntimeTemplateIamBindingState? state = null, CustomResourceOptions? options = null) + : base("gcp:colab/runtimeTemplateIamBinding:RuntimeTemplateIamBinding", name, state, MakeResourceOptions(options, id)) + { + } + + private static CustomResourceOptions MakeResourceOptions(CustomResourceOptions? options, Input? id) + { + var defaultOptions = new CustomResourceOptions + { + Version = Utilities.Version, + }; + var merged = CustomResourceOptions.Merge(defaultOptions, options); + // Override the ID if one was specified for consistency with other language SDKs. + merged.Id = id ?? merged.Id; + return merged; + } + /// + /// Get an existing RuntimeTemplateIamBinding resource's state with the given name, ID, and optional extra + /// properties used to qualify the lookup. + /// + /// + /// The unique name of the resulting resource. + /// The unique provider ID of the resource to lookup. + /// Any extra arguments used during the lookup. + /// A bag of options that control this resource's behavior + public static RuntimeTemplateIamBinding Get(string name, Input id, RuntimeTemplateIamBindingState? state = null, CustomResourceOptions? options = null) + { + return new RuntimeTemplateIamBinding(name, id, state, options); + } + } + + public sealed class RuntimeTemplateIamBindingArgs : global::Pulumi.ResourceArgs + { + [Input("condition")] + public Input? Condition { get; set; } + + /// + /// The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + /// the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + /// location is specified, it is taken from the provider configuration. + /// + [Input("location")] + public Input? Location { get; set; } + + [Input("members", required: true)] + private InputList? _members; + + /// + /// Identities that will be granted the privilege in `role`. + /// Each entry can have one of the following values: + /// * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + /// * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + /// * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + /// * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + /// * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + /// * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + /// * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + /// * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + /// * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + /// + public InputList Members + { + get => _members ?? (_members = new InputList()); + set => _members = value; + } + + /// + /// The ID of the project in which the resource belongs. + /// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + /// + [Input("project")] + public Input? Project { get; set; } + + /// + /// The role that should be applied. Only one + /// `gcp.colab.RuntimeTemplateIamBinding` can be used per role. Note that custom roles must be of the format + /// `[projects|organizations]/{parent-name}/roles/{role-name}`. + /// + [Input("role", required: true)] + public Input Role { get; set; } = null!; + + /// + /// Used to find the parent resource to bind the IAM policy to + /// + [Input("runtimeTemplate", required: true)] + public Input RuntimeTemplate { get; set; } = null!; + + public RuntimeTemplateIamBindingArgs() + { + } + public static new RuntimeTemplateIamBindingArgs Empty => new RuntimeTemplateIamBindingArgs(); + } + + public sealed class RuntimeTemplateIamBindingState : global::Pulumi.ResourceArgs + { + [Input("condition")] + public Input? Condition { get; set; } + + /// + /// (Computed) The etag of the IAM policy. + /// + [Input("etag")] + public Input? Etag { get; set; } + + /// + /// The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + /// the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + /// location is specified, it is taken from the provider configuration. + /// + [Input("location")] + public Input? Location { get; set; } + + [Input("members")] + private InputList? _members; + + /// + /// Identities that will be granted the privilege in `role`. + /// Each entry can have one of the following values: + /// * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + /// * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + /// * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + /// * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + /// * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + /// * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + /// * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + /// * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + /// * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + /// + public InputList Members + { + get => _members ?? (_members = new InputList()); + set => _members = value; + } + + /// + /// The ID of the project in which the resource belongs. + /// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + /// + [Input("project")] + public Input? Project { get; set; } + + /// + /// The role that should be applied. Only one + /// `gcp.colab.RuntimeTemplateIamBinding` can be used per role. Note that custom roles must be of the format + /// `[projects|organizations]/{parent-name}/roles/{role-name}`. + /// + [Input("role")] + public Input? Role { get; set; } + + /// + /// Used to find the parent resource to bind the IAM policy to + /// + [Input("runtimeTemplate")] + public Input? RuntimeTemplate { get; set; } + + public RuntimeTemplateIamBindingState() + { + } + public static new RuntimeTemplateIamBindingState Empty => new RuntimeTemplateIamBindingState(); + } +} diff --git a/sdk/dotnet/Colab/RuntimeTemplateIamMember.cs b/sdk/dotnet/Colab/RuntimeTemplateIamMember.cs new file mode 100644 index 0000000000..9d153df074 --- /dev/null +++ b/sdk/dotnet/Colab/RuntimeTemplateIamMember.cs @@ -0,0 +1,468 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Colab +{ + /// + /// Three different resources help you manage your IAM policy for Colab Enterprise RuntimeTemplate. Each of these resources serves a different use case: + /// + /// * `gcp.colab.RuntimeTemplateIamPolicy`: Authoritative. Sets the IAM policy for the runtimetemplate and replaces any existing policy already attached. + /// * `gcp.colab.RuntimeTemplateIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the runtimetemplate are preserved. + /// * `gcp.colab.RuntimeTemplateIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the runtimetemplate are preserved. + /// + /// A data source can be used to retrieve policy data in advent you do not need creation + /// + /// * `gcp.colab.RuntimeTemplateIamPolicy`: Retrieves the IAM policy for the runtimetemplate + /// + /// > **Note:** `gcp.colab.RuntimeTemplateIamPolicy` **cannot** be used in conjunction with `gcp.colab.RuntimeTemplateIamBinding` and `gcp.colab.RuntimeTemplateIamMember` or they will fight over what your policy should be. + /// + /// > **Note:** `gcp.colab.RuntimeTemplateIamBinding` resources **can be** used in conjunction with `gcp.colab.RuntimeTemplateIamMember` resources **only if** they do not grant privilege to the same role. + /// + /// ## gcp.colab.RuntimeTemplateIamPolicy + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var admin = Gcp.Organizations.GetIAMPolicy.Invoke(new() + /// { + /// Bindings = new[] + /// { + /// new Gcp.Organizations.Inputs.GetIAMPolicyBindingInputArgs + /// { + /// Role = "roles/viewer", + /// Members = new[] + /// { + /// "user:jane@example.com", + /// }, + /// }, + /// }, + /// }); + /// + /// var policy = new Gcp.Colab.RuntimeTemplateIamPolicy("policy", new() + /// { + /// Project = runtime_template.Project, + /// Location = runtime_template.Location, + /// RuntimeTemplate = runtime_template.Name, + /// PolicyData = admin.Apply(getIAMPolicyResult => getIAMPolicyResult.PolicyData), + /// }); + /// + /// }); + /// ``` + /// + /// ## gcp.colab.RuntimeTemplateIamBinding + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var binding = new Gcp.Colab.RuntimeTemplateIamBinding("binding", new() + /// { + /// Project = runtime_template.Project, + /// Location = runtime_template.Location, + /// RuntimeTemplate = runtime_template.Name, + /// Role = "roles/viewer", + /// Members = new[] + /// { + /// "user:jane@example.com", + /// }, + /// }); + /// + /// }); + /// ``` + /// + /// ## gcp.colab.RuntimeTemplateIamMember + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var member = new Gcp.Colab.RuntimeTemplateIamMember("member", new() + /// { + /// Project = runtime_template.Project, + /// Location = runtime_template.Location, + /// RuntimeTemplate = runtime_template.Name, + /// Role = "roles/viewer", + /// Member = "user:jane@example.com", + /// }); + /// + /// }); + /// ``` + /// + /// ## This resource supports User Project Overrides. + /// + /// - + /// + /// # IAM policy for Colab Enterprise RuntimeTemplate + /// Three different resources help you manage your IAM policy for Colab Enterprise RuntimeTemplate. Each of these resources serves a different use case: + /// + /// * `gcp.colab.RuntimeTemplateIamPolicy`: Authoritative. Sets the IAM policy for the runtimetemplate and replaces any existing policy already attached. + /// * `gcp.colab.RuntimeTemplateIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the runtimetemplate are preserved. + /// * `gcp.colab.RuntimeTemplateIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the runtimetemplate are preserved. + /// + /// A data source can be used to retrieve policy data in advent you do not need creation + /// + /// * `gcp.colab.RuntimeTemplateIamPolicy`: Retrieves the IAM policy for the runtimetemplate + /// + /// > **Note:** `gcp.colab.RuntimeTemplateIamPolicy` **cannot** be used in conjunction with `gcp.colab.RuntimeTemplateIamBinding` and `gcp.colab.RuntimeTemplateIamMember` or they will fight over what your policy should be. + /// + /// > **Note:** `gcp.colab.RuntimeTemplateIamBinding` resources **can be** used in conjunction with `gcp.colab.RuntimeTemplateIamMember` resources **only if** they do not grant privilege to the same role. + /// + /// ## gcp.colab.RuntimeTemplateIamPolicy + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var admin = Gcp.Organizations.GetIAMPolicy.Invoke(new() + /// { + /// Bindings = new[] + /// { + /// new Gcp.Organizations.Inputs.GetIAMPolicyBindingInputArgs + /// { + /// Role = "roles/viewer", + /// Members = new[] + /// { + /// "user:jane@example.com", + /// }, + /// }, + /// }, + /// }); + /// + /// var policy = new Gcp.Colab.RuntimeTemplateIamPolicy("policy", new() + /// { + /// Project = runtime_template.Project, + /// Location = runtime_template.Location, + /// RuntimeTemplate = runtime_template.Name, + /// PolicyData = admin.Apply(getIAMPolicyResult => getIAMPolicyResult.PolicyData), + /// }); + /// + /// }); + /// ``` + /// + /// ## gcp.colab.RuntimeTemplateIamBinding + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var binding = new Gcp.Colab.RuntimeTemplateIamBinding("binding", new() + /// { + /// Project = runtime_template.Project, + /// Location = runtime_template.Location, + /// RuntimeTemplate = runtime_template.Name, + /// Role = "roles/viewer", + /// Members = new[] + /// { + /// "user:jane@example.com", + /// }, + /// }); + /// + /// }); + /// ``` + /// + /// ## gcp.colab.RuntimeTemplateIamMember + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var member = new Gcp.Colab.RuntimeTemplateIamMember("member", new() + /// { + /// Project = runtime_template.Project, + /// Location = runtime_template.Location, + /// RuntimeTemplate = runtime_template.Name, + /// Role = "roles/viewer", + /// Member = "user:jane@example.com", + /// }); + /// + /// }); + /// ``` + /// + /// ## Import + /// + /// For all import syntaxes, the "resource in question" can take any of the following forms: + /// + /// * projects/{{project}}/locations/{{location}}/notebookRuntimeTemplates/{{runtime_template}} + /// + /// * {{project}}/{{location}}/{{runtime_template}} + /// + /// * {{location}}/{{runtime_template}} + /// + /// * {{runtime_template}} + /// + /// Any variables not passed in the import command will be taken from the provider configuration. + /// + /// Colab Enterprise runtimetemplate IAM resources can be imported using the resource identifiers, role, and member. + /// + /// IAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g. + /// + /// ```sh + /// $ pulumi import gcp:colab/runtimeTemplateIamMember:RuntimeTemplateIamMember editor "projects/{{project}}/locations/{{location}}/notebookRuntimeTemplates/{{runtime_template}} roles/viewer user:jane@example.com" + /// ``` + /// + /// IAM binding imports use space-delimited identifiers: the resource in question and the role, e.g. + /// + /// ```sh + /// $ pulumi import gcp:colab/runtimeTemplateIamMember:RuntimeTemplateIamMember editor "projects/{{project}}/locations/{{location}}/notebookRuntimeTemplates/{{runtime_template}} roles/viewer" + /// ``` + /// + /// IAM policy imports use the identifier of the resource in question, e.g. + /// + /// ```sh + /// $ pulumi import gcp:colab/runtimeTemplateIamMember:RuntimeTemplateIamMember editor projects/{{project}}/locations/{{location}}/notebookRuntimeTemplates/{{runtime_template}} + /// ``` + /// + /// -> **Custom Roles** If you're importing a IAM resource with a custom role, make sure to use the + /// + /// full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`. + /// + [GcpResourceType("gcp:colab/runtimeTemplateIamMember:RuntimeTemplateIamMember")] + public partial class RuntimeTemplateIamMember : global::Pulumi.CustomResource + { + [Output("condition")] + public Output Condition { get; private set; } = null!; + + /// + /// (Computed) The etag of the IAM policy. + /// + [Output("etag")] + public Output Etag { get; private set; } = null!; + + /// + /// The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + /// the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + /// location is specified, it is taken from the provider configuration. + /// + [Output("location")] + public Output Location { get; private set; } = null!; + + /// + /// Identities that will be granted the privilege in `role`. + /// Each entry can have one of the following values: + /// * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + /// * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + /// * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + /// * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + /// * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + /// * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + /// * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + /// * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + /// * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + /// + [Output("member")] + public Output Member { get; private set; } = null!; + + /// + /// The ID of the project in which the resource belongs. + /// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + /// + [Output("project")] + public Output Project { get; private set; } = null!; + + /// + /// The role that should be applied. Only one + /// `gcp.colab.RuntimeTemplateIamBinding` can be used per role. Note that custom roles must be of the format + /// `[projects|organizations]/{parent-name}/roles/{role-name}`. + /// + [Output("role")] + public Output Role { get; private set; } = null!; + + /// + /// Used to find the parent resource to bind the IAM policy to + /// + [Output("runtimeTemplate")] + public Output RuntimeTemplate { get; private set; } = null!; + + + /// + /// Create a RuntimeTemplateIamMember resource with the given unique name, arguments, and options. + /// + /// + /// The unique name of the resource + /// The arguments used to populate this resource's properties + /// A bag of options that control this resource's behavior + public RuntimeTemplateIamMember(string name, RuntimeTemplateIamMemberArgs args, CustomResourceOptions? options = null) + : base("gcp:colab/runtimeTemplateIamMember:RuntimeTemplateIamMember", name, args ?? new RuntimeTemplateIamMemberArgs(), MakeResourceOptions(options, "")) + { + } + + private RuntimeTemplateIamMember(string name, Input id, RuntimeTemplateIamMemberState? state = null, CustomResourceOptions? options = null) + : base("gcp:colab/runtimeTemplateIamMember:RuntimeTemplateIamMember", name, state, MakeResourceOptions(options, id)) + { + } + + private static CustomResourceOptions MakeResourceOptions(CustomResourceOptions? options, Input? id) + { + var defaultOptions = new CustomResourceOptions + { + Version = Utilities.Version, + }; + var merged = CustomResourceOptions.Merge(defaultOptions, options); + // Override the ID if one was specified for consistency with other language SDKs. + merged.Id = id ?? merged.Id; + return merged; + } + /// + /// Get an existing RuntimeTemplateIamMember resource's state with the given name, ID, and optional extra + /// properties used to qualify the lookup. + /// + /// + /// The unique name of the resulting resource. + /// The unique provider ID of the resource to lookup. + /// Any extra arguments used during the lookup. + /// A bag of options that control this resource's behavior + public static RuntimeTemplateIamMember Get(string name, Input id, RuntimeTemplateIamMemberState? state = null, CustomResourceOptions? options = null) + { + return new RuntimeTemplateIamMember(name, id, state, options); + } + } + + public sealed class RuntimeTemplateIamMemberArgs : global::Pulumi.ResourceArgs + { + [Input("condition")] + public Input? Condition { get; set; } + + /// + /// The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + /// the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + /// location is specified, it is taken from the provider configuration. + /// + [Input("location")] + public Input? Location { get; set; } + + /// + /// Identities that will be granted the privilege in `role`. + /// Each entry can have one of the following values: + /// * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + /// * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + /// * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + /// * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + /// * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + /// * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + /// * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + /// * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + /// * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + /// + [Input("member", required: true)] + public Input Member { get; set; } = null!; + + /// + /// The ID of the project in which the resource belongs. + /// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + /// + [Input("project")] + public Input? Project { get; set; } + + /// + /// The role that should be applied. Only one + /// `gcp.colab.RuntimeTemplateIamBinding` can be used per role. Note that custom roles must be of the format + /// `[projects|organizations]/{parent-name}/roles/{role-name}`. + /// + [Input("role", required: true)] + public Input Role { get; set; } = null!; + + /// + /// Used to find the parent resource to bind the IAM policy to + /// + [Input("runtimeTemplate", required: true)] + public Input RuntimeTemplate { get; set; } = null!; + + public RuntimeTemplateIamMemberArgs() + { + } + public static new RuntimeTemplateIamMemberArgs Empty => new RuntimeTemplateIamMemberArgs(); + } + + public sealed class RuntimeTemplateIamMemberState : global::Pulumi.ResourceArgs + { + [Input("condition")] + public Input? Condition { get; set; } + + /// + /// (Computed) The etag of the IAM policy. + /// + [Input("etag")] + public Input? Etag { get; set; } + + /// + /// The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + /// the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + /// location is specified, it is taken from the provider configuration. + /// + [Input("location")] + public Input? Location { get; set; } + + /// + /// Identities that will be granted the privilege in `role`. + /// Each entry can have one of the following values: + /// * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + /// * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + /// * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + /// * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + /// * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + /// * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + /// * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + /// * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + /// * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + /// + [Input("member")] + public Input? Member { get; set; } + + /// + /// The ID of the project in which the resource belongs. + /// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + /// + [Input("project")] + public Input? Project { get; set; } + + /// + /// The role that should be applied. Only one + /// `gcp.colab.RuntimeTemplateIamBinding` can be used per role. Note that custom roles must be of the format + /// `[projects|organizations]/{parent-name}/roles/{role-name}`. + /// + [Input("role")] + public Input? Role { get; set; } + + /// + /// Used to find the parent resource to bind the IAM policy to + /// + [Input("runtimeTemplate")] + public Input? RuntimeTemplate { get; set; } + + public RuntimeTemplateIamMemberState() + { + } + public static new RuntimeTemplateIamMemberState Empty => new RuntimeTemplateIamMemberState(); + } +} diff --git a/sdk/dotnet/Colab/RuntimeTemplateIamPolicy.cs b/sdk/dotnet/Colab/RuntimeTemplateIamPolicy.cs new file mode 100644 index 0000000000..acc4c6ad12 --- /dev/null +++ b/sdk/dotnet/Colab/RuntimeTemplateIamPolicy.cs @@ -0,0 +1,408 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Colab +{ + /// + /// Three different resources help you manage your IAM policy for Colab Enterprise RuntimeTemplate. Each of these resources serves a different use case: + /// + /// * `gcp.colab.RuntimeTemplateIamPolicy`: Authoritative. Sets the IAM policy for the runtimetemplate and replaces any existing policy already attached. + /// * `gcp.colab.RuntimeTemplateIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the runtimetemplate are preserved. + /// * `gcp.colab.RuntimeTemplateIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the runtimetemplate are preserved. + /// + /// A data source can be used to retrieve policy data in advent you do not need creation + /// + /// * `gcp.colab.RuntimeTemplateIamPolicy`: Retrieves the IAM policy for the runtimetemplate + /// + /// > **Note:** `gcp.colab.RuntimeTemplateIamPolicy` **cannot** be used in conjunction with `gcp.colab.RuntimeTemplateIamBinding` and `gcp.colab.RuntimeTemplateIamMember` or they will fight over what your policy should be. + /// + /// > **Note:** `gcp.colab.RuntimeTemplateIamBinding` resources **can be** used in conjunction with `gcp.colab.RuntimeTemplateIamMember` resources **only if** they do not grant privilege to the same role. + /// + /// ## gcp.colab.RuntimeTemplateIamPolicy + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var admin = Gcp.Organizations.GetIAMPolicy.Invoke(new() + /// { + /// Bindings = new[] + /// { + /// new Gcp.Organizations.Inputs.GetIAMPolicyBindingInputArgs + /// { + /// Role = "roles/viewer", + /// Members = new[] + /// { + /// "user:jane@example.com", + /// }, + /// }, + /// }, + /// }); + /// + /// var policy = new Gcp.Colab.RuntimeTemplateIamPolicy("policy", new() + /// { + /// Project = runtime_template.Project, + /// Location = runtime_template.Location, + /// RuntimeTemplate = runtime_template.Name, + /// PolicyData = admin.Apply(getIAMPolicyResult => getIAMPolicyResult.PolicyData), + /// }); + /// + /// }); + /// ``` + /// + /// ## gcp.colab.RuntimeTemplateIamBinding + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var binding = new Gcp.Colab.RuntimeTemplateIamBinding("binding", new() + /// { + /// Project = runtime_template.Project, + /// Location = runtime_template.Location, + /// RuntimeTemplate = runtime_template.Name, + /// Role = "roles/viewer", + /// Members = new[] + /// { + /// "user:jane@example.com", + /// }, + /// }); + /// + /// }); + /// ``` + /// + /// ## gcp.colab.RuntimeTemplateIamMember + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var member = new Gcp.Colab.RuntimeTemplateIamMember("member", new() + /// { + /// Project = runtime_template.Project, + /// Location = runtime_template.Location, + /// RuntimeTemplate = runtime_template.Name, + /// Role = "roles/viewer", + /// Member = "user:jane@example.com", + /// }); + /// + /// }); + /// ``` + /// + /// ## This resource supports User Project Overrides. + /// + /// - + /// + /// # IAM policy for Colab Enterprise RuntimeTemplate + /// Three different resources help you manage your IAM policy for Colab Enterprise RuntimeTemplate. Each of these resources serves a different use case: + /// + /// * `gcp.colab.RuntimeTemplateIamPolicy`: Authoritative. Sets the IAM policy for the runtimetemplate and replaces any existing policy already attached. + /// * `gcp.colab.RuntimeTemplateIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the runtimetemplate are preserved. + /// * `gcp.colab.RuntimeTemplateIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the runtimetemplate are preserved. + /// + /// A data source can be used to retrieve policy data in advent you do not need creation + /// + /// * `gcp.colab.RuntimeTemplateIamPolicy`: Retrieves the IAM policy for the runtimetemplate + /// + /// > **Note:** `gcp.colab.RuntimeTemplateIamPolicy` **cannot** be used in conjunction with `gcp.colab.RuntimeTemplateIamBinding` and `gcp.colab.RuntimeTemplateIamMember` or they will fight over what your policy should be. + /// + /// > **Note:** `gcp.colab.RuntimeTemplateIamBinding` resources **can be** used in conjunction with `gcp.colab.RuntimeTemplateIamMember` resources **only if** they do not grant privilege to the same role. + /// + /// ## gcp.colab.RuntimeTemplateIamPolicy + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var admin = Gcp.Organizations.GetIAMPolicy.Invoke(new() + /// { + /// Bindings = new[] + /// { + /// new Gcp.Organizations.Inputs.GetIAMPolicyBindingInputArgs + /// { + /// Role = "roles/viewer", + /// Members = new[] + /// { + /// "user:jane@example.com", + /// }, + /// }, + /// }, + /// }); + /// + /// var policy = new Gcp.Colab.RuntimeTemplateIamPolicy("policy", new() + /// { + /// Project = runtime_template.Project, + /// Location = runtime_template.Location, + /// RuntimeTemplate = runtime_template.Name, + /// PolicyData = admin.Apply(getIAMPolicyResult => getIAMPolicyResult.PolicyData), + /// }); + /// + /// }); + /// ``` + /// + /// ## gcp.colab.RuntimeTemplateIamBinding + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var binding = new Gcp.Colab.RuntimeTemplateIamBinding("binding", new() + /// { + /// Project = runtime_template.Project, + /// Location = runtime_template.Location, + /// RuntimeTemplate = runtime_template.Name, + /// Role = "roles/viewer", + /// Members = new[] + /// { + /// "user:jane@example.com", + /// }, + /// }); + /// + /// }); + /// ``` + /// + /// ## gcp.colab.RuntimeTemplateIamMember + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var member = new Gcp.Colab.RuntimeTemplateIamMember("member", new() + /// { + /// Project = runtime_template.Project, + /// Location = runtime_template.Location, + /// RuntimeTemplate = runtime_template.Name, + /// Role = "roles/viewer", + /// Member = "user:jane@example.com", + /// }); + /// + /// }); + /// ``` + /// + /// ## Import + /// + /// For all import syntaxes, the "resource in question" can take any of the following forms: + /// + /// * projects/{{project}}/locations/{{location}}/notebookRuntimeTemplates/{{runtime_template}} + /// + /// * {{project}}/{{location}}/{{runtime_template}} + /// + /// * {{location}}/{{runtime_template}} + /// + /// * {{runtime_template}} + /// + /// Any variables not passed in the import command will be taken from the provider configuration. + /// + /// Colab Enterprise runtimetemplate IAM resources can be imported using the resource identifiers, role, and member. + /// + /// IAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g. + /// + /// ```sh + /// $ pulumi import gcp:colab/runtimeTemplateIamPolicy:RuntimeTemplateIamPolicy editor "projects/{{project}}/locations/{{location}}/notebookRuntimeTemplates/{{runtime_template}} roles/viewer user:jane@example.com" + /// ``` + /// + /// IAM binding imports use space-delimited identifiers: the resource in question and the role, e.g. + /// + /// ```sh + /// $ pulumi import gcp:colab/runtimeTemplateIamPolicy:RuntimeTemplateIamPolicy editor "projects/{{project}}/locations/{{location}}/notebookRuntimeTemplates/{{runtime_template}} roles/viewer" + /// ``` + /// + /// IAM policy imports use the identifier of the resource in question, e.g. + /// + /// ```sh + /// $ pulumi import gcp:colab/runtimeTemplateIamPolicy:RuntimeTemplateIamPolicy editor projects/{{project}}/locations/{{location}}/notebookRuntimeTemplates/{{runtime_template}} + /// ``` + /// + /// -> **Custom Roles** If you're importing a IAM resource with a custom role, make sure to use the + /// + /// full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`. + /// + [GcpResourceType("gcp:colab/runtimeTemplateIamPolicy:RuntimeTemplateIamPolicy")] + public partial class RuntimeTemplateIamPolicy : global::Pulumi.CustomResource + { + /// + /// (Computed) The etag of the IAM policy. + /// + [Output("etag")] + public Output Etag { get; private set; } = null!; + + /// + /// The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + /// the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + /// location is specified, it is taken from the provider configuration. + /// + [Output("location")] + public Output Location { get; private set; } = null!; + + /// + /// The policy data generated by + /// a `gcp.organizations.getIAMPolicy` data source. + /// + [Output("policyData")] + public Output PolicyData { get; private set; } = null!; + + /// + /// The ID of the project in which the resource belongs. + /// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + /// + [Output("project")] + public Output Project { get; private set; } = null!; + + /// + /// Used to find the parent resource to bind the IAM policy to + /// + [Output("runtimeTemplate")] + public Output RuntimeTemplate { get; private set; } = null!; + + + /// + /// Create a RuntimeTemplateIamPolicy resource with the given unique name, arguments, and options. + /// + /// + /// The unique name of the resource + /// The arguments used to populate this resource's properties + /// A bag of options that control this resource's behavior + public RuntimeTemplateIamPolicy(string name, RuntimeTemplateIamPolicyArgs args, CustomResourceOptions? options = null) + : base("gcp:colab/runtimeTemplateIamPolicy:RuntimeTemplateIamPolicy", name, args ?? new RuntimeTemplateIamPolicyArgs(), MakeResourceOptions(options, "")) + { + } + + private RuntimeTemplateIamPolicy(string name, Input id, RuntimeTemplateIamPolicyState? state = null, CustomResourceOptions? options = null) + : base("gcp:colab/runtimeTemplateIamPolicy:RuntimeTemplateIamPolicy", name, state, MakeResourceOptions(options, id)) + { + } + + private static CustomResourceOptions MakeResourceOptions(CustomResourceOptions? options, Input? id) + { + var defaultOptions = new CustomResourceOptions + { + Version = Utilities.Version, + }; + var merged = CustomResourceOptions.Merge(defaultOptions, options); + // Override the ID if one was specified for consistency with other language SDKs. + merged.Id = id ?? merged.Id; + return merged; + } + /// + /// Get an existing RuntimeTemplateIamPolicy resource's state with the given name, ID, and optional extra + /// properties used to qualify the lookup. + /// + /// + /// The unique name of the resulting resource. + /// The unique provider ID of the resource to lookup. + /// Any extra arguments used during the lookup. + /// A bag of options that control this resource's behavior + public static RuntimeTemplateIamPolicy Get(string name, Input id, RuntimeTemplateIamPolicyState? state = null, CustomResourceOptions? options = null) + { + return new RuntimeTemplateIamPolicy(name, id, state, options); + } + } + + public sealed class RuntimeTemplateIamPolicyArgs : global::Pulumi.ResourceArgs + { + /// + /// The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + /// the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + /// location is specified, it is taken from the provider configuration. + /// + [Input("location")] + public Input? Location { get; set; } + + /// + /// The policy data generated by + /// a `gcp.organizations.getIAMPolicy` data source. + /// + [Input("policyData", required: true)] + public Input PolicyData { get; set; } = null!; + + /// + /// The ID of the project in which the resource belongs. + /// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + /// + [Input("project")] + public Input? Project { get; set; } + + /// + /// Used to find the parent resource to bind the IAM policy to + /// + [Input("runtimeTemplate", required: true)] + public Input RuntimeTemplate { get; set; } = null!; + + public RuntimeTemplateIamPolicyArgs() + { + } + public static new RuntimeTemplateIamPolicyArgs Empty => new RuntimeTemplateIamPolicyArgs(); + } + + public sealed class RuntimeTemplateIamPolicyState : global::Pulumi.ResourceArgs + { + /// + /// (Computed) The etag of the IAM policy. + /// + [Input("etag")] + public Input? Etag { get; set; } + + /// + /// The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + /// the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + /// location is specified, it is taken from the provider configuration. + /// + [Input("location")] + public Input? Location { get; set; } + + /// + /// The policy data generated by + /// a `gcp.organizations.getIAMPolicy` data source. + /// + [Input("policyData")] + public Input? PolicyData { get; set; } + + /// + /// The ID of the project in which the resource belongs. + /// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + /// + [Input("project")] + public Input? Project { get; set; } + + /// + /// Used to find the parent resource to bind the IAM policy to + /// + [Input("runtimeTemplate")] + public Input? RuntimeTemplate { get; set; } + + public RuntimeTemplateIamPolicyState() + { + } + public static new RuntimeTemplateIamPolicyState Empty => new RuntimeTemplateIamPolicyState(); + } +} diff --git a/sdk/dotnet/Compute/FirewallPolicyRule.cs b/sdk/dotnet/Compute/FirewallPolicyRule.cs index 9393576725..4ac2b0b1b4 100644 --- a/sdk/dotnet/Compute/FirewallPolicyRule.cs +++ b/sdk/dotnet/Compute/FirewallPolicyRule.cs @@ -30,7 +30,7 @@ namespace Pulumi.Gcp.Compute /// { /// var basicGlobalNetworksecurityAddressGroup = new Gcp.NetworkSecurity.AddressGroup("basic_global_networksecurity_address_group", new() /// { - /// Name = "address", + /// Name = "address-group", /// Parent = "organizations/123456789", /// Description = "Sample global networksecurity_address_group", /// Location = "global", @@ -52,11 +52,11 @@ namespace Pulumi.Gcp.Compute /// var @default = new Gcp.Compute.FirewallPolicy("default", new() /// { /// Parent = folder.Id, - /// ShortName = "policy", + /// ShortName = "fw-policy", /// Description = "Resource created for Terraform acceptance testing", /// }); /// - /// var policyRule = new Gcp.Compute.FirewallPolicyRule("policy_rule", new() + /// var primary = new Gcp.Compute.FirewallPolicyRule("primary", new() /// { /// FirewallPolicy = @default.Name, /// Description = "Resource created for Terraform acceptance testing", @@ -65,8 +65,31 @@ namespace Pulumi.Gcp.Compute /// Action = "allow", /// Direction = "EGRESS", /// Disabled = false, + /// TargetServiceAccounts = new[] + /// { + /// "my@service-account.com", + /// }, /// Match = new Gcp.Compute.Inputs.FirewallPolicyRuleMatchArgs /// { + /// DestIpRanges = new[] + /// { + /// "11.100.0.1/32", + /// }, + /// DestFqdns = new() { }, + /// DestRegionCodes = new[] + /// { + /// "US", + /// }, + /// DestThreatIntelligences = new[] + /// { + /// "iplist-known-malicious-ips", + /// }, + /// SrcAddressGroups = new() { }, + /// DestAddressGroups = new[] + /// { + /// basicGlobalNetworksecurityAddressGroup.Id, + /// }, + /// DestNetworkScope = "INTERNET", /// Layer4Configs = new[] /// { /// new Gcp.Compute.Inputs.FirewallPolicyRuleMatchLayer4ConfigArgs @@ -86,29 +109,80 @@ namespace Pulumi.Gcp.Compute /// }, /// }, /// }, - /// DestIpRanges = new[] + /// }, + /// }); + /// + /// }); + /// ``` + /// ### Firewall Policy Rule Network Scope + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var folder = new Gcp.Organizations.Folder("folder", new() + /// { + /// DisplayName = "folder", + /// Parent = "organizations/123456789", + /// DeletionProtection = false, + /// }); + /// + /// var @default = new Gcp.Compute.FirewallPolicy("default", new() + /// { + /// Parent = folder.Id, + /// ShortName = "fw-policy", + /// Description = "Firewall policy", + /// }); + /// + /// var network = new Gcp.Compute.Network("network", new() + /// { + /// Name = "network", + /// AutoCreateSubnetworks = false, + /// }); + /// + /// var primary = new Gcp.Compute.FirewallPolicyRule("primary", new() + /// { + /// FirewallPolicy = @default.Name, + /// Description = "Firewall policy rule with network scope", + /// Priority = 9000, + /// Action = "allow", + /// Direction = "INGRESS", + /// Disabled = false, + /// Match = new Gcp.Compute.Inputs.FirewallPolicyRuleMatchArgs + /// { + /// SrcIpRanges = new[] /// { /// "11.100.0.1/32", /// }, - /// DestFqdns = new() { }, - /// DestRegionCodes = new[] + /// SrcNetworkScope = "VPC_NETWORKS", + /// SrcNetworks = new[] /// { - /// "US", + /// network.Id, /// }, - /// DestThreatIntelligences = new[] - /// { - /// "iplist-known-malicious-ips", - /// }, - /// SrcAddressGroups = new() { }, - /// DestAddressGroups = new[] + /// Layer4Configs = new[] /// { - /// basicGlobalNetworksecurityAddressGroup.Id, + /// new Gcp.Compute.Inputs.FirewallPolicyRuleMatchLayer4ConfigArgs + /// { + /// IpProtocol = "tcp", + /// Ports = new[] + /// { + /// "8080", + /// }, + /// }, + /// new Gcp.Compute.Inputs.FirewallPolicyRuleMatchLayer4ConfigArgs + /// { + /// IpProtocol = "udp", + /// Ports = new[] + /// { + /// "22", + /// }, + /// }, /// }, /// }, - /// TargetServiceAccounts = new[] - /// { - /// "my@service-account.com", - /// }, /// }); /// /// }); diff --git a/sdk/dotnet/Compute/FirewallPolicyWithRules.cs b/sdk/dotnet/Compute/FirewallPolicyWithRules.cs index f53a899416..670247834a 100644 --- a/sdk/dotnet/Compute/FirewallPolicyWithRules.cs +++ b/sdk/dotnet/Compute/FirewallPolicyWithRules.cs @@ -26,7 +26,7 @@ namespace Pulumi.Gcp.Compute /// /// var addressGroup1 = new Gcp.NetworkSecurity.AddressGroup("address_group_1", new() /// { - /// Name = "tf-address-group", + /// Name = "address-group", /// Parent = "organizations/123456789", /// Description = "Global address group", /// Location = "global", @@ -40,7 +40,7 @@ namespace Pulumi.Gcp.Compute /// /// var securityProfile1 = new Gcp.NetworkSecurity.SecurityProfile("security_profile_1", new() /// { - /// Name = "tf-security-profile", + /// Name = "sp", /// Type = "THREAT_PREVENTION", /// Parent = "organizations/123456789", /// Location = "global", @@ -48,15 +48,21 @@ namespace Pulumi.Gcp.Compute /// /// var securityProfileGroup1 = new Gcp.NetworkSecurity.SecurityProfileGroup("security_profile_group_1", new() /// { - /// Name = "tf-security-profile-group", + /// Name = "spg", /// Parent = "organizations/123456789", /// Description = "my description", /// ThreatPreventionProfile = securityProfile1.Id, /// }); /// - /// var firewall_policy_with_rules = new Gcp.Compute.FirewallPolicyWithRules("firewall-policy-with-rules", new() + /// var network = new Gcp.Compute.Network("network", new() /// { - /// ShortName = "tf-fw-org-policy-with-rules", + /// Name = "network", + /// AutoCreateSubnetworks = false, + /// }); + /// + /// var primary = new Gcp.Compute.FirewallPolicyWithRules("primary", new() + /// { + /// ShortName = "fw-policy", /// Description = "Terraform test", /// Parent = "organizations/123456789", /// Rules = new[] @@ -68,20 +74,12 @@ namespace Pulumi.Gcp.Compute /// EnableLogging = true, /// Action = "allow", /// Direction = "EGRESS", + /// TargetResources = new[] + /// { + /// $"https://www.googleapis.com/compute/beta/projects/{project.Apply(getProjectResult => getProjectResult.Name)}/global/networks/default", + /// }, /// Match = new Gcp.Compute.Inputs.FirewallPolicyWithRulesRuleMatchArgs /// { - /// Layer4Configs = new[] - /// { - /// new Gcp.Compute.Inputs.FirewallPolicyWithRulesRuleMatchLayer4ConfigArgs - /// { - /// IpProtocol = "tcp", - /// Ports = new[] - /// { - /// "8080", - /// "7070", - /// }, - /// }, - /// }, /// DestIpRanges = new[] /// { /// "11.100.0.1/32", @@ -105,10 +103,18 @@ namespace Pulumi.Gcp.Compute /// { /// addressGroup1.Id, /// }, - /// }, - /// TargetResources = new[] - /// { - /// $"https://www.googleapis.com/compute/beta/projects/{project.Apply(getProjectResult => getProjectResult.Name)}/global/networks/default", + /// Layer4Configs = new[] + /// { + /// new Gcp.Compute.Inputs.FirewallPolicyWithRulesRuleMatchLayer4ConfigArgs + /// { + /// IpProtocol = "tcp", + /// Ports = new[] + /// { + /// "8080", + /// "7070", + /// }, + /// }, + /// }, /// }, /// }, /// new Gcp.Compute.Inputs.FirewallPolicyWithRulesRuleArgs @@ -118,15 +124,9 @@ namespace Pulumi.Gcp.Compute /// EnableLogging = false, /// Action = "deny", /// Direction = "INGRESS", + /// Disabled = true, /// Match = new Gcp.Compute.Inputs.FirewallPolicyWithRulesRuleMatchArgs /// { - /// Layer4Configs = new[] - /// { - /// new Gcp.Compute.Inputs.FirewallPolicyWithRulesRuleMatchLayer4ConfigArgs - /// { - /// IpProtocol = "udp", - /// }, - /// }, /// SrcIpRanges = new[] /// { /// "0.0.0.0/0", @@ -150,8 +150,14 @@ namespace Pulumi.Gcp.Compute /// { /// addressGroup1.Id, /// }, + /// Layer4Configs = new[] + /// { + /// new Gcp.Compute.Inputs.FirewallPolicyWithRulesRuleMatchLayer4ConfigArgs + /// { + /// IpProtocol = "udp", + /// }, + /// }, /// }, - /// Disabled = true, /// }, /// new Gcp.Compute.Inputs.FirewallPolicyWithRulesRuleArgs /// { @@ -161,8 +167,18 @@ namespace Pulumi.Gcp.Compute /// EnableLogging = false, /// Action = "apply_security_profile_group", /// Direction = "INGRESS", + /// TargetServiceAccounts = new[] + /// { + /// "test@google.com", + /// }, + /// SecurityProfileGroup = securityProfileGroup1.Id.Apply(id => $"//networksecurity.googleapis.com/{id}"), + /// TlsInspect = true, /// Match = new Gcp.Compute.Inputs.FirewallPolicyWithRulesRuleMatchArgs /// { + /// SrcIpRanges = new[] + /// { + /// "0.0.0.0/0", + /// }, /// Layer4Configs = new[] /// { /// new Gcp.Compute.Inputs.FirewallPolicyWithRulesRuleMatchLayer4ConfigArgs @@ -170,17 +186,67 @@ namespace Pulumi.Gcp.Compute /// IpProtocol = "tcp", /// }, /// }, + /// }, + /// }, + /// new Gcp.Compute.Inputs.FirewallPolicyWithRulesRuleArgs + /// { + /// Description = "network scope rule 1", + /// RuleName = "network scope 1", + /// Priority = 4000, + /// EnableLogging = false, + /// Action = "allow", + /// Direction = "INGRESS", + /// Match = new Gcp.Compute.Inputs.FirewallPolicyWithRulesRuleMatchArgs + /// { /// SrcIpRanges = new[] /// { - /// "0.0.0.0/0", + /// "11.100.0.1/32", + /// }, + /// SrcNetworkScope = "VPC_NETWORKS", + /// SrcNetworks = new[] + /// { + /// network.Id, + /// }, + /// Layer4Configs = new[] + /// { + /// new Gcp.Compute.Inputs.FirewallPolicyWithRulesRuleMatchLayer4ConfigArgs + /// { + /// IpProtocol = "tcp", + /// Ports = new[] + /// { + /// "8080", + /// }, + /// }, /// }, /// }, - /// TargetServiceAccounts = new[] + /// }, + /// new Gcp.Compute.Inputs.FirewallPolicyWithRulesRuleArgs + /// { + /// Description = "network scope rule 2", + /// RuleName = "network scope 2", + /// Priority = 5000, + /// EnableLogging = false, + /// Action = "allow", + /// Direction = "EGRESS", + /// Match = new Gcp.Compute.Inputs.FirewallPolicyWithRulesRuleMatchArgs /// { - /// "test@google.com", + /// DestIpRanges = new[] + /// { + /// "0.0.0.0/0", + /// }, + /// DestNetworkScope = "INTERNET", + /// Layer4Configs = new[] + /// { + /// new Gcp.Compute.Inputs.FirewallPolicyWithRulesRuleMatchLayer4ConfigArgs + /// { + /// IpProtocol = "tcp", + /// Ports = new[] + /// { + /// "8080", + /// }, + /// }, + /// }, /// }, - /// SecurityProfileGroup = securityProfileGroup1.Id.Apply(id => $"//networksecurity.googleapis.com/{id}"), - /// TlsInspect = true, /// }, /// }, /// }); diff --git a/sdk/dotnet/Compute/GetInstanceTemplateIamPolicy.cs b/sdk/dotnet/Compute/GetInstanceTemplateIamPolicy.cs new file mode 100644 index 0000000000..bfb0ec6163 --- /dev/null +++ b/sdk/dotnet/Compute/GetInstanceTemplateIamPolicy.cs @@ -0,0 +1,175 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Compute +{ + public static class GetInstanceTemplateIamPolicy + { + /// + /// Retrieves the current IAM policy data for instancetemplate + /// + /// + /// ## example + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var policy = Gcp.Compute.GetInstanceTemplateIamPolicy.Invoke(new() + /// { + /// Project = @default.Project, + /// Name = @default.Name, + /// }); + /// + /// }); + /// ``` + /// + public static Task InvokeAsync(GetInstanceTemplateIamPolicyArgs args, InvokeOptions? options = null) + => global::Pulumi.Deployment.Instance.InvokeAsync("gcp:compute/getInstanceTemplateIamPolicy:getInstanceTemplateIamPolicy", args ?? new GetInstanceTemplateIamPolicyArgs(), options.WithDefaults()); + + /// + /// Retrieves the current IAM policy data for instancetemplate + /// + /// + /// ## example + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var policy = Gcp.Compute.GetInstanceTemplateIamPolicy.Invoke(new() + /// { + /// Project = @default.Project, + /// Name = @default.Name, + /// }); + /// + /// }); + /// ``` + /// + public static Output Invoke(GetInstanceTemplateIamPolicyInvokeArgs args, InvokeOptions? options = null) + => global::Pulumi.Deployment.Instance.Invoke("gcp:compute/getInstanceTemplateIamPolicy:getInstanceTemplateIamPolicy", args ?? new GetInstanceTemplateIamPolicyInvokeArgs(), options.WithDefaults()); + + /// + /// Retrieves the current IAM policy data for instancetemplate + /// + /// + /// ## example + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var policy = Gcp.Compute.GetInstanceTemplateIamPolicy.Invoke(new() + /// { + /// Project = @default.Project, + /// Name = @default.Name, + /// }); + /// + /// }); + /// ``` + /// + public static Output Invoke(GetInstanceTemplateIamPolicyInvokeArgs args, InvokeOutputOptions options) + => global::Pulumi.Deployment.Instance.Invoke("gcp:compute/getInstanceTemplateIamPolicy:getInstanceTemplateIamPolicy", args ?? new GetInstanceTemplateIamPolicyInvokeArgs(), options.WithDefaults()); + } + + + public sealed class GetInstanceTemplateIamPolicyArgs : global::Pulumi.InvokeArgs + { + /// + /// Used to find the parent resource to bind the IAM policy to + /// + [Input("name", required: true)] + public string Name { get; set; } = null!; + + /// + /// The ID of the project in which the resource belongs. + /// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + /// + [Input("project")] + public string? Project { get; set; } + + public GetInstanceTemplateIamPolicyArgs() + { + } + public static new GetInstanceTemplateIamPolicyArgs Empty => new GetInstanceTemplateIamPolicyArgs(); + } + + public sealed class GetInstanceTemplateIamPolicyInvokeArgs : global::Pulumi.InvokeArgs + { + /// + /// Used to find the parent resource to bind the IAM policy to + /// + [Input("name", required: true)] + public Input Name { get; set; } = null!; + + /// + /// The ID of the project in which the resource belongs. + /// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + /// + [Input("project")] + public Input? Project { get; set; } + + public GetInstanceTemplateIamPolicyInvokeArgs() + { + } + public static new GetInstanceTemplateIamPolicyInvokeArgs Empty => new GetInstanceTemplateIamPolicyInvokeArgs(); + } + + + [OutputType] + public sealed class GetInstanceTemplateIamPolicyResult + { + /// + /// (Computed) The etag of the IAM policy. + /// + public readonly string Etag; + /// + /// The provider-assigned unique ID for this managed resource. + /// + public readonly string Id; + public readonly string Name; + /// + /// (Required only by `gcp.compute.InstanceTemplateIamPolicy`) The policy data generated by + /// a `gcp.organizations.getIAMPolicy` data source. + /// + public readonly string PolicyData; + public readonly string Project; + + [OutputConstructor] + private GetInstanceTemplateIamPolicyResult( + string etag, + + string id, + + string name, + + string policyData, + + string project) + { + Etag = etag; + Id = id; + Name = name; + PolicyData = policyData; + Project = project; + } + } +} diff --git a/sdk/dotnet/Compute/Inputs/FirewallPolicyRuleMatchArgs.cs b/sdk/dotnet/Compute/Inputs/FirewallPolicyRuleMatchArgs.cs index 39fa4f5b31..e4d74732c9 100644 --- a/sdk/dotnet/Compute/Inputs/FirewallPolicyRuleMatchArgs.cs +++ b/sdk/dotnet/Compute/Inputs/FirewallPolicyRuleMatchArgs.cs @@ -48,6 +48,13 @@ public InputList DestIpRanges set => _destIpRanges = value; } + /// + /// Network scope of the traffic destination. + /// Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + /// + [Input("destNetworkScope")] + public Input? DestNetworkScope { get; set; } + [Input("destRegionCodes")] private InputList? _destRegionCodes; @@ -121,6 +128,25 @@ public InputList SrcIpRanges set => _srcIpRanges = value; } + /// + /// Network scope of the traffic source. + /// Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + /// + [Input("srcNetworkScope")] + public Input? SrcNetworkScope { get; set; } + + [Input("srcNetworks")] + private InputList? _srcNetworks; + + /// + /// Networks of the traffic source. It can be either a full or partial url. + /// + public InputList SrcNetworks + { + get => _srcNetworks ?? (_srcNetworks = new InputList()); + set => _srcNetworks = value; + } + [Input("srcRegionCodes")] private InputList? _srcRegionCodes; diff --git a/sdk/dotnet/Compute/Inputs/FirewallPolicyRuleMatchGetArgs.cs b/sdk/dotnet/Compute/Inputs/FirewallPolicyRuleMatchGetArgs.cs index 5b11d009ad..2494efb933 100644 --- a/sdk/dotnet/Compute/Inputs/FirewallPolicyRuleMatchGetArgs.cs +++ b/sdk/dotnet/Compute/Inputs/FirewallPolicyRuleMatchGetArgs.cs @@ -48,6 +48,13 @@ public InputList DestIpRanges set => _destIpRanges = value; } + /// + /// Network scope of the traffic destination. + /// Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + /// + [Input("destNetworkScope")] + public Input? DestNetworkScope { get; set; } + [Input("destRegionCodes")] private InputList? _destRegionCodes; @@ -121,6 +128,25 @@ public InputList SrcIpRanges set => _srcIpRanges = value; } + /// + /// Network scope of the traffic source. + /// Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + /// + [Input("srcNetworkScope")] + public Input? SrcNetworkScope { get; set; } + + [Input("srcNetworks")] + private InputList? _srcNetworks; + + /// + /// Networks of the traffic source. It can be either a full or partial url. + /// + public InputList SrcNetworks + { + get => _srcNetworks ?? (_srcNetworks = new InputList()); + set => _srcNetworks = value; + } + [Input("srcRegionCodes")] private InputList? _srcRegionCodes; diff --git a/sdk/dotnet/Compute/Inputs/FirewallPolicyWithRulesRuleMatchArgs.cs b/sdk/dotnet/Compute/Inputs/FirewallPolicyWithRulesRuleMatchArgs.cs index 30c8f8d23a..33fc6acead 100644 --- a/sdk/dotnet/Compute/Inputs/FirewallPolicyWithRulesRuleMatchArgs.cs +++ b/sdk/dotnet/Compute/Inputs/FirewallPolicyWithRulesRuleMatchArgs.cs @@ -51,6 +51,13 @@ public InputList DestIpRanges set => _destIpRanges = value; } + /// + /// Network scope of the traffic destination. + /// Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + /// + [Input("destNetworkScope")] + public Input? DestNetworkScope { get; set; } + [Input("destRegionCodes")] private InputList? _destRegionCodes; @@ -134,6 +141,25 @@ public InputList SrcIpRanges set => _srcIpRanges = value; } + /// + /// Network scope of the traffic source. + /// Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + /// + [Input("srcNetworkScope")] + public Input? SrcNetworkScope { get; set; } + + [Input("srcNetworks")] + private InputList? _srcNetworks; + + /// + /// Networks of the traffic source. It can be either a full or partial url. + /// + public InputList SrcNetworks + { + get => _srcNetworks ?? (_srcNetworks = new InputList()); + set => _srcNetworks = value; + } + [Input("srcRegionCodes")] private InputList? _srcRegionCodes; diff --git a/sdk/dotnet/Compute/Inputs/FirewallPolicyWithRulesRuleMatchGetArgs.cs b/sdk/dotnet/Compute/Inputs/FirewallPolicyWithRulesRuleMatchGetArgs.cs index 13fd0d4e14..2e95ea6b75 100644 --- a/sdk/dotnet/Compute/Inputs/FirewallPolicyWithRulesRuleMatchGetArgs.cs +++ b/sdk/dotnet/Compute/Inputs/FirewallPolicyWithRulesRuleMatchGetArgs.cs @@ -51,6 +51,13 @@ public InputList DestIpRanges set => _destIpRanges = value; } + /// + /// Network scope of the traffic destination. + /// Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + /// + [Input("destNetworkScope")] + public Input? DestNetworkScope { get; set; } + [Input("destRegionCodes")] private InputList? _destRegionCodes; @@ -134,6 +141,25 @@ public InputList SrcIpRanges set => _srcIpRanges = value; } + /// + /// Network scope of the traffic source. + /// Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + /// + [Input("srcNetworkScope")] + public Input? SrcNetworkScope { get; set; } + + [Input("srcNetworks")] + private InputList? _srcNetworks; + + /// + /// Networks of the traffic source. It can be either a full or partial url. + /// + public InputList SrcNetworks + { + get => _srcNetworks ?? (_srcNetworks = new InputList()); + set => _srcNetworks = value; + } + [Input("srcRegionCodes")] private InputList? _srcRegionCodes; diff --git a/sdk/dotnet/Compute/Inputs/InstanceTemplateIamBindingConditionArgs.cs b/sdk/dotnet/Compute/Inputs/InstanceTemplateIamBindingConditionArgs.cs new file mode 100644 index 0000000000..bb1ce0188d --- /dev/null +++ b/sdk/dotnet/Compute/Inputs/InstanceTemplateIamBindingConditionArgs.cs @@ -0,0 +1,35 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Compute.Inputs +{ + + public sealed class InstanceTemplateIamBindingConditionArgs : global::Pulumi.ResourceArgs + { + [Input("description")] + public Input? Description { get; set; } + + /// + /// Textual representation of an expression in Common Expression Language syntax. + /// + [Input("expression", required: true)] + public Input Expression { get; set; } = null!; + + /// + /// A title for the expression, i.e. a short string describing its purpose. + /// + [Input("title", required: true)] + public Input Title { get; set; } = null!; + + public InstanceTemplateIamBindingConditionArgs() + { + } + public static new InstanceTemplateIamBindingConditionArgs Empty => new InstanceTemplateIamBindingConditionArgs(); + } +} diff --git a/sdk/dotnet/Compute/Inputs/InstanceTemplateIamBindingConditionGetArgs.cs b/sdk/dotnet/Compute/Inputs/InstanceTemplateIamBindingConditionGetArgs.cs new file mode 100644 index 0000000000..932f647e2f --- /dev/null +++ b/sdk/dotnet/Compute/Inputs/InstanceTemplateIamBindingConditionGetArgs.cs @@ -0,0 +1,35 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Compute.Inputs +{ + + public sealed class InstanceTemplateIamBindingConditionGetArgs : global::Pulumi.ResourceArgs + { + [Input("description")] + public Input? Description { get; set; } + + /// + /// Textual representation of an expression in Common Expression Language syntax. + /// + [Input("expression", required: true)] + public Input Expression { get; set; } = null!; + + /// + /// A title for the expression, i.e. a short string describing its purpose. + /// + [Input("title", required: true)] + public Input Title { get; set; } = null!; + + public InstanceTemplateIamBindingConditionGetArgs() + { + } + public static new InstanceTemplateIamBindingConditionGetArgs Empty => new InstanceTemplateIamBindingConditionGetArgs(); + } +} diff --git a/sdk/dotnet/Compute/Inputs/InstanceTemplateIamMemberConditionArgs.cs b/sdk/dotnet/Compute/Inputs/InstanceTemplateIamMemberConditionArgs.cs new file mode 100644 index 0000000000..3789b1862d --- /dev/null +++ b/sdk/dotnet/Compute/Inputs/InstanceTemplateIamMemberConditionArgs.cs @@ -0,0 +1,35 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Compute.Inputs +{ + + public sealed class InstanceTemplateIamMemberConditionArgs : global::Pulumi.ResourceArgs + { + [Input("description")] + public Input? Description { get; set; } + + /// + /// Textual representation of an expression in Common Expression Language syntax. + /// + [Input("expression", required: true)] + public Input Expression { get; set; } = null!; + + /// + /// A title for the expression, i.e. a short string describing its purpose. + /// + [Input("title", required: true)] + public Input Title { get; set; } = null!; + + public InstanceTemplateIamMemberConditionArgs() + { + } + public static new InstanceTemplateIamMemberConditionArgs Empty => new InstanceTemplateIamMemberConditionArgs(); + } +} diff --git a/sdk/dotnet/Compute/Inputs/InstanceTemplateIamMemberConditionGetArgs.cs b/sdk/dotnet/Compute/Inputs/InstanceTemplateIamMemberConditionGetArgs.cs new file mode 100644 index 0000000000..a8d5a11f58 --- /dev/null +++ b/sdk/dotnet/Compute/Inputs/InstanceTemplateIamMemberConditionGetArgs.cs @@ -0,0 +1,35 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Compute.Inputs +{ + + public sealed class InstanceTemplateIamMemberConditionGetArgs : global::Pulumi.ResourceArgs + { + [Input("description")] + public Input? Description { get; set; } + + /// + /// Textual representation of an expression in Common Expression Language syntax. + /// + [Input("expression", required: true)] + public Input Expression { get; set; } = null!; + + /// + /// A title for the expression, i.e. a short string describing its purpose. + /// + [Input("title", required: true)] + public Input Title { get; set; } = null!; + + public InstanceTemplateIamMemberConditionGetArgs() + { + } + public static new InstanceTemplateIamMemberConditionGetArgs Empty => new InstanceTemplateIamMemberConditionGetArgs(); + } +} diff --git a/sdk/dotnet/Compute/Inputs/NetworkFirewallPolicyRuleMatchArgs.cs b/sdk/dotnet/Compute/Inputs/NetworkFirewallPolicyRuleMatchArgs.cs index ab082e4fde..13b9dd2c7a 100644 --- a/sdk/dotnet/Compute/Inputs/NetworkFirewallPolicyRuleMatchArgs.cs +++ b/sdk/dotnet/Compute/Inputs/NetworkFirewallPolicyRuleMatchArgs.cs @@ -48,6 +48,13 @@ public InputList DestIpRanges set => _destIpRanges = value; } + /// + /// Network scope of the traffic destination. + /// Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + /// + [Input("destNetworkScope")] + public Input? DestNetworkScope { get; set; } + [Input("destRegionCodes")] private InputList? _destRegionCodes; @@ -121,6 +128,25 @@ public InputList SrcIpRanges set => _srcIpRanges = value; } + /// + /// Network scope of the traffic source. + /// Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + /// + [Input("srcNetworkScope")] + public Input? SrcNetworkScope { get; set; } + + [Input("srcNetworks")] + private InputList? _srcNetworks; + + /// + /// Networks of the traffic source. It can be either a full or partial url. + /// + public InputList SrcNetworks + { + get => _srcNetworks ?? (_srcNetworks = new InputList()); + set => _srcNetworks = value; + } + [Input("srcRegionCodes")] private InputList? _srcRegionCodes; diff --git a/sdk/dotnet/Compute/Inputs/NetworkFirewallPolicyRuleMatchGetArgs.cs b/sdk/dotnet/Compute/Inputs/NetworkFirewallPolicyRuleMatchGetArgs.cs index e16ccc35a7..146546b1ee 100644 --- a/sdk/dotnet/Compute/Inputs/NetworkFirewallPolicyRuleMatchGetArgs.cs +++ b/sdk/dotnet/Compute/Inputs/NetworkFirewallPolicyRuleMatchGetArgs.cs @@ -48,6 +48,13 @@ public InputList DestIpRanges set => _destIpRanges = value; } + /// + /// Network scope of the traffic destination. + /// Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + /// + [Input("destNetworkScope")] + public Input? DestNetworkScope { get; set; } + [Input("destRegionCodes")] private InputList? _destRegionCodes; @@ -121,6 +128,25 @@ public InputList SrcIpRanges set => _srcIpRanges = value; } + /// + /// Network scope of the traffic source. + /// Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + /// + [Input("srcNetworkScope")] + public Input? SrcNetworkScope { get; set; } + + [Input("srcNetworks")] + private InputList? _srcNetworks; + + /// + /// Networks of the traffic source. It can be either a full or partial url. + /// + public InputList SrcNetworks + { + get => _srcNetworks ?? (_srcNetworks = new InputList()); + set => _srcNetworks = value; + } + [Input("srcRegionCodes")] private InputList? _srcRegionCodes; diff --git a/sdk/dotnet/Compute/Inputs/NetworkFirewallPolicyWithRulesRuleMatchArgs.cs b/sdk/dotnet/Compute/Inputs/NetworkFirewallPolicyWithRulesRuleMatchArgs.cs index a98d8f193b..624f53cb52 100644 --- a/sdk/dotnet/Compute/Inputs/NetworkFirewallPolicyWithRulesRuleMatchArgs.cs +++ b/sdk/dotnet/Compute/Inputs/NetworkFirewallPolicyWithRulesRuleMatchArgs.cs @@ -51,6 +51,13 @@ public InputList DestIpRanges set => _destIpRanges = value; } + /// + /// Network scope of the traffic destination. + /// Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + /// + [Input("destNetworkScope")] + public Input? DestNetworkScope { get; set; } + [Input("destRegionCodes")] private InputList? _destRegionCodes; @@ -131,6 +138,25 @@ public InputList SrcIpRanges set => _srcIpRanges = value; } + /// + /// Network scope of the traffic source. + /// Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + /// + [Input("srcNetworkScope")] + public Input? SrcNetworkScope { get; set; } + + [Input("srcNetworks")] + private InputList? _srcNetworks; + + /// + /// Networks of the traffic source. It can be either a full or partial url. + /// + public InputList SrcNetworks + { + get => _srcNetworks ?? (_srcNetworks = new InputList()); + set => _srcNetworks = value; + } + [Input("srcRegionCodes")] private InputList? _srcRegionCodes; diff --git a/sdk/dotnet/Compute/Inputs/NetworkFirewallPolicyWithRulesRuleMatchGetArgs.cs b/sdk/dotnet/Compute/Inputs/NetworkFirewallPolicyWithRulesRuleMatchGetArgs.cs index eeb04d05b5..a6846bcbe0 100644 --- a/sdk/dotnet/Compute/Inputs/NetworkFirewallPolicyWithRulesRuleMatchGetArgs.cs +++ b/sdk/dotnet/Compute/Inputs/NetworkFirewallPolicyWithRulesRuleMatchGetArgs.cs @@ -51,6 +51,13 @@ public InputList DestIpRanges set => _destIpRanges = value; } + /// + /// Network scope of the traffic destination. + /// Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + /// + [Input("destNetworkScope")] + public Input? DestNetworkScope { get; set; } + [Input("destRegionCodes")] private InputList? _destRegionCodes; @@ -131,6 +138,25 @@ public InputList SrcIpRanges set => _srcIpRanges = value; } + /// + /// Network scope of the traffic source. + /// Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + /// + [Input("srcNetworkScope")] + public Input? SrcNetworkScope { get; set; } + + [Input("srcNetworks")] + private InputList? _srcNetworks; + + /// + /// Networks of the traffic source. It can be either a full or partial url. + /// + public InputList SrcNetworks + { + get => _srcNetworks ?? (_srcNetworks = new InputList()); + set => _srcNetworks = value; + } + [Input("srcRegionCodes")] private InputList? _srcRegionCodes; diff --git a/sdk/dotnet/Compute/Inputs/RegionNetworkFirewallPolicyRuleMatchArgs.cs b/sdk/dotnet/Compute/Inputs/RegionNetworkFirewallPolicyRuleMatchArgs.cs index 2bd1807479..b472bb1165 100644 --- a/sdk/dotnet/Compute/Inputs/RegionNetworkFirewallPolicyRuleMatchArgs.cs +++ b/sdk/dotnet/Compute/Inputs/RegionNetworkFirewallPolicyRuleMatchArgs.cs @@ -48,6 +48,13 @@ public InputList DestIpRanges set => _destIpRanges = value; } + /// + /// Network scope of the traffic destination. + /// Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + /// + [Input("destNetworkScope")] + public Input? DestNetworkScope { get; set; } + [Input("destRegionCodes")] private InputList? _destRegionCodes; @@ -121,6 +128,25 @@ public InputList SrcIpRanges set => _srcIpRanges = value; } + /// + /// Network scope of the traffic source. + /// Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + /// + [Input("srcNetworkScope")] + public Input? SrcNetworkScope { get; set; } + + [Input("srcNetworks")] + private InputList? _srcNetworks; + + /// + /// Networks of the traffic source. It can be either a full or partial url. + /// + public InputList SrcNetworks + { + get => _srcNetworks ?? (_srcNetworks = new InputList()); + set => _srcNetworks = value; + } + [Input("srcRegionCodes")] private InputList? _srcRegionCodes; diff --git a/sdk/dotnet/Compute/Inputs/RegionNetworkFirewallPolicyRuleMatchGetArgs.cs b/sdk/dotnet/Compute/Inputs/RegionNetworkFirewallPolicyRuleMatchGetArgs.cs index 25699b2893..971be9a7fa 100644 --- a/sdk/dotnet/Compute/Inputs/RegionNetworkFirewallPolicyRuleMatchGetArgs.cs +++ b/sdk/dotnet/Compute/Inputs/RegionNetworkFirewallPolicyRuleMatchGetArgs.cs @@ -48,6 +48,13 @@ public InputList DestIpRanges set => _destIpRanges = value; } + /// + /// Network scope of the traffic destination. + /// Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + /// + [Input("destNetworkScope")] + public Input? DestNetworkScope { get; set; } + [Input("destRegionCodes")] private InputList? _destRegionCodes; @@ -121,6 +128,25 @@ public InputList SrcIpRanges set => _srcIpRanges = value; } + /// + /// Network scope of the traffic source. + /// Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + /// + [Input("srcNetworkScope")] + public Input? SrcNetworkScope { get; set; } + + [Input("srcNetworks")] + private InputList? _srcNetworks; + + /// + /// Networks of the traffic source. It can be either a full or partial url. + /// + public InputList SrcNetworks + { + get => _srcNetworks ?? (_srcNetworks = new InputList()); + set => _srcNetworks = value; + } + [Input("srcRegionCodes")] private InputList? _srcRegionCodes; diff --git a/sdk/dotnet/Compute/Inputs/RegionNetworkFirewallPolicyWithRulesRuleMatchArgs.cs b/sdk/dotnet/Compute/Inputs/RegionNetworkFirewallPolicyWithRulesRuleMatchArgs.cs index 71cf95cd8f..0665867b45 100644 --- a/sdk/dotnet/Compute/Inputs/RegionNetworkFirewallPolicyWithRulesRuleMatchArgs.cs +++ b/sdk/dotnet/Compute/Inputs/RegionNetworkFirewallPolicyWithRulesRuleMatchArgs.cs @@ -51,6 +51,13 @@ public InputList DestIpRanges set => _destIpRanges = value; } + /// + /// Network scope of the traffic destination. + /// Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + /// + [Input("destNetworkScope")] + public Input? DestNetworkScope { get; set; } + [Input("destRegionCodes")] private InputList? _destRegionCodes; @@ -131,6 +138,25 @@ public InputList SrcIpRanges set => _srcIpRanges = value; } + /// + /// Network scope of the traffic source. + /// Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + /// + [Input("srcNetworkScope")] + public Input? SrcNetworkScope { get; set; } + + [Input("srcNetworks")] + private InputList? _srcNetworks; + + /// + /// Networks of the traffic source. It can be either a full or partial url. + /// + public InputList SrcNetworks + { + get => _srcNetworks ?? (_srcNetworks = new InputList()); + set => _srcNetworks = value; + } + [Input("srcRegionCodes")] private InputList? _srcRegionCodes; diff --git a/sdk/dotnet/Compute/Inputs/RegionNetworkFirewallPolicyWithRulesRuleMatchGetArgs.cs b/sdk/dotnet/Compute/Inputs/RegionNetworkFirewallPolicyWithRulesRuleMatchGetArgs.cs index 087121e664..e612e6343d 100644 --- a/sdk/dotnet/Compute/Inputs/RegionNetworkFirewallPolicyWithRulesRuleMatchGetArgs.cs +++ b/sdk/dotnet/Compute/Inputs/RegionNetworkFirewallPolicyWithRulesRuleMatchGetArgs.cs @@ -51,6 +51,13 @@ public InputList DestIpRanges set => _destIpRanges = value; } + /// + /// Network scope of the traffic destination. + /// Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + /// + [Input("destNetworkScope")] + public Input? DestNetworkScope { get; set; } + [Input("destRegionCodes")] private InputList? _destRegionCodes; @@ -131,6 +138,25 @@ public InputList SrcIpRanges set => _srcIpRanges = value; } + /// + /// Network scope of the traffic source. + /// Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + /// + [Input("srcNetworkScope")] + public Input? SrcNetworkScope { get; set; } + + [Input("srcNetworks")] + private InputList? _srcNetworks; + + /// + /// Networks of the traffic source. It can be either a full or partial url. + /// + public InputList SrcNetworks + { + get => _srcNetworks ?? (_srcNetworks = new InputList()); + set => _srcNetworks = value; + } + [Input("srcRegionCodes")] private InputList? _srcRegionCodes; diff --git a/sdk/dotnet/Compute/InstanceTemplateIamBinding.cs b/sdk/dotnet/Compute/InstanceTemplateIamBinding.cs new file mode 100644 index 0000000000..68d628d59a --- /dev/null +++ b/sdk/dotnet/Compute/InstanceTemplateIamBinding.cs @@ -0,0 +1,656 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Compute +{ + /// + /// Three different resources help you manage your IAM policy for Compute Engine InstanceTemplate. Each of these resources serves a different use case: + /// + /// * `gcp.compute.InstanceTemplateIamPolicy`: Authoritative. Sets the IAM policy for the instancetemplate and replaces any existing policy already attached. + /// * `gcp.compute.InstanceTemplateIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the instancetemplate are preserved. + /// * `gcp.compute.InstanceTemplateIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the instancetemplate are preserved. + /// + /// A data source can be used to retrieve policy data in advent you do not need creation + /// + /// * `gcp.compute.InstanceTemplateIamPolicy`: Retrieves the IAM policy for the instancetemplate + /// + /// > **Note:** `gcp.compute.InstanceTemplateIamPolicy` **cannot** be used in conjunction with `gcp.compute.InstanceTemplateIamBinding` and `gcp.compute.InstanceTemplateIamMember` or they will fight over what your policy should be. + /// + /// > **Note:** `gcp.compute.InstanceTemplateIamBinding` resources **can be** used in conjunction with `gcp.compute.InstanceTemplateIamMember` resources **only if** they do not grant privilege to the same role. + /// + /// > **Note:** This resource supports IAM Conditions but they have some known limitations which can be found [here](https://cloud.google.com/iam/docs/conditions-overview#limitations). Please review this article if you are having issues with IAM Conditions. + /// + /// ## gcp.compute.InstanceTemplateIamPolicy + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var admin = Gcp.Organizations.GetIAMPolicy.Invoke(new() + /// { + /// Bindings = new[] + /// { + /// new Gcp.Organizations.Inputs.GetIAMPolicyBindingInputArgs + /// { + /// Role = "roles/compute.instanceAdmin", + /// Members = new[] + /// { + /// "user:jane@example.com", + /// }, + /// }, + /// }, + /// }); + /// + /// var policy = new Gcp.Compute.InstanceTemplateIamPolicy("policy", new() + /// { + /// Project = @default.Project, + /// Name = @default.Name, + /// PolicyData = admin.Apply(getIAMPolicyResult => getIAMPolicyResult.PolicyData), + /// }); + /// + /// }); + /// ``` + /// + /// With IAM Conditions: + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var admin = Gcp.Organizations.GetIAMPolicy.Invoke(new() + /// { + /// Bindings = new[] + /// { + /// new Gcp.Organizations.Inputs.GetIAMPolicyBindingInputArgs + /// { + /// Role = "roles/compute.instanceAdmin", + /// Members = new[] + /// { + /// "user:jane@example.com", + /// }, + /// Condition = new Gcp.Organizations.Inputs.GetIAMPolicyBindingConditionInputArgs + /// { + /// Title = "expires_after_2019_12_31", + /// Description = "Expiring at midnight of 2019-12-31", + /// Expression = "request.time < timestamp(\"2020-01-01T00:00:00Z\")", + /// }, + /// }, + /// }, + /// }); + /// + /// var policy = new Gcp.Compute.InstanceTemplateIamPolicy("policy", new() + /// { + /// Project = @default.Project, + /// Name = @default.Name, + /// PolicyData = admin.Apply(getIAMPolicyResult => getIAMPolicyResult.PolicyData), + /// }); + /// + /// }); + /// ``` + /// ## gcp.compute.InstanceTemplateIamBinding + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var binding = new Gcp.Compute.InstanceTemplateIamBinding("binding", new() + /// { + /// Project = @default.Project, + /// Name = @default.Name, + /// Role = "roles/compute.instanceAdmin", + /// Members = new[] + /// { + /// "user:jane@example.com", + /// }, + /// }); + /// + /// }); + /// ``` + /// + /// With IAM Conditions: + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var binding = new Gcp.Compute.InstanceTemplateIamBinding("binding", new() + /// { + /// Project = @default.Project, + /// Name = @default.Name, + /// Role = "roles/compute.instanceAdmin", + /// Members = new[] + /// { + /// "user:jane@example.com", + /// }, + /// Condition = new Gcp.Compute.Inputs.InstanceTemplateIamBindingConditionArgs + /// { + /// Title = "expires_after_2019_12_31", + /// Description = "Expiring at midnight of 2019-12-31", + /// Expression = "request.time < timestamp(\"2020-01-01T00:00:00Z\")", + /// }, + /// }); + /// + /// }); + /// ``` + /// ## gcp.compute.InstanceTemplateIamMember + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var member = new Gcp.Compute.InstanceTemplateIamMember("member", new() + /// { + /// Project = @default.Project, + /// Name = @default.Name, + /// Role = "roles/compute.instanceAdmin", + /// Member = "user:jane@example.com", + /// }); + /// + /// }); + /// ``` + /// + /// With IAM Conditions: + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var member = new Gcp.Compute.InstanceTemplateIamMember("member", new() + /// { + /// Project = @default.Project, + /// Name = @default.Name, + /// Role = "roles/compute.instanceAdmin", + /// Member = "user:jane@example.com", + /// Condition = new Gcp.Compute.Inputs.InstanceTemplateIamMemberConditionArgs + /// { + /// Title = "expires_after_2019_12_31", + /// Description = "Expiring at midnight of 2019-12-31", + /// Expression = "request.time < timestamp(\"2020-01-01T00:00:00Z\")", + /// }, + /// }); + /// + /// }); + /// ``` + /// + /// ## This resource supports User Project Overrides. + /// + /// - + /// + /// # IAM policy for Compute Engine InstanceTemplate + /// Three different resources help you manage your IAM policy for Compute Engine InstanceTemplate. Each of these resources serves a different use case: + /// + /// * `gcp.compute.InstanceTemplateIamPolicy`: Authoritative. Sets the IAM policy for the instancetemplate and replaces any existing policy already attached. + /// * `gcp.compute.InstanceTemplateIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the instancetemplate are preserved. + /// * `gcp.compute.InstanceTemplateIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the instancetemplate are preserved. + /// + /// A data source can be used to retrieve policy data in advent you do not need creation + /// + /// * `gcp.compute.InstanceTemplateIamPolicy`: Retrieves the IAM policy for the instancetemplate + /// + /// > **Note:** `gcp.compute.InstanceTemplateIamPolicy` **cannot** be used in conjunction with `gcp.compute.InstanceTemplateIamBinding` and `gcp.compute.InstanceTemplateIamMember` or they will fight over what your policy should be. + /// + /// > **Note:** `gcp.compute.InstanceTemplateIamBinding` resources **can be** used in conjunction with `gcp.compute.InstanceTemplateIamMember` resources **only if** they do not grant privilege to the same role. + /// + /// > **Note:** This resource supports IAM Conditions but they have some known limitations which can be found [here](https://cloud.google.com/iam/docs/conditions-overview#limitations). Please review this article if you are having issues with IAM Conditions. + /// + /// ## gcp.compute.InstanceTemplateIamPolicy + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var admin = Gcp.Organizations.GetIAMPolicy.Invoke(new() + /// { + /// Bindings = new[] + /// { + /// new Gcp.Organizations.Inputs.GetIAMPolicyBindingInputArgs + /// { + /// Role = "roles/compute.instanceAdmin", + /// Members = new[] + /// { + /// "user:jane@example.com", + /// }, + /// }, + /// }, + /// }); + /// + /// var policy = new Gcp.Compute.InstanceTemplateIamPolicy("policy", new() + /// { + /// Project = @default.Project, + /// Name = @default.Name, + /// PolicyData = admin.Apply(getIAMPolicyResult => getIAMPolicyResult.PolicyData), + /// }); + /// + /// }); + /// ``` + /// + /// With IAM Conditions: + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var admin = Gcp.Organizations.GetIAMPolicy.Invoke(new() + /// { + /// Bindings = new[] + /// { + /// new Gcp.Organizations.Inputs.GetIAMPolicyBindingInputArgs + /// { + /// Role = "roles/compute.instanceAdmin", + /// Members = new[] + /// { + /// "user:jane@example.com", + /// }, + /// Condition = new Gcp.Organizations.Inputs.GetIAMPolicyBindingConditionInputArgs + /// { + /// Title = "expires_after_2019_12_31", + /// Description = "Expiring at midnight of 2019-12-31", + /// Expression = "request.time < timestamp(\"2020-01-01T00:00:00Z\")", + /// }, + /// }, + /// }, + /// }); + /// + /// var policy = new Gcp.Compute.InstanceTemplateIamPolicy("policy", new() + /// { + /// Project = @default.Project, + /// Name = @default.Name, + /// PolicyData = admin.Apply(getIAMPolicyResult => getIAMPolicyResult.PolicyData), + /// }); + /// + /// }); + /// ``` + /// ## gcp.compute.InstanceTemplateIamBinding + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var binding = new Gcp.Compute.InstanceTemplateIamBinding("binding", new() + /// { + /// Project = @default.Project, + /// Name = @default.Name, + /// Role = "roles/compute.instanceAdmin", + /// Members = new[] + /// { + /// "user:jane@example.com", + /// }, + /// }); + /// + /// }); + /// ``` + /// + /// With IAM Conditions: + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var binding = new Gcp.Compute.InstanceTemplateIamBinding("binding", new() + /// { + /// Project = @default.Project, + /// Name = @default.Name, + /// Role = "roles/compute.instanceAdmin", + /// Members = new[] + /// { + /// "user:jane@example.com", + /// }, + /// Condition = new Gcp.Compute.Inputs.InstanceTemplateIamBindingConditionArgs + /// { + /// Title = "expires_after_2019_12_31", + /// Description = "Expiring at midnight of 2019-12-31", + /// Expression = "request.time < timestamp(\"2020-01-01T00:00:00Z\")", + /// }, + /// }); + /// + /// }); + /// ``` + /// ## gcp.compute.InstanceTemplateIamMember + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var member = new Gcp.Compute.InstanceTemplateIamMember("member", new() + /// { + /// Project = @default.Project, + /// Name = @default.Name, + /// Role = "roles/compute.instanceAdmin", + /// Member = "user:jane@example.com", + /// }); + /// + /// }); + /// ``` + /// + /// With IAM Conditions: + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var member = new Gcp.Compute.InstanceTemplateIamMember("member", new() + /// { + /// Project = @default.Project, + /// Name = @default.Name, + /// Role = "roles/compute.instanceAdmin", + /// Member = "user:jane@example.com", + /// Condition = new Gcp.Compute.Inputs.InstanceTemplateIamMemberConditionArgs + /// { + /// Title = "expires_after_2019_12_31", + /// Description = "Expiring at midnight of 2019-12-31", + /// Expression = "request.time < timestamp(\"2020-01-01T00:00:00Z\")", + /// }, + /// }); + /// + /// }); + /// ``` + /// + /// ## Import + /// + /// For all import syntaxes, the "resource in question" can take any of the following forms: + /// + /// * projects/{{project}}/global/instanceTemplates/{{name}} + /// + /// * {{project}}/{{name}} + /// + /// * {{name}} + /// + /// Any variables not passed in the import command will be taken from the provider configuration. + /// + /// Compute Engine instancetemplate IAM resources can be imported using the resource identifiers, role, and member. + /// + /// IAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g. + /// + /// ```sh + /// $ pulumi import gcp:compute/instanceTemplateIamBinding:InstanceTemplateIamBinding editor "projects/{{project}}/global/instanceTemplates/{{instance_template}} roles/compute.instanceAdmin user:jane@example.com" + /// ``` + /// + /// IAM binding imports use space-delimited identifiers: the resource in question and the role, e.g. + /// + /// ```sh + /// $ pulumi import gcp:compute/instanceTemplateIamBinding:InstanceTemplateIamBinding editor "projects/{{project}}/global/instanceTemplates/{{instance_template}} roles/compute.instanceAdmin" + /// ``` + /// + /// IAM policy imports use the identifier of the resource in question, e.g. + /// + /// ```sh + /// $ pulumi import gcp:compute/instanceTemplateIamBinding:InstanceTemplateIamBinding editor projects/{{project}}/global/instanceTemplates/{{instance_template}} + /// ``` + /// + /// -> **Custom Roles** If you're importing a IAM resource with a custom role, make sure to use the + /// + /// full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`. + /// + [GcpResourceType("gcp:compute/instanceTemplateIamBinding:InstanceTemplateIamBinding")] + public partial class InstanceTemplateIamBinding : global::Pulumi.CustomResource + { + /// + /// An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding. + /// Structure is documented below. + /// + [Output("condition")] + public Output Condition { get; private set; } = null!; + + /// + /// (Computed) The etag of the IAM policy. + /// + [Output("etag")] + public Output Etag { get; private set; } = null!; + + /// + /// Identities that will be granted the privilege in `role`. + /// Each entry can have one of the following values: + /// * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + /// * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + /// * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + /// * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + /// * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + /// * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + /// * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + /// * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + /// * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + /// + [Output("members")] + public Output> Members { get; private set; } = null!; + + /// + /// Used to find the parent resource to bind the IAM policy to + /// + [Output("name")] + public Output Name { get; private set; } = null!; + + /// + /// The ID of the project in which the resource belongs. + /// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + /// + [Output("project")] + public Output Project { get; private set; } = null!; + + /// + /// The role that should be applied. Only one + /// `gcp.compute.InstanceTemplateIamBinding` can be used per role. Note that custom roles must be of the format + /// `[projects|organizations]/{parent-name}/roles/{role-name}`. + /// + [Output("role")] + public Output Role { get; private set; } = null!; + + + /// + /// Create a InstanceTemplateIamBinding resource with the given unique name, arguments, and options. + /// + /// + /// The unique name of the resource + /// The arguments used to populate this resource's properties + /// A bag of options that control this resource's behavior + public InstanceTemplateIamBinding(string name, InstanceTemplateIamBindingArgs args, CustomResourceOptions? options = null) + : base("gcp:compute/instanceTemplateIamBinding:InstanceTemplateIamBinding", name, args ?? new InstanceTemplateIamBindingArgs(), MakeResourceOptions(options, "")) + { + } + + private InstanceTemplateIamBinding(string name, Input id, InstanceTemplateIamBindingState? state = null, CustomResourceOptions? options = null) + : base("gcp:compute/instanceTemplateIamBinding:InstanceTemplateIamBinding", name, state, MakeResourceOptions(options, id)) + { + } + + private static CustomResourceOptions MakeResourceOptions(CustomResourceOptions? options, Input? id) + { + var defaultOptions = new CustomResourceOptions + { + Version = Utilities.Version, + }; + var merged = CustomResourceOptions.Merge(defaultOptions, options); + // Override the ID if one was specified for consistency with other language SDKs. + merged.Id = id ?? merged.Id; + return merged; + } + /// + /// Get an existing InstanceTemplateIamBinding resource's state with the given name, ID, and optional extra + /// properties used to qualify the lookup. + /// + /// + /// The unique name of the resulting resource. + /// The unique provider ID of the resource to lookup. + /// Any extra arguments used during the lookup. + /// A bag of options that control this resource's behavior + public static InstanceTemplateIamBinding Get(string name, Input id, InstanceTemplateIamBindingState? state = null, CustomResourceOptions? options = null) + { + return new InstanceTemplateIamBinding(name, id, state, options); + } + } + + public sealed class InstanceTemplateIamBindingArgs : global::Pulumi.ResourceArgs + { + /// + /// An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding. + /// Structure is documented below. + /// + [Input("condition")] + public Input? Condition { get; set; } + + [Input("members", required: true)] + private InputList? _members; + + /// + /// Identities that will be granted the privilege in `role`. + /// Each entry can have one of the following values: + /// * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + /// * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + /// * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + /// * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + /// * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + /// * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + /// * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + /// * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + /// * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + /// + public InputList Members + { + get => _members ?? (_members = new InputList()); + set => _members = value; + } + + /// + /// Used to find the parent resource to bind the IAM policy to + /// + [Input("name")] + public Input? Name { get; set; } + + /// + /// The ID of the project in which the resource belongs. + /// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + /// + [Input("project")] + public Input? Project { get; set; } + + /// + /// The role that should be applied. Only one + /// `gcp.compute.InstanceTemplateIamBinding` can be used per role. Note that custom roles must be of the format + /// `[projects|organizations]/{parent-name}/roles/{role-name}`. + /// + [Input("role", required: true)] + public Input Role { get; set; } = null!; + + public InstanceTemplateIamBindingArgs() + { + } + public static new InstanceTemplateIamBindingArgs Empty => new InstanceTemplateIamBindingArgs(); + } + + public sealed class InstanceTemplateIamBindingState : global::Pulumi.ResourceArgs + { + /// + /// An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding. + /// Structure is documented below. + /// + [Input("condition")] + public Input? Condition { get; set; } + + /// + /// (Computed) The etag of the IAM policy. + /// + [Input("etag")] + public Input? Etag { get; set; } + + [Input("members")] + private InputList? _members; + + /// + /// Identities that will be granted the privilege in `role`. + /// Each entry can have one of the following values: + /// * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + /// * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + /// * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + /// * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + /// * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + /// * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + /// * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + /// * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + /// * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + /// + public InputList Members + { + get => _members ?? (_members = new InputList()); + set => _members = value; + } + + /// + /// Used to find the parent resource to bind the IAM policy to + /// + [Input("name")] + public Input? Name { get; set; } + + /// + /// The ID of the project in which the resource belongs. + /// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + /// + [Input("project")] + public Input? Project { get; set; } + + /// + /// The role that should be applied. Only one + /// `gcp.compute.InstanceTemplateIamBinding` can be used per role. Note that custom roles must be of the format + /// `[projects|organizations]/{parent-name}/roles/{role-name}`. + /// + [Input("role")] + public Input? Role { get; set; } + + public InstanceTemplateIamBindingState() + { + } + public static new InstanceTemplateIamBindingState Empty => new InstanceTemplateIamBindingState(); + } +} diff --git a/sdk/dotnet/Compute/InstanceTemplateIamMember.cs b/sdk/dotnet/Compute/InstanceTemplateIamMember.cs new file mode 100644 index 0000000000..c134ce7d8a --- /dev/null +++ b/sdk/dotnet/Compute/InstanceTemplateIamMember.cs @@ -0,0 +1,644 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Compute +{ + /// + /// Three different resources help you manage your IAM policy for Compute Engine InstanceTemplate. Each of these resources serves a different use case: + /// + /// * `gcp.compute.InstanceTemplateIamPolicy`: Authoritative. Sets the IAM policy for the instancetemplate and replaces any existing policy already attached. + /// * `gcp.compute.InstanceTemplateIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the instancetemplate are preserved. + /// * `gcp.compute.InstanceTemplateIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the instancetemplate are preserved. + /// + /// A data source can be used to retrieve policy data in advent you do not need creation + /// + /// * `gcp.compute.InstanceTemplateIamPolicy`: Retrieves the IAM policy for the instancetemplate + /// + /// > **Note:** `gcp.compute.InstanceTemplateIamPolicy` **cannot** be used in conjunction with `gcp.compute.InstanceTemplateIamBinding` and `gcp.compute.InstanceTemplateIamMember` or they will fight over what your policy should be. + /// + /// > **Note:** `gcp.compute.InstanceTemplateIamBinding` resources **can be** used in conjunction with `gcp.compute.InstanceTemplateIamMember` resources **only if** they do not grant privilege to the same role. + /// + /// > **Note:** This resource supports IAM Conditions but they have some known limitations which can be found [here](https://cloud.google.com/iam/docs/conditions-overview#limitations). Please review this article if you are having issues with IAM Conditions. + /// + /// ## gcp.compute.InstanceTemplateIamPolicy + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var admin = Gcp.Organizations.GetIAMPolicy.Invoke(new() + /// { + /// Bindings = new[] + /// { + /// new Gcp.Organizations.Inputs.GetIAMPolicyBindingInputArgs + /// { + /// Role = "roles/compute.instanceAdmin", + /// Members = new[] + /// { + /// "user:jane@example.com", + /// }, + /// }, + /// }, + /// }); + /// + /// var policy = new Gcp.Compute.InstanceTemplateIamPolicy("policy", new() + /// { + /// Project = @default.Project, + /// Name = @default.Name, + /// PolicyData = admin.Apply(getIAMPolicyResult => getIAMPolicyResult.PolicyData), + /// }); + /// + /// }); + /// ``` + /// + /// With IAM Conditions: + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var admin = Gcp.Organizations.GetIAMPolicy.Invoke(new() + /// { + /// Bindings = new[] + /// { + /// new Gcp.Organizations.Inputs.GetIAMPolicyBindingInputArgs + /// { + /// Role = "roles/compute.instanceAdmin", + /// Members = new[] + /// { + /// "user:jane@example.com", + /// }, + /// Condition = new Gcp.Organizations.Inputs.GetIAMPolicyBindingConditionInputArgs + /// { + /// Title = "expires_after_2019_12_31", + /// Description = "Expiring at midnight of 2019-12-31", + /// Expression = "request.time < timestamp(\"2020-01-01T00:00:00Z\")", + /// }, + /// }, + /// }, + /// }); + /// + /// var policy = new Gcp.Compute.InstanceTemplateIamPolicy("policy", new() + /// { + /// Project = @default.Project, + /// Name = @default.Name, + /// PolicyData = admin.Apply(getIAMPolicyResult => getIAMPolicyResult.PolicyData), + /// }); + /// + /// }); + /// ``` + /// ## gcp.compute.InstanceTemplateIamBinding + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var binding = new Gcp.Compute.InstanceTemplateIamBinding("binding", new() + /// { + /// Project = @default.Project, + /// Name = @default.Name, + /// Role = "roles/compute.instanceAdmin", + /// Members = new[] + /// { + /// "user:jane@example.com", + /// }, + /// }); + /// + /// }); + /// ``` + /// + /// With IAM Conditions: + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var binding = new Gcp.Compute.InstanceTemplateIamBinding("binding", new() + /// { + /// Project = @default.Project, + /// Name = @default.Name, + /// Role = "roles/compute.instanceAdmin", + /// Members = new[] + /// { + /// "user:jane@example.com", + /// }, + /// Condition = new Gcp.Compute.Inputs.InstanceTemplateIamBindingConditionArgs + /// { + /// Title = "expires_after_2019_12_31", + /// Description = "Expiring at midnight of 2019-12-31", + /// Expression = "request.time < timestamp(\"2020-01-01T00:00:00Z\")", + /// }, + /// }); + /// + /// }); + /// ``` + /// ## gcp.compute.InstanceTemplateIamMember + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var member = new Gcp.Compute.InstanceTemplateIamMember("member", new() + /// { + /// Project = @default.Project, + /// Name = @default.Name, + /// Role = "roles/compute.instanceAdmin", + /// Member = "user:jane@example.com", + /// }); + /// + /// }); + /// ``` + /// + /// With IAM Conditions: + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var member = new Gcp.Compute.InstanceTemplateIamMember("member", new() + /// { + /// Project = @default.Project, + /// Name = @default.Name, + /// Role = "roles/compute.instanceAdmin", + /// Member = "user:jane@example.com", + /// Condition = new Gcp.Compute.Inputs.InstanceTemplateIamMemberConditionArgs + /// { + /// Title = "expires_after_2019_12_31", + /// Description = "Expiring at midnight of 2019-12-31", + /// Expression = "request.time < timestamp(\"2020-01-01T00:00:00Z\")", + /// }, + /// }); + /// + /// }); + /// ``` + /// + /// ## This resource supports User Project Overrides. + /// + /// - + /// + /// # IAM policy for Compute Engine InstanceTemplate + /// Three different resources help you manage your IAM policy for Compute Engine InstanceTemplate. Each of these resources serves a different use case: + /// + /// * `gcp.compute.InstanceTemplateIamPolicy`: Authoritative. Sets the IAM policy for the instancetemplate and replaces any existing policy already attached. + /// * `gcp.compute.InstanceTemplateIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the instancetemplate are preserved. + /// * `gcp.compute.InstanceTemplateIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the instancetemplate are preserved. + /// + /// A data source can be used to retrieve policy data in advent you do not need creation + /// + /// * `gcp.compute.InstanceTemplateIamPolicy`: Retrieves the IAM policy for the instancetemplate + /// + /// > **Note:** `gcp.compute.InstanceTemplateIamPolicy` **cannot** be used in conjunction with `gcp.compute.InstanceTemplateIamBinding` and `gcp.compute.InstanceTemplateIamMember` or they will fight over what your policy should be. + /// + /// > **Note:** `gcp.compute.InstanceTemplateIamBinding` resources **can be** used in conjunction with `gcp.compute.InstanceTemplateIamMember` resources **only if** they do not grant privilege to the same role. + /// + /// > **Note:** This resource supports IAM Conditions but they have some known limitations which can be found [here](https://cloud.google.com/iam/docs/conditions-overview#limitations). Please review this article if you are having issues with IAM Conditions. + /// + /// ## gcp.compute.InstanceTemplateIamPolicy + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var admin = Gcp.Organizations.GetIAMPolicy.Invoke(new() + /// { + /// Bindings = new[] + /// { + /// new Gcp.Organizations.Inputs.GetIAMPolicyBindingInputArgs + /// { + /// Role = "roles/compute.instanceAdmin", + /// Members = new[] + /// { + /// "user:jane@example.com", + /// }, + /// }, + /// }, + /// }); + /// + /// var policy = new Gcp.Compute.InstanceTemplateIamPolicy("policy", new() + /// { + /// Project = @default.Project, + /// Name = @default.Name, + /// PolicyData = admin.Apply(getIAMPolicyResult => getIAMPolicyResult.PolicyData), + /// }); + /// + /// }); + /// ``` + /// + /// With IAM Conditions: + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var admin = Gcp.Organizations.GetIAMPolicy.Invoke(new() + /// { + /// Bindings = new[] + /// { + /// new Gcp.Organizations.Inputs.GetIAMPolicyBindingInputArgs + /// { + /// Role = "roles/compute.instanceAdmin", + /// Members = new[] + /// { + /// "user:jane@example.com", + /// }, + /// Condition = new Gcp.Organizations.Inputs.GetIAMPolicyBindingConditionInputArgs + /// { + /// Title = "expires_after_2019_12_31", + /// Description = "Expiring at midnight of 2019-12-31", + /// Expression = "request.time < timestamp(\"2020-01-01T00:00:00Z\")", + /// }, + /// }, + /// }, + /// }); + /// + /// var policy = new Gcp.Compute.InstanceTemplateIamPolicy("policy", new() + /// { + /// Project = @default.Project, + /// Name = @default.Name, + /// PolicyData = admin.Apply(getIAMPolicyResult => getIAMPolicyResult.PolicyData), + /// }); + /// + /// }); + /// ``` + /// ## gcp.compute.InstanceTemplateIamBinding + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var binding = new Gcp.Compute.InstanceTemplateIamBinding("binding", new() + /// { + /// Project = @default.Project, + /// Name = @default.Name, + /// Role = "roles/compute.instanceAdmin", + /// Members = new[] + /// { + /// "user:jane@example.com", + /// }, + /// }); + /// + /// }); + /// ``` + /// + /// With IAM Conditions: + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var binding = new Gcp.Compute.InstanceTemplateIamBinding("binding", new() + /// { + /// Project = @default.Project, + /// Name = @default.Name, + /// Role = "roles/compute.instanceAdmin", + /// Members = new[] + /// { + /// "user:jane@example.com", + /// }, + /// Condition = new Gcp.Compute.Inputs.InstanceTemplateIamBindingConditionArgs + /// { + /// Title = "expires_after_2019_12_31", + /// Description = "Expiring at midnight of 2019-12-31", + /// Expression = "request.time < timestamp(\"2020-01-01T00:00:00Z\")", + /// }, + /// }); + /// + /// }); + /// ``` + /// ## gcp.compute.InstanceTemplateIamMember + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var member = new Gcp.Compute.InstanceTemplateIamMember("member", new() + /// { + /// Project = @default.Project, + /// Name = @default.Name, + /// Role = "roles/compute.instanceAdmin", + /// Member = "user:jane@example.com", + /// }); + /// + /// }); + /// ``` + /// + /// With IAM Conditions: + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var member = new Gcp.Compute.InstanceTemplateIamMember("member", new() + /// { + /// Project = @default.Project, + /// Name = @default.Name, + /// Role = "roles/compute.instanceAdmin", + /// Member = "user:jane@example.com", + /// Condition = new Gcp.Compute.Inputs.InstanceTemplateIamMemberConditionArgs + /// { + /// Title = "expires_after_2019_12_31", + /// Description = "Expiring at midnight of 2019-12-31", + /// Expression = "request.time < timestamp(\"2020-01-01T00:00:00Z\")", + /// }, + /// }); + /// + /// }); + /// ``` + /// + /// ## Import + /// + /// For all import syntaxes, the "resource in question" can take any of the following forms: + /// + /// * projects/{{project}}/global/instanceTemplates/{{name}} + /// + /// * {{project}}/{{name}} + /// + /// * {{name}} + /// + /// Any variables not passed in the import command will be taken from the provider configuration. + /// + /// Compute Engine instancetemplate IAM resources can be imported using the resource identifiers, role, and member. + /// + /// IAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g. + /// + /// ```sh + /// $ pulumi import gcp:compute/instanceTemplateIamMember:InstanceTemplateIamMember editor "projects/{{project}}/global/instanceTemplates/{{instance_template}} roles/compute.instanceAdmin user:jane@example.com" + /// ``` + /// + /// IAM binding imports use space-delimited identifiers: the resource in question and the role, e.g. + /// + /// ```sh + /// $ pulumi import gcp:compute/instanceTemplateIamMember:InstanceTemplateIamMember editor "projects/{{project}}/global/instanceTemplates/{{instance_template}} roles/compute.instanceAdmin" + /// ``` + /// + /// IAM policy imports use the identifier of the resource in question, e.g. + /// + /// ```sh + /// $ pulumi import gcp:compute/instanceTemplateIamMember:InstanceTemplateIamMember editor projects/{{project}}/global/instanceTemplates/{{instance_template}} + /// ``` + /// + /// -> **Custom Roles** If you're importing a IAM resource with a custom role, make sure to use the + /// + /// full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`. + /// + [GcpResourceType("gcp:compute/instanceTemplateIamMember:InstanceTemplateIamMember")] + public partial class InstanceTemplateIamMember : global::Pulumi.CustomResource + { + /// + /// An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding. + /// Structure is documented below. + /// + [Output("condition")] + public Output Condition { get; private set; } = null!; + + /// + /// (Computed) The etag of the IAM policy. + /// + [Output("etag")] + public Output Etag { get; private set; } = null!; + + /// + /// Identities that will be granted the privilege in `role`. + /// Each entry can have one of the following values: + /// * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + /// * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + /// * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + /// * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + /// * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + /// * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + /// * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + /// * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + /// * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + /// + [Output("member")] + public Output Member { get; private set; } = null!; + + /// + /// Used to find the parent resource to bind the IAM policy to + /// + [Output("name")] + public Output Name { get; private set; } = null!; + + /// + /// The ID of the project in which the resource belongs. + /// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + /// + [Output("project")] + public Output Project { get; private set; } = null!; + + /// + /// The role that should be applied. Only one + /// `gcp.compute.InstanceTemplateIamBinding` can be used per role. Note that custom roles must be of the format + /// `[projects|organizations]/{parent-name}/roles/{role-name}`. + /// + [Output("role")] + public Output Role { get; private set; } = null!; + + + /// + /// Create a InstanceTemplateIamMember resource with the given unique name, arguments, and options. + /// + /// + /// The unique name of the resource + /// The arguments used to populate this resource's properties + /// A bag of options that control this resource's behavior + public InstanceTemplateIamMember(string name, InstanceTemplateIamMemberArgs args, CustomResourceOptions? options = null) + : base("gcp:compute/instanceTemplateIamMember:InstanceTemplateIamMember", name, args ?? new InstanceTemplateIamMemberArgs(), MakeResourceOptions(options, "")) + { + } + + private InstanceTemplateIamMember(string name, Input id, InstanceTemplateIamMemberState? state = null, CustomResourceOptions? options = null) + : base("gcp:compute/instanceTemplateIamMember:InstanceTemplateIamMember", name, state, MakeResourceOptions(options, id)) + { + } + + private static CustomResourceOptions MakeResourceOptions(CustomResourceOptions? options, Input? id) + { + var defaultOptions = new CustomResourceOptions + { + Version = Utilities.Version, + }; + var merged = CustomResourceOptions.Merge(defaultOptions, options); + // Override the ID if one was specified for consistency with other language SDKs. + merged.Id = id ?? merged.Id; + return merged; + } + /// + /// Get an existing InstanceTemplateIamMember resource's state with the given name, ID, and optional extra + /// properties used to qualify the lookup. + /// + /// + /// The unique name of the resulting resource. + /// The unique provider ID of the resource to lookup. + /// Any extra arguments used during the lookup. + /// A bag of options that control this resource's behavior + public static InstanceTemplateIamMember Get(string name, Input id, InstanceTemplateIamMemberState? state = null, CustomResourceOptions? options = null) + { + return new InstanceTemplateIamMember(name, id, state, options); + } + } + + public sealed class InstanceTemplateIamMemberArgs : global::Pulumi.ResourceArgs + { + /// + /// An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding. + /// Structure is documented below. + /// + [Input("condition")] + public Input? Condition { get; set; } + + /// + /// Identities that will be granted the privilege in `role`. + /// Each entry can have one of the following values: + /// * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + /// * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + /// * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + /// * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + /// * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + /// * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + /// * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + /// * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + /// * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + /// + [Input("member", required: true)] + public Input Member { get; set; } = null!; + + /// + /// Used to find the parent resource to bind the IAM policy to + /// + [Input("name")] + public Input? Name { get; set; } + + /// + /// The ID of the project in which the resource belongs. + /// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + /// + [Input("project")] + public Input? Project { get; set; } + + /// + /// The role that should be applied. Only one + /// `gcp.compute.InstanceTemplateIamBinding` can be used per role. Note that custom roles must be of the format + /// `[projects|organizations]/{parent-name}/roles/{role-name}`. + /// + [Input("role", required: true)] + public Input Role { get; set; } = null!; + + public InstanceTemplateIamMemberArgs() + { + } + public static new InstanceTemplateIamMemberArgs Empty => new InstanceTemplateIamMemberArgs(); + } + + public sealed class InstanceTemplateIamMemberState : global::Pulumi.ResourceArgs + { + /// + /// An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding. + /// Structure is documented below. + /// + [Input("condition")] + public Input? Condition { get; set; } + + /// + /// (Computed) The etag of the IAM policy. + /// + [Input("etag")] + public Input? Etag { get; set; } + + /// + /// Identities that will be granted the privilege in `role`. + /// Each entry can have one of the following values: + /// * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + /// * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + /// * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + /// * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + /// * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + /// * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + /// * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + /// * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + /// * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + /// + [Input("member")] + public Input? Member { get; set; } + + /// + /// Used to find the parent resource to bind the IAM policy to + /// + [Input("name")] + public Input? Name { get; set; } + + /// + /// The ID of the project in which the resource belongs. + /// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + /// + [Input("project")] + public Input? Project { get; set; } + + /// + /// The role that should be applied. Only one + /// `gcp.compute.InstanceTemplateIamBinding` can be used per role. Note that custom roles must be of the format + /// `[projects|organizations]/{parent-name}/roles/{role-name}`. + /// + [Input("role")] + public Input? Role { get; set; } + + public InstanceTemplateIamMemberState() + { + } + public static new InstanceTemplateIamMemberState Empty => new InstanceTemplateIamMemberState(); + } +} diff --git a/sdk/dotnet/Compute/InstanceTemplateIamPolicy.cs b/sdk/dotnet/Compute/InstanceTemplateIamPolicy.cs new file mode 100644 index 0000000000..60cf2ed978 --- /dev/null +++ b/sdk/dotnet/Compute/InstanceTemplateIamPolicy.cs @@ -0,0 +1,572 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Compute +{ + /// + /// Three different resources help you manage your IAM policy for Compute Engine InstanceTemplate. Each of these resources serves a different use case: + /// + /// * `gcp.compute.InstanceTemplateIamPolicy`: Authoritative. Sets the IAM policy for the instancetemplate and replaces any existing policy already attached. + /// * `gcp.compute.InstanceTemplateIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the instancetemplate are preserved. + /// * `gcp.compute.InstanceTemplateIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the instancetemplate are preserved. + /// + /// A data source can be used to retrieve policy data in advent you do not need creation + /// + /// * `gcp.compute.InstanceTemplateIamPolicy`: Retrieves the IAM policy for the instancetemplate + /// + /// > **Note:** `gcp.compute.InstanceTemplateIamPolicy` **cannot** be used in conjunction with `gcp.compute.InstanceTemplateIamBinding` and `gcp.compute.InstanceTemplateIamMember` or they will fight over what your policy should be. + /// + /// > **Note:** `gcp.compute.InstanceTemplateIamBinding` resources **can be** used in conjunction with `gcp.compute.InstanceTemplateIamMember` resources **only if** they do not grant privilege to the same role. + /// + /// > **Note:** This resource supports IAM Conditions but they have some known limitations which can be found [here](https://cloud.google.com/iam/docs/conditions-overview#limitations). Please review this article if you are having issues with IAM Conditions. + /// + /// ## gcp.compute.InstanceTemplateIamPolicy + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var admin = Gcp.Organizations.GetIAMPolicy.Invoke(new() + /// { + /// Bindings = new[] + /// { + /// new Gcp.Organizations.Inputs.GetIAMPolicyBindingInputArgs + /// { + /// Role = "roles/compute.instanceAdmin", + /// Members = new[] + /// { + /// "user:jane@example.com", + /// }, + /// }, + /// }, + /// }); + /// + /// var policy = new Gcp.Compute.InstanceTemplateIamPolicy("policy", new() + /// { + /// Project = @default.Project, + /// Name = @default.Name, + /// PolicyData = admin.Apply(getIAMPolicyResult => getIAMPolicyResult.PolicyData), + /// }); + /// + /// }); + /// ``` + /// + /// With IAM Conditions: + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var admin = Gcp.Organizations.GetIAMPolicy.Invoke(new() + /// { + /// Bindings = new[] + /// { + /// new Gcp.Organizations.Inputs.GetIAMPolicyBindingInputArgs + /// { + /// Role = "roles/compute.instanceAdmin", + /// Members = new[] + /// { + /// "user:jane@example.com", + /// }, + /// Condition = new Gcp.Organizations.Inputs.GetIAMPolicyBindingConditionInputArgs + /// { + /// Title = "expires_after_2019_12_31", + /// Description = "Expiring at midnight of 2019-12-31", + /// Expression = "request.time < timestamp(\"2020-01-01T00:00:00Z\")", + /// }, + /// }, + /// }, + /// }); + /// + /// var policy = new Gcp.Compute.InstanceTemplateIamPolicy("policy", new() + /// { + /// Project = @default.Project, + /// Name = @default.Name, + /// PolicyData = admin.Apply(getIAMPolicyResult => getIAMPolicyResult.PolicyData), + /// }); + /// + /// }); + /// ``` + /// ## gcp.compute.InstanceTemplateIamBinding + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var binding = new Gcp.Compute.InstanceTemplateIamBinding("binding", new() + /// { + /// Project = @default.Project, + /// Name = @default.Name, + /// Role = "roles/compute.instanceAdmin", + /// Members = new[] + /// { + /// "user:jane@example.com", + /// }, + /// }); + /// + /// }); + /// ``` + /// + /// With IAM Conditions: + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var binding = new Gcp.Compute.InstanceTemplateIamBinding("binding", new() + /// { + /// Project = @default.Project, + /// Name = @default.Name, + /// Role = "roles/compute.instanceAdmin", + /// Members = new[] + /// { + /// "user:jane@example.com", + /// }, + /// Condition = new Gcp.Compute.Inputs.InstanceTemplateIamBindingConditionArgs + /// { + /// Title = "expires_after_2019_12_31", + /// Description = "Expiring at midnight of 2019-12-31", + /// Expression = "request.time < timestamp(\"2020-01-01T00:00:00Z\")", + /// }, + /// }); + /// + /// }); + /// ``` + /// ## gcp.compute.InstanceTemplateIamMember + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var member = new Gcp.Compute.InstanceTemplateIamMember("member", new() + /// { + /// Project = @default.Project, + /// Name = @default.Name, + /// Role = "roles/compute.instanceAdmin", + /// Member = "user:jane@example.com", + /// }); + /// + /// }); + /// ``` + /// + /// With IAM Conditions: + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var member = new Gcp.Compute.InstanceTemplateIamMember("member", new() + /// { + /// Project = @default.Project, + /// Name = @default.Name, + /// Role = "roles/compute.instanceAdmin", + /// Member = "user:jane@example.com", + /// Condition = new Gcp.Compute.Inputs.InstanceTemplateIamMemberConditionArgs + /// { + /// Title = "expires_after_2019_12_31", + /// Description = "Expiring at midnight of 2019-12-31", + /// Expression = "request.time < timestamp(\"2020-01-01T00:00:00Z\")", + /// }, + /// }); + /// + /// }); + /// ``` + /// + /// ## This resource supports User Project Overrides. + /// + /// - + /// + /// # IAM policy for Compute Engine InstanceTemplate + /// Three different resources help you manage your IAM policy for Compute Engine InstanceTemplate. Each of these resources serves a different use case: + /// + /// * `gcp.compute.InstanceTemplateIamPolicy`: Authoritative. Sets the IAM policy for the instancetemplate and replaces any existing policy already attached. + /// * `gcp.compute.InstanceTemplateIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the instancetemplate are preserved. + /// * `gcp.compute.InstanceTemplateIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the instancetemplate are preserved. + /// + /// A data source can be used to retrieve policy data in advent you do not need creation + /// + /// * `gcp.compute.InstanceTemplateIamPolicy`: Retrieves the IAM policy for the instancetemplate + /// + /// > **Note:** `gcp.compute.InstanceTemplateIamPolicy` **cannot** be used in conjunction with `gcp.compute.InstanceTemplateIamBinding` and `gcp.compute.InstanceTemplateIamMember` or they will fight over what your policy should be. + /// + /// > **Note:** `gcp.compute.InstanceTemplateIamBinding` resources **can be** used in conjunction with `gcp.compute.InstanceTemplateIamMember` resources **only if** they do not grant privilege to the same role. + /// + /// > **Note:** This resource supports IAM Conditions but they have some known limitations which can be found [here](https://cloud.google.com/iam/docs/conditions-overview#limitations). Please review this article if you are having issues with IAM Conditions. + /// + /// ## gcp.compute.InstanceTemplateIamPolicy + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var admin = Gcp.Organizations.GetIAMPolicy.Invoke(new() + /// { + /// Bindings = new[] + /// { + /// new Gcp.Organizations.Inputs.GetIAMPolicyBindingInputArgs + /// { + /// Role = "roles/compute.instanceAdmin", + /// Members = new[] + /// { + /// "user:jane@example.com", + /// }, + /// }, + /// }, + /// }); + /// + /// var policy = new Gcp.Compute.InstanceTemplateIamPolicy("policy", new() + /// { + /// Project = @default.Project, + /// Name = @default.Name, + /// PolicyData = admin.Apply(getIAMPolicyResult => getIAMPolicyResult.PolicyData), + /// }); + /// + /// }); + /// ``` + /// + /// With IAM Conditions: + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var admin = Gcp.Organizations.GetIAMPolicy.Invoke(new() + /// { + /// Bindings = new[] + /// { + /// new Gcp.Organizations.Inputs.GetIAMPolicyBindingInputArgs + /// { + /// Role = "roles/compute.instanceAdmin", + /// Members = new[] + /// { + /// "user:jane@example.com", + /// }, + /// Condition = new Gcp.Organizations.Inputs.GetIAMPolicyBindingConditionInputArgs + /// { + /// Title = "expires_after_2019_12_31", + /// Description = "Expiring at midnight of 2019-12-31", + /// Expression = "request.time < timestamp(\"2020-01-01T00:00:00Z\")", + /// }, + /// }, + /// }, + /// }); + /// + /// var policy = new Gcp.Compute.InstanceTemplateIamPolicy("policy", new() + /// { + /// Project = @default.Project, + /// Name = @default.Name, + /// PolicyData = admin.Apply(getIAMPolicyResult => getIAMPolicyResult.PolicyData), + /// }); + /// + /// }); + /// ``` + /// ## gcp.compute.InstanceTemplateIamBinding + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var binding = new Gcp.Compute.InstanceTemplateIamBinding("binding", new() + /// { + /// Project = @default.Project, + /// Name = @default.Name, + /// Role = "roles/compute.instanceAdmin", + /// Members = new[] + /// { + /// "user:jane@example.com", + /// }, + /// }); + /// + /// }); + /// ``` + /// + /// With IAM Conditions: + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var binding = new Gcp.Compute.InstanceTemplateIamBinding("binding", new() + /// { + /// Project = @default.Project, + /// Name = @default.Name, + /// Role = "roles/compute.instanceAdmin", + /// Members = new[] + /// { + /// "user:jane@example.com", + /// }, + /// Condition = new Gcp.Compute.Inputs.InstanceTemplateIamBindingConditionArgs + /// { + /// Title = "expires_after_2019_12_31", + /// Description = "Expiring at midnight of 2019-12-31", + /// Expression = "request.time < timestamp(\"2020-01-01T00:00:00Z\")", + /// }, + /// }); + /// + /// }); + /// ``` + /// ## gcp.compute.InstanceTemplateIamMember + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var member = new Gcp.Compute.InstanceTemplateIamMember("member", new() + /// { + /// Project = @default.Project, + /// Name = @default.Name, + /// Role = "roles/compute.instanceAdmin", + /// Member = "user:jane@example.com", + /// }); + /// + /// }); + /// ``` + /// + /// With IAM Conditions: + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var member = new Gcp.Compute.InstanceTemplateIamMember("member", new() + /// { + /// Project = @default.Project, + /// Name = @default.Name, + /// Role = "roles/compute.instanceAdmin", + /// Member = "user:jane@example.com", + /// Condition = new Gcp.Compute.Inputs.InstanceTemplateIamMemberConditionArgs + /// { + /// Title = "expires_after_2019_12_31", + /// Description = "Expiring at midnight of 2019-12-31", + /// Expression = "request.time < timestamp(\"2020-01-01T00:00:00Z\")", + /// }, + /// }); + /// + /// }); + /// ``` + /// + /// ## Import + /// + /// For all import syntaxes, the "resource in question" can take any of the following forms: + /// + /// * projects/{{project}}/global/instanceTemplates/{{name}} + /// + /// * {{project}}/{{name}} + /// + /// * {{name}} + /// + /// Any variables not passed in the import command will be taken from the provider configuration. + /// + /// Compute Engine instancetemplate IAM resources can be imported using the resource identifiers, role, and member. + /// + /// IAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g. + /// + /// ```sh + /// $ pulumi import gcp:compute/instanceTemplateIamPolicy:InstanceTemplateIamPolicy editor "projects/{{project}}/global/instanceTemplates/{{instance_template}} roles/compute.instanceAdmin user:jane@example.com" + /// ``` + /// + /// IAM binding imports use space-delimited identifiers: the resource in question and the role, e.g. + /// + /// ```sh + /// $ pulumi import gcp:compute/instanceTemplateIamPolicy:InstanceTemplateIamPolicy editor "projects/{{project}}/global/instanceTemplates/{{instance_template}} roles/compute.instanceAdmin" + /// ``` + /// + /// IAM policy imports use the identifier of the resource in question, e.g. + /// + /// ```sh + /// $ pulumi import gcp:compute/instanceTemplateIamPolicy:InstanceTemplateIamPolicy editor projects/{{project}}/global/instanceTemplates/{{instance_template}} + /// ``` + /// + /// -> **Custom Roles** If you're importing a IAM resource with a custom role, make sure to use the + /// + /// full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`. + /// + [GcpResourceType("gcp:compute/instanceTemplateIamPolicy:InstanceTemplateIamPolicy")] + public partial class InstanceTemplateIamPolicy : global::Pulumi.CustomResource + { + /// + /// (Computed) The etag of the IAM policy. + /// + [Output("etag")] + public Output Etag { get; private set; } = null!; + + /// + /// Used to find the parent resource to bind the IAM policy to + /// + [Output("name")] + public Output Name { get; private set; } = null!; + + /// + /// The policy data generated by + /// a `gcp.organizations.getIAMPolicy` data source. + /// + [Output("policyData")] + public Output PolicyData { get; private set; } = null!; + + /// + /// The ID of the project in which the resource belongs. + /// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + /// + [Output("project")] + public Output Project { get; private set; } = null!; + + + /// + /// Create a InstanceTemplateIamPolicy resource with the given unique name, arguments, and options. + /// + /// + /// The unique name of the resource + /// The arguments used to populate this resource's properties + /// A bag of options that control this resource's behavior + public InstanceTemplateIamPolicy(string name, InstanceTemplateIamPolicyArgs args, CustomResourceOptions? options = null) + : base("gcp:compute/instanceTemplateIamPolicy:InstanceTemplateIamPolicy", name, args ?? new InstanceTemplateIamPolicyArgs(), MakeResourceOptions(options, "")) + { + } + + private InstanceTemplateIamPolicy(string name, Input id, InstanceTemplateIamPolicyState? state = null, CustomResourceOptions? options = null) + : base("gcp:compute/instanceTemplateIamPolicy:InstanceTemplateIamPolicy", name, state, MakeResourceOptions(options, id)) + { + } + + private static CustomResourceOptions MakeResourceOptions(CustomResourceOptions? options, Input? id) + { + var defaultOptions = new CustomResourceOptions + { + Version = Utilities.Version, + }; + var merged = CustomResourceOptions.Merge(defaultOptions, options); + // Override the ID if one was specified for consistency with other language SDKs. + merged.Id = id ?? merged.Id; + return merged; + } + /// + /// Get an existing InstanceTemplateIamPolicy resource's state with the given name, ID, and optional extra + /// properties used to qualify the lookup. + /// + /// + /// The unique name of the resulting resource. + /// The unique provider ID of the resource to lookup. + /// Any extra arguments used during the lookup. + /// A bag of options that control this resource's behavior + public static InstanceTemplateIamPolicy Get(string name, Input id, InstanceTemplateIamPolicyState? state = null, CustomResourceOptions? options = null) + { + return new InstanceTemplateIamPolicy(name, id, state, options); + } + } + + public sealed class InstanceTemplateIamPolicyArgs : global::Pulumi.ResourceArgs + { + /// + /// Used to find the parent resource to bind the IAM policy to + /// + [Input("name")] + public Input? Name { get; set; } + + /// + /// The policy data generated by + /// a `gcp.organizations.getIAMPolicy` data source. + /// + [Input("policyData", required: true)] + public Input PolicyData { get; set; } = null!; + + /// + /// The ID of the project in which the resource belongs. + /// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + /// + [Input("project")] + public Input? Project { get; set; } + + public InstanceTemplateIamPolicyArgs() + { + } + public static new InstanceTemplateIamPolicyArgs Empty => new InstanceTemplateIamPolicyArgs(); + } + + public sealed class InstanceTemplateIamPolicyState : global::Pulumi.ResourceArgs + { + /// + /// (Computed) The etag of the IAM policy. + /// + [Input("etag")] + public Input? Etag { get; set; } + + /// + /// Used to find the parent resource to bind the IAM policy to + /// + [Input("name")] + public Input? Name { get; set; } + + /// + /// The policy data generated by + /// a `gcp.organizations.getIAMPolicy` data source. + /// + [Input("policyData")] + public Input? PolicyData { get; set; } + + /// + /// The ID of the project in which the resource belongs. + /// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + /// + [Input("project")] + public Input? Project { get; set; } + + public InstanceTemplateIamPolicyState() + { + } + public static new InstanceTemplateIamPolicyState Empty => new InstanceTemplateIamPolicyState(); + } +} diff --git a/sdk/dotnet/Compute/InterconnectAttachment.cs b/sdk/dotnet/Compute/InterconnectAttachment.cs index 66669fc253..8cdfe2d19c 100644 --- a/sdk/dotnet/Compute/InterconnectAttachment.cs +++ b/sdk/dotnet/Compute/InterconnectAttachment.cs @@ -48,6 +48,10 @@ namespace Pulumi.Gcp.Compute /// Type = "PARTNER", /// Router = foobar.Id, /// Mtu = "1500", + /// Labels = + /// { + /// { "mykey", "myvalue" }, + /// }, /// }); /// /// }); @@ -219,6 +223,12 @@ public partial class InterconnectAttachment : global::Pulumi.CustomResource [Output("edgeAvailabilityDomain")] public Output EdgeAvailabilityDomain { get; private set; } = null!; + /// + /// All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. + /// + [Output("effectiveLabels")] + public Output> EffectiveLabels { get; private set; } = null!; + /// /// Indicates the user-supplied encryption option of this interconnect /// attachment. Can only be specified at attachment creation for PARTNER or @@ -272,6 +282,26 @@ public partial class InterconnectAttachment : global::Pulumi.CustomResource [Output("ipsecInternalAddresses")] public Output> IpsecInternalAddresses { get; private set; } = null!; + /// + /// A fingerprint for the labels being applied to this Interconnect, which is essentially a hash + /// of the labels set used for optimistic locking. The fingerprint is initially generated by + /// Compute Engine and changes after every request to modify or update labels. + /// You must always provide an up-to-date fingerprint hash in order to update or change labels, + /// otherwise the request will fail with error 412 conditionNotMet. + /// + [Output("labelFingerprint")] + public Output LabelFingerprint { get; private set; } = null!; + + /// + /// Labels for this resource. These can only be added or modified by the setLabels + /// method. Each label key/value pair must comply with RFC1035. Label values may be empty. + /// + /// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. + /// Please refer to the field `effective_labels` for all of the labels present on the resource. + /// + [Output("labels")] + public Output?> Labels { get; private set; } = null!; + /// /// Maximum Transmission Unit (MTU), in bytes, of packets passing through /// this interconnect attachment. Currently, only 1440 and 1500 are allowed. If not specified, the value will default to 1440. @@ -324,6 +354,13 @@ public partial class InterconnectAttachment : global::Pulumi.CustomResource [Output("project")] public Output Project { get; private set; } = null!; + /// + /// The combination of labels configured directly on the resource + /// and default labels configured on the provider. + /// + [Output("pulumiLabels")] + public Output> PulumiLabels { get; private set; } = null!; + /// /// Region where the regional interconnect attachment resides. /// @@ -410,6 +447,11 @@ private static CustomResourceOptions MakeResourceOptions(CustomResourceOptions? var defaultOptions = new CustomResourceOptions { Version = Utilities.Version, + AdditionalSecretOutputs = + { + "effectiveLabels", + "pulumiLabels", + }, }; var merged = CustomResourceOptions.Merge(defaultOptions, options); // Override the ID if one was specified for consistency with other language SDKs. @@ -538,6 +580,22 @@ public InputList IpsecInternalAddresses set => _ipsecInternalAddresses = value; } + [Input("labels")] + private InputMap? _labels; + + /// + /// Labels for this resource. These can only be added or modified by the setLabels + /// method. Each label key/value pair must comply with RFC1035. Label values may be empty. + /// + /// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. + /// Please refer to the field `effective_labels` for all of the labels present on the resource. + /// + public InputMap Labels + { + get => _labels ?? (_labels = new InputMap()); + set => _labels = value; + } + /// /// Maximum Transmission Unit (MTU), in bytes, of packets passing through /// this interconnect attachment. Currently, only 1440 and 1500 are allowed. If not specified, the value will default to 1440. @@ -712,6 +770,22 @@ public InputList CandidateSubnets [Input("edgeAvailabilityDomain")] public Input? EdgeAvailabilityDomain { get; set; } + [Input("effectiveLabels")] + private InputMap? _effectiveLabels; + + /// + /// All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. + /// + public InputMap EffectiveLabels + { + get => _effectiveLabels ?? (_effectiveLabels = new InputMap()); + set + { + var emptySecret = Output.CreateSecret(ImmutableDictionary.Create()); + _effectiveLabels = Output.All(value, emptySecret).Apply(v => v[0]); + } + } + /// /// Indicates the user-supplied encryption option of this interconnect /// attachment. Can only be specified at attachment creation for PARTNER or @@ -771,6 +845,32 @@ public InputList IpsecInternalAddresses set => _ipsecInternalAddresses = value; } + /// + /// A fingerprint for the labels being applied to this Interconnect, which is essentially a hash + /// of the labels set used for optimistic locking. The fingerprint is initially generated by + /// Compute Engine and changes after every request to modify or update labels. + /// You must always provide an up-to-date fingerprint hash in order to update or change labels, + /// otherwise the request will fail with error 412 conditionNotMet. + /// + [Input("labelFingerprint")] + public Input? LabelFingerprint { get; set; } + + [Input("labels")] + private InputMap? _labels; + + /// + /// Labels for this resource. These can only be added or modified by the setLabels + /// method. Each label key/value pair must comply with RFC1035. Label values may be empty. + /// + /// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. + /// Please refer to the field `effective_labels` for all of the labels present on the resource. + /// + public InputMap Labels + { + get => _labels ?? (_labels = new InputMap()); + set => _labels = value; + } + /// /// Maximum Transmission Unit (MTU), in bytes, of packets passing through /// this interconnect attachment. Currently, only 1440 and 1500 are allowed. If not specified, the value will default to 1440. @@ -829,6 +929,23 @@ public InputList Pr [Input("project")] public Input? Project { get; set; } + [Input("pulumiLabels")] + private InputMap? _pulumiLabels; + + /// + /// The combination of labels configured directly on the resource + /// and default labels configured on the provider. + /// + public InputMap PulumiLabels + { + get => _pulumiLabels ?? (_pulumiLabels = new InputMap()); + set + { + var emptySecret = Output.CreateSecret(ImmutableDictionary.Create()); + _pulumiLabels = Output.All(value, emptySecret).Apply(v => v[0]); + } + } + /// /// Region where the regional interconnect attachment resides. /// diff --git a/sdk/dotnet/Compute/NetworkFirewallPolicyRule.cs b/sdk/dotnet/Compute/NetworkFirewallPolicyRule.cs index 6983802adb..d518e7e8f8 100644 --- a/sdk/dotnet/Compute/NetworkFirewallPolicyRule.cs +++ b/sdk/dotnet/Compute/NetworkFirewallPolicyRule.cs @@ -30,7 +30,7 @@ namespace Pulumi.Gcp.Compute /// { /// var basicGlobalNetworksecurityAddressGroup = new Gcp.NetworkSecurity.AddressGroup("basic_global_networksecurity_address_group", new() /// { - /// Name = "address", + /// Name = "address-group", /// Parent = "projects/my-project-name", /// Description = "Sample global networksecurity_address_group", /// Location = "global", @@ -44,7 +44,7 @@ namespace Pulumi.Gcp.Compute /// /// var basicNetworkFirewallPolicy = new Gcp.Compute.NetworkFirewallPolicy("basic_network_firewall_policy", new() /// { - /// Name = "policy", + /// Name = "fw-policy", /// Description = "Sample global network firewall policy", /// Project = "my-project-name", /// }); @@ -59,7 +59,7 @@ namespace Pulumi.Gcp.Compute /// Description = "For keyname resources.", /// Parent = "organizations/123456789", /// Purpose = "GCE_FIREWALL", - /// ShortName = "tagkey", + /// ShortName = "tag-key", /// PurposeData = /// { /// { "network", basicNetwork.Name.Apply(name => $"my-project-name/{name}") }, @@ -70,7 +70,7 @@ namespace Pulumi.Gcp.Compute /// { /// Description = "For valuename resources.", /// Parent = basicKey.Id, - /// ShortName = "tagvalue", + /// ShortName = "tag-value", /// }); /// /// var primary = new Gcp.Compute.NetworkFirewallPolicyRule("primary", new() @@ -89,6 +89,10 @@ namespace Pulumi.Gcp.Compute /// }, /// Match = new Gcp.Compute.Inputs.NetworkFirewallPolicyRuleMatchArgs /// { + /// SrcAddressGroups = new[] + /// { + /// basicGlobalNetworksecurityAddressGroup.Id, + /// }, /// SrcIpRanges = new[] /// { /// "10.100.0.1/32", @@ -119,9 +123,106 @@ namespace Pulumi.Gcp.Compute /// IpProtocol = "all", /// }, /// }, - /// SrcAddressGroups = new[] + /// }, + /// }); + /// + /// }); + /// ``` + /// ### Network Firewall Policy Rule Network Scope Egress + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var basicNetworkFirewallPolicy = new Gcp.Compute.NetworkFirewallPolicy("basic_network_firewall_policy", new() + /// { + /// Name = "fw-policy", + /// Description = "Sample global network firewall policy", + /// Project = "my-project-name", + /// }); + /// + /// var primary = new Gcp.Compute.NetworkFirewallPolicyRule("primary", new() + /// { + /// Action = "allow", + /// Description = "This is a simple rule description", + /// Direction = "EGRESS", + /// Disabled = false, + /// EnableLogging = true, + /// FirewallPolicy = basicNetworkFirewallPolicy.Name, + /// Priority = 1000, + /// RuleName = "test-rule", + /// Match = new Gcp.Compute.Inputs.NetworkFirewallPolicyRuleMatchArgs + /// { + /// DestIpRanges = new[] /// { - /// basicGlobalNetworksecurityAddressGroup.Id, + /// "10.100.0.1/32", + /// }, + /// DestNetworkScope = "INTERNET", + /// Layer4Configs = new[] + /// { + /// new Gcp.Compute.Inputs.NetworkFirewallPolicyRuleMatchLayer4ConfigArgs + /// { + /// IpProtocol = "all", + /// }, + /// }, + /// }, + /// }); + /// + /// }); + /// ``` + /// ### Network Firewall Policy Rule Network Scope Ingress + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var basicNetworkFirewallPolicy = new Gcp.Compute.NetworkFirewallPolicy("basic_network_firewall_policy", new() + /// { + /// Name = "fw-policy", + /// Description = "Sample global network firewall policy", + /// Project = "my-project-name", + /// }); + /// + /// var network = new Gcp.Compute.Network("network", new() + /// { + /// Name = "network", + /// }); + /// + /// var primary = new Gcp.Compute.NetworkFirewallPolicyRule("primary", new() + /// { + /// Action = "allow", + /// Description = "This is a simple rule description", + /// Direction = "INGRESS", + /// Disabled = false, + /// EnableLogging = true, + /// FirewallPolicy = basicNetworkFirewallPolicy.Name, + /// Priority = 1000, + /// RuleName = "test-rule", + /// Match = new Gcp.Compute.Inputs.NetworkFirewallPolicyRuleMatchArgs + /// { + /// SrcIpRanges = new[] + /// { + /// "11.100.0.1/32", + /// }, + /// SrcNetworkScope = "VPC_NETWORKS", + /// SrcNetworks = new[] + /// { + /// network.Id, + /// }, + /// Layer4Configs = new[] + /// { + /// new Gcp.Compute.Inputs.NetworkFirewallPolicyRuleMatchLayer4ConfigArgs + /// { + /// IpProtocol = "all", + /// }, /// }, /// }, /// }); diff --git a/sdk/dotnet/Compute/NetworkFirewallPolicyWithRules.cs b/sdk/dotnet/Compute/NetworkFirewallPolicyWithRules.cs index 0f0ef8c182..afa537050f 100644 --- a/sdk/dotnet/Compute/NetworkFirewallPolicyWithRules.cs +++ b/sdk/dotnet/Compute/NetworkFirewallPolicyWithRules.cs @@ -26,7 +26,7 @@ namespace Pulumi.Gcp.Compute /// /// var addressGroup1 = new Gcp.NetworkSecurity.AddressGroup("address_group_1", new() /// { - /// Name = "tf-address-group", + /// Name = "address-group", /// Parent = project.Apply(getProjectResult => getProjectResult.Id), /// Description = "Global address group", /// Location = "global", @@ -43,7 +43,7 @@ namespace Pulumi.Gcp.Compute /// Description = "Tag key", /// Parent = project.Apply(getProjectResult => getProjectResult.Id), /// Purpose = "GCE_FIREWALL", - /// ShortName = "tf-tag-key", + /// ShortName = "tag-key", /// PurposeData = /// { /// { "network", $"{project.Apply(getProjectResult => getProjectResult.Name)}/default" }, @@ -54,12 +54,12 @@ namespace Pulumi.Gcp.Compute /// { /// Description = "Tag value", /// Parent = secureTagKey1.Id, - /// ShortName = "tf-tag-value", + /// ShortName = "tag-value", /// }); /// /// var securityProfile1 = new Gcp.NetworkSecurity.SecurityProfile("security_profile_1", new() /// { - /// Name = "tf-security-profile", + /// Name = "sp", /// Type = "THREAT_PREVENTION", /// Parent = "organizations/123456789", /// Location = "global", @@ -67,15 +67,21 @@ namespace Pulumi.Gcp.Compute /// /// var securityProfileGroup1 = new Gcp.NetworkSecurity.SecurityProfileGroup("security_profile_group_1", new() /// { - /// Name = "tf-security-profile-group", + /// Name = "spg", /// Parent = "organizations/123456789", /// Description = "my description", /// ThreatPreventionProfile = securityProfile1.Id, /// }); /// - /// var network_firewall_policy_with_rules = new Gcp.Compute.NetworkFirewallPolicyWithRules("network-firewall-policy-with-rules", new() + /// var network = new Gcp.Compute.Network("network", new() /// { - /// Name = "tf-fw-policy-with-rules", + /// Name = "network", + /// AutoCreateSubnetworks = false, + /// }); + /// + /// var primary = new Gcp.Compute.NetworkFirewallPolicyWithRules("primary", new() + /// { + /// Name = "fw-policy", /// Description = "Terraform test", /// Rules = new[] /// { @@ -88,18 +94,6 @@ namespace Pulumi.Gcp.Compute /// Direction = "EGRESS", /// Match = new Gcp.Compute.Inputs.NetworkFirewallPolicyWithRulesRuleMatchArgs /// { - /// Layer4Configs = new[] - /// { - /// new Gcp.Compute.Inputs.NetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArgs - /// { - /// IpProtocol = "tcp", - /// Ports = new[] - /// { - /// "8080", - /// "7070", - /// }, - /// }, - /// }, /// DestIpRanges = new[] /// { /// "11.100.0.1/32", @@ -123,6 +117,18 @@ namespace Pulumi.Gcp.Compute /// { /// addressGroup1.Id, /// }, + /// Layer4Configs = new[] + /// { + /// new Gcp.Compute.Inputs.NetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArgs + /// { + /// IpProtocol = "tcp", + /// Ports = new[] + /// { + /// "8080", + /// "7070", + /// }, + /// }, + /// }, /// }, /// TargetSecureTags = new[] /// { @@ -139,15 +145,9 @@ namespace Pulumi.Gcp.Compute /// EnableLogging = false, /// Action = "deny", /// Direction = "INGRESS", + /// Disabled = true, /// Match = new Gcp.Compute.Inputs.NetworkFirewallPolicyWithRulesRuleMatchArgs /// { - /// Layer4Configs = new[] - /// { - /// new Gcp.Compute.Inputs.NetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArgs - /// { - /// IpProtocol = "udp", - /// }, - /// }, /// SrcIpRanges = new[] /// { /// "0.0.0.0/0", @@ -178,8 +178,14 @@ namespace Pulumi.Gcp.Compute /// Name = secureTagValue1.Id, /// }, /// }, + /// Layer4Configs = new[] + /// { + /// new Gcp.Compute.Inputs.NetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArgs + /// { + /// IpProtocol = "udp", + /// }, + /// }, /// }, - /// Disabled = true, /// }, /// new Gcp.Compute.Inputs.NetworkFirewallPolicyWithRulesRuleArgs /// { @@ -189,8 +195,18 @@ namespace Pulumi.Gcp.Compute /// EnableLogging = false, /// Action = "apply_security_profile_group", /// Direction = "INGRESS", + /// TargetServiceAccounts = new[] + /// { + /// "test@google.com", + /// }, + /// SecurityProfileGroup = securityProfileGroup1.Id.Apply(id => $"//networksecurity.googleapis.com/{id}"), + /// TlsInspect = true, /// Match = new Gcp.Compute.Inputs.NetworkFirewallPolicyWithRulesRuleMatchArgs /// { + /// SrcIpRanges = new[] + /// { + /// "0.0.0.0/0", + /// }, /// Layer4Configs = new[] /// { /// new Gcp.Compute.Inputs.NetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArgs @@ -198,17 +214,67 @@ namespace Pulumi.Gcp.Compute /// IpProtocol = "tcp", /// }, /// }, + /// }, + /// }, + /// new Gcp.Compute.Inputs.NetworkFirewallPolicyWithRulesRuleArgs + /// { + /// Description = "network scope rule 1", + /// RuleName = "network scope 1", + /// Priority = 4000, + /// EnableLogging = false, + /// Action = "allow", + /// Direction = "INGRESS", + /// Match = new Gcp.Compute.Inputs.NetworkFirewallPolicyWithRulesRuleMatchArgs + /// { /// SrcIpRanges = new[] /// { - /// "0.0.0.0/0", + /// "11.100.0.1/32", + /// }, + /// SrcNetworkScope = "VPC_NETWORKS", + /// SrcNetworks = new[] + /// { + /// network.Id, + /// }, + /// Layer4Configs = new[] + /// { + /// new Gcp.Compute.Inputs.NetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArgs + /// { + /// IpProtocol = "tcp", + /// Ports = new[] + /// { + /// "8080", + /// }, + /// }, /// }, /// }, - /// TargetServiceAccounts = new[] + /// }, + /// new Gcp.Compute.Inputs.NetworkFirewallPolicyWithRulesRuleArgs + /// { + /// Description = "network scope rule 2", + /// RuleName = "network scope 2", + /// Priority = 5000, + /// EnableLogging = false, + /// Action = "allow", + /// Direction = "EGRESS", + /// Match = new Gcp.Compute.Inputs.NetworkFirewallPolicyWithRulesRuleMatchArgs /// { - /// "test@google.com", + /// DestIpRanges = new[] + /// { + /// "0.0.0.0/0", + /// }, + /// DestNetworkScope = "INTERNET", + /// Layer4Configs = new[] + /// { + /// new Gcp.Compute.Inputs.NetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArgs + /// { + /// IpProtocol = "tcp", + /// Ports = new[] + /// { + /// "8080", + /// }, + /// }, + /// }, /// }, - /// SecurityProfileGroup = securityProfileGroup1.Id.Apply(id => $"//networksecurity.googleapis.com/{id}"), - /// TlsInspect = true, /// }, /// }, /// }); diff --git a/sdk/dotnet/Compute/Outputs/FirewallPolicyRuleMatch.cs b/sdk/dotnet/Compute/Outputs/FirewallPolicyRuleMatch.cs index fb08dc6f65..620b17dbe8 100644 --- a/sdk/dotnet/Compute/Outputs/FirewallPolicyRuleMatch.cs +++ b/sdk/dotnet/Compute/Outputs/FirewallPolicyRuleMatch.cs @@ -26,6 +26,11 @@ public sealed class FirewallPolicyRuleMatch /// public readonly ImmutableArray DestIpRanges; /// + /// Network scope of the traffic destination. + /// Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + /// + public readonly string? DestNetworkScope; + /// /// Region codes whose IP addresses will be used to match for destination of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of dest region codes allowed is 5000. /// public readonly ImmutableArray DestRegionCodes; @@ -51,6 +56,15 @@ public sealed class FirewallPolicyRuleMatch /// public readonly ImmutableArray SrcIpRanges; /// + /// Network scope of the traffic source. + /// Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + /// + public readonly string? SrcNetworkScope; + /// + /// Networks of the traffic source. It can be either a full or partial url. + /// + public readonly ImmutableArray SrcNetworks; + /// /// Region codes whose IP addresses will be used to match for source of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of source region codes allowed is 5000. /// public readonly ImmutableArray SrcRegionCodes; @@ -70,6 +84,8 @@ private FirewallPolicyRuleMatch( ImmutableArray destIpRanges, + string? destNetworkScope, + ImmutableArray destRegionCodes, ImmutableArray destThreatIntelligences, @@ -82,6 +98,10 @@ private FirewallPolicyRuleMatch( ImmutableArray srcIpRanges, + string? srcNetworkScope, + + ImmutableArray srcNetworks, + ImmutableArray srcRegionCodes, ImmutableArray srcThreatIntelligences) @@ -89,12 +109,15 @@ private FirewallPolicyRuleMatch( DestAddressGroups = destAddressGroups; DestFqdns = destFqdns; DestIpRanges = destIpRanges; + DestNetworkScope = destNetworkScope; DestRegionCodes = destRegionCodes; DestThreatIntelligences = destThreatIntelligences; Layer4Configs = layer4Configs; SrcAddressGroups = srcAddressGroups; SrcFqdns = srcFqdns; SrcIpRanges = srcIpRanges; + SrcNetworkScope = srcNetworkScope; + SrcNetworks = srcNetworks; SrcRegionCodes = srcRegionCodes; SrcThreatIntelligences = srcThreatIntelligences; } diff --git a/sdk/dotnet/Compute/Outputs/FirewallPolicyWithRulesRuleMatch.cs b/sdk/dotnet/Compute/Outputs/FirewallPolicyWithRulesRuleMatch.cs index 09e53fd647..a75f95f95f 100644 --- a/sdk/dotnet/Compute/Outputs/FirewallPolicyWithRulesRuleMatch.cs +++ b/sdk/dotnet/Compute/Outputs/FirewallPolicyWithRulesRuleMatch.cs @@ -29,6 +29,11 @@ public sealed class FirewallPolicyWithRulesRuleMatch /// public readonly ImmutableArray DestIpRanges; /// + /// Network scope of the traffic destination. + /// Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + /// + public readonly string? DestNetworkScope; + /// /// Region codes whose IP addresses will be used to match for destination /// of traffic. Should be specified as 2 letter country code defined as per /// ISO 3166 alpha-2 country codes. ex."US" @@ -64,6 +69,15 @@ public sealed class FirewallPolicyWithRulesRuleMatch /// public readonly ImmutableArray SrcIpRanges; /// + /// Network scope of the traffic source. + /// Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + /// + public readonly string? SrcNetworkScope; + /// + /// Networks of the traffic source. It can be either a full or partial url. + /// + public readonly ImmutableArray SrcNetworks; + /// /// Region codes whose IP addresses will be used to match for source /// of traffic. Should be specified as 2 letter country code defined as per /// ISO 3166 alpha-2 country codes. ex."US" @@ -84,6 +98,8 @@ private FirewallPolicyWithRulesRuleMatch( ImmutableArray destIpRanges, + string? destNetworkScope, + ImmutableArray destRegionCodes, ImmutableArray destThreatIntelligences, @@ -96,6 +112,10 @@ private FirewallPolicyWithRulesRuleMatch( ImmutableArray srcIpRanges, + string? srcNetworkScope, + + ImmutableArray srcNetworks, + ImmutableArray srcRegionCodes, ImmutableArray srcThreatIntelligences) @@ -103,12 +123,15 @@ private FirewallPolicyWithRulesRuleMatch( DestAddressGroups = destAddressGroups; DestFqdns = destFqdns; DestIpRanges = destIpRanges; + DestNetworkScope = destNetworkScope; DestRegionCodes = destRegionCodes; DestThreatIntelligences = destThreatIntelligences; Layer4Configs = layer4Configs; SrcAddressGroups = srcAddressGroups; SrcFqdns = srcFqdns; SrcIpRanges = srcIpRanges; + SrcNetworkScope = srcNetworkScope; + SrcNetworks = srcNetworks; SrcRegionCodes = srcRegionCodes; SrcThreatIntelligences = srcThreatIntelligences; } diff --git a/sdk/dotnet/Compute/Outputs/InstanceTemplateIamBindingCondition.cs b/sdk/dotnet/Compute/Outputs/InstanceTemplateIamBindingCondition.cs new file mode 100644 index 0000000000..ebac9d78d6 --- /dev/null +++ b/sdk/dotnet/Compute/Outputs/InstanceTemplateIamBindingCondition.cs @@ -0,0 +1,39 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Compute.Outputs +{ + + [OutputType] + public sealed class InstanceTemplateIamBindingCondition + { + public readonly string? Description; + /// + /// Textual representation of an expression in Common Expression Language syntax. + /// + public readonly string Expression; + /// + /// A title for the expression, i.e. a short string describing its purpose. + /// + public readonly string Title; + + [OutputConstructor] + private InstanceTemplateIamBindingCondition( + string? description, + + string expression, + + string title) + { + Description = description; + Expression = expression; + Title = title; + } + } +} diff --git a/sdk/dotnet/Compute/Outputs/InstanceTemplateIamMemberCondition.cs b/sdk/dotnet/Compute/Outputs/InstanceTemplateIamMemberCondition.cs new file mode 100644 index 0000000000..af5e89ffa4 --- /dev/null +++ b/sdk/dotnet/Compute/Outputs/InstanceTemplateIamMemberCondition.cs @@ -0,0 +1,39 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Compute.Outputs +{ + + [OutputType] + public sealed class InstanceTemplateIamMemberCondition + { + public readonly string? Description; + /// + /// Textual representation of an expression in Common Expression Language syntax. + /// + public readonly string Expression; + /// + /// A title for the expression, i.e. a short string describing its purpose. + /// + public readonly string Title; + + [OutputConstructor] + private InstanceTemplateIamMemberCondition( + string? description, + + string expression, + + string title) + { + Description = description; + Expression = expression; + Title = title; + } + } +} diff --git a/sdk/dotnet/Compute/Outputs/NetworkFirewallPolicyRuleMatch.cs b/sdk/dotnet/Compute/Outputs/NetworkFirewallPolicyRuleMatch.cs index 32fb5956f6..68749bdb70 100644 --- a/sdk/dotnet/Compute/Outputs/NetworkFirewallPolicyRuleMatch.cs +++ b/sdk/dotnet/Compute/Outputs/NetworkFirewallPolicyRuleMatch.cs @@ -26,6 +26,11 @@ public sealed class NetworkFirewallPolicyRuleMatch /// public readonly ImmutableArray DestIpRanges; /// + /// Network scope of the traffic destination. + /// Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + /// + public readonly string? DestNetworkScope; + /// /// Region codes whose IP addresses will be used to match for destination of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of dest region codes allowed is 5000. /// public readonly ImmutableArray DestRegionCodes; @@ -51,6 +56,15 @@ public sealed class NetworkFirewallPolicyRuleMatch /// public readonly ImmutableArray SrcIpRanges; /// + /// Network scope of the traffic source. + /// Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + /// + public readonly string? SrcNetworkScope; + /// + /// Networks of the traffic source. It can be either a full or partial url. + /// + public readonly ImmutableArray SrcNetworks; + /// /// Region codes whose IP addresses will be used to match for source of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of source region codes allowed is 5000. /// public readonly ImmutableArray SrcRegionCodes; @@ -75,6 +89,8 @@ private NetworkFirewallPolicyRuleMatch( ImmutableArray destIpRanges, + string? destNetworkScope, + ImmutableArray destRegionCodes, ImmutableArray destThreatIntelligences, @@ -87,6 +103,10 @@ private NetworkFirewallPolicyRuleMatch( ImmutableArray srcIpRanges, + string? srcNetworkScope, + + ImmutableArray srcNetworks, + ImmutableArray srcRegionCodes, ImmutableArray srcSecureTags, @@ -96,12 +116,15 @@ private NetworkFirewallPolicyRuleMatch( DestAddressGroups = destAddressGroups; DestFqdns = destFqdns; DestIpRanges = destIpRanges; + DestNetworkScope = destNetworkScope; DestRegionCodes = destRegionCodes; DestThreatIntelligences = destThreatIntelligences; Layer4Configs = layer4Configs; SrcAddressGroups = srcAddressGroups; SrcFqdns = srcFqdns; SrcIpRanges = srcIpRanges; + SrcNetworkScope = srcNetworkScope; + SrcNetworks = srcNetworks; SrcRegionCodes = srcRegionCodes; SrcSecureTags = srcSecureTags; SrcThreatIntelligences = srcThreatIntelligences; diff --git a/sdk/dotnet/Compute/Outputs/NetworkFirewallPolicyWithRulesRuleMatch.cs b/sdk/dotnet/Compute/Outputs/NetworkFirewallPolicyWithRulesRuleMatch.cs index b1cdd851d5..27c8493cb0 100644 --- a/sdk/dotnet/Compute/Outputs/NetworkFirewallPolicyWithRulesRuleMatch.cs +++ b/sdk/dotnet/Compute/Outputs/NetworkFirewallPolicyWithRulesRuleMatch.cs @@ -29,6 +29,11 @@ public sealed class NetworkFirewallPolicyWithRulesRuleMatch /// public readonly ImmutableArray DestIpRanges; /// + /// Network scope of the traffic destination. + /// Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + /// + public readonly string? DestNetworkScope; + /// /// Region codes whose IP addresses will be used to match for destination /// of traffic. Should be specified as 2 letter country code defined as per /// ISO 3166 alpha-2 country codes. ex."US" @@ -61,6 +66,15 @@ public sealed class NetworkFirewallPolicyWithRulesRuleMatch /// public readonly ImmutableArray SrcIpRanges; /// + /// Network scope of the traffic source. + /// Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + /// + public readonly string? SrcNetworkScope; + /// + /// Networks of the traffic source. It can be either a full or partial url. + /// + public readonly ImmutableArray SrcNetworks; + /// /// Region codes whose IP addresses will be used to match for source /// of traffic. Should be specified as 2 letter country code defined as per /// ISO 3166 alpha-2 country codes. ex."US" @@ -93,6 +107,8 @@ private NetworkFirewallPolicyWithRulesRuleMatch( ImmutableArray destIpRanges, + string? destNetworkScope, + ImmutableArray destRegionCodes, ImmutableArray destThreatIntelligences, @@ -105,6 +121,10 @@ private NetworkFirewallPolicyWithRulesRuleMatch( ImmutableArray srcIpRanges, + string? srcNetworkScope, + + ImmutableArray srcNetworks, + ImmutableArray srcRegionCodes, ImmutableArray srcSecureTags, @@ -114,12 +134,15 @@ private NetworkFirewallPolicyWithRulesRuleMatch( DestAddressGroups = destAddressGroups; DestFqdns = destFqdns; DestIpRanges = destIpRanges; + DestNetworkScope = destNetworkScope; DestRegionCodes = destRegionCodes; DestThreatIntelligences = destThreatIntelligences; Layer4Configs = layer4Configs; SrcAddressGroups = srcAddressGroups; SrcFqdns = srcFqdns; SrcIpRanges = srcIpRanges; + SrcNetworkScope = srcNetworkScope; + SrcNetworks = srcNetworks; SrcRegionCodes = srcRegionCodes; SrcSecureTags = srcSecureTags; SrcThreatIntelligences = srcThreatIntelligences; diff --git a/sdk/dotnet/Compute/Outputs/RegionNetworkFirewallPolicyRuleMatch.cs b/sdk/dotnet/Compute/Outputs/RegionNetworkFirewallPolicyRuleMatch.cs index 1a21306f0f..80a3cbe36c 100644 --- a/sdk/dotnet/Compute/Outputs/RegionNetworkFirewallPolicyRuleMatch.cs +++ b/sdk/dotnet/Compute/Outputs/RegionNetworkFirewallPolicyRuleMatch.cs @@ -26,6 +26,11 @@ public sealed class RegionNetworkFirewallPolicyRuleMatch /// public readonly ImmutableArray DestIpRanges; /// + /// Network scope of the traffic destination. + /// Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + /// + public readonly string? DestNetworkScope; + /// /// Region codes whose IP addresses will be used to match for destination of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of dest region codes allowed is 5000. /// public readonly ImmutableArray DestRegionCodes; @@ -51,6 +56,15 @@ public sealed class RegionNetworkFirewallPolicyRuleMatch /// public readonly ImmutableArray SrcIpRanges; /// + /// Network scope of the traffic source. + /// Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + /// + public readonly string? SrcNetworkScope; + /// + /// Networks of the traffic source. It can be either a full or partial url. + /// + public readonly ImmutableArray SrcNetworks; + /// /// Region codes whose IP addresses will be used to match for source of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of source region codes allowed is 5000. /// public readonly ImmutableArray SrcRegionCodes; @@ -75,6 +89,8 @@ private RegionNetworkFirewallPolicyRuleMatch( ImmutableArray destIpRanges, + string? destNetworkScope, + ImmutableArray destRegionCodes, ImmutableArray destThreatIntelligences, @@ -87,6 +103,10 @@ private RegionNetworkFirewallPolicyRuleMatch( ImmutableArray srcIpRanges, + string? srcNetworkScope, + + ImmutableArray srcNetworks, + ImmutableArray srcRegionCodes, ImmutableArray srcSecureTags, @@ -96,12 +116,15 @@ private RegionNetworkFirewallPolicyRuleMatch( DestAddressGroups = destAddressGroups; DestFqdns = destFqdns; DestIpRanges = destIpRanges; + DestNetworkScope = destNetworkScope; DestRegionCodes = destRegionCodes; DestThreatIntelligences = destThreatIntelligences; Layer4Configs = layer4Configs; SrcAddressGroups = srcAddressGroups; SrcFqdns = srcFqdns; SrcIpRanges = srcIpRanges; + SrcNetworkScope = srcNetworkScope; + SrcNetworks = srcNetworks; SrcRegionCodes = srcRegionCodes; SrcSecureTags = srcSecureTags; SrcThreatIntelligences = srcThreatIntelligences; diff --git a/sdk/dotnet/Compute/Outputs/RegionNetworkFirewallPolicyWithRulesRuleMatch.cs b/sdk/dotnet/Compute/Outputs/RegionNetworkFirewallPolicyWithRulesRuleMatch.cs index 2629889f32..1bfc5b74fb 100644 --- a/sdk/dotnet/Compute/Outputs/RegionNetworkFirewallPolicyWithRulesRuleMatch.cs +++ b/sdk/dotnet/Compute/Outputs/RegionNetworkFirewallPolicyWithRulesRuleMatch.cs @@ -29,6 +29,11 @@ public sealed class RegionNetworkFirewallPolicyWithRulesRuleMatch /// public readonly ImmutableArray DestIpRanges; /// + /// Network scope of the traffic destination. + /// Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + /// + public readonly string? DestNetworkScope; + /// /// Region codes whose IP addresses will be used to match for destination /// of traffic. Should be specified as 2 letter country code defined as per /// ISO 3166 alpha-2 country codes. ex."US" @@ -61,6 +66,15 @@ public sealed class RegionNetworkFirewallPolicyWithRulesRuleMatch /// public readonly ImmutableArray SrcIpRanges; /// + /// Network scope of the traffic source. + /// Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + /// + public readonly string? SrcNetworkScope; + /// + /// Networks of the traffic source. It can be either a full or partial url. + /// + public readonly ImmutableArray SrcNetworks; + /// /// Region codes whose IP addresses will be used to match for source /// of traffic. Should be specified as 2 letter country code defined as per /// ISO 3166 alpha-2 country codes. ex."US" @@ -93,6 +107,8 @@ private RegionNetworkFirewallPolicyWithRulesRuleMatch( ImmutableArray destIpRanges, + string? destNetworkScope, + ImmutableArray destRegionCodes, ImmutableArray destThreatIntelligences, @@ -105,6 +121,10 @@ private RegionNetworkFirewallPolicyWithRulesRuleMatch( ImmutableArray srcIpRanges, + string? srcNetworkScope, + + ImmutableArray srcNetworks, + ImmutableArray srcRegionCodes, ImmutableArray srcSecureTags, @@ -114,12 +134,15 @@ private RegionNetworkFirewallPolicyWithRulesRuleMatch( DestAddressGroups = destAddressGroups; DestFqdns = destFqdns; DestIpRanges = destIpRanges; + DestNetworkScope = destNetworkScope; DestRegionCodes = destRegionCodes; DestThreatIntelligences = destThreatIntelligences; Layer4Configs = layer4Configs; SrcAddressGroups = srcAddressGroups; SrcFqdns = srcFqdns; SrcIpRanges = srcIpRanges; + SrcNetworkScope = srcNetworkScope; + SrcNetworks = srcNetworks; SrcRegionCodes = srcRegionCodes; SrcSecureTags = srcSecureTags; SrcThreatIntelligences = srcThreatIntelligences; diff --git a/sdk/dotnet/Compute/ProjectMetadataItem.cs b/sdk/dotnet/Compute/ProjectMetadataItem.cs index 464954043c..0dc69f3f29 100644 --- a/sdk/dotnet/Compute/ProjectMetadataItem.cs +++ b/sdk/dotnet/Compute/ProjectMetadataItem.cs @@ -40,11 +40,17 @@ namespace Pulumi.Gcp.Compute /// /// * `{{key}}` /// + /// * `projects/{{project}}/meta-data/{{key}}` + /// /// When using the `pulumi import` command, project metadata items can be imported using one of the formats above. For example: /// /// ```sh /// $ pulumi import gcp:compute/projectMetadataItem:ProjectMetadataItem default {{key}} /// ``` + /// + /// ```sh + /// $ pulumi import gcp:compute/projectMetadataItem:ProjectMetadataItem default projects/{{project}}/meta-data/{{key}} + /// ``` /// [GcpResourceType("gcp:compute/projectMetadataItem:ProjectMetadataItem")] public partial class ProjectMetadataItem : global::Pulumi.CustomResource diff --git a/sdk/dotnet/Compute/PublicAdvertisedPrefix.cs b/sdk/dotnet/Compute/PublicAdvertisedPrefix.cs index c725d08135..9dae298915 100644 --- a/sdk/dotnet/Compute/PublicAdvertisedPrefix.cs +++ b/sdk/dotnet/Compute/PublicAdvertisedPrefix.cs @@ -40,6 +40,27 @@ namespace Pulumi.Gcp.Compute /// /// }); /// ``` + /// ### Public Advertised Prefixes Pdp Scope + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var prefixes = new Gcp.Compute.PublicAdvertisedPrefix("prefixes", new() + /// { + /// Name = "my-pap", + /// Description = "description", + /// DnsVerificationIp = "127.127.0.0", + /// IpCidrRange = "127.127.0.0/16", + /// PdpScope = "REGIONAL", + /// }); + /// + /// }); + /// ``` /// /// ## Import /// @@ -100,6 +121,14 @@ public partial class PublicAdvertisedPrefix : global::Pulumi.CustomResource [Output("name")] public Output Name { get; private set; } = null!; + /// + /// Specifies how child public delegated prefix will be scoped. pdpScope + /// must be one of: GLOBAL, REGIONAL + /// Possible values are: `GLOBAL`, `REGIONAL`. + /// + [Output("pdpScope")] + public Output PdpScope { get; private set; } = null!; + /// /// The ID of the project in which the resource belongs. /// If it is not provided, the provider project is used. @@ -197,6 +226,14 @@ public sealed class PublicAdvertisedPrefixArgs : global::Pulumi.ResourceArgs [Input("name")] public Input? Name { get; set; } + /// + /// Specifies how child public delegated prefix will be scoped. pdpScope + /// must be one of: GLOBAL, REGIONAL + /// Possible values are: `GLOBAL`, `REGIONAL`. + /// + [Input("pdpScope")] + public Input? PdpScope { get; set; } + /// /// The ID of the project in which the resource belongs. /// If it is not provided, the provider project is used. @@ -244,6 +281,14 @@ public sealed class PublicAdvertisedPrefixState : global::Pulumi.ResourceArgs [Input("name")] public Input? Name { get; set; } + /// + /// Specifies how child public delegated prefix will be scoped. pdpScope + /// must be one of: GLOBAL, REGIONAL + /// Possible values are: `GLOBAL`, `REGIONAL`. + /// + [Input("pdpScope")] + public Input? PdpScope { get; set; } + /// /// The ID of the project in which the resource belongs. /// If it is not provided, the provider project is used. diff --git a/sdk/dotnet/Compute/RegionNetworkFirewallPolicyRule.cs b/sdk/dotnet/Compute/RegionNetworkFirewallPolicyRule.cs index e2bee26a58..4d4ca8045f 100644 --- a/sdk/dotnet/Compute/RegionNetworkFirewallPolicyRule.cs +++ b/sdk/dotnet/Compute/RegionNetworkFirewallPolicyRule.cs @@ -30,7 +30,7 @@ namespace Pulumi.Gcp.Compute /// { /// var basicRegionalNetworksecurityAddressGroup = new Gcp.NetworkSecurity.AddressGroup("basic_regional_networksecurity_address_group", new() /// { - /// Name = "address", + /// Name = "address-group", /// Parent = "projects/my-project-name", /// Description = "Sample regional networksecurity_address_group", /// Location = "us-west1", @@ -44,7 +44,7 @@ namespace Pulumi.Gcp.Compute /// /// var basicRegionalNetworkFirewallPolicy = new Gcp.Compute.RegionNetworkFirewallPolicy("basic_regional_network_firewall_policy", new() /// { - /// Name = "policy", + /// Name = "fw-policy", /// Description = "Sample regional network firewall policy", /// Project = "my-project-name", /// Region = "us-west1", @@ -60,7 +60,7 @@ namespace Pulumi.Gcp.Compute /// Description = "For keyname resources.", /// Parent = "organizations/123456789", /// Purpose = "GCE_FIREWALL", - /// ShortName = "tagkey", + /// ShortName = "tag-key", /// PurposeData = /// { /// { "network", basicNetwork.Name.Apply(name => $"my-project-name/{name}") }, @@ -71,7 +71,7 @@ namespace Pulumi.Gcp.Compute /// { /// Description = "For valuename resources.", /// Parent = basicKey.Id, - /// ShortName = "tagvalue", + /// ShortName = "tag-value", /// }); /// /// var primary = new Gcp.Compute.RegionNetworkFirewallPolicyRule("primary", new() @@ -91,6 +91,10 @@ namespace Pulumi.Gcp.Compute /// }, /// Match = new Gcp.Compute.Inputs.RegionNetworkFirewallPolicyRuleMatchArgs /// { + /// SrcAddressGroups = new[] + /// { + /// basicRegionalNetworksecurityAddressGroup.Id, + /// }, /// SrcIpRanges = new[] /// { /// "10.100.0.1/32", @@ -121,9 +125,110 @@ namespace Pulumi.Gcp.Compute /// Name = basicValue.Id, /// }, /// }, - /// SrcAddressGroups = new[] + /// }, + /// }); + /// + /// }); + /// ``` + /// ### Region Network Firewall Policy Rule Network Scope Egress + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var basicRegionalNetworkFirewallPolicy = new Gcp.Compute.RegionNetworkFirewallPolicy("basic_regional_network_firewall_policy", new() + /// { + /// Name = "fw-policy", + /// Description = "Sample regional network firewall policy", + /// Project = "my-project-name", + /// Region = "us-west1", + /// }); + /// + /// var primary = new Gcp.Compute.RegionNetworkFirewallPolicyRule("primary", new() + /// { + /// Action = "allow", + /// Description = "This is a simple rule description", + /// Direction = "EGRESS", + /// Disabled = false, + /// EnableLogging = true, + /// FirewallPolicy = basicRegionalNetworkFirewallPolicy.Name, + /// Priority = 1000, + /// Region = "us-west1", + /// RuleName = "test-rule", + /// Match = new Gcp.Compute.Inputs.RegionNetworkFirewallPolicyRuleMatchArgs + /// { + /// DestIpRanges = new[] /// { - /// basicRegionalNetworksecurityAddressGroup.Id, + /// "10.100.0.1/32", + /// }, + /// DestNetworkScope = "INTERNET", + /// Layer4Configs = new[] + /// { + /// new Gcp.Compute.Inputs.RegionNetworkFirewallPolicyRuleMatchLayer4ConfigArgs + /// { + /// IpProtocol = "all", + /// }, + /// }, + /// }, + /// }); + /// + /// }); + /// ``` + /// ### Region Network Firewall Policy Rule Network Scope Ingress + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var basicRegionalNetworkFirewallPolicy = new Gcp.Compute.RegionNetworkFirewallPolicy("basic_regional_network_firewall_policy", new() + /// { + /// Name = "fw-policy", + /// Description = "Sample regional network firewall policy", + /// Project = "my-project-name", + /// Region = "us-west1", + /// }); + /// + /// var network = new Gcp.Compute.Network("network", new() + /// { + /// Name = "network", + /// }); + /// + /// var primary = new Gcp.Compute.RegionNetworkFirewallPolicyRule("primary", new() + /// { + /// Action = "allow", + /// Description = "This is a simple rule description", + /// Direction = "INGRESS", + /// Disabled = false, + /// EnableLogging = true, + /// FirewallPolicy = basicRegionalNetworkFirewallPolicy.Name, + /// Priority = 1000, + /// Region = "us-west1", + /// RuleName = "test-rule", + /// Match = new Gcp.Compute.Inputs.RegionNetworkFirewallPolicyRuleMatchArgs + /// { + /// SrcIpRanges = new[] + /// { + /// "10.100.0.1/32", + /// }, + /// SrcNetworkScope = "VPC_NETWORKS", + /// SrcNetworks = new[] + /// { + /// network.Id, + /// }, + /// Layer4Configs = new[] + /// { + /// new Gcp.Compute.Inputs.RegionNetworkFirewallPolicyRuleMatchLayer4ConfigArgs + /// { + /// IpProtocol = "all", + /// }, /// }, /// }, /// }); diff --git a/sdk/dotnet/Compute/RegionNetworkFirewallPolicyWithRules.cs b/sdk/dotnet/Compute/RegionNetworkFirewallPolicyWithRules.cs index b91e4f7d8e..5ae3e25b35 100644 --- a/sdk/dotnet/Compute/RegionNetworkFirewallPolicyWithRules.cs +++ b/sdk/dotnet/Compute/RegionNetworkFirewallPolicyWithRules.cs @@ -26,7 +26,7 @@ namespace Pulumi.Gcp.Compute /// /// var addressGroup1 = new Gcp.NetworkSecurity.AddressGroup("address_group_1", new() /// { - /// Name = "tf-address-group", + /// Name = "address-group", /// Parent = project.Apply(getProjectResult => getProjectResult.Id), /// Description = "Regional address group", /// Location = "us-west2", @@ -43,7 +43,7 @@ namespace Pulumi.Gcp.Compute /// Description = "Tag key", /// Parent = project.Apply(getProjectResult => getProjectResult.Id), /// Purpose = "GCE_FIREWALL", - /// ShortName = "tf-tag-key", + /// ShortName = "tag-key", /// PurposeData = /// { /// { "network", $"{project.Apply(getProjectResult => getProjectResult.Name)}/default" }, @@ -54,12 +54,18 @@ namespace Pulumi.Gcp.Compute /// { /// Description = "Tag value", /// Parent = secureTagKey1.Id, - /// ShortName = "tf-tag-value", + /// ShortName = "tag-value", /// }); /// - /// var region_network_firewall_policy_with_rules = new Gcp.Compute.RegionNetworkFirewallPolicyWithRules("region-network-firewall-policy-with-rules", new() + /// var network = new Gcp.Compute.Network("network", new() /// { - /// Name = "tf-region-fw-policy-with-rules", + /// Name = "network", + /// AutoCreateSubnetworks = false, + /// }); + /// + /// var primary = new Gcp.Compute.RegionNetworkFirewallPolicyWithRules("primary", new() + /// { + /// Name = "fw-policy", /// Region = "us-west2", /// Description = "Terraform test", /// Rules = new[] @@ -73,18 +79,6 @@ namespace Pulumi.Gcp.Compute /// Direction = "EGRESS", /// Match = new Gcp.Compute.Inputs.RegionNetworkFirewallPolicyWithRulesRuleMatchArgs /// { - /// Layer4Configs = new[] - /// { - /// new Gcp.Compute.Inputs.RegionNetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArgs - /// { - /// IpProtocol = "tcp", - /// Ports = new[] - /// { - /// "8080", - /// "7070", - /// }, - /// }, - /// }, /// DestIpRanges = new[] /// { /// "11.100.0.1/32", @@ -108,6 +102,18 @@ namespace Pulumi.Gcp.Compute /// { /// addressGroup1.Id, /// }, + /// Layer4Configs = new[] + /// { + /// new Gcp.Compute.Inputs.RegionNetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArgs + /// { + /// IpProtocol = "tcp", + /// Ports = new[] + /// { + /// "8080", + /// "7070", + /// }, + /// }, + /// }, /// }, /// TargetSecureTags = new[] /// { @@ -125,15 +131,9 @@ namespace Pulumi.Gcp.Compute /// EnableLogging = false, /// Action = "deny", /// Direction = "INGRESS", + /// Disabled = true, /// Match = new Gcp.Compute.Inputs.RegionNetworkFirewallPolicyWithRulesRuleMatchArgs /// { - /// Layer4Configs = new[] - /// { - /// new Gcp.Compute.Inputs.RegionNetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArgs - /// { - /// IpProtocol = "udp", - /// }, - /// }, /// SrcIpRanges = new[] /// { /// "0.0.0.0/0", @@ -164,8 +164,74 @@ namespace Pulumi.Gcp.Compute /// Name = secureTagValue1.Id, /// }, /// }, + /// Layer4Configs = new[] + /// { + /// new Gcp.Compute.Inputs.RegionNetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArgs + /// { + /// IpProtocol = "udp", + /// }, + /// }, + /// }, + /// }, + /// new Gcp.Compute.Inputs.RegionNetworkFirewallPolicyWithRulesRuleArgs + /// { + /// Description = "network scope rule 1", + /// RuleName = "network scope 1", + /// Priority = 4000, + /// EnableLogging = false, + /// Action = "allow", + /// Direction = "INGRESS", + /// Match = new Gcp.Compute.Inputs.RegionNetworkFirewallPolicyWithRulesRuleMatchArgs + /// { + /// SrcIpRanges = new[] + /// { + /// "11.100.0.1/32", + /// }, + /// SrcNetworkScope = "VPC_NETWORKS", + /// SrcNetworks = new[] + /// { + /// network.Id, + /// }, + /// Layer4Configs = new[] + /// { + /// new Gcp.Compute.Inputs.RegionNetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArgs + /// { + /// IpProtocol = "tcp", + /// Ports = new[] + /// { + /// "8080", + /// }, + /// }, + /// }, + /// }, + /// }, + /// new Gcp.Compute.Inputs.RegionNetworkFirewallPolicyWithRulesRuleArgs + /// { + /// Description = "network scope rule 2", + /// RuleName = "network scope 2", + /// Priority = 5000, + /// EnableLogging = false, + /// Action = "allow", + /// Direction = "EGRESS", + /// Match = new Gcp.Compute.Inputs.RegionNetworkFirewallPolicyWithRulesRuleMatchArgs + /// { + /// DestIpRanges = new[] + /// { + /// "0.0.0.0/0", + /// }, + /// DestNetworkScope = "NON_INTERNET", + /// Layer4Configs = new[] + /// { + /// new Gcp.Compute.Inputs.RegionNetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArgs + /// { + /// IpProtocol = "tcp", + /// Ports = new[] + /// { + /// "8080", + /// }, + /// }, + /// }, /// }, - /// Disabled = true, /// }, /// }, /// }); diff --git a/sdk/dotnet/Compute/RouterPeer.cs b/sdk/dotnet/Compute/RouterPeer.cs index 374ddfae86..3ef5900ff4 100644 --- a/sdk/dotnet/Compute/RouterPeer.cs +++ b/sdk/dotnet/Compute/RouterPeer.cs @@ -99,6 +99,29 @@ namespace Pulumi.Gcp.Compute /// /// }); /// ``` + /// ### Router Zero Custom Learend Route Priority + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var peer = new Gcp.Compute.RouterPeer("peer", new() + /// { + /// Name = "my-router-peer", + /// Router = "my-router", + /// Region = "us-central1", + /// Interface = "interface-1", + /// PeerAsn = 65513, + /// CustomLearnedRoutePriority = 0, + /// ZeroCustomLearnedRoutePriority = true, + /// }); + /// + /// }); + /// ``` /// ### Router Peer Router Appliance /// /// ```csharp @@ -617,6 +640,12 @@ public partial class RouterPeer : global::Pulumi.CustomResource [Output("ipv6NexthopAddress")] public Output Ipv6NexthopAddress { get; private set; } = null!; + /// + /// An internal boolean field for provider use. + /// + [Output("isCustomLearnedPrioritySet")] + public Output IsCustomLearnedPrioritySet { get; private set; } = null!; + /// /// The resource that configures and manages this BGP peer. /// * `MANAGED_BY_USER` is the default value and can be managed by @@ -710,6 +739,13 @@ public partial class RouterPeer : global::Pulumi.CustomResource [Output("routerApplianceInstance")] public Output RouterApplianceInstance { get; private set; } = null!; + /// + /// The user-defined zero-custom-learned-route-priority for a custom-learned-route-priority in BGP session. + /// This value has to be set true to force the custom_learned_route_priority to be 0. + /// + [Output("zeroCustomLearnedRoutePriority")] + public Output ZeroCustomLearnedRoutePriority { get; private set; } = null!; + /// /// Create a RouterPeer resource with the given unique name, arguments, and options. @@ -996,6 +1032,13 @@ public InputList ImportPolicies [Input("routerApplianceInstance")] public Input? RouterApplianceInstance { get; set; } + /// + /// The user-defined zero-custom-learned-route-priority for a custom-learned-route-priority in BGP session. + /// This value has to be set true to force the custom_learned_route_priority to be 0. + /// + [Input("zeroCustomLearnedRoutePriority")] + public Input? ZeroCustomLearnedRoutePriority { get; set; } + public RouterPeerArgs() { } @@ -1165,6 +1208,12 @@ public InputList ImportPolicies [Input("ipv6NexthopAddress")] public Input? Ipv6NexthopAddress { get; set; } + /// + /// An internal boolean field for provider use. + /// + [Input("isCustomLearnedPrioritySet")] + public Input? IsCustomLearnedPrioritySet { get; set; } + /// /// The resource that configures and manages this BGP peer. /// * `MANAGED_BY_USER` is the default value and can be managed by @@ -1258,6 +1307,13 @@ public InputList ImportPolicies [Input("routerApplianceInstance")] public Input? RouterApplianceInstance { get; set; } + /// + /// The user-defined zero-custom-learned-route-priority for a custom-learned-route-priority in BGP session. + /// This value has to be set true to force the custom_learned_route_priority to be 0. + /// + [Input("zeroCustomLearnedRoutePriority")] + public Input? ZeroCustomLearnedRoutePriority { get; set; } + public RouterPeerState() { } diff --git a/sdk/dotnet/Config/Config.cs b/sdk/dotnet/Config/Config.cs index c83e41fbb2..9f0278fc3b 100644 --- a/sdk/dotnet/Config/Config.cs +++ b/sdk/dotnet/Config/Config.cs @@ -88,6 +88,13 @@ public static string? ApigeeCustomEndpoint set => _apigeeCustomEndpoint.Set(value); } + private static readonly __Value _apihubCustomEndpoint = new __Value(() => __config.Get("apihubCustomEndpoint")); + public static string? ApihubCustomEndpoint + { + get => _apihubCustomEndpoint.Get(); + set => _apihubCustomEndpoint.Set(value); + } + private static readonly __Value _apikeysCustomEndpoint = new __Value(() => __config.Get("apikeysCustomEndpoint")); public static string? ApikeysCustomEndpoint { diff --git a/sdk/dotnet/Filestore/GetInstance.cs b/sdk/dotnet/Filestore/GetInstance.cs index f9c45c5f04..3926372e15 100644 --- a/sdk/dotnet/Filestore/GetInstance.cs +++ b/sdk/dotnet/Filestore/GetInstance.cs @@ -189,6 +189,7 @@ public sealed class GetInstanceResult public readonly string? Project; public readonly string Protocol; public readonly ImmutableDictionary PulumiLabels; + public readonly ImmutableDictionary Tags; public readonly string Tier; public readonly string Zone; @@ -228,6 +229,8 @@ private GetInstanceResult( ImmutableDictionary pulumiLabels, + ImmutableDictionary tags, + string tier, string zone) @@ -249,6 +252,7 @@ private GetInstanceResult( Project = project; Protocol = protocol; PulumiLabels = pulumiLabels; + Tags = tags; Tier = tier; Zone = zone; } diff --git a/sdk/dotnet/Filestore/Instance.cs b/sdk/dotnet/Filestore/Instance.cs index c80e94b26b..9fc0f3aa65 100644 --- a/sdk/dotnet/Filestore/Instance.cs +++ b/sdk/dotnet/Filestore/Instance.cs @@ -331,6 +331,16 @@ public partial class Instance : global::Pulumi.CustomResource [Output("pulumiLabels")] public Output> PulumiLabels { get; private set; } = null!; + /// + /// A map of resource manager tags. Resource manager tag keys and values have the same definition as resource manager tags. + /// Keys must be in the format tagKeys/{tag_key_id}, and values are in the format tagValues/456. The field is ignored when + /// empty. The field is immutable and causes resource replacement when mutated. This field is only set at create time and + /// modifying this field after creation will trigger recreation. To apply tags to an existing resource, see the + /// 'google_tags_tag_value' resource. + /// + [Output("tags")] + public Output?> Tags { get; private set; } = null!; + /// /// The service tier of the instance. /// Possible values include: STANDARD, PREMIUM, BASIC_HDD, BASIC_SSD, HIGH_SCALE_SSD, ZONAL, REGIONAL and ENTERPRISE @@ -484,6 +494,22 @@ public InputList Networks [Input("protocol")] public Input? Protocol { get; set; } + [Input("tags")] + private InputMap? _tags; + + /// + /// A map of resource manager tags. Resource manager tag keys and values have the same definition as resource manager tags. + /// Keys must be in the format tagKeys/{tag_key_id}, and values are in the format tagValues/456. The field is ignored when + /// empty. The field is immutable and causes resource replacement when mutated. This field is only set at create time and + /// modifying this field after creation will trigger recreation. To apply tags to an existing resource, see the + /// 'google_tags_tag_value' resource. + /// + public InputMap Tags + { + get => _tags ?? (_tags = new InputMap()); + set => _tags = value; + } + /// /// The service tier of the instance. /// Possible values include: STANDARD, PREMIUM, BASIC_HDD, BASIC_SSD, HIGH_SCALE_SSD, ZONAL, REGIONAL and ENTERPRISE @@ -640,6 +666,22 @@ public InputMap PulumiLabels } } + [Input("tags")] + private InputMap? _tags; + + /// + /// A map of resource manager tags. Resource manager tag keys and values have the same definition as resource manager tags. + /// Keys must be in the format tagKeys/{tag_key_id}, and values are in the format tagValues/456. The field is ignored when + /// empty. The field is immutable and causes resource replacement when mutated. This field is only set at create time and + /// modifying this field after creation will trigger recreation. To apply tags to an existing resource, see the + /// 'google_tags_tag_value' resource. + /// + public InputMap Tags + { + get => _tags ?? (_tags = new InputMap()); + set => _tags = value; + } + /// /// The service tier of the instance. /// Possible values include: STANDARD, PREMIUM, BASIC_HDD, BASIC_SSD, HIGH_SCALE_SSD, ZONAL, REGIONAL and ENTERPRISE diff --git a/sdk/dotnet/Gemini/CodeRepositoryIndex.cs b/sdk/dotnet/Gemini/CodeRepositoryIndex.cs index 623878edad..6cfde01e6a 100644 --- a/sdk/dotnet/Gemini/CodeRepositoryIndex.cs +++ b/sdk/dotnet/Gemini/CodeRepositoryIndex.cs @@ -10,6 +10,14 @@ namespace Pulumi.Gcp.Gemini { /// + /// The resource for managing Code Repository Index for Gemini Code Assist. + /// + /// To get more information about CodeRepositoryIndex, see: + /// + /// * [API documentation](https://cloud.google.com/gemini/docs/api/reference/rest/v1/projects.locations.codeRepositoryIndexes) + /// * How-to Guides + /// * [Gemini Code Assist overview](https://cloud.google.com/gemini/docs/codeassist/overview) + /// /// ## Example Usage /// /// ### Gemini Code Repository Index Basic @@ -25,7 +33,7 @@ namespace Pulumi.Gcp.Gemini /// var example = new Gcp.Gemini.CodeRepositoryIndex("example", new() /// { /// Location = "us-central1", - /// CodeRepositoryIndexId = "", + /// CodeRepositoryIndexId = "code-repository-index-example", /// KmsKey = "projects/projectExample/locations/locationExample/keyRings/keyRingExample/cryptoKeys/cryptoKeyExample", /// }); /// @@ -88,7 +96,7 @@ public partial class CodeRepositoryIndex : global::Pulumi.CustomResource /// /// Optional. Immutable. Customer-managed encryption key name, in the format - /// projects/*/locations/*/keyRings/*/cryptoKeys/*. + /// `projects/*/locations/*/keyRings/*/cryptoKeys/*`. /// [Output("kmsKey")] public Output KmsKey { get; private set; } = null!; @@ -129,12 +137,7 @@ public partial class CodeRepositoryIndex : global::Pulumi.CustomResource /// /// Output only. Code Repository Index instance State. - /// Possible values: - /// STATE_UNSPECIFIED - /// CREATING - /// ACTIVE - /// DELETING - /// SUSPENDED + /// Possible values are: `STATE_UNSPECIFIED`, `CREATING`, `ACTIVE`, `DELETING`, `SUSPENDED`. /// [Output("state")] public Output State { get; private set; } = null!; @@ -213,7 +216,7 @@ public sealed class CodeRepositoryIndexArgs : global::Pulumi.ResourceArgs /// /// Optional. Immutable. Customer-managed encryption key name, in the format - /// projects/*/locations/*/keyRings/*/cryptoKeys/*. + /// `projects/*/locations/*/keyRings/*/cryptoKeys/*`. /// [Input("kmsKey")] public Input? KmsKey { get; set; } @@ -292,7 +295,7 @@ public InputMap EffectiveLabels /// /// Optional. Immutable. Customer-managed encryption key name, in the format - /// projects/*/locations/*/keyRings/*/cryptoKeys/*. + /// `projects/*/locations/*/keyRings/*/cryptoKeys/*`. /// [Input("kmsKey")] public Input? KmsKey { get; set; } @@ -349,12 +352,7 @@ public InputMap PulumiLabels /// /// Output only. Code Repository Index instance State. - /// Possible values: - /// STATE_UNSPECIFIED - /// CREATING - /// ACTIVE - /// DELETING - /// SUSPENDED + /// Possible values are: `STATE_UNSPECIFIED`, `CREATING`, `ACTIVE`, `DELETING`, `SUSPENDED`. /// [Input("state")] public Input? State { get; set; } diff --git a/sdk/dotnet/Gemini/GetRepositoryGroupIamPolicy.cs b/sdk/dotnet/Gemini/GetRepositoryGroupIamPolicy.cs index cf75db492d..7e5bf65324 100644 --- a/sdk/dotnet/Gemini/GetRepositoryGroupIamPolicy.cs +++ b/sdk/dotnet/Gemini/GetRepositoryGroupIamPolicy.cs @@ -11,12 +11,87 @@ namespace Pulumi.Gcp.Gemini { public static class GetRepositoryGroupIamPolicy { + /// + /// Retrieves the current IAM policy data for repositorygroup + /// + /// + /// ## example + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var policy = Gcp.Gemini.GetRepositoryGroupIamPolicy.Invoke(new() + /// { + /// Project = example.Project, + /// Location = example.Location, + /// CodeRepositoryIndex = example.CodeRepositoryIndex, + /// RepositoryGroupId = example.RepositoryGroupId, + /// }); + /// + /// }); + /// ``` + /// public static Task InvokeAsync(GetRepositoryGroupIamPolicyArgs args, InvokeOptions? options = null) => global::Pulumi.Deployment.Instance.InvokeAsync("gcp:gemini/getRepositoryGroupIamPolicy:getRepositoryGroupIamPolicy", args ?? new GetRepositoryGroupIamPolicyArgs(), options.WithDefaults()); + /// + /// Retrieves the current IAM policy data for repositorygroup + /// + /// + /// ## example + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var policy = Gcp.Gemini.GetRepositoryGroupIamPolicy.Invoke(new() + /// { + /// Project = example.Project, + /// Location = example.Location, + /// CodeRepositoryIndex = example.CodeRepositoryIndex, + /// RepositoryGroupId = example.RepositoryGroupId, + /// }); + /// + /// }); + /// ``` + /// public static Output Invoke(GetRepositoryGroupIamPolicyInvokeArgs args, InvokeOptions? options = null) => global::Pulumi.Deployment.Instance.Invoke("gcp:gemini/getRepositoryGroupIamPolicy:getRepositoryGroupIamPolicy", args ?? new GetRepositoryGroupIamPolicyInvokeArgs(), options.WithDefaults()); + /// + /// Retrieves the current IAM policy data for repositorygroup + /// + /// + /// ## example + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var policy = Gcp.Gemini.GetRepositoryGroupIamPolicy.Invoke(new() + /// { + /// Project = example.Project, + /// Location = example.Location, + /// CodeRepositoryIndex = example.CodeRepositoryIndex, + /// RepositoryGroupId = example.RepositoryGroupId, + /// }); + /// + /// }); + /// ``` + /// public static Output Invoke(GetRepositoryGroupIamPolicyInvokeArgs args, InvokeOutputOptions options) => global::Pulumi.Deployment.Instance.Invoke("gcp:gemini/getRepositoryGroupIamPolicy:getRepositoryGroupIamPolicy", args ?? new GetRepositoryGroupIamPolicyInvokeArgs(), options.WithDefaults()); } diff --git a/sdk/dotnet/Gemini/RepositoryGroup.cs b/sdk/dotnet/Gemini/RepositoryGroup.cs index 8b3bfa1174..b3119cd606 100644 --- a/sdk/dotnet/Gemini/RepositoryGroup.cs +++ b/sdk/dotnet/Gemini/RepositoryGroup.cs @@ -10,8 +10,46 @@ namespace Pulumi.Gcp.Gemini { /// + /// The resource for managing Repository Group for Gemini Code Assist. + /// + /// To get more information about RepositoryGroup, see: + /// + /// * [API documentation](https://cloud.google.com/gemini/docs/api/reference/rest/v1/projects.locations.codeRepositoryIndexes.repositoryGroups) + /// /// ## Example Usage /// + /// ### Gemini Repository Group Basic + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var example = new Gcp.Gemini.RepositoryGroup("example", new() + /// { + /// Location = "us-central1", + /// CodeRepositoryIndex = "example-cri", + /// RepositoryGroupId = "example-repository-group", + /// Repositories = new[] + /// { + /// new Gcp.Gemini.Inputs.RepositoryGroupRepositoryArgs + /// { + /// Resource = "projects/example-project/locations/us-central1/connections/example-connection/gitRepositoryLinks/example-repo", + /// BranchPattern = "main", + /// }, + /// }, + /// Labels = + /// { + /// { "label1", "value1" }, + /// }, + /// }); + /// + /// }); + /// ``` + /// /// ## Import /// /// RepositoryGroup can be imported using any of these accepted formats: @@ -46,7 +84,7 @@ public partial class RepositoryGroup : global::Pulumi.CustomResource public Output CodeRepositoryIndex { get; private set; } = null!; /// - /// Output only. Create time stamp + /// Output only. Create time stamp. /// [Output("createTime")] public Output CreateTime { get; private set; } = null!; @@ -58,7 +96,7 @@ public partial class RepositoryGroup : global::Pulumi.CustomResource public Output> EffectiveLabels { get; private set; } = null!; /// - /// Optional. Labels as key value pairs **Note**: This field is non-authoritative, and will only manage the labels present + /// Optional. Labels as key value pairs. **Note**: This field is non-authoritative, and will only manage the labels present /// in your configuration. Please refer to the field 'effective_labels' for all of the labels present on the resource. /// [Output("labels")] @@ -71,7 +109,7 @@ public partial class RepositoryGroup : global::Pulumi.CustomResource public Output Location { get; private set; } = null!; /// - /// Immutable. Identifier. name of resource + /// Immutable. Identifier. Name of Repository Group. /// [Output("name")] public Output Name { get; private set; } = null!; @@ -87,7 +125,7 @@ public partial class RepositoryGroup : global::Pulumi.CustomResource public Output> PulumiLabels { get; private set; } = null!; /// - /// Required. List of repositories to group + /// Required. List of repositories to group. /// Structure is documented below. /// [Output("repositories")] @@ -100,7 +138,7 @@ public partial class RepositoryGroup : global::Pulumi.CustomResource public Output RepositoryGroupId { get; private set; } = null!; /// - /// Output only. Update time stamp + /// Output only. Update time stamp. /// [Output("updateTime")] public Output UpdateTime { get; private set; } = null!; @@ -166,7 +204,7 @@ public sealed class RepositoryGroupArgs : global::Pulumi.ResourceArgs private InputMap? _labels; /// - /// Optional. Labels as key value pairs **Note**: This field is non-authoritative, and will only manage the labels present + /// Optional. Labels as key value pairs. **Note**: This field is non-authoritative, and will only manage the labels present /// in your configuration. Please refer to the field 'effective_labels' for all of the labels present on the resource. /// public InputMap Labels @@ -188,7 +226,7 @@ public InputMap Labels private InputList? _repositories; /// - /// Required. List of repositories to group + /// Required. List of repositories to group. /// Structure is documented below. /// public InputList Repositories @@ -218,7 +256,7 @@ public sealed class RepositoryGroupState : global::Pulumi.ResourceArgs public Input? CodeRepositoryIndex { get; set; } /// - /// Output only. Create time stamp + /// Output only. Create time stamp. /// [Input("createTime")] public Input? CreateTime { get; set; } @@ -243,7 +281,7 @@ public InputMap EffectiveLabels private InputMap? _labels; /// - /// Optional. Labels as key value pairs **Note**: This field is non-authoritative, and will only manage the labels present + /// Optional. Labels as key value pairs. **Note**: This field is non-authoritative, and will only manage the labels present /// in your configuration. Please refer to the field 'effective_labels' for all of the labels present on the resource. /// public InputMap Labels @@ -259,7 +297,7 @@ public InputMap Labels public Input? Location { get; set; } /// - /// Immutable. Identifier. name of resource + /// Immutable. Identifier. Name of Repository Group. /// [Input("name")] public Input? Name { get; set; } @@ -288,7 +326,7 @@ public InputMap PulumiLabels private InputList? _repositories; /// - /// Required. List of repositories to group + /// Required. List of repositories to group. /// Structure is documented below. /// public InputList Repositories @@ -304,7 +342,7 @@ public InputList Repositories public Input? RepositoryGroupId { get; set; } /// - /// Output only. Update time stamp + /// Output only. Update time stamp. /// [Input("updateTime")] public Input? UpdateTime { get; set; } diff --git a/sdk/dotnet/Gemini/RepositoryGroupIamBinding.cs b/sdk/dotnet/Gemini/RepositoryGroupIamBinding.cs index b76ac2ca3e..aadc8551d7 100644 --- a/sdk/dotnet/Gemini/RepositoryGroupIamBinding.cs +++ b/sdk/dotnet/Gemini/RepositoryGroupIamBinding.cs @@ -10,6 +10,211 @@ namespace Pulumi.Gcp.Gemini { /// + /// Three different resources help you manage your IAM policy for Gemini for Google Cloud RepositoryGroup. Each of these resources serves a different use case: + /// + /// * `gcp.gemini.RepositoryGroupIamPolicy`: Authoritative. Sets the IAM policy for the repositorygroup and replaces any existing policy already attached. + /// * `gcp.gemini.RepositoryGroupIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the repositorygroup are preserved. + /// * `gcp.gemini.RepositoryGroupIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the repositorygroup are preserved. + /// + /// A data source can be used to retrieve policy data in advent you do not need creation + /// + /// * `gcp.gemini.RepositoryGroupIamPolicy`: Retrieves the IAM policy for the repositorygroup + /// + /// > **Note:** `gcp.gemini.RepositoryGroupIamPolicy` **cannot** be used in conjunction with `gcp.gemini.RepositoryGroupIamBinding` and `gcp.gemini.RepositoryGroupIamMember` or they will fight over what your policy should be. + /// + /// > **Note:** `gcp.gemini.RepositoryGroupIamBinding` resources **can be** used in conjunction with `gcp.gemini.RepositoryGroupIamMember` resources **only if** they do not grant privilege to the same role. + /// + /// ## gcp.gemini.RepositoryGroupIamPolicy + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var admin = Gcp.Organizations.GetIAMPolicy.Invoke(new() + /// { + /// Bindings = new[] + /// { + /// new Gcp.Organizations.Inputs.GetIAMPolicyBindingInputArgs + /// { + /// Role = "roles/cloudaicompanion.repositoryGroupsUser", + /// Members = new[] + /// { + /// "user:jane@example.com", + /// }, + /// }, + /// }, + /// }); + /// + /// var policy = new Gcp.Gemini.RepositoryGroupIamPolicy("policy", new() + /// { + /// Project = example.Project, + /// Location = example.Location, + /// CodeRepositoryIndex = example.CodeRepositoryIndex, + /// RepositoryGroupId = example.RepositoryGroupId, + /// PolicyData = admin.Apply(getIAMPolicyResult => getIAMPolicyResult.PolicyData), + /// }); + /// + /// }); + /// ``` + /// + /// ## gcp.gemini.RepositoryGroupIamBinding + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var binding = new Gcp.Gemini.RepositoryGroupIamBinding("binding", new() + /// { + /// Project = example.Project, + /// Location = example.Location, + /// CodeRepositoryIndex = example.CodeRepositoryIndex, + /// RepositoryGroupId = example.RepositoryGroupId, + /// Role = "roles/cloudaicompanion.repositoryGroupsUser", + /// Members = new[] + /// { + /// "user:jane@example.com", + /// }, + /// }); + /// + /// }); + /// ``` + /// + /// ## gcp.gemini.RepositoryGroupIamMember + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var member = new Gcp.Gemini.RepositoryGroupIamMember("member", new() + /// { + /// Project = example.Project, + /// Location = example.Location, + /// CodeRepositoryIndex = example.CodeRepositoryIndex, + /// RepositoryGroupId = example.RepositoryGroupId, + /// Role = "roles/cloudaicompanion.repositoryGroupsUser", + /// Member = "user:jane@example.com", + /// }); + /// + /// }); + /// ``` + /// + /// ## This resource supports User Project Overrides. + /// + /// - + /// + /// # IAM policy for Gemini for Google Cloud RepositoryGroup + /// Three different resources help you manage your IAM policy for Gemini for Google Cloud RepositoryGroup. Each of these resources serves a different use case: + /// + /// * `gcp.gemini.RepositoryGroupIamPolicy`: Authoritative. Sets the IAM policy for the repositorygroup and replaces any existing policy already attached. + /// * `gcp.gemini.RepositoryGroupIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the repositorygroup are preserved. + /// * `gcp.gemini.RepositoryGroupIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the repositorygroup are preserved. + /// + /// A data source can be used to retrieve policy data in advent you do not need creation + /// + /// * `gcp.gemini.RepositoryGroupIamPolicy`: Retrieves the IAM policy for the repositorygroup + /// + /// > **Note:** `gcp.gemini.RepositoryGroupIamPolicy` **cannot** be used in conjunction with `gcp.gemini.RepositoryGroupIamBinding` and `gcp.gemini.RepositoryGroupIamMember` or they will fight over what your policy should be. + /// + /// > **Note:** `gcp.gemini.RepositoryGroupIamBinding` resources **can be** used in conjunction with `gcp.gemini.RepositoryGroupIamMember` resources **only if** they do not grant privilege to the same role. + /// + /// ## gcp.gemini.RepositoryGroupIamPolicy + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var admin = Gcp.Organizations.GetIAMPolicy.Invoke(new() + /// { + /// Bindings = new[] + /// { + /// new Gcp.Organizations.Inputs.GetIAMPolicyBindingInputArgs + /// { + /// Role = "roles/cloudaicompanion.repositoryGroupsUser", + /// Members = new[] + /// { + /// "user:jane@example.com", + /// }, + /// }, + /// }, + /// }); + /// + /// var policy = new Gcp.Gemini.RepositoryGroupIamPolicy("policy", new() + /// { + /// Project = example.Project, + /// Location = example.Location, + /// CodeRepositoryIndex = example.CodeRepositoryIndex, + /// RepositoryGroupId = example.RepositoryGroupId, + /// PolicyData = admin.Apply(getIAMPolicyResult => getIAMPolicyResult.PolicyData), + /// }); + /// + /// }); + /// ``` + /// + /// ## gcp.gemini.RepositoryGroupIamBinding + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var binding = new Gcp.Gemini.RepositoryGroupIamBinding("binding", new() + /// { + /// Project = example.Project, + /// Location = example.Location, + /// CodeRepositoryIndex = example.CodeRepositoryIndex, + /// RepositoryGroupId = example.RepositoryGroupId, + /// Role = "roles/cloudaicompanion.repositoryGroupsUser", + /// Members = new[] + /// { + /// "user:jane@example.com", + /// }, + /// }); + /// + /// }); + /// ``` + /// + /// ## gcp.gemini.RepositoryGroupIamMember + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var member = new Gcp.Gemini.RepositoryGroupIamMember("member", new() + /// { + /// Project = example.Project, + /// Location = example.Location, + /// CodeRepositoryIndex = example.CodeRepositoryIndex, + /// RepositoryGroupId = example.RepositoryGroupId, + /// Role = "roles/cloudaicompanion.repositoryGroupsUser", + /// Member = "user:jane@example.com", + /// }); + /// + /// }); + /// ``` + /// /// ## Import /// /// For all import syntaxes, the "resource in question" can take any of the following forms: diff --git a/sdk/dotnet/Gemini/RepositoryGroupIamMember.cs b/sdk/dotnet/Gemini/RepositoryGroupIamMember.cs index d92cfd1afb..36ce7e633f 100644 --- a/sdk/dotnet/Gemini/RepositoryGroupIamMember.cs +++ b/sdk/dotnet/Gemini/RepositoryGroupIamMember.cs @@ -10,6 +10,211 @@ namespace Pulumi.Gcp.Gemini { /// + /// Three different resources help you manage your IAM policy for Gemini for Google Cloud RepositoryGroup. Each of these resources serves a different use case: + /// + /// * `gcp.gemini.RepositoryGroupIamPolicy`: Authoritative. Sets the IAM policy for the repositorygroup and replaces any existing policy already attached. + /// * `gcp.gemini.RepositoryGroupIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the repositorygroup are preserved. + /// * `gcp.gemini.RepositoryGroupIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the repositorygroup are preserved. + /// + /// A data source can be used to retrieve policy data in advent you do not need creation + /// + /// * `gcp.gemini.RepositoryGroupIamPolicy`: Retrieves the IAM policy for the repositorygroup + /// + /// > **Note:** `gcp.gemini.RepositoryGroupIamPolicy` **cannot** be used in conjunction with `gcp.gemini.RepositoryGroupIamBinding` and `gcp.gemini.RepositoryGroupIamMember` or they will fight over what your policy should be. + /// + /// > **Note:** `gcp.gemini.RepositoryGroupIamBinding` resources **can be** used in conjunction with `gcp.gemini.RepositoryGroupIamMember` resources **only if** they do not grant privilege to the same role. + /// + /// ## gcp.gemini.RepositoryGroupIamPolicy + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var admin = Gcp.Organizations.GetIAMPolicy.Invoke(new() + /// { + /// Bindings = new[] + /// { + /// new Gcp.Organizations.Inputs.GetIAMPolicyBindingInputArgs + /// { + /// Role = "roles/cloudaicompanion.repositoryGroupsUser", + /// Members = new[] + /// { + /// "user:jane@example.com", + /// }, + /// }, + /// }, + /// }); + /// + /// var policy = new Gcp.Gemini.RepositoryGroupIamPolicy("policy", new() + /// { + /// Project = example.Project, + /// Location = example.Location, + /// CodeRepositoryIndex = example.CodeRepositoryIndex, + /// RepositoryGroupId = example.RepositoryGroupId, + /// PolicyData = admin.Apply(getIAMPolicyResult => getIAMPolicyResult.PolicyData), + /// }); + /// + /// }); + /// ``` + /// + /// ## gcp.gemini.RepositoryGroupIamBinding + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var binding = new Gcp.Gemini.RepositoryGroupIamBinding("binding", new() + /// { + /// Project = example.Project, + /// Location = example.Location, + /// CodeRepositoryIndex = example.CodeRepositoryIndex, + /// RepositoryGroupId = example.RepositoryGroupId, + /// Role = "roles/cloudaicompanion.repositoryGroupsUser", + /// Members = new[] + /// { + /// "user:jane@example.com", + /// }, + /// }); + /// + /// }); + /// ``` + /// + /// ## gcp.gemini.RepositoryGroupIamMember + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var member = new Gcp.Gemini.RepositoryGroupIamMember("member", new() + /// { + /// Project = example.Project, + /// Location = example.Location, + /// CodeRepositoryIndex = example.CodeRepositoryIndex, + /// RepositoryGroupId = example.RepositoryGroupId, + /// Role = "roles/cloudaicompanion.repositoryGroupsUser", + /// Member = "user:jane@example.com", + /// }); + /// + /// }); + /// ``` + /// + /// ## This resource supports User Project Overrides. + /// + /// - + /// + /// # IAM policy for Gemini for Google Cloud RepositoryGroup + /// Three different resources help you manage your IAM policy for Gemini for Google Cloud RepositoryGroup. Each of these resources serves a different use case: + /// + /// * `gcp.gemini.RepositoryGroupIamPolicy`: Authoritative. Sets the IAM policy for the repositorygroup and replaces any existing policy already attached. + /// * `gcp.gemini.RepositoryGroupIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the repositorygroup are preserved. + /// * `gcp.gemini.RepositoryGroupIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the repositorygroup are preserved. + /// + /// A data source can be used to retrieve policy data in advent you do not need creation + /// + /// * `gcp.gemini.RepositoryGroupIamPolicy`: Retrieves the IAM policy for the repositorygroup + /// + /// > **Note:** `gcp.gemini.RepositoryGroupIamPolicy` **cannot** be used in conjunction with `gcp.gemini.RepositoryGroupIamBinding` and `gcp.gemini.RepositoryGroupIamMember` or they will fight over what your policy should be. + /// + /// > **Note:** `gcp.gemini.RepositoryGroupIamBinding` resources **can be** used in conjunction with `gcp.gemini.RepositoryGroupIamMember` resources **only if** they do not grant privilege to the same role. + /// + /// ## gcp.gemini.RepositoryGroupIamPolicy + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var admin = Gcp.Organizations.GetIAMPolicy.Invoke(new() + /// { + /// Bindings = new[] + /// { + /// new Gcp.Organizations.Inputs.GetIAMPolicyBindingInputArgs + /// { + /// Role = "roles/cloudaicompanion.repositoryGroupsUser", + /// Members = new[] + /// { + /// "user:jane@example.com", + /// }, + /// }, + /// }, + /// }); + /// + /// var policy = new Gcp.Gemini.RepositoryGroupIamPolicy("policy", new() + /// { + /// Project = example.Project, + /// Location = example.Location, + /// CodeRepositoryIndex = example.CodeRepositoryIndex, + /// RepositoryGroupId = example.RepositoryGroupId, + /// PolicyData = admin.Apply(getIAMPolicyResult => getIAMPolicyResult.PolicyData), + /// }); + /// + /// }); + /// ``` + /// + /// ## gcp.gemini.RepositoryGroupIamBinding + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var binding = new Gcp.Gemini.RepositoryGroupIamBinding("binding", new() + /// { + /// Project = example.Project, + /// Location = example.Location, + /// CodeRepositoryIndex = example.CodeRepositoryIndex, + /// RepositoryGroupId = example.RepositoryGroupId, + /// Role = "roles/cloudaicompanion.repositoryGroupsUser", + /// Members = new[] + /// { + /// "user:jane@example.com", + /// }, + /// }); + /// + /// }); + /// ``` + /// + /// ## gcp.gemini.RepositoryGroupIamMember + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var member = new Gcp.Gemini.RepositoryGroupIamMember("member", new() + /// { + /// Project = example.Project, + /// Location = example.Location, + /// CodeRepositoryIndex = example.CodeRepositoryIndex, + /// RepositoryGroupId = example.RepositoryGroupId, + /// Role = "roles/cloudaicompanion.repositoryGroupsUser", + /// Member = "user:jane@example.com", + /// }); + /// + /// }); + /// ``` + /// /// ## Import /// /// For all import syntaxes, the "resource in question" can take any of the following forms: diff --git a/sdk/dotnet/Gemini/RepositoryGroupIamPolicy.cs b/sdk/dotnet/Gemini/RepositoryGroupIamPolicy.cs index c716e8f548..dd37d819bf 100644 --- a/sdk/dotnet/Gemini/RepositoryGroupIamPolicy.cs +++ b/sdk/dotnet/Gemini/RepositoryGroupIamPolicy.cs @@ -10,6 +10,211 @@ namespace Pulumi.Gcp.Gemini { /// + /// Three different resources help you manage your IAM policy for Gemini for Google Cloud RepositoryGroup. Each of these resources serves a different use case: + /// + /// * `gcp.gemini.RepositoryGroupIamPolicy`: Authoritative. Sets the IAM policy for the repositorygroup and replaces any existing policy already attached. + /// * `gcp.gemini.RepositoryGroupIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the repositorygroup are preserved. + /// * `gcp.gemini.RepositoryGroupIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the repositorygroup are preserved. + /// + /// A data source can be used to retrieve policy data in advent you do not need creation + /// + /// * `gcp.gemini.RepositoryGroupIamPolicy`: Retrieves the IAM policy for the repositorygroup + /// + /// > **Note:** `gcp.gemini.RepositoryGroupIamPolicy` **cannot** be used in conjunction with `gcp.gemini.RepositoryGroupIamBinding` and `gcp.gemini.RepositoryGroupIamMember` or they will fight over what your policy should be. + /// + /// > **Note:** `gcp.gemini.RepositoryGroupIamBinding` resources **can be** used in conjunction with `gcp.gemini.RepositoryGroupIamMember` resources **only if** they do not grant privilege to the same role. + /// + /// ## gcp.gemini.RepositoryGroupIamPolicy + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var admin = Gcp.Organizations.GetIAMPolicy.Invoke(new() + /// { + /// Bindings = new[] + /// { + /// new Gcp.Organizations.Inputs.GetIAMPolicyBindingInputArgs + /// { + /// Role = "roles/cloudaicompanion.repositoryGroupsUser", + /// Members = new[] + /// { + /// "user:jane@example.com", + /// }, + /// }, + /// }, + /// }); + /// + /// var policy = new Gcp.Gemini.RepositoryGroupIamPolicy("policy", new() + /// { + /// Project = example.Project, + /// Location = example.Location, + /// CodeRepositoryIndex = example.CodeRepositoryIndex, + /// RepositoryGroupId = example.RepositoryGroupId, + /// PolicyData = admin.Apply(getIAMPolicyResult => getIAMPolicyResult.PolicyData), + /// }); + /// + /// }); + /// ``` + /// + /// ## gcp.gemini.RepositoryGroupIamBinding + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var binding = new Gcp.Gemini.RepositoryGroupIamBinding("binding", new() + /// { + /// Project = example.Project, + /// Location = example.Location, + /// CodeRepositoryIndex = example.CodeRepositoryIndex, + /// RepositoryGroupId = example.RepositoryGroupId, + /// Role = "roles/cloudaicompanion.repositoryGroupsUser", + /// Members = new[] + /// { + /// "user:jane@example.com", + /// }, + /// }); + /// + /// }); + /// ``` + /// + /// ## gcp.gemini.RepositoryGroupIamMember + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var member = new Gcp.Gemini.RepositoryGroupIamMember("member", new() + /// { + /// Project = example.Project, + /// Location = example.Location, + /// CodeRepositoryIndex = example.CodeRepositoryIndex, + /// RepositoryGroupId = example.RepositoryGroupId, + /// Role = "roles/cloudaicompanion.repositoryGroupsUser", + /// Member = "user:jane@example.com", + /// }); + /// + /// }); + /// ``` + /// + /// ## This resource supports User Project Overrides. + /// + /// - + /// + /// # IAM policy for Gemini for Google Cloud RepositoryGroup + /// Three different resources help you manage your IAM policy for Gemini for Google Cloud RepositoryGroup. Each of these resources serves a different use case: + /// + /// * `gcp.gemini.RepositoryGroupIamPolicy`: Authoritative. Sets the IAM policy for the repositorygroup and replaces any existing policy already attached. + /// * `gcp.gemini.RepositoryGroupIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the repositorygroup are preserved. + /// * `gcp.gemini.RepositoryGroupIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the repositorygroup are preserved. + /// + /// A data source can be used to retrieve policy data in advent you do not need creation + /// + /// * `gcp.gemini.RepositoryGroupIamPolicy`: Retrieves the IAM policy for the repositorygroup + /// + /// > **Note:** `gcp.gemini.RepositoryGroupIamPolicy` **cannot** be used in conjunction with `gcp.gemini.RepositoryGroupIamBinding` and `gcp.gemini.RepositoryGroupIamMember` or they will fight over what your policy should be. + /// + /// > **Note:** `gcp.gemini.RepositoryGroupIamBinding` resources **can be** used in conjunction with `gcp.gemini.RepositoryGroupIamMember` resources **only if** they do not grant privilege to the same role. + /// + /// ## gcp.gemini.RepositoryGroupIamPolicy + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var admin = Gcp.Organizations.GetIAMPolicy.Invoke(new() + /// { + /// Bindings = new[] + /// { + /// new Gcp.Organizations.Inputs.GetIAMPolicyBindingInputArgs + /// { + /// Role = "roles/cloudaicompanion.repositoryGroupsUser", + /// Members = new[] + /// { + /// "user:jane@example.com", + /// }, + /// }, + /// }, + /// }); + /// + /// var policy = new Gcp.Gemini.RepositoryGroupIamPolicy("policy", new() + /// { + /// Project = example.Project, + /// Location = example.Location, + /// CodeRepositoryIndex = example.CodeRepositoryIndex, + /// RepositoryGroupId = example.RepositoryGroupId, + /// PolicyData = admin.Apply(getIAMPolicyResult => getIAMPolicyResult.PolicyData), + /// }); + /// + /// }); + /// ``` + /// + /// ## gcp.gemini.RepositoryGroupIamBinding + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var binding = new Gcp.Gemini.RepositoryGroupIamBinding("binding", new() + /// { + /// Project = example.Project, + /// Location = example.Location, + /// CodeRepositoryIndex = example.CodeRepositoryIndex, + /// RepositoryGroupId = example.RepositoryGroupId, + /// Role = "roles/cloudaicompanion.repositoryGroupsUser", + /// Members = new[] + /// { + /// "user:jane@example.com", + /// }, + /// }); + /// + /// }); + /// ``` + /// + /// ## gcp.gemini.RepositoryGroupIamMember + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var member = new Gcp.Gemini.RepositoryGroupIamMember("member", new() + /// { + /// Project = example.Project, + /// Location = example.Location, + /// CodeRepositoryIndex = example.CodeRepositoryIndex, + /// RepositoryGroupId = example.RepositoryGroupId, + /// Role = "roles/cloudaicompanion.repositoryGroupsUser", + /// Member = "user:jane@example.com", + /// }); + /// + /// }); + /// ``` + /// /// ## Import /// /// For all import syntaxes, the "resource in question" can take any of the following forms: diff --git a/sdk/dotnet/Kms/GetKeyHandles.cs b/sdk/dotnet/Kms/GetKeyHandles.cs new file mode 100644 index 0000000000..cf7e18058b --- /dev/null +++ b/sdk/dotnet/Kms/GetKeyHandles.cs @@ -0,0 +1,189 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Kms +{ + public static class GetKeyHandles + { + /// + /// ## Example Usage + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var myKeyHandles = Gcp.Kms.GetKeyHandles.Invoke(new() + /// { + /// Project = "resource-project-id", + /// Location = "us-central1", + /// ResourceTypeSelector = "storage.googleapis.com/Bucket", + /// }); + /// + /// }); + /// ``` + /// + public static Task InvokeAsync(GetKeyHandlesArgs args, InvokeOptions? options = null) + => global::Pulumi.Deployment.Instance.InvokeAsync("gcp:kms/getKeyHandles:getKeyHandles", args ?? new GetKeyHandlesArgs(), options.WithDefaults()); + + /// + /// ## Example Usage + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var myKeyHandles = Gcp.Kms.GetKeyHandles.Invoke(new() + /// { + /// Project = "resource-project-id", + /// Location = "us-central1", + /// ResourceTypeSelector = "storage.googleapis.com/Bucket", + /// }); + /// + /// }); + /// ``` + /// + public static Output Invoke(GetKeyHandlesInvokeArgs args, InvokeOptions? options = null) + => global::Pulumi.Deployment.Instance.Invoke("gcp:kms/getKeyHandles:getKeyHandles", args ?? new GetKeyHandlesInvokeArgs(), options.WithDefaults()); + + /// + /// ## Example Usage + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var myKeyHandles = Gcp.Kms.GetKeyHandles.Invoke(new() + /// { + /// Project = "resource-project-id", + /// Location = "us-central1", + /// ResourceTypeSelector = "storage.googleapis.com/Bucket", + /// }); + /// + /// }); + /// ``` + /// + public static Output Invoke(GetKeyHandlesInvokeArgs args, InvokeOutputOptions options) + => global::Pulumi.Deployment.Instance.Invoke("gcp:kms/getKeyHandles:getKeyHandles", args ?? new GetKeyHandlesInvokeArgs(), options.WithDefaults()); + } + + + public sealed class GetKeyHandlesArgs : global::Pulumi.InvokeArgs + { + /// + /// The Google Cloud Platform location for the KeyHandle. + /// A full list of valid locations can be found by running `gcloud kms locations list`. + /// + [Input("location", required: true)] + public string Location { get; set; } = null!; + + /// + /// The project in which the resource belongs. If it + /// is not provided, the provider project is used. + /// + [Input("project")] + public string? Project { get; set; } + + /// + /// The resource type by which to filter KeyHandle e.g. {SERVICE}.googleapis.com/{TYPE}. See documentation for supported resource types. + /// + /// - - - + /// + [Input("resourceTypeSelector", required: true)] + public string ResourceTypeSelector { get; set; } = null!; + + public GetKeyHandlesArgs() + { + } + public static new GetKeyHandlesArgs Empty => new GetKeyHandlesArgs(); + } + + public sealed class GetKeyHandlesInvokeArgs : global::Pulumi.InvokeArgs + { + /// + /// The Google Cloud Platform location for the KeyHandle. + /// A full list of valid locations can be found by running `gcloud kms locations list`. + /// + [Input("location", required: true)] + public Input Location { get; set; } = null!; + + /// + /// The project in which the resource belongs. If it + /// is not provided, the provider project is used. + /// + [Input("project")] + public Input? Project { get; set; } + + /// + /// The resource type by which to filter KeyHandle e.g. {SERVICE}.googleapis.com/{TYPE}. See documentation for supported resource types. + /// + /// - - - + /// + [Input("resourceTypeSelector", required: true)] + public Input ResourceTypeSelector { get; set; } = null!; + + public GetKeyHandlesInvokeArgs() + { + } + public static new GetKeyHandlesInvokeArgs Empty => new GetKeyHandlesInvokeArgs(); + } + + + [OutputType] + public sealed class GetKeyHandlesResult + { + /// + /// The provider-assigned unique ID for this managed resource. + /// + public readonly string Id; + public readonly ImmutableArray KeyHandles; + /// + /// The location of the KMS Key and KeyHandle. + /// + public readonly string Location; + /// + /// The identifier of the project where KMS KeyHandle is created. + /// + public readonly string? Project; + /// + /// Indicates the resource type that the resulting CryptoKey is meant to protect, e.g. {SERVICE}.googleapis.com/{TYPE}. See documentation for supported resource types. + /// + public readonly string ResourceTypeSelector; + + [OutputConstructor] + private GetKeyHandlesResult( + string id, + + ImmutableArray keyHandles, + + string location, + + string? project, + + string resourceTypeSelector) + { + Id = id; + KeyHandles = keyHandles; + Location = location; + Project = project; + ResourceTypeSelector = resourceTypeSelector; + } + } +} diff --git a/sdk/dotnet/Kms/Outputs/GetKeyHandlesKeyHandleResult.cs b/sdk/dotnet/Kms/Outputs/GetKeyHandlesKeyHandleResult.cs new file mode 100644 index 0000000000..d6144ba3af --- /dev/null +++ b/sdk/dotnet/Kms/Outputs/GetKeyHandlesKeyHandleResult.cs @@ -0,0 +1,44 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Kms.Outputs +{ + + [OutputType] + public sealed class GetKeyHandlesKeyHandleResult + { + /// + /// The identifier of the KMS Key created for the KeyHandle. Its format is `projects/{projectId}/locations/{location}/keyRings/{keyRingName}/cryptoKeys/{cryptoKeyName}`. + /// + public readonly string KmsKey; + /// + /// The name of the KeyHandle. Its format is `projects/{projectId}/locations/{location}/keyHandles/{keyHandleName}`. + /// + public readonly string Name; + /// + /// The resource type by which to filter KeyHandle e.g. {SERVICE}.googleapis.com/{TYPE}. See documentation for supported resource types. + /// + /// - - - + /// + public readonly string ResourceTypeSelector; + + [OutputConstructor] + private GetKeyHandlesKeyHandleResult( + string kmsKey, + + string name, + + string resourceTypeSelector) + { + KmsKey = kmsKey; + Name = name; + ResourceTypeSelector = resourceTypeSelector; + } + } +} diff --git a/sdk/dotnet/NetworkSecurity/Inputs/SecurityProfileCustomInterceptProfileArgs.cs b/sdk/dotnet/NetworkSecurity/Inputs/SecurityProfileCustomInterceptProfileArgs.cs new file mode 100644 index 0000000000..12b50f93c4 --- /dev/null +++ b/sdk/dotnet/NetworkSecurity/Inputs/SecurityProfileCustomInterceptProfileArgs.cs @@ -0,0 +1,27 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.NetworkSecurity.Inputs +{ + + public sealed class SecurityProfileCustomInterceptProfileArgs : global::Pulumi.ResourceArgs + { + /// + /// The Intercept Endpoint Group to which matching traffic should be intercepted. + /// Format: projects/{project_id}/locations/global/interceptEndpointGroups/{endpoint_group_id} + /// + [Input("interceptEndpointGroup", required: true)] + public Input InterceptEndpointGroup { get; set; } = null!; + + public SecurityProfileCustomInterceptProfileArgs() + { + } + public static new SecurityProfileCustomInterceptProfileArgs Empty => new SecurityProfileCustomInterceptProfileArgs(); + } +} diff --git a/sdk/dotnet/NetworkSecurity/Inputs/SecurityProfileCustomInterceptProfileGetArgs.cs b/sdk/dotnet/NetworkSecurity/Inputs/SecurityProfileCustomInterceptProfileGetArgs.cs new file mode 100644 index 0000000000..dbbbae87a6 --- /dev/null +++ b/sdk/dotnet/NetworkSecurity/Inputs/SecurityProfileCustomInterceptProfileGetArgs.cs @@ -0,0 +1,27 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.NetworkSecurity.Inputs +{ + + public sealed class SecurityProfileCustomInterceptProfileGetArgs : global::Pulumi.ResourceArgs + { + /// + /// The Intercept Endpoint Group to which matching traffic should be intercepted. + /// Format: projects/{project_id}/locations/global/interceptEndpointGroups/{endpoint_group_id} + /// + [Input("interceptEndpointGroup", required: true)] + public Input InterceptEndpointGroup { get; set; } = null!; + + public SecurityProfileCustomInterceptProfileGetArgs() + { + } + public static new SecurityProfileCustomInterceptProfileGetArgs Empty => new SecurityProfileCustomInterceptProfileGetArgs(); + } +} diff --git a/sdk/dotnet/NetworkSecurity/Inputs/SecurityProfileCustomMirroringProfileArgs.cs b/sdk/dotnet/NetworkSecurity/Inputs/SecurityProfileCustomMirroringProfileArgs.cs new file mode 100644 index 0000000000..a98ce5a9f0 --- /dev/null +++ b/sdk/dotnet/NetworkSecurity/Inputs/SecurityProfileCustomMirroringProfileArgs.cs @@ -0,0 +1,27 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.NetworkSecurity.Inputs +{ + + public sealed class SecurityProfileCustomMirroringProfileArgs : global::Pulumi.ResourceArgs + { + /// + /// The Mirroring Endpoint Group to which matching traffic should be mirrored. + /// Format: projects/{project_id}/locations/global/mirroringEndpointGroups/{endpoint_group_id} + /// + [Input("mirroringEndpointGroup", required: true)] + public Input MirroringEndpointGroup { get; set; } = null!; + + public SecurityProfileCustomMirroringProfileArgs() + { + } + public static new SecurityProfileCustomMirroringProfileArgs Empty => new SecurityProfileCustomMirroringProfileArgs(); + } +} diff --git a/sdk/dotnet/NetworkSecurity/Inputs/SecurityProfileCustomMirroringProfileGetArgs.cs b/sdk/dotnet/NetworkSecurity/Inputs/SecurityProfileCustomMirroringProfileGetArgs.cs new file mode 100644 index 0000000000..da2512a2e5 --- /dev/null +++ b/sdk/dotnet/NetworkSecurity/Inputs/SecurityProfileCustomMirroringProfileGetArgs.cs @@ -0,0 +1,27 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.NetworkSecurity.Inputs +{ + + public sealed class SecurityProfileCustomMirroringProfileGetArgs : global::Pulumi.ResourceArgs + { + /// + /// The Mirroring Endpoint Group to which matching traffic should be mirrored. + /// Format: projects/{project_id}/locations/global/mirroringEndpointGroups/{endpoint_group_id} + /// + [Input("mirroringEndpointGroup", required: true)] + public Input MirroringEndpointGroup { get; set; } = null!; + + public SecurityProfileCustomMirroringProfileGetArgs() + { + } + public static new SecurityProfileCustomMirroringProfileGetArgs Empty => new SecurityProfileCustomMirroringProfileGetArgs(); + } +} diff --git a/sdk/dotnet/NetworkSecurity/Outputs/SecurityProfileCustomInterceptProfile.cs b/sdk/dotnet/NetworkSecurity/Outputs/SecurityProfileCustomInterceptProfile.cs new file mode 100644 index 0000000000..ce9a360896 --- /dev/null +++ b/sdk/dotnet/NetworkSecurity/Outputs/SecurityProfileCustomInterceptProfile.cs @@ -0,0 +1,28 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.NetworkSecurity.Outputs +{ + + [OutputType] + public sealed class SecurityProfileCustomInterceptProfile + { + /// + /// The Intercept Endpoint Group to which matching traffic should be intercepted. + /// Format: projects/{project_id}/locations/global/interceptEndpointGroups/{endpoint_group_id} + /// + public readonly string InterceptEndpointGroup; + + [OutputConstructor] + private SecurityProfileCustomInterceptProfile(string interceptEndpointGroup) + { + InterceptEndpointGroup = interceptEndpointGroup; + } + } +} diff --git a/sdk/dotnet/NetworkSecurity/Outputs/SecurityProfileCustomMirroringProfile.cs b/sdk/dotnet/NetworkSecurity/Outputs/SecurityProfileCustomMirroringProfile.cs new file mode 100644 index 0000000000..ed66dc2808 --- /dev/null +++ b/sdk/dotnet/NetworkSecurity/Outputs/SecurityProfileCustomMirroringProfile.cs @@ -0,0 +1,28 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.NetworkSecurity.Outputs +{ + + [OutputType] + public sealed class SecurityProfileCustomMirroringProfile + { + /// + /// The Mirroring Endpoint Group to which matching traffic should be mirrored. + /// Format: projects/{project_id}/locations/global/mirroringEndpointGroups/{endpoint_group_id} + /// + public readonly string MirroringEndpointGroup; + + [OutputConstructor] + private SecurityProfileCustomMirroringProfile(string mirroringEndpointGroup) + { + MirroringEndpointGroup = mirroringEndpointGroup; + } + } +} diff --git a/sdk/dotnet/NetworkSecurity/SecurityProfile.cs b/sdk/dotnet/NetworkSecurity/SecurityProfile.cs index 0803747080..3aaf310b3c 100644 --- a/sdk/dotnet/NetworkSecurity/SecurityProfile.cs +++ b/sdk/dotnet/NetworkSecurity/SecurityProfile.cs @@ -88,6 +88,94 @@ namespace Pulumi.Gcp.NetworkSecurity /// /// }); /// ``` + /// ### Network Security Security Profile Mirroring + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var @default = new Gcp.Compute.Network("default", new() + /// { + /// Name = "my-network", + /// AutoCreateSubnetworks = false, + /// }); + /// + /// var defaultMirroringDeploymentGroup = new Gcp.NetworkSecurity.MirroringDeploymentGroup("default", new() + /// { + /// MirroringDeploymentGroupId = "my-dg", + /// Location = "global", + /// Network = @default.Id, + /// }); + /// + /// var defaultMirroringEndpointGroup = new Gcp.NetworkSecurity.MirroringEndpointGroup("default", new() + /// { + /// MirroringEndpointGroupId = "my-eg", + /// Location = "global", + /// MirroringDeploymentGroup = defaultMirroringDeploymentGroup.Id, + /// }); + /// + /// var defaultSecurityProfile = new Gcp.NetworkSecurity.SecurityProfile("default", new() + /// { + /// Name = "my-security-profile", + /// Parent = "organizations/123456789", + /// Description = "my description", + /// Type = "CUSTOM_MIRRORING", + /// CustomMirroringProfile = new Gcp.NetworkSecurity.Inputs.SecurityProfileCustomMirroringProfileArgs + /// { + /// MirroringEndpointGroup = defaultMirroringEndpointGroup.Id, + /// }, + /// }); + /// + /// }); + /// ``` + /// ### Network Security Security Profile Intercept + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var @default = new Gcp.Compute.Network("default", new() + /// { + /// Name = "my-network", + /// AutoCreateSubnetworks = false, + /// }); + /// + /// var defaultInterceptDeploymentGroup = new Gcp.NetworkSecurity.InterceptDeploymentGroup("default", new() + /// { + /// InterceptDeploymentGroupId = "my-dg", + /// Location = "global", + /// Network = @default.Id, + /// }); + /// + /// var defaultInterceptEndpointGroup = new Gcp.NetworkSecurity.InterceptEndpointGroup("default", new() + /// { + /// InterceptEndpointGroupId = "my-eg", + /// Location = "global", + /// InterceptDeploymentGroup = defaultInterceptDeploymentGroup.Id, + /// }); + /// + /// var defaultSecurityProfile = new Gcp.NetworkSecurity.SecurityProfile("default", new() + /// { + /// Name = "my-security-profile", + /// Parent = "organizations/123456789", + /// Description = "my description", + /// Type = "CUSTOM_INTERCEPT", + /// CustomInterceptProfile = new Gcp.NetworkSecurity.Inputs.SecurityProfileCustomInterceptProfileArgs + /// { + /// InterceptEndpointGroup = defaultInterceptEndpointGroup.Id, + /// }, + /// }); + /// + /// }); + /// ``` /// /// ## Import /// @@ -110,6 +198,22 @@ public partial class SecurityProfile : global::Pulumi.CustomResource [Output("createTime")] public Output CreateTime { get; private set; } = null!; + /// + /// The configuration for defining the Intercept Endpoint Group used to + /// intercept traffic to third-party firewall appliances. + /// Structure is documented below. + /// + [Output("customInterceptProfile")] + public Output CustomInterceptProfile { get; private set; } = null!; + + /// + /// The configuration for defining the Mirroring Endpoint Group used to + /// mirror traffic to third-party collectors. + /// Structure is documented below. + /// + [Output("customMirroringProfile")] + public Output CustomMirroringProfile { get; private set; } = null!; + /// /// An optional description of the security profile. The Max length is 512 characters. /// @@ -184,7 +288,7 @@ public partial class SecurityProfile : global::Pulumi.CustomResource /// /// The type of security profile. - /// Possible values are: `THREAT_PREVENTION`. + /// Possible values are: `THREAT_PREVENTION`, `CUSTOM_MIRRORING`, `CUSTOM_INTERCEPT`. /// [Output("type")] public Output Type { get; private set; } = null!; @@ -246,6 +350,22 @@ public static SecurityProfile Get(string name, Input id, SecurityProfile public sealed class SecurityProfileArgs : global::Pulumi.ResourceArgs { + /// + /// The configuration for defining the Intercept Endpoint Group used to + /// intercept traffic to third-party firewall appliances. + /// Structure is documented below. + /// + [Input("customInterceptProfile")] + public Input? CustomInterceptProfile { get; set; } + + /// + /// The configuration for defining the Mirroring Endpoint Group used to + /// mirror traffic to third-party collectors. + /// Structure is documented below. + /// + [Input("customMirroringProfile")] + public Input? CustomMirroringProfile { get; set; } + /// /// An optional description of the security profile. The Max length is 512 characters. /// @@ -299,7 +419,7 @@ public InputMap Labels /// /// The type of security profile. - /// Possible values are: `THREAT_PREVENTION`. + /// Possible values are: `THREAT_PREVENTION`, `CUSTOM_MIRRORING`, `CUSTOM_INTERCEPT`. /// [Input("type", required: true)] public Input Type { get; set; } = null!; @@ -318,6 +438,22 @@ public sealed class SecurityProfileState : global::Pulumi.ResourceArgs [Input("createTime")] public Input? CreateTime { get; set; } + /// + /// The configuration for defining the Intercept Endpoint Group used to + /// intercept traffic to third-party firewall appliances. + /// Structure is documented below. + /// + [Input("customInterceptProfile")] + public Input? CustomInterceptProfile { get; set; } + + /// + /// The configuration for defining the Mirroring Endpoint Group used to + /// mirror traffic to third-party collectors. + /// Structure is documented below. + /// + [Input("customMirroringProfile")] + public Input? CustomMirroringProfile { get; set; } + /// /// An optional description of the security profile. The Max length is 512 characters. /// @@ -418,7 +554,7 @@ public InputMap PulumiLabels /// /// The type of security profile. - /// Possible values are: `THREAT_PREVENTION`. + /// Possible values are: `THREAT_PREVENTION`, `CUSTOM_MIRRORING`, `CUSTOM_INTERCEPT`. /// [Input("type")] public Input? Type { get; set; } diff --git a/sdk/dotnet/NetworkSecurity/SecurityProfileGroup.cs b/sdk/dotnet/NetworkSecurity/SecurityProfileGroup.cs index 61ed900318..b7446baebe 100644 --- a/sdk/dotnet/NetworkSecurity/SecurityProfileGroup.cs +++ b/sdk/dotnet/NetworkSecurity/SecurityProfileGroup.cs @@ -53,6 +53,110 @@ namespace Pulumi.Gcp.NetworkSecurity /// /// }); /// ``` + /// ### Network Security Security Profile Group Mirroring + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var @default = new Gcp.Compute.Network("default", new() + /// { + /// Name = "network", + /// AutoCreateSubnetworks = false, + /// }); + /// + /// var defaultMirroringDeploymentGroup = new Gcp.NetworkSecurity.MirroringDeploymentGroup("default", new() + /// { + /// MirroringDeploymentGroupId = "deployment-group", + /// Location = "global", + /// Network = @default.Id, + /// }); + /// + /// var defaultMirroringEndpointGroup = new Gcp.NetworkSecurity.MirroringEndpointGroup("default", new() + /// { + /// MirroringEndpointGroupId = "endpoint-group", + /// Location = "global", + /// MirroringDeploymentGroup = defaultMirroringDeploymentGroup.Id, + /// }); + /// + /// var defaultSecurityProfile = new Gcp.NetworkSecurity.SecurityProfile("default", new() + /// { + /// Name = "sec-profile", + /// Parent = "organizations/123456789", + /// Description = "my description", + /// Type = "CUSTOM_MIRRORING", + /// CustomMirroringProfile = new Gcp.NetworkSecurity.Inputs.SecurityProfileCustomMirroringProfileArgs + /// { + /// MirroringEndpointGroup = defaultMirroringEndpointGroup.Id, + /// }, + /// }); + /// + /// var defaultSecurityProfileGroup = new Gcp.NetworkSecurity.SecurityProfileGroup("default", new() + /// { + /// Name = "sec-profile-group", + /// Parent = "organizations/123456789", + /// Description = "my description", + /// CustomMirroringProfile = defaultSecurityProfile.Id, + /// }); + /// + /// }); + /// ``` + /// ### Network Security Security Profile Group Intercept + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var @default = new Gcp.Compute.Network("default", new() + /// { + /// Name = "network", + /// AutoCreateSubnetworks = false, + /// }); + /// + /// var defaultInterceptDeploymentGroup = new Gcp.NetworkSecurity.InterceptDeploymentGroup("default", new() + /// { + /// InterceptDeploymentGroupId = "deployment-group", + /// Location = "global", + /// Network = @default.Id, + /// }); + /// + /// var defaultInterceptEndpointGroup = new Gcp.NetworkSecurity.InterceptEndpointGroup("default", new() + /// { + /// InterceptEndpointGroupId = "endpoint-group", + /// Location = "global", + /// InterceptDeploymentGroup = defaultInterceptDeploymentGroup.Id, + /// }); + /// + /// var defaultSecurityProfile = new Gcp.NetworkSecurity.SecurityProfile("default", new() + /// { + /// Name = "sec-profile", + /// Parent = "organizations/123456789", + /// Description = "my description", + /// Type = "CUSTOM_INTERCEPT", + /// CustomInterceptProfile = new Gcp.NetworkSecurity.Inputs.SecurityProfileCustomInterceptProfileArgs + /// { + /// InterceptEndpointGroup = defaultInterceptEndpointGroup.Id, + /// }, + /// }); + /// + /// var defaultSecurityProfileGroup = new Gcp.NetworkSecurity.SecurityProfileGroup("default", new() + /// { + /// Name = "sec-profile-group", + /// Parent = "organizations/123456789", + /// Description = "my description", + /// CustomInterceptProfile = defaultSecurityProfile.Id, + /// }); + /// + /// }); + /// ``` /// /// ## Import /// @@ -75,6 +179,18 @@ public partial class SecurityProfileGroup : global::Pulumi.CustomResource [Output("createTime")] public Output CreateTime { get; private set; } = null!; + /// + /// Reference to a SecurityProfile with the CustomIntercept configuration. + /// + [Output("customInterceptProfile")] + public Output CustomInterceptProfile { get; private set; } = null!; + + /// + /// Reference to a SecurityProfile with the custom mirroring configuration for the SecurityProfileGroup. + /// + [Output("customMirroringProfile")] + public Output CustomMirroringProfile { get; private set; } = null!; + /// /// An optional description of the profile. The Max length is 512 characters. /// @@ -197,6 +313,18 @@ public static SecurityProfileGroup Get(string name, Input id, SecurityPr public sealed class SecurityProfileGroupArgs : global::Pulumi.ResourceArgs { + /// + /// Reference to a SecurityProfile with the CustomIntercept configuration. + /// + [Input("customInterceptProfile")] + public Input? CustomInterceptProfile { get; set; } + + /// + /// Reference to a SecurityProfile with the custom mirroring configuration for the SecurityProfileGroup. + /// + [Input("customMirroringProfile")] + public Input? CustomMirroringProfile { get; set; } + /// /// An optional description of the profile. The Max length is 512 characters. /// @@ -261,6 +389,18 @@ public sealed class SecurityProfileGroupState : global::Pulumi.ResourceArgs [Input("createTime")] public Input? CreateTime { get; set; } + /// + /// Reference to a SecurityProfile with the CustomIntercept configuration. + /// + [Input("customInterceptProfile")] + public Input? CustomInterceptProfile { get; set; } + + /// + /// Reference to a SecurityProfile with the custom mirroring configuration for the SecurityProfileGroup. + /// + [Input("customMirroringProfile")] + public Input? CustomMirroringProfile { get; set; } + /// /// An optional description of the profile. The Max length is 512 characters. /// diff --git a/sdk/dotnet/Organizations/GetS.cs b/sdk/dotnet/Organizations/GetS.cs new file mode 100644 index 0000000000..6835941600 --- /dev/null +++ b/sdk/dotnet/Organizations/GetS.cs @@ -0,0 +1,149 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Organizations +{ + public static class GetS + { + /// + /// Gets a list of all organizations. + /// See [the official documentation](https://cloud.google.com/resource-manager/docs/creating-managing-organization) + /// and [API](https://cloud.google.com/resource-manager/reference/rest/v1/organizations/search). + /// + /// ## Example Usage + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var example = Gcp.Organizations.GetS.Invoke(new() + /// { + /// Filter = "domain:example.com", + /// }); + /// + /// }); + /// ``` + /// + public static Task InvokeAsync(GetSArgs? args = null, InvokeOptions? options = null) + => global::Pulumi.Deployment.Instance.InvokeAsync("gcp:organizations/getS:getS", args ?? new GetSArgs(), options.WithDefaults()); + + /// + /// Gets a list of all organizations. + /// See [the official documentation](https://cloud.google.com/resource-manager/docs/creating-managing-organization) + /// and [API](https://cloud.google.com/resource-manager/reference/rest/v1/organizations/search). + /// + /// ## Example Usage + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var example = Gcp.Organizations.GetS.Invoke(new() + /// { + /// Filter = "domain:example.com", + /// }); + /// + /// }); + /// ``` + /// + public static Output Invoke(GetSInvokeArgs? args = null, InvokeOptions? options = null) + => global::Pulumi.Deployment.Instance.Invoke("gcp:organizations/getS:getS", args ?? new GetSInvokeArgs(), options.WithDefaults()); + + /// + /// Gets a list of all organizations. + /// See [the official documentation](https://cloud.google.com/resource-manager/docs/creating-managing-organization) + /// and [API](https://cloud.google.com/resource-manager/reference/rest/v1/organizations/search). + /// + /// ## Example Usage + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var example = Gcp.Organizations.GetS.Invoke(new() + /// { + /// Filter = "domain:example.com", + /// }); + /// + /// }); + /// ``` + /// + public static Output Invoke(GetSInvokeArgs args, InvokeOutputOptions options) + => global::Pulumi.Deployment.Instance.Invoke("gcp:organizations/getS:getS", args ?? new GetSInvokeArgs(), options.WithDefaults()); + } + + + public sealed class GetSArgs : global::Pulumi.InvokeArgs + { + /// + /// An optional query string used to filter the Organizations to return in the response. Filter rules are case-insensitive. Further information can be found in the [REST API](https://cloud.google.com/resource-manager/reference/rest/v1/organizations/search#request-body). + /// + [Input("filter")] + public string? Filter { get; set; } + + public GetSArgs() + { + } + public static new GetSArgs Empty => new GetSArgs(); + } + + public sealed class GetSInvokeArgs : global::Pulumi.InvokeArgs + { + /// + /// An optional query string used to filter the Organizations to return in the response. Filter rules are case-insensitive. Further information can be found in the [REST API](https://cloud.google.com/resource-manager/reference/rest/v1/organizations/search#request-body). + /// + [Input("filter")] + public Input? Filter { get; set; } + + public GetSInvokeArgs() + { + } + public static new GetSInvokeArgs Empty => new GetSInvokeArgs(); + } + + + [OutputType] + public sealed class GetSResult + { + public readonly string? Filter; + /// + /// The provider-assigned unique ID for this managed resource. + /// + public readonly string Id; + /// + /// A list of all retrieved organizations. Structure is defined below. + /// + public readonly ImmutableArray Organizations; + + [OutputConstructor] + private GetSResult( + string? filter, + + string id, + + ImmutableArray organizations) + { + Filter = filter; + Id = id; + Organizations = organizations; + } + } +} diff --git a/sdk/dotnet/Organizations/Outputs/GetSOrganizationResult.cs b/sdk/dotnet/Organizations/Outputs/GetSOrganizationResult.cs new file mode 100644 index 0000000000..a5fe4ca635 --- /dev/null +++ b/sdk/dotnet/Organizations/Outputs/GetSOrganizationResult.cs @@ -0,0 +1,56 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Organizations.Outputs +{ + + [OutputType] + public sealed class GetSOrganizationResult + { + /// + /// The Google for Work customer ID of the Organization. + /// + public readonly string DirectoryCustomerId; + /// + /// A human-readable string that refers to the Organization in the Google Cloud console. The string will be set to the primary domain (for example, `"google.com"`) of the G Suite customer that owns the organization. + /// + public readonly string DisplayName; + /// + /// The Organization's current lifecycle state. + /// + public readonly string LifecycleState; + /// + /// The resource name of the Organization in the form `organizations/{organization_id}`. + /// + public readonly string Name; + /// + /// The Organization ID. + /// + public readonly string OrgId; + + [OutputConstructor] + private GetSOrganizationResult( + string directoryCustomerId, + + string displayName, + + string lifecycleState, + + string name, + + string orgId) + { + DirectoryCustomerId = directoryCustomerId; + DisplayName = displayName; + LifecycleState = lifecycleState; + Name = name; + OrgId = orgId; + } + } +} diff --git a/sdk/dotnet/ParameterManager/GetParameter.cs b/sdk/dotnet/ParameterManager/GetParameter.cs new file mode 100644 index 0000000000..b8e772cac2 --- /dev/null +++ b/sdk/dotnet/ParameterManager/GetParameter.cs @@ -0,0 +1,178 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.ParameterManager +{ + public static class GetParameter + { + /// + /// ## Example Usage + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var parameterDatasource = Gcp.ParameterManager.GetParameter.Invoke(new() + /// { + /// ParameterId = "foobar", + /// }); + /// + /// }); + /// ``` + /// + public static Task InvokeAsync(GetParameterArgs args, InvokeOptions? options = null) + => global::Pulumi.Deployment.Instance.InvokeAsync("gcp:parametermanager/getParameter:getParameter", args ?? new GetParameterArgs(), options.WithDefaults()); + + /// + /// ## Example Usage + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var parameterDatasource = Gcp.ParameterManager.GetParameter.Invoke(new() + /// { + /// ParameterId = "foobar", + /// }); + /// + /// }); + /// ``` + /// + public static Output Invoke(GetParameterInvokeArgs args, InvokeOptions? options = null) + => global::Pulumi.Deployment.Instance.Invoke("gcp:parametermanager/getParameter:getParameter", args ?? new GetParameterInvokeArgs(), options.WithDefaults()); + + /// + /// ## Example Usage + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var parameterDatasource = Gcp.ParameterManager.GetParameter.Invoke(new() + /// { + /// ParameterId = "foobar", + /// }); + /// + /// }); + /// ``` + /// + public static Output Invoke(GetParameterInvokeArgs args, InvokeOutputOptions options) + => global::Pulumi.Deployment.Instance.Invoke("gcp:parametermanager/getParameter:getParameter", args ?? new GetParameterInvokeArgs(), options.WithDefaults()); + } + + + public sealed class GetParameterArgs : global::Pulumi.InvokeArgs + { + /// + /// The name of the parameter. + /// + [Input("parameterId", required: true)] + public string ParameterId { get; set; } = null!; + + /// + /// The ID of the project in which the resource belongs. + /// + [Input("project")] + public string? Project { get; set; } + + public GetParameterArgs() + { + } + public static new GetParameterArgs Empty => new GetParameterArgs(); + } + + public sealed class GetParameterInvokeArgs : global::Pulumi.InvokeArgs + { + /// + /// The name of the parameter. + /// + [Input("parameterId", required: true)] + public Input ParameterId { get; set; } = null!; + + /// + /// The ID of the project in which the resource belongs. + /// + [Input("project")] + public Input? Project { get; set; } + + public GetParameterInvokeArgs() + { + } + public static new GetParameterInvokeArgs Empty => new GetParameterInvokeArgs(); + } + + + [OutputType] + public sealed class GetParameterResult + { + public readonly string CreateTime; + public readonly ImmutableDictionary EffectiveLabels; + public readonly string Format; + /// + /// The provider-assigned unique ID for this managed resource. + /// + public readonly string Id; + public readonly ImmutableDictionary Labels; + public readonly string Name; + public readonly string ParameterId; + public readonly ImmutableArray PolicyMembers; + public readonly string? Project; + public readonly ImmutableDictionary PulumiLabels; + public readonly string UpdateTime; + + [OutputConstructor] + private GetParameterResult( + string createTime, + + ImmutableDictionary effectiveLabels, + + string format, + + string id, + + ImmutableDictionary labels, + + string name, + + string parameterId, + + ImmutableArray policyMembers, + + string? project, + + ImmutableDictionary pulumiLabels, + + string updateTime) + { + CreateTime = createTime; + EffectiveLabels = effectiveLabels; + Format = format; + Id = id; + Labels = labels; + Name = name; + ParameterId = parameterId; + PolicyMembers = policyMembers; + Project = project; + PulumiLabels = pulumiLabels; + UpdateTime = updateTime; + } + } +} diff --git a/sdk/dotnet/ParameterManager/GetRegionalParameters.cs b/sdk/dotnet/ParameterManager/GetRegionalParameters.cs new file mode 100644 index 0000000000..1ce8c2a5dc --- /dev/null +++ b/sdk/dotnet/ParameterManager/GetRegionalParameters.cs @@ -0,0 +1,172 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.ParameterManager +{ + public static class GetRegionalParameters + { + /// + /// ## Example Usage + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var regional_parameters = Gcp.ParameterManager.GetRegionalParameters.Invoke(new() + /// { + /// Location = "us-central1", + /// }); + /// + /// }); + /// ``` + /// + public static Task InvokeAsync(GetRegionalParametersArgs args, InvokeOptions? options = null) + => global::Pulumi.Deployment.Instance.InvokeAsync("gcp:parametermanager/getRegionalParameters:getRegionalParameters", args ?? new GetRegionalParametersArgs(), options.WithDefaults()); + + /// + /// ## Example Usage + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var regional_parameters = Gcp.ParameterManager.GetRegionalParameters.Invoke(new() + /// { + /// Location = "us-central1", + /// }); + /// + /// }); + /// ``` + /// + public static Output Invoke(GetRegionalParametersInvokeArgs args, InvokeOptions? options = null) + => global::Pulumi.Deployment.Instance.Invoke("gcp:parametermanager/getRegionalParameters:getRegionalParameters", args ?? new GetRegionalParametersInvokeArgs(), options.WithDefaults()); + + /// + /// ## Example Usage + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var regional_parameters = Gcp.ParameterManager.GetRegionalParameters.Invoke(new() + /// { + /// Location = "us-central1", + /// }); + /// + /// }); + /// ``` + /// + public static Output Invoke(GetRegionalParametersInvokeArgs args, InvokeOutputOptions options) + => global::Pulumi.Deployment.Instance.Invoke("gcp:parametermanager/getRegionalParameters:getRegionalParameters", args ?? new GetRegionalParametersInvokeArgs(), options.WithDefaults()); + } + + + public sealed class GetRegionalParametersArgs : global::Pulumi.InvokeArgs + { + /// + /// Filter string, adhering to the rules in List-operation filtering. List only parameters matching the filter. If filter is empty, all regional parameters are listed. + /// + [Input("filter")] + public string? Filter { get; set; } + + /// + /// The location of regional parameter. + /// + [Input("location", required: true)] + public string Location { get; set; } = null!; + + /// + /// The ID of the project. + /// + [Input("project")] + public string? Project { get; set; } + + public GetRegionalParametersArgs() + { + } + public static new GetRegionalParametersArgs Empty => new GetRegionalParametersArgs(); + } + + public sealed class GetRegionalParametersInvokeArgs : global::Pulumi.InvokeArgs + { + /// + /// Filter string, adhering to the rules in List-operation filtering. List only parameters matching the filter. If filter is empty, all regional parameters are listed. + /// + [Input("filter")] + public Input? Filter { get; set; } + + /// + /// The location of regional parameter. + /// + [Input("location", required: true)] + public Input Location { get; set; } = null!; + + /// + /// The ID of the project. + /// + [Input("project")] + public Input? Project { get; set; } + + public GetRegionalParametersInvokeArgs() + { + } + public static new GetRegionalParametersInvokeArgs Empty => new GetRegionalParametersInvokeArgs(); + } + + + [OutputType] + public sealed class GetRegionalParametersResult + { + public readonly string? Filter; + /// + /// The provider-assigned unique ID for this managed resource. + /// + public readonly string Id; + public readonly string Location; + /// + /// A list of regional parameters matching the filter. Structure is defined below. + /// + public readonly ImmutableArray Parameters; + /// + /// The ID of the project in which the resource belongs. + /// + public readonly string Project; + + [OutputConstructor] + private GetRegionalParametersResult( + string? filter, + + string id, + + string location, + + ImmutableArray parameters, + + string project) + { + Filter = filter; + Id = id; + Location = location; + Parameters = parameters; + Project = project; + } + } +} diff --git a/sdk/dotnet/ParameterManager/Outputs/GetParameterPolicyMemberResult.cs b/sdk/dotnet/ParameterManager/Outputs/GetParameterPolicyMemberResult.cs new file mode 100644 index 0000000000..33fdc39bfd --- /dev/null +++ b/sdk/dotnet/ParameterManager/Outputs/GetParameterPolicyMemberResult.cs @@ -0,0 +1,41 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.ParameterManager.Outputs +{ + + [OutputType] + public sealed class GetParameterPolicyMemberResult + { + /// + /// IAM policy binding member referring to a Google Cloud resource by user-assigned name. If a + /// resource is deleted and recreated with the same name, the binding will be applicable to the + /// new resource. Format: + /// 'principal://parametermanager.googleapis.com/projects/{{project}}/name/locations/global/parameters/{{parameter_id}}' + /// + public readonly string IamPolicyNamePrincipal; + /// + /// IAM policy binding member referring to a Google Cloud resource by system-assigned unique identifier. + /// If a resource is deleted and recreated with the same name, the binding will not be applicable to the + /// new resource. Format: + /// 'principal://parametermanager.googleapis.com/projects/{{project}}/uid/locations/global/parameters/{{uid}}' + /// + public readonly string IamPolicyUidPrincipal; + + [OutputConstructor] + private GetParameterPolicyMemberResult( + string iamPolicyNamePrincipal, + + string iamPolicyUidPrincipal) + { + IamPolicyNamePrincipal = iamPolicyNamePrincipal; + IamPolicyUidPrincipal = iamPolicyUidPrincipal; + } + } +} diff --git a/sdk/dotnet/ParameterManager/Outputs/GetRegionalParametersParameterPolicyMemberResult.cs b/sdk/dotnet/ParameterManager/Outputs/GetRegionalParametersParameterPolicyMemberResult.cs new file mode 100644 index 0000000000..371a62e667 --- /dev/null +++ b/sdk/dotnet/ParameterManager/Outputs/GetRegionalParametersParameterPolicyMemberResult.cs @@ -0,0 +1,40 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.ParameterManager.Outputs +{ + + [OutputType] + public sealed class GetRegionalParametersParameterPolicyMemberResult + { + /// + /// AM policy binding member referring to a Google Cloud resource by user-assigned name. If a resource is deleted and recreated with the same name, the binding will be applicable to the + /// new resource. Format: + /// `principal://parametermanager.googleapis.com/projects/{{project}}/name/locations/{{location}}/parameters/{{parameter_id}}` + /// + public readonly string IamPolicyNamePrincipal; + /// + /// IAM policy binding member referring to a Google Cloud resource by system-assigned unique identifier. + /// If a resource is deleted and recreated with the same name, the binding will not be applicable to the + /// new resource. Format: + /// `principal://parametermanager.googleapis.com/projects/{{project}}/uid/locations/{{location}}/parameters/{{uid}}` + /// + public readonly string IamPolicyUidPrincipal; + + [OutputConstructor] + private GetRegionalParametersParameterPolicyMemberResult( + string iamPolicyNamePrincipal, + + string iamPolicyUidPrincipal) + { + IamPolicyNamePrincipal = iamPolicyNamePrincipal; + IamPolicyUidPrincipal = iamPolicyUidPrincipal; + } + } +} diff --git a/sdk/dotnet/ParameterManager/Outputs/GetRegionalParametersParameterResult.cs b/sdk/dotnet/ParameterManager/Outputs/GetRegionalParametersParameterResult.cs new file mode 100644 index 0000000000..b5e66d42a8 --- /dev/null +++ b/sdk/dotnet/ParameterManager/Outputs/GetRegionalParametersParameterResult.cs @@ -0,0 +1,96 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.ParameterManager.Outputs +{ + + [OutputType] + public sealed class GetRegionalParametersParameterResult + { + /// + /// The time at which the regional parameter was created. + /// + public readonly string CreateTime; + public readonly ImmutableDictionary EffectiveLabels; + /// + /// The format type of the regional parameter. + /// + public readonly string Format; + /// + /// The labels assigned to the regional parameter. + /// + public readonly ImmutableDictionary Labels; + /// + /// The location of regional parameter. + /// + public readonly string Location; + /// + /// The resource name of the regional parameter. Format: `projects/{{project}}/locations/{{location}}/parameters/{{parameter_id}}` + /// + public readonly string Name; + /// + /// The unique name of the resource. + /// + public readonly string ParameterId; + /// + /// An object containing a unique resource identity tied to the regional parameter. Structure is documented below. + /// + public readonly ImmutableArray PolicyMembers; + /// + /// The ID of the project. + /// + public readonly string Project; + /// + /// The combination of labels configured directly on the resource + /// and default labels configured on the provider. + /// + public readonly ImmutableDictionary PulumiLabels; + /// + /// The time at which the regional parameter was updated. + /// + public readonly string UpdateTime; + + [OutputConstructor] + private GetRegionalParametersParameterResult( + string createTime, + + ImmutableDictionary effectiveLabels, + + string format, + + ImmutableDictionary labels, + + string location, + + string name, + + string parameterId, + + ImmutableArray policyMembers, + + string project, + + ImmutableDictionary pulumiLabels, + + string updateTime) + { + CreateTime = createTime; + EffectiveLabels = effectiveLabels; + Format = format; + Labels = labels; + Location = location; + Name = name; + ParameterId = parameterId; + PolicyMembers = policyMembers; + Project = project; + PulumiLabels = pulumiLabels; + UpdateTime = updateTime; + } + } +} diff --git a/sdk/dotnet/ParameterManager/ParameterVersion.cs b/sdk/dotnet/ParameterManager/ParameterVersion.cs new file mode 100644 index 0000000000..76da113d5d --- /dev/null +++ b/sdk/dotnet/ParameterManager/ParameterVersion.cs @@ -0,0 +1,289 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.ParameterManager +{ + /// + /// ## Example Usage + /// + /// ### Parameter Version Basic + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var parameter_basic = new Gcp.ParameterManager.Parameter("parameter-basic", new() + /// { + /// ParameterId = "parameter", + /// }); + /// + /// var parameter_version_basic = new Gcp.ParameterManager.ParameterVersion("parameter-version-basic", new() + /// { + /// Parameter = parameter_basic.Id, + /// ParameterVersionId = "parameter_version", + /// ParameterData = "app-parameter-version-data", + /// }); + /// + /// }); + /// ``` + /// ### Parameter Version With Json Format + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using System.Text.Json; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var parameter_basic = new Gcp.ParameterManager.Parameter("parameter-basic", new() + /// { + /// ParameterId = "parameter", + /// Format = "JSON", + /// }); + /// + /// var parameter_version_with_json_format = new Gcp.ParameterManager.ParameterVersion("parameter-version-with-json-format", new() + /// { + /// Parameter = parameter_basic.Id, + /// ParameterVersionId = "parameter_version", + /// ParameterData = JsonSerializer.Serialize(new Dictionary<string, object?> + /// { + /// ["key1"] = "val1", + /// ["key2"] = "val2", + /// }), + /// }); + /// + /// }); + /// ``` + /// ## Import + /// + /// ParameterVersion can be imported using any of these accepted formats: + /// + /// * `projects/{{project}}/locations/global/parameters/{{parameter_id}}/versions/{{parameter_version_id}}` + /// + /// When using the `pulumi import` command, ParameterVersion can be imported using one of the formats above. For example: + /// + /// ```sh + /// $ pulumi import gcp:parametermanager/parameterVersion:ParameterVersion default projects/{{project}}/locations/global/parameters/{{parameter_id}}/versions/{{parameter_version_id}} + /// ``` + /// + [GcpResourceType("gcp:parametermanager/parameterVersion:ParameterVersion")] + public partial class ParameterVersion : global::Pulumi.CustomResource + { + /// + /// The time at which the Parameter Version was created. + /// + [Output("createTime")] + public Output CreateTime { get; private set; } = null!; + + /// + /// The current state of Parameter Version. This field is only applicable for updating Parameter Version. + /// + [Output("disabled")] + public Output Disabled { get; private set; } = null!; + + /// + /// The resource name of the Parameter Version. Format: + /// `projects/{{project}}/locations/global/parameters/{{parameter_id}}/versions/{{parameter_version_id}}` + /// + [Output("name")] + public Output Name { get; private set; } = null!; + + /// + /// Parameter Manager Parameter resource. + /// + [Output("parameter")] + public Output Parameter { get; private set; } = null!; + + /// + /// The Parameter data. + /// **Note**: This property is sensitive and will not be displayed in the plan. + /// + [Output("parameterData")] + public Output ParameterData { get; private set; } = null!; + + /// + /// Version ID of the Parameter Version Resource. This must be unique within the Parameter. + /// + /// + /// - - - + /// + [Output("parameterVersionId")] + public Output ParameterVersionId { get; private set; } = null!; + + /// + /// The time at which the Parameter Version was updated. + /// + [Output("updateTime")] + public Output UpdateTime { get; private set; } = null!; + + + /// + /// Create a ParameterVersion resource with the given unique name, arguments, and options. + /// + /// + /// The unique name of the resource + /// The arguments used to populate this resource's properties + /// A bag of options that control this resource's behavior + public ParameterVersion(string name, ParameterVersionArgs args, CustomResourceOptions? options = null) + : base("gcp:parametermanager/parameterVersion:ParameterVersion", name, args ?? new ParameterVersionArgs(), MakeResourceOptions(options, "")) + { + } + + private ParameterVersion(string name, Input id, ParameterVersionState? state = null, CustomResourceOptions? options = null) + : base("gcp:parametermanager/parameterVersion:ParameterVersion", name, state, MakeResourceOptions(options, id)) + { + } + + private static CustomResourceOptions MakeResourceOptions(CustomResourceOptions? options, Input? id) + { + var defaultOptions = new CustomResourceOptions + { + Version = Utilities.Version, + AdditionalSecretOutputs = + { + "parameterData", + }, + }; + var merged = CustomResourceOptions.Merge(defaultOptions, options); + // Override the ID if one was specified for consistency with other language SDKs. + merged.Id = id ?? merged.Id; + return merged; + } + /// + /// Get an existing ParameterVersion resource's state with the given name, ID, and optional extra + /// properties used to qualify the lookup. + /// + /// + /// The unique name of the resulting resource. + /// The unique provider ID of the resource to lookup. + /// Any extra arguments used during the lookup. + /// A bag of options that control this resource's behavior + public static ParameterVersion Get(string name, Input id, ParameterVersionState? state = null, CustomResourceOptions? options = null) + { + return new ParameterVersion(name, id, state, options); + } + } + + public sealed class ParameterVersionArgs : global::Pulumi.ResourceArgs + { + /// + /// The current state of Parameter Version. This field is only applicable for updating Parameter Version. + /// + [Input("disabled")] + public Input? Disabled { get; set; } + + /// + /// Parameter Manager Parameter resource. + /// + [Input("parameter", required: true)] + public Input Parameter { get; set; } = null!; + + [Input("parameterData", required: true)] + private Input? _parameterData; + + /// + /// The Parameter data. + /// **Note**: This property is sensitive and will not be displayed in the plan. + /// + public Input? ParameterData + { + get => _parameterData; + set + { + var emptySecret = Output.CreateSecret(0); + _parameterData = Output.Tuple?, int>(value, emptySecret).Apply(t => t.Item1); + } + } + + /// + /// Version ID of the Parameter Version Resource. This must be unique within the Parameter. + /// + /// + /// - - - + /// + [Input("parameterVersionId", required: true)] + public Input ParameterVersionId { get; set; } = null!; + + public ParameterVersionArgs() + { + } + public static new ParameterVersionArgs Empty => new ParameterVersionArgs(); + } + + public sealed class ParameterVersionState : global::Pulumi.ResourceArgs + { + /// + /// The time at which the Parameter Version was created. + /// + [Input("createTime")] + public Input? CreateTime { get; set; } + + /// + /// The current state of Parameter Version. This field is only applicable for updating Parameter Version. + /// + [Input("disabled")] + public Input? Disabled { get; set; } + + /// + /// The resource name of the Parameter Version. Format: + /// `projects/{{project}}/locations/global/parameters/{{parameter_id}}/versions/{{parameter_version_id}}` + /// + [Input("name")] + public Input? Name { get; set; } + + /// + /// Parameter Manager Parameter resource. + /// + [Input("parameter")] + public Input? Parameter { get; set; } + + [Input("parameterData")] + private Input? _parameterData; + + /// + /// The Parameter data. + /// **Note**: This property is sensitive and will not be displayed in the plan. + /// + public Input? ParameterData + { + get => _parameterData; + set + { + var emptySecret = Output.CreateSecret(0); + _parameterData = Output.Tuple?, int>(value, emptySecret).Apply(t => t.Item1); + } + } + + /// + /// Version ID of the Parameter Version Resource. This must be unique within the Parameter. + /// + /// + /// - - - + /// + [Input("parameterVersionId")] + public Input? ParameterVersionId { get; set; } + + /// + /// The time at which the Parameter Version was updated. + /// + [Input("updateTime")] + public Input? UpdateTime { get; set; } + + public ParameterVersionState() + { + } + public static new ParameterVersionState Empty => new ParameterVersionState(); + } +} diff --git a/sdk/dotnet/ParameterManager/RegionalParameterVersion.cs b/sdk/dotnet/ParameterManager/RegionalParameterVersion.cs index a35b89253a..abbc151938 100644 --- a/sdk/dotnet/ParameterManager/RegionalParameterVersion.cs +++ b/sdk/dotnet/ParameterManager/RegionalParameterVersion.cs @@ -42,9 +42,9 @@ namespace Pulumi.Gcp.ParameterManager /// ```csharp /// using System.Collections.Generic; /// using System.Linq; + /// using System.Text.Json; /// using Pulumi; /// using Gcp = Pulumi.Gcp; - /// using Std = Pulumi.Std; /// /// return await Deployment.RunAsync(() => /// { @@ -59,45 +59,15 @@ namespace Pulumi.Gcp.ParameterManager /// { /// Parameter = regional_parameter_basic.Id, /// ParameterVersionId = "regional_parameter_version", - /// ParameterData = Std.File.Invoke(new() + /// ParameterData = JsonSerializer.Serialize(new Dictionary<string, object?> /// { - /// Input = "parameter_data_json_format.yaml", - /// }).Apply(invoke => invoke.Result), + /// ["key1"] = "val1", + /// ["key2"] = "val2", + /// }), /// }); /// /// }); /// ``` - /// ### Regional Parameter Version With Yaml Format - /// - /// ```csharp - /// using System.Collections.Generic; - /// using System.Linq; - /// using Pulumi; - /// using Gcp = Pulumi.Gcp; - /// using Std = Pulumi.Std; - /// - /// return await Deployment.RunAsync(() => - /// { - /// var regional_parameter_basic = new Gcp.ParameterManager.RegionalParameter("regional-parameter-basic", new() - /// { - /// ParameterId = "regional_parameter", - /// Format = "YAML", - /// Location = "us-central1", - /// }); - /// - /// var regional_parameter_version_with_yaml_format = new Gcp.ParameterManager.RegionalParameterVersion("regional-parameter-version-with-yaml-format", new() - /// { - /// Parameter = regional_parameter_basic.Id, - /// ParameterVersionId = "regional_parameter_version", - /// ParameterData = Std.File.Invoke(new() - /// { - /// Input = "parameter_data_yaml_format.yaml", - /// }).Apply(invoke => invoke.Result), - /// }); - /// - /// }); - /// ``` - /// /// ## Import /// /// RegionalParameterVersion can be imported using any of these accepted formats: diff --git a/sdk/dotnet/Provider.cs b/sdk/dotnet/Provider.cs index 4f58f475c8..5876e38ad8 100644 --- a/sdk/dotnet/Provider.cs +++ b/sdk/dotnet/Provider.cs @@ -39,6 +39,9 @@ public partial class Provider : global::Pulumi.ProviderResource [Output("apigeeCustomEndpoint")] public Output ApigeeCustomEndpoint { get; private set; } = null!; + [Output("apihubCustomEndpoint")] + public Output ApihubCustomEndpoint { get; private set; } = null!; + [Output("apikeysCustomEndpoint")] public Output ApikeysCustomEndpoint { get; private set; } = null!; @@ -614,6 +617,9 @@ public Input? AccessToken [Input("apigeeCustomEndpoint")] public Input? ApigeeCustomEndpoint { get; set; } + [Input("apihubCustomEndpoint")] + public Input? ApihubCustomEndpoint { get; set; } + [Input("apikeysCustomEndpoint")] public Input? ApikeysCustomEndpoint { get; set; } diff --git a/sdk/dotnet/PubSub/Inputs/TopicIngestionDataSourceSettingsArgs.cs b/sdk/dotnet/PubSub/Inputs/TopicIngestionDataSourceSettingsArgs.cs index 237d26c2f4..05e508d6f5 100644 --- a/sdk/dotnet/PubSub/Inputs/TopicIngestionDataSourceSettingsArgs.cs +++ b/sdk/dotnet/PubSub/Inputs/TopicIngestionDataSourceSettingsArgs.cs @@ -19,6 +19,13 @@ public sealed class TopicIngestionDataSourceSettingsArgs : global::Pulumi.Resour [Input("awsKinesis")] public Input? AwsKinesis { get; set; } + /// + /// Settings for ingestion from Azure Event Hubs. + /// Structure is documented below. + /// + [Input("azureEventHubs")] + public Input? AzureEventHubs { get; set; } + /// /// Settings for ingestion from Cloud Storage. /// Structure is documented below. diff --git a/sdk/dotnet/PubSub/Inputs/TopicIngestionDataSourceSettingsAzureEventHubsArgs.cs b/sdk/dotnet/PubSub/Inputs/TopicIngestionDataSourceSettingsAzureEventHubsArgs.cs new file mode 100644 index 0000000000..87f97eeff6 --- /dev/null +++ b/sdk/dotnet/PubSub/Inputs/TopicIngestionDataSourceSettingsAzureEventHubsArgs.cs @@ -0,0 +1,64 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.PubSub.Inputs +{ + + public sealed class TopicIngestionDataSourceSettingsAzureEventHubsArgs : global::Pulumi.ResourceArgs + { + /// + /// The Azure event hub client ID to use for ingestion. + /// + [Input("clientId")] + public Input? ClientId { get; set; } + + /// + /// The Azure event hub to ingest data from. + /// + [Input("eventHub")] + public Input? EventHub { get; set; } + + /// + /// The GCP service account to be used for Federated Identity authentication + /// with Azure (via a `AssumeRoleWithWebIdentity` call for the provided + /// role). + /// + [Input("gcpServiceAccount")] + public Input? GcpServiceAccount { get; set; } + + /// + /// The Azure event hub namespace to ingest data from. + /// + [Input("namespace")] + public Input? Namespace { get; set; } + + /// + /// The name of the resource group within an Azure subscription. + /// + [Input("resourceGroup")] + public Input? ResourceGroup { get; set; } + + /// + /// The Azure event hub subscription ID to use for ingestion. + /// + [Input("subscriptionId")] + public Input? SubscriptionId { get; set; } + + /// + /// The Azure event hub tenant ID to use for ingestion. + /// + [Input("tenantId")] + public Input? TenantId { get; set; } + + public TopicIngestionDataSourceSettingsAzureEventHubsArgs() + { + } + public static new TopicIngestionDataSourceSettingsAzureEventHubsArgs Empty => new TopicIngestionDataSourceSettingsAzureEventHubsArgs(); + } +} diff --git a/sdk/dotnet/PubSub/Inputs/TopicIngestionDataSourceSettingsAzureEventHubsGetArgs.cs b/sdk/dotnet/PubSub/Inputs/TopicIngestionDataSourceSettingsAzureEventHubsGetArgs.cs new file mode 100644 index 0000000000..93b5be8f40 --- /dev/null +++ b/sdk/dotnet/PubSub/Inputs/TopicIngestionDataSourceSettingsAzureEventHubsGetArgs.cs @@ -0,0 +1,64 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.PubSub.Inputs +{ + + public sealed class TopicIngestionDataSourceSettingsAzureEventHubsGetArgs : global::Pulumi.ResourceArgs + { + /// + /// The Azure event hub client ID to use for ingestion. + /// + [Input("clientId")] + public Input? ClientId { get; set; } + + /// + /// The Azure event hub to ingest data from. + /// + [Input("eventHub")] + public Input? EventHub { get; set; } + + /// + /// The GCP service account to be used for Federated Identity authentication + /// with Azure (via a `AssumeRoleWithWebIdentity` call for the provided + /// role). + /// + [Input("gcpServiceAccount")] + public Input? GcpServiceAccount { get; set; } + + /// + /// The Azure event hub namespace to ingest data from. + /// + [Input("namespace")] + public Input? Namespace { get; set; } + + /// + /// The name of the resource group within an Azure subscription. + /// + [Input("resourceGroup")] + public Input? ResourceGroup { get; set; } + + /// + /// The Azure event hub subscription ID to use for ingestion. + /// + [Input("subscriptionId")] + public Input? SubscriptionId { get; set; } + + /// + /// The Azure event hub tenant ID to use for ingestion. + /// + [Input("tenantId")] + public Input? TenantId { get; set; } + + public TopicIngestionDataSourceSettingsAzureEventHubsGetArgs() + { + } + public static new TopicIngestionDataSourceSettingsAzureEventHubsGetArgs Empty => new TopicIngestionDataSourceSettingsAzureEventHubsGetArgs(); + } +} diff --git a/sdk/dotnet/PubSub/Inputs/TopicIngestionDataSourceSettingsGetArgs.cs b/sdk/dotnet/PubSub/Inputs/TopicIngestionDataSourceSettingsGetArgs.cs index 36b17db808..912cd87d07 100644 --- a/sdk/dotnet/PubSub/Inputs/TopicIngestionDataSourceSettingsGetArgs.cs +++ b/sdk/dotnet/PubSub/Inputs/TopicIngestionDataSourceSettingsGetArgs.cs @@ -19,6 +19,13 @@ public sealed class TopicIngestionDataSourceSettingsGetArgs : global::Pulumi.Res [Input("awsKinesis")] public Input? AwsKinesis { get; set; } + /// + /// Settings for ingestion from Azure Event Hubs. + /// Structure is documented below. + /// + [Input("azureEventHubs")] + public Input? AzureEventHubs { get; set; } + /// /// Settings for ingestion from Cloud Storage. /// Structure is documented below. diff --git a/sdk/dotnet/PubSub/Inputs/TopicMessageStoragePolicyArgs.cs b/sdk/dotnet/PubSub/Inputs/TopicMessageStoragePolicyArgs.cs index 079d1b3a44..e6d855d62f 100644 --- a/sdk/dotnet/PubSub/Inputs/TopicMessageStoragePolicyArgs.cs +++ b/sdk/dotnet/PubSub/Inputs/TopicMessageStoragePolicyArgs.cs @@ -29,6 +29,15 @@ public InputList AllowedPersistenceRegions set => _allowedPersistenceRegions = value; } + /// + /// If true, `allowedPersistenceRegions` is also used to enforce in-transit + /// guarantees for messages. That is, Pub/Sub will fail topics.publish + /// operations on this topic and subscribe operations on any subscription + /// attached to this topic in any region that is not in `allowedPersistenceRegions`. + /// + [Input("enforceInTransit")] + public Input? EnforceInTransit { get; set; } + public TopicMessageStoragePolicyArgs() { } diff --git a/sdk/dotnet/PubSub/Inputs/TopicMessageStoragePolicyGetArgs.cs b/sdk/dotnet/PubSub/Inputs/TopicMessageStoragePolicyGetArgs.cs index f6f97596e2..ec56e460fd 100644 --- a/sdk/dotnet/PubSub/Inputs/TopicMessageStoragePolicyGetArgs.cs +++ b/sdk/dotnet/PubSub/Inputs/TopicMessageStoragePolicyGetArgs.cs @@ -29,6 +29,15 @@ public InputList AllowedPersistenceRegions set => _allowedPersistenceRegions = value; } + /// + /// If true, `allowedPersistenceRegions` is also used to enforce in-transit + /// guarantees for messages. That is, Pub/Sub will fail topics.publish + /// operations on this topic and subscribe operations on any subscription + /// attached to this topic in any region that is not in `allowedPersistenceRegions`. + /// + [Input("enforceInTransit")] + public Input? EnforceInTransit { get; set; } + public TopicMessageStoragePolicyGetArgs() { } diff --git a/sdk/dotnet/PubSub/Outputs/GetTopicIngestionDataSourceSettingAzureEventHubResult.cs b/sdk/dotnet/PubSub/Outputs/GetTopicIngestionDataSourceSettingAzureEventHubResult.cs new file mode 100644 index 0000000000..1fb4da4bb7 --- /dev/null +++ b/sdk/dotnet/PubSub/Outputs/GetTopicIngestionDataSourceSettingAzureEventHubResult.cs @@ -0,0 +1,72 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.PubSub.Outputs +{ + + [OutputType] + public sealed class GetTopicIngestionDataSourceSettingAzureEventHubResult + { + /// + /// The Azure event hub client ID to use for ingestion. + /// + public readonly string ClientId; + /// + /// The Azure event hub to ingest data from. + /// + public readonly string EventHub; + /// + /// The GCP service account to be used for Federated Identity authentication + /// with Azure (via a 'AssumeRoleWithWebIdentity' call for the provided + /// role). + /// + public readonly string GcpServiceAccount; + /// + /// The Azure event hub namespace to ingest data from. + /// + public readonly string Namespace; + /// + /// The name of the resource group within an Azure subscription. + /// + public readonly string ResourceGroup; + /// + /// The Azure event hub subscription ID to use for ingestion. + /// + public readonly string SubscriptionId; + /// + /// The Azure event hub tenant ID to use for ingestion. + /// + public readonly string TenantId; + + [OutputConstructor] + private GetTopicIngestionDataSourceSettingAzureEventHubResult( + string clientId, + + string eventHub, + + string gcpServiceAccount, + + string @namespace, + + string resourceGroup, + + string subscriptionId, + + string tenantId) + { + ClientId = clientId; + EventHub = eventHub; + GcpServiceAccount = gcpServiceAccount; + Namespace = @namespace; + ResourceGroup = resourceGroup; + SubscriptionId = subscriptionId; + TenantId = tenantId; + } + } +} diff --git a/sdk/dotnet/PubSub/Outputs/GetTopicIngestionDataSourceSettingResult.cs b/sdk/dotnet/PubSub/Outputs/GetTopicIngestionDataSourceSettingResult.cs index 725b5eab57..dd382f7b21 100644 --- a/sdk/dotnet/PubSub/Outputs/GetTopicIngestionDataSourceSettingResult.cs +++ b/sdk/dotnet/PubSub/Outputs/GetTopicIngestionDataSourceSettingResult.cs @@ -18,6 +18,10 @@ public sealed class GetTopicIngestionDataSourceSettingResult /// public readonly ImmutableArray AwsKineses; /// + /// Settings for ingestion from Azure Event Hubs. + /// + public readonly ImmutableArray AzureEventHubs; + /// /// Settings for ingestion from Cloud Storage. /// public readonly ImmutableArray CloudStorages; @@ -31,11 +35,14 @@ public sealed class GetTopicIngestionDataSourceSettingResult private GetTopicIngestionDataSourceSettingResult( ImmutableArray awsKineses, + ImmutableArray azureEventHubs, + ImmutableArray cloudStorages, ImmutableArray platformLogsSettings) { AwsKineses = awsKineses; + AzureEventHubs = azureEventHubs; CloudStorages = cloudStorages; PlatformLogsSettings = platformLogsSettings; } diff --git a/sdk/dotnet/PubSub/Outputs/GetTopicMessageStoragePolicyResult.cs b/sdk/dotnet/PubSub/Outputs/GetTopicMessageStoragePolicyResult.cs index 943b6a71a8..29b796fdce 100644 --- a/sdk/dotnet/PubSub/Outputs/GetTopicMessageStoragePolicyResult.cs +++ b/sdk/dotnet/PubSub/Outputs/GetTopicMessageStoragePolicyResult.cs @@ -22,11 +22,22 @@ public sealed class GetTopicMessageStoragePolicyResult /// and is not a valid configuration. /// public readonly ImmutableArray AllowedPersistenceRegions; + /// + /// If true, 'allowedPersistenceRegions' is also used to enforce in-transit + /// guarantees for messages. That is, Pub/Sub will fail topics.publish + /// operations on this topic and subscribe operations on any subscription + /// attached to this topic in any region that is not in 'allowedPersistenceRegions'. + /// + public readonly bool EnforceInTransit; [OutputConstructor] - private GetTopicMessageStoragePolicyResult(ImmutableArray allowedPersistenceRegions) + private GetTopicMessageStoragePolicyResult( + ImmutableArray allowedPersistenceRegions, + + bool enforceInTransit) { AllowedPersistenceRegions = allowedPersistenceRegions; + EnforceInTransit = enforceInTransit; } } } diff --git a/sdk/dotnet/PubSub/Outputs/TopicIngestionDataSourceSettings.cs b/sdk/dotnet/PubSub/Outputs/TopicIngestionDataSourceSettings.cs index 449f84b60c..259539ec2d 100644 --- a/sdk/dotnet/PubSub/Outputs/TopicIngestionDataSourceSettings.cs +++ b/sdk/dotnet/PubSub/Outputs/TopicIngestionDataSourceSettings.cs @@ -19,6 +19,11 @@ public sealed class TopicIngestionDataSourceSettings /// public readonly Outputs.TopicIngestionDataSourceSettingsAwsKinesis? AwsKinesis; /// + /// Settings for ingestion from Azure Event Hubs. + /// Structure is documented below. + /// + public readonly Outputs.TopicIngestionDataSourceSettingsAzureEventHubs? AzureEventHubs; + /// /// Settings for ingestion from Cloud Storage. /// Structure is documented below. /// @@ -34,11 +39,14 @@ public sealed class TopicIngestionDataSourceSettings private TopicIngestionDataSourceSettings( Outputs.TopicIngestionDataSourceSettingsAwsKinesis? awsKinesis, + Outputs.TopicIngestionDataSourceSettingsAzureEventHubs? azureEventHubs, + Outputs.TopicIngestionDataSourceSettingsCloudStorage? cloudStorage, Outputs.TopicIngestionDataSourceSettingsPlatformLogsSettings? platformLogsSettings) { AwsKinesis = awsKinesis; + AzureEventHubs = azureEventHubs; CloudStorage = cloudStorage; PlatformLogsSettings = platformLogsSettings; } diff --git a/sdk/dotnet/PubSub/Outputs/TopicIngestionDataSourceSettingsAzureEventHubs.cs b/sdk/dotnet/PubSub/Outputs/TopicIngestionDataSourceSettingsAzureEventHubs.cs new file mode 100644 index 0000000000..71a1592d6b --- /dev/null +++ b/sdk/dotnet/PubSub/Outputs/TopicIngestionDataSourceSettingsAzureEventHubs.cs @@ -0,0 +1,72 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.PubSub.Outputs +{ + + [OutputType] + public sealed class TopicIngestionDataSourceSettingsAzureEventHubs + { + /// + /// The Azure event hub client ID to use for ingestion. + /// + public readonly string? ClientId; + /// + /// The Azure event hub to ingest data from. + /// + public readonly string? EventHub; + /// + /// The GCP service account to be used for Federated Identity authentication + /// with Azure (via a `AssumeRoleWithWebIdentity` call for the provided + /// role). + /// + public readonly string? GcpServiceAccount; + /// + /// The Azure event hub namespace to ingest data from. + /// + public readonly string? Namespace; + /// + /// The name of the resource group within an Azure subscription. + /// + public readonly string? ResourceGroup; + /// + /// The Azure event hub subscription ID to use for ingestion. + /// + public readonly string? SubscriptionId; + /// + /// The Azure event hub tenant ID to use for ingestion. + /// + public readonly string? TenantId; + + [OutputConstructor] + private TopicIngestionDataSourceSettingsAzureEventHubs( + string? clientId, + + string? eventHub, + + string? gcpServiceAccount, + + string? @namespace, + + string? resourceGroup, + + string? subscriptionId, + + string? tenantId) + { + ClientId = clientId; + EventHub = eventHub; + GcpServiceAccount = gcpServiceAccount; + Namespace = @namespace; + ResourceGroup = resourceGroup; + SubscriptionId = subscriptionId; + TenantId = tenantId; + } + } +} diff --git a/sdk/dotnet/PubSub/Outputs/TopicMessageStoragePolicy.cs b/sdk/dotnet/PubSub/Outputs/TopicMessageStoragePolicy.cs index 2145bbd1f4..94d4333f57 100644 --- a/sdk/dotnet/PubSub/Outputs/TopicMessageStoragePolicy.cs +++ b/sdk/dotnet/PubSub/Outputs/TopicMessageStoragePolicy.cs @@ -22,11 +22,22 @@ public sealed class TopicMessageStoragePolicy /// and is not a valid configuration. /// public readonly ImmutableArray AllowedPersistenceRegions; + /// + /// If true, `allowedPersistenceRegions` is also used to enforce in-transit + /// guarantees for messages. That is, Pub/Sub will fail topics.publish + /// operations on this topic and subscribe operations on any subscription + /// attached to this topic in any region that is not in `allowedPersistenceRegions`. + /// + public readonly bool? EnforceInTransit; [OutputConstructor] - private TopicMessageStoragePolicy(ImmutableArray allowedPersistenceRegions) + private TopicMessageStoragePolicy( + ImmutableArray allowedPersistenceRegions, + + bool? enforceInTransit) { AllowedPersistenceRegions = allowedPersistenceRegions; + EnforceInTransit = enforceInTransit; } } } diff --git a/sdk/dotnet/PubSub/Topic.cs b/sdk/dotnet/PubSub/Topic.cs index 565c15e472..8d5ebae186 100644 --- a/sdk/dotnet/PubSub/Topic.cs +++ b/sdk/dotnet/PubSub/Topic.cs @@ -94,6 +94,7 @@ namespace Pulumi.Gcp.PubSub /// { /// "europe-west3", /// }, + /// EnforceInTransit = true, /// }, /// }); /// @@ -209,6 +210,36 @@ namespace Pulumi.Gcp.PubSub /// /// }); /// ``` + /// ### Pubsub Topic Ingestion Azure Event Hubs + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var example = new Gcp.PubSub.Topic("example", new() + /// { + /// Name = "example-topic", + /// IngestionDataSourceSettings = new Gcp.PubSub.Inputs.TopicIngestionDataSourceSettingsArgs + /// { + /// AzureEventHubs = new Gcp.PubSub.Inputs.TopicIngestionDataSourceSettingsAzureEventHubsArgs + /// { + /// ResourceGroup = "azure-ingestion-resource-group", + /// Namespace = "azure-ingestion-namespace", + /// EventHub = "azure-ingestion-event-hub", + /// ClientId = "aZZZZZZZ-YYYY-HHHH-GGGG-abcdef569123", + /// TenantId = "0XXXXXXX-YYYY-HHHH-GGGG-123456789123", + /// SubscriptionId = "bXXXXXXX-YYYY-HHHH-GGGG-123456789123", + /// GcpServiceAccount = "fake-service-account@fake-gcp-project.iam.gserviceaccount.com", + /// }, + /// }, + /// }); + /// + /// }); + /// ``` /// /// ## Import /// diff --git a/sdk/dotnet/Redis/Cluster.cs b/sdk/dotnet/Redis/Cluster.cs index f5ae11cec1..d900a14bb0 100644 --- a/sdk/dotnet/Redis/Cluster.cs +++ b/sdk/dotnet/Redis/Cluster.cs @@ -620,8 +620,8 @@ public partial class Cluster : global::Pulumi.CustomResource { /// /// Optional. The authorization mode of the Redis cluster. If not provided, auth feature is disabled for the cluster. - /// Default value: "AUTH_MODE_DISABLED" Possible values: ["AUTH_MODE_UNSPECIFIED", "AUTH_MODE_IAM_AUTH", - /// "AUTH_MODE_DISABLED"] + /// Default value is `AUTH_MODE_DISABLED`. + /// Possible values are: `AUTH_MODE_UNSPECIFIED`, `AUTH_MODE_IAM_AUTH`, `AUTH_MODE_DISABLED`. /// [Output("authorizationMode")] public Output AuthorizationMode { get; private set; } = null!; @@ -636,13 +636,15 @@ public partial class Cluster : global::Pulumi.CustomResource /// /// Cross cluster replication config + /// Structure is documented below. /// [Output("crossClusterReplicationConfig")] public Output CrossClusterReplicationConfig { get; private set; } = null!; /// - /// Optional. Indicates if the cluster is deletion protected or not. If the value if set to true, any delete cluster - /// operation will fail. Default value is true. + /// Optional. Indicates if the cluster is deletion protected or not. + /// If the value if set to true, any delete cluster operation will fail. + /// Default value is true. /// [Output("deletionProtectionEnabled")] public Output DeletionProtectionEnabled { get; private set; } = null!; @@ -658,6 +660,7 @@ public partial class Cluster : global::Pulumi.CustomResource /// /// Maintenance policy for a cluster + /// Structure is documented below. /// [Output("maintenancePolicy")] public Output MaintenancePolicy { get; private set; } = null!; @@ -672,19 +675,24 @@ public partial class Cluster : global::Pulumi.CustomResource /// /// Unique name of the resource in this scope including project and location using the form: /// projects/{projectId}/locations/{locationId}/clusters/{clusterId} + /// + /// + /// - - - /// [Output("name")] public Output Name { get; private set; } = null!; /// - /// The nodeType for the Redis cluster. If not provided, REDIS_HIGHMEM_MEDIUM will be used as default Possible values: - /// ["REDIS_SHARED_CORE_NANO", "REDIS_HIGHMEM_MEDIUM", "REDIS_HIGHMEM_XLARGE", "REDIS_STANDARD_SMALL"] + /// The nodeType for the Redis cluster. + /// If not provided, REDIS_HIGHMEM_MEDIUM will be used as default + /// Possible values are: `REDIS_SHARED_CORE_NANO`, `REDIS_HIGHMEM_MEDIUM`, `REDIS_HIGHMEM_XLARGE`, `REDIS_STANDARD_SMALL`. /// [Output("nodeType")] public Output NodeType { get; private set; } = null!; /// /// Persistence config (RDB, AOF) for the cluster. + /// Structure is documented below. /// [Output("persistenceConfig")] public Output PersistenceConfig { get; private set; } = null!; @@ -695,6 +703,10 @@ public partial class Cluster : global::Pulumi.CustomResource [Output("preciseSizeGb")] public Output PreciseSizeGb { get; private set; } = null!; + /// + /// The ID of the project in which the resource belongs. + /// If it is not provided, the provider project is used. + /// [Output("project")] public Output Project { get; private set; } = null!; @@ -715,8 +727,15 @@ public partial class Cluster : global::Pulumi.CustomResource public Output> PscConnections { get; private set; } = null!; /// - /// Configure Redis Cluster behavior using a subset of native Redis configuration parameters. Please check Memorystore - /// documentation for the list of supported parameters: + /// Service attachment details to configure Psc connections. + /// Structure is documented below. + /// + [Output("pscServiceAttachments")] + public Output> PscServiceAttachments { get; private set; } = null!; + + /// + /// Configure Redis Cluster behavior using a subset of native Redis configuration parameters. + /// Please check Memorystore documentation for the list of supported parameters: /// https://cloud.google.com/memorystore/docs/cluster/supported-instance-configurations /// [Output("redisConfigs")] @@ -760,9 +779,10 @@ public partial class Cluster : global::Pulumi.CustomResource public Output> StateInfos { get; private set; } = null!; /// - /// Optional. The in-transit encryption for the Redis cluster. If not provided, encryption is disabled for the cluster. - /// Default value: "TRANSIT_ENCRYPTION_MODE_DISABLED" Possible values: ["TRANSIT_ENCRYPTION_MODE_UNSPECIFIED", - /// "TRANSIT_ENCRYPTION_MODE_DISABLED", "TRANSIT_ENCRYPTION_MODE_SERVER_AUTHENTICATION"] + /// Optional. The in-transit encryption for the Redis cluster. + /// If not provided, encryption is disabled for the cluster. + /// Default value is `TRANSIT_ENCRYPTION_MODE_DISABLED`. + /// Possible values are: `TRANSIT_ENCRYPTION_MODE_UNSPECIFIED`, `TRANSIT_ENCRYPTION_MODE_DISABLED`, `TRANSIT_ENCRYPTION_MODE_SERVER_AUTHENTICATION`. /// [Output("transitEncryptionMode")] public Output TransitEncryptionMode { get; private set; } = null!; @@ -775,9 +795,10 @@ public partial class Cluster : global::Pulumi.CustomResource /// /// Immutable. Zone distribution config for Memorystore Redis cluster. + /// Structure is documented below. /// [Output("zoneDistributionConfig")] - public Output ZoneDistributionConfig { get; private set; } = null!; + public Output ZoneDistributionConfig { get; private set; } = null!; /// @@ -827,27 +848,30 @@ public sealed class ClusterArgs : global::Pulumi.ResourceArgs { /// /// Optional. The authorization mode of the Redis cluster. If not provided, auth feature is disabled for the cluster. - /// Default value: "AUTH_MODE_DISABLED" Possible values: ["AUTH_MODE_UNSPECIFIED", "AUTH_MODE_IAM_AUTH", - /// "AUTH_MODE_DISABLED"] + /// Default value is `AUTH_MODE_DISABLED`. + /// Possible values are: `AUTH_MODE_UNSPECIFIED`, `AUTH_MODE_IAM_AUTH`, `AUTH_MODE_DISABLED`. /// [Input("authorizationMode")] public Input? AuthorizationMode { get; set; } /// /// Cross cluster replication config + /// Structure is documented below. /// [Input("crossClusterReplicationConfig")] public Input? CrossClusterReplicationConfig { get; set; } /// - /// Optional. Indicates if the cluster is deletion protected or not. If the value if set to true, any delete cluster - /// operation will fail. Default value is true. + /// Optional. Indicates if the cluster is deletion protected or not. + /// If the value if set to true, any delete cluster operation will fail. + /// Default value is true. /// [Input("deletionProtectionEnabled")] public Input? DeletionProtectionEnabled { get; set; } /// /// Maintenance policy for a cluster + /// Structure is documented below. /// [Input("maintenancePolicy")] public Input? MaintenancePolicy { get; set; } @@ -855,27 +879,36 @@ public sealed class ClusterArgs : global::Pulumi.ResourceArgs /// /// Unique name of the resource in this scope including project and location using the form: /// projects/{projectId}/locations/{locationId}/clusters/{clusterId} + /// + /// + /// - - - /// [Input("name")] public Input? Name { get; set; } /// - /// The nodeType for the Redis cluster. If not provided, REDIS_HIGHMEM_MEDIUM will be used as default Possible values: - /// ["REDIS_SHARED_CORE_NANO", "REDIS_HIGHMEM_MEDIUM", "REDIS_HIGHMEM_XLARGE", "REDIS_STANDARD_SMALL"] + /// The nodeType for the Redis cluster. + /// If not provided, REDIS_HIGHMEM_MEDIUM will be used as default + /// Possible values are: `REDIS_SHARED_CORE_NANO`, `REDIS_HIGHMEM_MEDIUM`, `REDIS_HIGHMEM_XLARGE`, `REDIS_STANDARD_SMALL`. /// [Input("nodeType")] public Input? NodeType { get; set; } /// /// Persistence config (RDB, AOF) for the cluster. + /// Structure is documented below. /// [Input("persistenceConfig")] public Input? PersistenceConfig { get; set; } + /// + /// The ID of the project in which the resource belongs. + /// If it is not provided, the provider project is used. + /// [Input("project")] public Input? Project { get; set; } - [Input("pscConfigs", required: true)] + [Input("pscConfigs")] private InputList? _pscConfigs; /// @@ -894,8 +927,8 @@ public InputList PscConfigs private InputMap? _redisConfigs; /// - /// Configure Redis Cluster behavior using a subset of native Redis configuration parameters. Please check Memorystore - /// documentation for the list of supported parameters: + /// Configure Redis Cluster behavior using a subset of native Redis configuration parameters. + /// Please check Memorystore documentation for the list of supported parameters: /// https://cloud.google.com/memorystore/docs/cluster/supported-instance-configurations /// public InputMap RedisConfigs @@ -923,15 +956,17 @@ public InputMap RedisConfigs public Input ShardCount { get; set; } = null!; /// - /// Optional. The in-transit encryption for the Redis cluster. If not provided, encryption is disabled for the cluster. - /// Default value: "TRANSIT_ENCRYPTION_MODE_DISABLED" Possible values: ["TRANSIT_ENCRYPTION_MODE_UNSPECIFIED", - /// "TRANSIT_ENCRYPTION_MODE_DISABLED", "TRANSIT_ENCRYPTION_MODE_SERVER_AUTHENTICATION"] + /// Optional. The in-transit encryption for the Redis cluster. + /// If not provided, encryption is disabled for the cluster. + /// Default value is `TRANSIT_ENCRYPTION_MODE_DISABLED`. + /// Possible values are: `TRANSIT_ENCRYPTION_MODE_UNSPECIFIED`, `TRANSIT_ENCRYPTION_MODE_DISABLED`, `TRANSIT_ENCRYPTION_MODE_SERVER_AUTHENTICATION`. /// [Input("transitEncryptionMode")] public Input? TransitEncryptionMode { get; set; } /// /// Immutable. Zone distribution config for Memorystore Redis cluster. + /// Structure is documented below. /// [Input("zoneDistributionConfig")] public Input? ZoneDistributionConfig { get; set; } @@ -946,8 +981,8 @@ public sealed class ClusterState : global::Pulumi.ResourceArgs { /// /// Optional. The authorization mode of the Redis cluster. If not provided, auth feature is disabled for the cluster. - /// Default value: "AUTH_MODE_DISABLED" Possible values: ["AUTH_MODE_UNSPECIFIED", "AUTH_MODE_IAM_AUTH", - /// "AUTH_MODE_DISABLED"] + /// Default value is `AUTH_MODE_DISABLED`. + /// Possible values are: `AUTH_MODE_UNSPECIFIED`, `AUTH_MODE_IAM_AUTH`, `AUTH_MODE_DISABLED`. /// [Input("authorizationMode")] public Input? AuthorizationMode { get; set; } @@ -962,13 +997,15 @@ public sealed class ClusterState : global::Pulumi.ResourceArgs /// /// Cross cluster replication config + /// Structure is documented below. /// [Input("crossClusterReplicationConfig")] public Input? CrossClusterReplicationConfig { get; set; } /// - /// Optional. Indicates if the cluster is deletion protected or not. If the value if set to true, any delete cluster - /// operation will fail. Default value is true. + /// Optional. Indicates if the cluster is deletion protected or not. + /// If the value if set to true, any delete cluster operation will fail. + /// Default value is true. /// [Input("deletionProtectionEnabled")] public Input? DeletionProtectionEnabled { get; set; } @@ -990,6 +1027,7 @@ public InputList DiscoveryEndpoints /// /// Maintenance policy for a cluster + /// Structure is documented below. /// [Input("maintenancePolicy")] public Input? MaintenancePolicy { get; set; } @@ -1010,19 +1048,24 @@ public InputList MaintenanceSchedules /// /// Unique name of the resource in this scope including project and location using the form: /// projects/{projectId}/locations/{locationId}/clusters/{clusterId} + /// + /// + /// - - - /// [Input("name")] public Input? Name { get; set; } /// - /// The nodeType for the Redis cluster. If not provided, REDIS_HIGHMEM_MEDIUM will be used as default Possible values: - /// ["REDIS_SHARED_CORE_NANO", "REDIS_HIGHMEM_MEDIUM", "REDIS_HIGHMEM_XLARGE", "REDIS_STANDARD_SMALL"] + /// The nodeType for the Redis cluster. + /// If not provided, REDIS_HIGHMEM_MEDIUM will be used as default + /// Possible values are: `REDIS_SHARED_CORE_NANO`, `REDIS_HIGHMEM_MEDIUM`, `REDIS_HIGHMEM_XLARGE`, `REDIS_STANDARD_SMALL`. /// [Input("nodeType")] public Input? NodeType { get; set; } /// /// Persistence config (RDB, AOF) for the cluster. + /// Structure is documented below. /// [Input("persistenceConfig")] public Input? PersistenceConfig { get; set; } @@ -1033,6 +1076,10 @@ public InputList MaintenanceSchedules [Input("preciseSizeGb")] public Input? PreciseSizeGb { get; set; } + /// + /// The ID of the project in which the resource belongs. + /// If it is not provided, the provider project is used. + /// [Input("project")] public Input? Project { get; set; } @@ -1064,12 +1111,25 @@ public InputList PscConnections set => _pscConnections = value; } + [Input("pscServiceAttachments")] + private InputList? _pscServiceAttachments; + + /// + /// Service attachment details to configure Psc connections. + /// Structure is documented below. + /// + public InputList PscServiceAttachments + { + get => _pscServiceAttachments ?? (_pscServiceAttachments = new InputList()); + set => _pscServiceAttachments = value; + } + [Input("redisConfigs")] private InputMap? _redisConfigs; /// - /// Configure Redis Cluster behavior using a subset of native Redis configuration parameters. Please check Memorystore - /// documentation for the list of supported parameters: + /// Configure Redis Cluster behavior using a subset of native Redis configuration parameters. + /// Please check Memorystore documentation for the list of supported parameters: /// https://cloud.google.com/memorystore/docs/cluster/supported-instance-configurations /// public InputMap RedisConfigs @@ -1122,9 +1182,10 @@ public InputList StateInfos } /// - /// Optional. The in-transit encryption for the Redis cluster. If not provided, encryption is disabled for the cluster. - /// Default value: "TRANSIT_ENCRYPTION_MODE_DISABLED" Possible values: ["TRANSIT_ENCRYPTION_MODE_UNSPECIFIED", - /// "TRANSIT_ENCRYPTION_MODE_DISABLED", "TRANSIT_ENCRYPTION_MODE_SERVER_AUTHENTICATION"] + /// Optional. The in-transit encryption for the Redis cluster. + /// If not provided, encryption is disabled for the cluster. + /// Default value is `TRANSIT_ENCRYPTION_MODE_DISABLED`. + /// Possible values are: `TRANSIT_ENCRYPTION_MODE_UNSPECIFIED`, `TRANSIT_ENCRYPTION_MODE_DISABLED`, `TRANSIT_ENCRYPTION_MODE_SERVER_AUTHENTICATION`. /// [Input("transitEncryptionMode")] public Input? TransitEncryptionMode { get; set; } @@ -1137,6 +1198,7 @@ public InputList StateInfos /// /// Immutable. Zone distribution config for Memorystore Redis cluster. + /// Structure is documented below. /// [Input("zoneDistributionConfig")] public Input? ZoneDistributionConfig { get; set; } diff --git a/sdk/dotnet/Redis/ClusterUserCreatedConnections.cs b/sdk/dotnet/Redis/ClusterUserCreatedConnections.cs new file mode 100644 index 0000000000..3207dbcb48 --- /dev/null +++ b/sdk/dotnet/Redis/ClusterUserCreatedConnections.cs @@ -0,0 +1,555 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Redis +{ + /// + /// ## Example Usage + /// + /// ### Redis Cluster User Created Connections + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var network1 = new Gcp.Compute.Network("network1", new() + /// { + /// Name = "net1", + /// AutoCreateSubnetworks = false, + /// }); + /// + /// var subnetNetwork1 = new Gcp.Compute.Subnetwork("subnet_network1", new() + /// { + /// Name = "subnet-net1", + /// IpCidrRange = "10.0.0.248/29", + /// Region = "us-central1", + /// Network = network1.Id, + /// }); + /// + /// var ip1Network1 = new Gcp.Compute.Address("ip1_network1", new() + /// { + /// Name = "ip1-net1", + /// Region = "us-central1", + /// Subnetwork = subnetNetwork1.Id, + /// AddressType = "INTERNAL", + /// Purpose = "GCE_ENDPOINT", + /// }); + /// + /// // redis cluster without endpoint + /// var cluster_user_connCluster = new Gcp.Redis.Cluster("cluster-user-conn", new() + /// { + /// Name = "cluster-user-conn", + /// ShardCount = 3, + /// Region = "us-central1", + /// ReplicaCount = 0, + /// DeletionProtectionEnabled = false, + /// }); + /// + /// var forwardingRule1Network1 = new Gcp.Compute.ForwardingRule("forwarding_rule1_network1", new() + /// { + /// Name = "fwd1-net1", + /// Region = "us-central1", + /// IpAddress = ip1Network1.Id, + /// LoadBalancingScheme = "", + /// Network = network1.Id, + /// Target = cluster_user_connCluster.PscServiceAttachments.Apply(pscServiceAttachments => pscServiceAttachments[0].ServiceAttachment), + /// }); + /// + /// var ip2Network1 = new Gcp.Compute.Address("ip2_network1", new() + /// { + /// Name = "ip2-net1", + /// Region = "us-central1", + /// Subnetwork = subnetNetwork1.Id, + /// AddressType = "INTERNAL", + /// Purpose = "GCE_ENDPOINT", + /// }); + /// + /// var forwardingRule2Network1 = new Gcp.Compute.ForwardingRule("forwarding_rule2_network1", new() + /// { + /// Name = "fwd2-net1", + /// Region = "us-central1", + /// IpAddress = ip2Network1.Id, + /// LoadBalancingScheme = "", + /// Network = network1.Id, + /// Target = cluster_user_connCluster.PscServiceAttachments.Apply(pscServiceAttachments => pscServiceAttachments[1].ServiceAttachment), + /// }); + /// + /// var network2 = new Gcp.Compute.Network("network2", new() + /// { + /// Name = "network2", + /// AutoCreateSubnetworks = false, + /// }); + /// + /// var subnetNetwork2 = new Gcp.Compute.Subnetwork("subnet_network2", new() + /// { + /// Name = "subnet-net2", + /// IpCidrRange = "10.0.0.248/29", + /// Region = "us-central1", + /// Network = network2.Id, + /// }); + /// + /// var ip1Network2 = new Gcp.Compute.Address("ip1_network2", new() + /// { + /// Name = "ip1-net2", + /// Region = "us-central1", + /// Subnetwork = subnetNetwork2.Id, + /// AddressType = "INTERNAL", + /// Purpose = "GCE_ENDPOINT", + /// }); + /// + /// var forwardingRule1Network2 = new Gcp.Compute.ForwardingRule("forwarding_rule1_network2", new() + /// { + /// Name = "fwd1-net2", + /// Region = "us-central1", + /// IpAddress = ip1Network2.Id, + /// LoadBalancingScheme = "", + /// Network = network2.Id, + /// Target = cluster_user_connCluster.PscServiceAttachments.Apply(pscServiceAttachments => pscServiceAttachments[0].ServiceAttachment), + /// }); + /// + /// var ip2Network2 = new Gcp.Compute.Address("ip2_network2", new() + /// { + /// Name = "ip2-net2", + /// Region = "us-central1", + /// Subnetwork = subnetNetwork2.Id, + /// AddressType = "INTERNAL", + /// Purpose = "GCE_ENDPOINT", + /// }); + /// + /// var forwardingRule2Network2 = new Gcp.Compute.ForwardingRule("forwarding_rule2_network2", new() + /// { + /// Name = "fwd2-net2", + /// Region = "us-central1", + /// IpAddress = ip2Network2.Id, + /// LoadBalancingScheme = "", + /// Network = network2.Id, + /// Target = cluster_user_connCluster.PscServiceAttachments.Apply(pscServiceAttachments => pscServiceAttachments[1].ServiceAttachment), + /// }); + /// + /// var project = Gcp.Organizations.GetProject.Invoke(); + /// + /// var cluster_user_conn = new Gcp.Redis.ClusterUserCreatedConnections("cluster-user-conn", new() + /// { + /// Name = "cluster-user-conn", + /// Region = "us-central1", + /// ClusterEndpoints = new[] + /// { + /// new Gcp.Redis.Inputs.ClusterUserCreatedConnectionsClusterEndpointArgs + /// { + /// Connections = new[] + /// { + /// new Gcp.Redis.Inputs.ClusterUserCreatedConnectionsClusterEndpointConnectionArgs + /// { + /// PscConnection = new Gcp.Redis.Inputs.ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionArgs + /// { + /// PscConnectionId = forwardingRule1Network1.PscConnectionId, + /// Address = ip1Network1.IPAddress, + /// ForwardingRule = forwardingRule1Network1.Id, + /// Network = network1.Id, + /// ProjectId = project.Apply(getProjectResult => getProjectResult.ProjectId), + /// ServiceAttachment = cluster_user_connCluster.PscServiceAttachments.Apply(pscServiceAttachments => pscServiceAttachments[0].ServiceAttachment), + /// }, + /// }, + /// new Gcp.Redis.Inputs.ClusterUserCreatedConnectionsClusterEndpointConnectionArgs + /// { + /// PscConnection = new Gcp.Redis.Inputs.ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionArgs + /// { + /// PscConnectionId = forwardingRule2Network1.PscConnectionId, + /// Address = ip2Network1.IPAddress, + /// ForwardingRule = forwardingRule2Network1.Id, + /// Network = network1.Id, + /// ServiceAttachment = cluster_user_connCluster.PscServiceAttachments.Apply(pscServiceAttachments => pscServiceAttachments[1].ServiceAttachment), + /// }, + /// }, + /// }, + /// }, + /// new Gcp.Redis.Inputs.ClusterUserCreatedConnectionsClusterEndpointArgs + /// { + /// Connections = new[] + /// { + /// new Gcp.Redis.Inputs.ClusterUserCreatedConnectionsClusterEndpointConnectionArgs + /// { + /// PscConnection = new Gcp.Redis.Inputs.ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionArgs + /// { + /// PscConnectionId = forwardingRule1Network2.PscConnectionId, + /// Address = ip1Network2.IPAddress, + /// ForwardingRule = forwardingRule1Network2.Id, + /// Network = network2.Id, + /// ServiceAttachment = cluster_user_connCluster.PscServiceAttachments.Apply(pscServiceAttachments => pscServiceAttachments[0].ServiceAttachment), + /// }, + /// }, + /// new Gcp.Redis.Inputs.ClusterUserCreatedConnectionsClusterEndpointConnectionArgs + /// { + /// PscConnection = new Gcp.Redis.Inputs.ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionArgs + /// { + /// PscConnectionId = forwardingRule2Network2.PscConnectionId, + /// Address = ip2Network2.IPAddress, + /// ForwardingRule = forwardingRule2Network2.Id, + /// Network = network2.Id, + /// ServiceAttachment = cluster_user_connCluster.PscServiceAttachments.Apply(pscServiceAttachments => pscServiceAttachments[1].ServiceAttachment), + /// }, + /// }, + /// }, + /// }, + /// }, + /// }); + /// + /// }); + /// ``` + /// ### Redis Cluster User And Auto Created Connections + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var network2 = new Gcp.Compute.Network("network2", new() + /// { + /// Name = "network2", + /// AutoCreateSubnetworks = false, + /// }); + /// + /// var subnetNetwork2 = new Gcp.Compute.Subnetwork("subnet_network2", new() + /// { + /// Name = "subnet-net2", + /// IpCidrRange = "10.0.0.248/29", + /// Region = "us-central1", + /// Network = network2.Id, + /// }); + /// + /// var ip1Network2 = new Gcp.Compute.Address("ip1_network2", new() + /// { + /// Name = "ip1-net2", + /// Region = "us-central1", + /// Subnetwork = subnetNetwork2.Id, + /// AddressType = "INTERNAL", + /// Purpose = "GCE_ENDPOINT", + /// }); + /// + /// var network1 = new Gcp.Compute.Network("network1", new() + /// { + /// Name = "net1", + /// AutoCreateSubnetworks = false, + /// }); + /// + /// var subnetNetwork1 = new Gcp.Compute.Subnetwork("subnet_network1", new() + /// { + /// Name = "subnet-net1", + /// IpCidrRange = "10.0.0.248/29", + /// Region = "us-central1", + /// Network = network1.Id, + /// }); + /// + /// var @default = new Gcp.NetworkConnectivity.ServiceConnectionPolicy("default", new() + /// { + /// Name = "scpolicy", + /// Location = "us-central1", + /// ServiceClass = "gcp-memorystore-redis", + /// Description = "my basic service connection policy", + /// Network = network1.Id, + /// PscConfig = new Gcp.NetworkConnectivity.Inputs.ServiceConnectionPolicyPscConfigArgs + /// { + /// Subnetworks = new[] + /// { + /// subnetNetwork1.Id, + /// }, + /// }, + /// }); + /// + /// // redis cluster without endpoint + /// var cluster_user_auto_connCluster = new Gcp.Redis.Cluster("cluster-user-auto-conn", new() + /// { + /// Name = "cluster-user-auto-conn", + /// ShardCount = 3, + /// Region = "us-central1", + /// ReplicaCount = 0, + /// DeletionProtectionEnabled = false, + /// PscConfigs = new[] + /// { + /// new Gcp.Redis.Inputs.ClusterPscConfigArgs + /// { + /// Network = network1.Id, + /// }, + /// }, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// @default, + /// }, + /// }); + /// + /// var forwardingRule1Network2 = new Gcp.Compute.ForwardingRule("forwarding_rule1_network2", new() + /// { + /// Name = "fwd1-net2", + /// Region = "us-central1", + /// IpAddress = ip1Network2.Id, + /// LoadBalancingScheme = "", + /// Network = network2.Id, + /// Target = cluster_user_auto_connCluster.PscServiceAttachments.Apply(pscServiceAttachments => pscServiceAttachments[0].ServiceAttachment), + /// }); + /// + /// var ip2Network2 = new Gcp.Compute.Address("ip2_network2", new() + /// { + /// Name = "ip2-net2", + /// Region = "us-central1", + /// Subnetwork = subnetNetwork2.Id, + /// AddressType = "INTERNAL", + /// Purpose = "GCE_ENDPOINT", + /// }); + /// + /// var forwardingRule2Network2 = new Gcp.Compute.ForwardingRule("forwarding_rule2_network2", new() + /// { + /// Name = "fwd2-net2", + /// Region = "us-central1", + /// IpAddress = ip2Network2.Id, + /// LoadBalancingScheme = "", + /// Network = network2.Id, + /// Target = cluster_user_auto_connCluster.PscServiceAttachments.Apply(pscServiceAttachments => pscServiceAttachments[1].ServiceAttachment), + /// }); + /// + /// var cluster_user_auto_conn = new Gcp.Redis.ClusterUserCreatedConnections("cluster-user-auto-conn", new() + /// { + /// Name = "cluster-user-auto-conn", + /// Region = "us-central1", + /// ClusterEndpoints = new[] + /// { + /// new Gcp.Redis.Inputs.ClusterUserCreatedConnectionsClusterEndpointArgs + /// { + /// Connections = new[] + /// { + /// new Gcp.Redis.Inputs.ClusterUserCreatedConnectionsClusterEndpointConnectionArgs + /// { + /// PscConnection = new Gcp.Redis.Inputs.ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionArgs + /// { + /// PscConnectionId = forwardingRule1Network2.PscConnectionId, + /// Address = ip1Network2.IPAddress, + /// ForwardingRule = forwardingRule1Network2.Id, + /// Network = network2.Id, + /// ServiceAttachment = cluster_user_auto_connCluster.PscServiceAttachments.Apply(pscServiceAttachments => pscServiceAttachments[0].ServiceAttachment), + /// }, + /// }, + /// new Gcp.Redis.Inputs.ClusterUserCreatedConnectionsClusterEndpointConnectionArgs + /// { + /// PscConnection = new Gcp.Redis.Inputs.ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionArgs + /// { + /// PscConnectionId = forwardingRule2Network2.PscConnectionId, + /// Address = ip2Network2.IPAddress, + /// ForwardingRule = forwardingRule2Network2.Id, + /// Network = network2.Id, + /// ServiceAttachment = cluster_user_auto_connCluster.PscServiceAttachments.Apply(pscServiceAttachments => pscServiceAttachments[1].ServiceAttachment), + /// }, + /// }, + /// }, + /// }, + /// }, + /// }); + /// + /// }); + /// ``` + /// + /// ## Import + /// + /// ClusterUserCreatedConnections can be imported using any of these accepted formats: + /// + /// * `projects/{{project}}/locations/{{region}}/clusters/{{name}}` + /// + /// * `{{project}}/{{region}}/{{name}}` + /// + /// * `{{region}}/{{name}}` + /// + /// * `{{name}}` + /// + /// When using the `pulumi import` command, ClusterUserCreatedConnections can be imported using one of the formats above. For example: + /// + /// ```sh + /// $ pulumi import gcp:redis/clusterUserCreatedConnections:ClusterUserCreatedConnections default projects/{{project}}/locations/{{region}}/clusters/{{name}} + /// ``` + /// + /// ```sh + /// $ pulumi import gcp:redis/clusterUserCreatedConnections:ClusterUserCreatedConnections default {{project}}/{{region}}/{{name}} + /// ``` + /// + /// ```sh + /// $ pulumi import gcp:redis/clusterUserCreatedConnections:ClusterUserCreatedConnections default {{region}}/{{name}} + /// ``` + /// + /// ```sh + /// $ pulumi import gcp:redis/clusterUserCreatedConnections:ClusterUserCreatedConnections default {{name}} + /// ``` + /// + [GcpResourceType("gcp:redis/clusterUserCreatedConnections:ClusterUserCreatedConnections")] + public partial class ClusterUserCreatedConnections : global::Pulumi.CustomResource + { + /// + /// A list of cluster endpoints + /// Structure is documented below. + /// + [Output("clusterEndpoints")] + public Output> ClusterEndpoints { get; private set; } = null!; + + /// + /// The name of the Redis cluster these endpoints should be added to. + /// + [Output("name")] + public Output Name { get; private set; } = null!; + + /// + /// The ID of the project in which the resource belongs. + /// If it is not provided, the provider project is used. + /// + [Output("project")] + public Output Project { get; private set; } = null!; + + /// + /// The name of the region of the Redis cluster these endpoints should be added to. + /// + /// + /// - - - + /// + [Output("region")] + public Output Region { get; private set; } = null!; + + + /// + /// Create a ClusterUserCreatedConnections resource with the given unique name, arguments, and options. + /// + /// + /// The unique name of the resource + /// The arguments used to populate this resource's properties + /// A bag of options that control this resource's behavior + public ClusterUserCreatedConnections(string name, ClusterUserCreatedConnectionsArgs args, CustomResourceOptions? options = null) + : base("gcp:redis/clusterUserCreatedConnections:ClusterUserCreatedConnections", name, args ?? new ClusterUserCreatedConnectionsArgs(), MakeResourceOptions(options, "")) + { + } + + private ClusterUserCreatedConnections(string name, Input id, ClusterUserCreatedConnectionsState? state = null, CustomResourceOptions? options = null) + : base("gcp:redis/clusterUserCreatedConnections:ClusterUserCreatedConnections", name, state, MakeResourceOptions(options, id)) + { + } + + private static CustomResourceOptions MakeResourceOptions(CustomResourceOptions? options, Input? id) + { + var defaultOptions = new CustomResourceOptions + { + Version = Utilities.Version, + }; + var merged = CustomResourceOptions.Merge(defaultOptions, options); + // Override the ID if one was specified for consistency with other language SDKs. + merged.Id = id ?? merged.Id; + return merged; + } + /// + /// Get an existing ClusterUserCreatedConnections resource's state with the given name, ID, and optional extra + /// properties used to qualify the lookup. + /// + /// + /// The unique name of the resulting resource. + /// The unique provider ID of the resource to lookup. + /// Any extra arguments used during the lookup. + /// A bag of options that control this resource's behavior + public static ClusterUserCreatedConnections Get(string name, Input id, ClusterUserCreatedConnectionsState? state = null, CustomResourceOptions? options = null) + { + return new ClusterUserCreatedConnections(name, id, state, options); + } + } + + public sealed class ClusterUserCreatedConnectionsArgs : global::Pulumi.ResourceArgs + { + [Input("clusterEndpoints")] + private InputList? _clusterEndpoints; + + /// + /// A list of cluster endpoints + /// Structure is documented below. + /// + public InputList ClusterEndpoints + { + get => _clusterEndpoints ?? (_clusterEndpoints = new InputList()); + set => _clusterEndpoints = value; + } + + /// + /// The name of the Redis cluster these endpoints should be added to. + /// + [Input("name")] + public Input? Name { get; set; } + + /// + /// The ID of the project in which the resource belongs. + /// If it is not provided, the provider project is used. + /// + [Input("project")] + public Input? Project { get; set; } + + /// + /// The name of the region of the Redis cluster these endpoints should be added to. + /// + /// + /// - - - + /// + [Input("region", required: true)] + public Input Region { get; set; } = null!; + + public ClusterUserCreatedConnectionsArgs() + { + } + public static new ClusterUserCreatedConnectionsArgs Empty => new ClusterUserCreatedConnectionsArgs(); + } + + public sealed class ClusterUserCreatedConnectionsState : global::Pulumi.ResourceArgs + { + [Input("clusterEndpoints")] + private InputList? _clusterEndpoints; + + /// + /// A list of cluster endpoints + /// Structure is documented below. + /// + public InputList ClusterEndpoints + { + get => _clusterEndpoints ?? (_clusterEndpoints = new InputList()); + set => _clusterEndpoints = value; + } + + /// + /// The name of the Redis cluster these endpoints should be added to. + /// + [Input("name")] + public Input? Name { get; set; } + + /// + /// The ID of the project in which the resource belongs. + /// If it is not provided, the provider project is used. + /// + [Input("project")] + public Input? Project { get; set; } + + /// + /// The name of the region of the Redis cluster these endpoints should be added to. + /// + /// + /// - - - + /// + [Input("region")] + public Input? Region { get; set; } + + public ClusterUserCreatedConnectionsState() + { + } + public static new ClusterUserCreatedConnectionsState Empty => new ClusterUserCreatedConnectionsState(); + } +} diff --git a/sdk/dotnet/Redis/Inputs/ClusterPscConfigArgs.cs b/sdk/dotnet/Redis/Inputs/ClusterPscConfigArgs.cs index 4b783237da..289d557cf5 100644 --- a/sdk/dotnet/Redis/Inputs/ClusterPscConfigArgs.cs +++ b/sdk/dotnet/Redis/Inputs/ClusterPscConfigArgs.cs @@ -16,8 +16,6 @@ public sealed class ClusterPscConfigArgs : global::Pulumi.ResourceArgs /// Required. The consumer network where the network address of /// the discovery endpoint will be reserved, in the form of /// projects/{network_project_id_or_number}/global/networks/{network_id}. - /// - /// - - - /// [Input("network", required: true)] public Input Network { get; set; } = null!; diff --git a/sdk/dotnet/Redis/Inputs/ClusterPscConfigGetArgs.cs b/sdk/dotnet/Redis/Inputs/ClusterPscConfigGetArgs.cs index 936aa890a9..dda54abafe 100644 --- a/sdk/dotnet/Redis/Inputs/ClusterPscConfigGetArgs.cs +++ b/sdk/dotnet/Redis/Inputs/ClusterPscConfigGetArgs.cs @@ -16,8 +16,6 @@ public sealed class ClusterPscConfigGetArgs : global::Pulumi.ResourceArgs /// Required. The consumer network where the network address of /// the discovery endpoint will be reserved, in the form of /// projects/{network_project_id_or_number}/global/networks/{network_id}. - /// - /// - - - /// [Input("network", required: true)] public Input Network { get; set; } = null!; diff --git a/sdk/dotnet/Redis/Inputs/ClusterPscServiceAttachmentArgs.cs b/sdk/dotnet/Redis/Inputs/ClusterPscServiceAttachmentArgs.cs new file mode 100644 index 0000000000..65c6566eba --- /dev/null +++ b/sdk/dotnet/Redis/Inputs/ClusterPscServiceAttachmentArgs.cs @@ -0,0 +1,34 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Redis.Inputs +{ + + public sealed class ClusterPscServiceAttachmentArgs : global::Pulumi.ResourceArgs + { + /// + /// (Output) + /// Type of a PSC connection targeting this service attachment. + /// + [Input("connectionType")] + public Input? ConnectionType { get; set; } + + /// + /// (Output) + /// Service attachment URI which your self-created PscConnection should use as + /// + [Input("serviceAttachment")] + public Input? ServiceAttachment { get; set; } + + public ClusterPscServiceAttachmentArgs() + { + } + public static new ClusterPscServiceAttachmentArgs Empty => new ClusterPscServiceAttachmentArgs(); + } +} diff --git a/sdk/dotnet/Redis/Inputs/ClusterPscServiceAttachmentGetArgs.cs b/sdk/dotnet/Redis/Inputs/ClusterPscServiceAttachmentGetArgs.cs new file mode 100644 index 0000000000..733976fd51 --- /dev/null +++ b/sdk/dotnet/Redis/Inputs/ClusterPscServiceAttachmentGetArgs.cs @@ -0,0 +1,34 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Redis.Inputs +{ + + public sealed class ClusterPscServiceAttachmentGetArgs : global::Pulumi.ResourceArgs + { + /// + /// (Output) + /// Type of a PSC connection targeting this service attachment. + /// + [Input("connectionType")] + public Input? ConnectionType { get; set; } + + /// + /// (Output) + /// Service attachment URI which your self-created PscConnection should use as + /// + [Input("serviceAttachment")] + public Input? ServiceAttachment { get; set; } + + public ClusterPscServiceAttachmentGetArgs() + { + } + public static new ClusterPscServiceAttachmentGetArgs Empty => new ClusterPscServiceAttachmentGetArgs(); + } +} diff --git a/sdk/dotnet/Redis/Inputs/ClusterUserCreatedConnectionsClusterEndpointArgs.cs b/sdk/dotnet/Redis/Inputs/ClusterUserCreatedConnectionsClusterEndpointArgs.cs new file mode 100644 index 0000000000..800a8a0ed7 --- /dev/null +++ b/sdk/dotnet/Redis/Inputs/ClusterUserCreatedConnectionsClusterEndpointArgs.cs @@ -0,0 +1,32 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Redis.Inputs +{ + + public sealed class ClusterUserCreatedConnectionsClusterEndpointArgs : global::Pulumi.ResourceArgs + { + [Input("connections")] + private InputList? _connections; + + /// + /// Structure is documented below. + /// + public InputList Connections + { + get => _connections ?? (_connections = new InputList()); + set => _connections = value; + } + + public ClusterUserCreatedConnectionsClusterEndpointArgs() + { + } + public static new ClusterUserCreatedConnectionsClusterEndpointArgs Empty => new ClusterUserCreatedConnectionsClusterEndpointArgs(); + } +} diff --git a/sdk/dotnet/Redis/Inputs/ClusterUserCreatedConnectionsClusterEndpointConnectionArgs.cs b/sdk/dotnet/Redis/Inputs/ClusterUserCreatedConnectionsClusterEndpointConnectionArgs.cs new file mode 100644 index 0000000000..15df6d44a7 --- /dev/null +++ b/sdk/dotnet/Redis/Inputs/ClusterUserCreatedConnectionsClusterEndpointConnectionArgs.cs @@ -0,0 +1,28 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Redis.Inputs +{ + + public sealed class ClusterUserCreatedConnectionsClusterEndpointConnectionArgs : global::Pulumi.ResourceArgs + { + /// + /// Detailed information of a PSC connection that is created by the customer + /// who owns the cluster. + /// Structure is documented below. + /// + [Input("pscConnection")] + public Input? PscConnection { get; set; } + + public ClusterUserCreatedConnectionsClusterEndpointConnectionArgs() + { + } + public static new ClusterUserCreatedConnectionsClusterEndpointConnectionArgs Empty => new ClusterUserCreatedConnectionsClusterEndpointConnectionArgs(); + } +} diff --git a/sdk/dotnet/Redis/Inputs/ClusterUserCreatedConnectionsClusterEndpointConnectionGetArgs.cs b/sdk/dotnet/Redis/Inputs/ClusterUserCreatedConnectionsClusterEndpointConnectionGetArgs.cs new file mode 100644 index 0000000000..fe29171f53 --- /dev/null +++ b/sdk/dotnet/Redis/Inputs/ClusterUserCreatedConnectionsClusterEndpointConnectionGetArgs.cs @@ -0,0 +1,28 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Redis.Inputs +{ + + public sealed class ClusterUserCreatedConnectionsClusterEndpointConnectionGetArgs : global::Pulumi.ResourceArgs + { + /// + /// Detailed information of a PSC connection that is created by the customer + /// who owns the cluster. + /// Structure is documented below. + /// + [Input("pscConnection")] + public Input? PscConnection { get; set; } + + public ClusterUserCreatedConnectionsClusterEndpointConnectionGetArgs() + { + } + public static new ClusterUserCreatedConnectionsClusterEndpointConnectionGetArgs Empty => new ClusterUserCreatedConnectionsClusterEndpointConnectionGetArgs(); + } +} diff --git a/sdk/dotnet/Redis/Inputs/ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionArgs.cs b/sdk/dotnet/Redis/Inputs/ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionArgs.cs new file mode 100644 index 0000000000..05e16e5d26 --- /dev/null +++ b/sdk/dotnet/Redis/Inputs/ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionArgs.cs @@ -0,0 +1,81 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Redis.Inputs +{ + + public sealed class ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionArgs : global::Pulumi.ResourceArgs + { + /// + /// The IP allocated on the consumer network for the PSC forwarding rule. + /// + [Input("address", required: true)] + public Input Address { get; set; } = null!; + + /// + /// (Output) + /// Output Only. Type of a PSC Connection. + /// Possible values: + /// CONNECTION_TYPE_DISCOVERY + /// CONNECTION_TYPE_PRIMARY + /// CONNECTION_TYPE_READER + /// + [Input("connectionType")] + public Input? ConnectionType { get; set; } + + /// + /// The URI of the consumer side forwarding rule. + /// Format: + /// projects/{project}/regions/{region}/forwardingRules/{forwarding_rule} + /// + [Input("forwardingRule", required: true)] + public Input ForwardingRule { get; set; } = null!; + + /// + /// The consumer network where the IP address resides, in the form of + /// projects/{project_id}/global/networks/{network_id}. + /// + [Input("network", required: true)] + public Input Network { get; set; } = null!; + + /// + /// The consumer project_id where the forwarding rule is created from. + /// + [Input("projectId")] + public Input? ProjectId { get; set; } + + /// + /// The PSC connection id of the forwarding rule connected to the + /// service attachment. + /// + [Input("pscConnectionId", required: true)] + public Input PscConnectionId { get; set; } = null!; + + /// + /// (Output) + /// Output Only. The status of the PSC connection: whether a connection exists and ACTIVE or it no longer exists. + /// Possible values: + /// ACTIVE + /// NOT_FOUND + /// + [Input("pscConnectionStatus")] + public Input? PscConnectionStatus { get; set; } + + /// + /// The service attachment which is the target of the PSC connection, in the form of projects/{project-id}/regions/{region}/serviceAttachments/{service-attachment-id}. + /// + [Input("serviceAttachment", required: true)] + public Input ServiceAttachment { get; set; } = null!; + + public ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionArgs() + { + } + public static new ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionArgs Empty => new ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionArgs(); + } +} diff --git a/sdk/dotnet/Redis/Inputs/ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionGetArgs.cs b/sdk/dotnet/Redis/Inputs/ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionGetArgs.cs new file mode 100644 index 0000000000..46ac283f7f --- /dev/null +++ b/sdk/dotnet/Redis/Inputs/ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionGetArgs.cs @@ -0,0 +1,81 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Redis.Inputs +{ + + public sealed class ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionGetArgs : global::Pulumi.ResourceArgs + { + /// + /// The IP allocated on the consumer network for the PSC forwarding rule. + /// + [Input("address", required: true)] + public Input Address { get; set; } = null!; + + /// + /// (Output) + /// Output Only. Type of a PSC Connection. + /// Possible values: + /// CONNECTION_TYPE_DISCOVERY + /// CONNECTION_TYPE_PRIMARY + /// CONNECTION_TYPE_READER + /// + [Input("connectionType")] + public Input? ConnectionType { get; set; } + + /// + /// The URI of the consumer side forwarding rule. + /// Format: + /// projects/{project}/regions/{region}/forwardingRules/{forwarding_rule} + /// + [Input("forwardingRule", required: true)] + public Input ForwardingRule { get; set; } = null!; + + /// + /// The consumer network where the IP address resides, in the form of + /// projects/{project_id}/global/networks/{network_id}. + /// + [Input("network", required: true)] + public Input Network { get; set; } = null!; + + /// + /// The consumer project_id where the forwarding rule is created from. + /// + [Input("projectId")] + public Input? ProjectId { get; set; } + + /// + /// The PSC connection id of the forwarding rule connected to the + /// service attachment. + /// + [Input("pscConnectionId", required: true)] + public Input PscConnectionId { get; set; } = null!; + + /// + /// (Output) + /// Output Only. The status of the PSC connection: whether a connection exists and ACTIVE or it no longer exists. + /// Possible values: + /// ACTIVE + /// NOT_FOUND + /// + [Input("pscConnectionStatus")] + public Input? PscConnectionStatus { get; set; } + + /// + /// The service attachment which is the target of the PSC connection, in the form of projects/{project-id}/regions/{region}/serviceAttachments/{service-attachment-id}. + /// + [Input("serviceAttachment", required: true)] + public Input ServiceAttachment { get; set; } = null!; + + public ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionGetArgs() + { + } + public static new ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionGetArgs Empty => new ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionGetArgs(); + } +} diff --git a/sdk/dotnet/Redis/Inputs/ClusterUserCreatedConnectionsClusterEndpointGetArgs.cs b/sdk/dotnet/Redis/Inputs/ClusterUserCreatedConnectionsClusterEndpointGetArgs.cs new file mode 100644 index 0000000000..df51caecaa --- /dev/null +++ b/sdk/dotnet/Redis/Inputs/ClusterUserCreatedConnectionsClusterEndpointGetArgs.cs @@ -0,0 +1,32 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Redis.Inputs +{ + + public sealed class ClusterUserCreatedConnectionsClusterEndpointGetArgs : global::Pulumi.ResourceArgs + { + [Input("connections")] + private InputList? _connections; + + /// + /// Structure is documented below. + /// + public InputList Connections + { + get => _connections ?? (_connections = new InputList()); + set => _connections = value; + } + + public ClusterUserCreatedConnectionsClusterEndpointGetArgs() + { + } + public static new ClusterUserCreatedConnectionsClusterEndpointGetArgs Empty => new ClusterUserCreatedConnectionsClusterEndpointGetArgs(); + } +} diff --git a/sdk/dotnet/Redis/Outputs/ClusterPscConfig.cs b/sdk/dotnet/Redis/Outputs/ClusterPscConfig.cs index 317d5e4438..55d2424343 100644 --- a/sdk/dotnet/Redis/Outputs/ClusterPscConfig.cs +++ b/sdk/dotnet/Redis/Outputs/ClusterPscConfig.cs @@ -17,8 +17,6 @@ public sealed class ClusterPscConfig /// Required. The consumer network where the network address of /// the discovery endpoint will be reserved, in the form of /// projects/{network_project_id_or_number}/global/networks/{network_id}. - /// - /// - - - /// public readonly string Network; diff --git a/sdk/dotnet/Redis/Outputs/ClusterPscServiceAttachment.cs b/sdk/dotnet/Redis/Outputs/ClusterPscServiceAttachment.cs new file mode 100644 index 0000000000..fd976dc6b2 --- /dev/null +++ b/sdk/dotnet/Redis/Outputs/ClusterPscServiceAttachment.cs @@ -0,0 +1,37 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Redis.Outputs +{ + + [OutputType] + public sealed class ClusterPscServiceAttachment + { + /// + /// (Output) + /// Type of a PSC connection targeting this service attachment. + /// + public readonly string? ConnectionType; + /// + /// (Output) + /// Service attachment URI which your self-created PscConnection should use as + /// + public readonly string? ServiceAttachment; + + [OutputConstructor] + private ClusterPscServiceAttachment( + string? connectionType, + + string? serviceAttachment) + { + ConnectionType = connectionType; + ServiceAttachment = serviceAttachment; + } + } +} diff --git a/sdk/dotnet/Redis/Outputs/ClusterUserCreatedConnectionsClusterEndpoint.cs b/sdk/dotnet/Redis/Outputs/ClusterUserCreatedConnectionsClusterEndpoint.cs new file mode 100644 index 0000000000..cbaa6ac34e --- /dev/null +++ b/sdk/dotnet/Redis/Outputs/ClusterUserCreatedConnectionsClusterEndpoint.cs @@ -0,0 +1,27 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Redis.Outputs +{ + + [OutputType] + public sealed class ClusterUserCreatedConnectionsClusterEndpoint + { + /// + /// Structure is documented below. + /// + public readonly ImmutableArray Connections; + + [OutputConstructor] + private ClusterUserCreatedConnectionsClusterEndpoint(ImmutableArray connections) + { + Connections = connections; + } + } +} diff --git a/sdk/dotnet/Redis/Outputs/ClusterUserCreatedConnectionsClusterEndpointConnection.cs b/sdk/dotnet/Redis/Outputs/ClusterUserCreatedConnectionsClusterEndpointConnection.cs new file mode 100644 index 0000000000..72b7ae74a9 --- /dev/null +++ b/sdk/dotnet/Redis/Outputs/ClusterUserCreatedConnectionsClusterEndpointConnection.cs @@ -0,0 +1,29 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Redis.Outputs +{ + + [OutputType] + public sealed class ClusterUserCreatedConnectionsClusterEndpointConnection + { + /// + /// Detailed information of a PSC connection that is created by the customer + /// who owns the cluster. + /// Structure is documented below. + /// + public readonly Outputs.ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnection? PscConnection; + + [OutputConstructor] + private ClusterUserCreatedConnectionsClusterEndpointConnection(Outputs.ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnection? pscConnection) + { + PscConnection = pscConnection; + } + } +} diff --git a/sdk/dotnet/Redis/Outputs/ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnection.cs b/sdk/dotnet/Redis/Outputs/ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnection.cs new file mode 100644 index 0000000000..5e255ad487 --- /dev/null +++ b/sdk/dotnet/Redis/Outputs/ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnection.cs @@ -0,0 +1,90 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Redis.Outputs +{ + + [OutputType] + public sealed class ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnection + { + /// + /// The IP allocated on the consumer network for the PSC forwarding rule. + /// + public readonly string Address; + /// + /// (Output) + /// Output Only. Type of a PSC Connection. + /// Possible values: + /// CONNECTION_TYPE_DISCOVERY + /// CONNECTION_TYPE_PRIMARY + /// CONNECTION_TYPE_READER + /// + public readonly string? ConnectionType; + /// + /// The URI of the consumer side forwarding rule. + /// Format: + /// projects/{project}/regions/{region}/forwardingRules/{forwarding_rule} + /// + public readonly string ForwardingRule; + /// + /// The consumer network where the IP address resides, in the form of + /// projects/{project_id}/global/networks/{network_id}. + /// + public readonly string Network; + /// + /// The consumer project_id where the forwarding rule is created from. + /// + public readonly string? ProjectId; + /// + /// The PSC connection id of the forwarding rule connected to the + /// service attachment. + /// + public readonly string PscConnectionId; + /// + /// (Output) + /// Output Only. The status of the PSC connection: whether a connection exists and ACTIVE or it no longer exists. + /// Possible values: + /// ACTIVE + /// NOT_FOUND + /// + public readonly string? PscConnectionStatus; + /// + /// The service attachment which is the target of the PSC connection, in the form of projects/{project-id}/regions/{region}/serviceAttachments/{service-attachment-id}. + /// + public readonly string ServiceAttachment; + + [OutputConstructor] + private ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnection( + string address, + + string? connectionType, + + string forwardingRule, + + string network, + + string? projectId, + + string pscConnectionId, + + string? pscConnectionStatus, + + string serviceAttachment) + { + Address = address; + ConnectionType = connectionType; + ForwardingRule = forwardingRule; + Network = network; + ProjectId = projectId; + PscConnectionId = pscConnectionId; + PscConnectionStatus = pscConnectionStatus; + ServiceAttachment = serviceAttachment; + } + } +} diff --git a/sdk/go/gcp/alloydb/cluster.go b/sdk/go/gcp/alloydb/cluster.go index 5d2cc7aedf..c658d62d30 100644 --- a/sdk/go/gcp/alloydb/cluster.go +++ b/sdk/go/gcp/alloydb/cluster.go @@ -284,7 +284,8 @@ type Cluster struct { // ContinuousBackupInfo describes the continuous backup properties of a cluster. // Structure is documented below. ContinuousBackupInfos ClusterContinuousBackupInfoArrayOutput `pulumi:"continuousBackupInfos"` - // The database engine major version. This is an optional field and it's populated at the Cluster creation time. This field cannot be changed after cluster creation. + // The database engine major version. This is an optional field and it's populated at the Cluster creation time. + // Note: Changing this field to a higer version results in upgrading the AlloyDB cluster which is an irreversible change. DatabaseVersion pulumi.StringOutput `pulumi:"databaseVersion"` // Policy to determine if the cluster should be deleted forcefully. // Deleting a cluster forcefully, deletes the cluster and all its associated instances within the cluster. @@ -349,6 +350,10 @@ type Cluster struct { // Configuration of the secondary cluster for Cross Region Replication. This should be set if and only if the cluster is of type SECONDARY. // Structure is documented below. SecondaryConfig ClusterSecondaryConfigPtrOutput `pulumi:"secondaryConfig"` + // Set to true to skip awaiting on the major version upgrade of the cluster. + // Possible values: true, false + // Default value: "true" + SkipAwaitMajorVersionUpgrade pulumi.BoolPtrOutput `pulumi:"skipAwaitMajorVersionUpgrade"` // Output only. The current serving state of the cluster. State pulumi.StringOutput `pulumi:"state"` // The subscrition type of cluster. @@ -427,7 +432,8 @@ type clusterState struct { // ContinuousBackupInfo describes the continuous backup properties of a cluster. // Structure is documented below. ContinuousBackupInfos []ClusterContinuousBackupInfo `pulumi:"continuousBackupInfos"` - // The database engine major version. This is an optional field and it's populated at the Cluster creation time. This field cannot be changed after cluster creation. + // The database engine major version. This is an optional field and it's populated at the Cluster creation time. + // Note: Changing this field to a higer version results in upgrading the AlloyDB cluster which is an irreversible change. DatabaseVersion *string `pulumi:"databaseVersion"` // Policy to determine if the cluster should be deleted forcefully. // Deleting a cluster forcefully, deletes the cluster and all its associated instances within the cluster. @@ -492,6 +498,10 @@ type clusterState struct { // Configuration of the secondary cluster for Cross Region Replication. This should be set if and only if the cluster is of type SECONDARY. // Structure is documented below. SecondaryConfig *ClusterSecondaryConfig `pulumi:"secondaryConfig"` + // Set to true to skip awaiting on the major version upgrade of the cluster. + // Possible values: true, false + // Default value: "true" + SkipAwaitMajorVersionUpgrade *bool `pulumi:"skipAwaitMajorVersionUpgrade"` // Output only. The current serving state of the cluster. State *string `pulumi:"state"` // The subscrition type of cluster. @@ -530,7 +540,8 @@ type ClusterState struct { // ContinuousBackupInfo describes the continuous backup properties of a cluster. // Structure is documented below. ContinuousBackupInfos ClusterContinuousBackupInfoArrayInput - // The database engine major version. This is an optional field and it's populated at the Cluster creation time. This field cannot be changed after cluster creation. + // The database engine major version. This is an optional field and it's populated at the Cluster creation time. + // Note: Changing this field to a higer version results in upgrading the AlloyDB cluster which is an irreversible change. DatabaseVersion pulumi.StringPtrInput // Policy to determine if the cluster should be deleted forcefully. // Deleting a cluster forcefully, deletes the cluster and all its associated instances within the cluster. @@ -595,6 +606,10 @@ type ClusterState struct { // Configuration of the secondary cluster for Cross Region Replication. This should be set if and only if the cluster is of type SECONDARY. // Structure is documented below. SecondaryConfig ClusterSecondaryConfigPtrInput + // Set to true to skip awaiting on the major version upgrade of the cluster. + // Possible values: true, false + // Default value: "true" + SkipAwaitMajorVersionUpgrade pulumi.BoolPtrInput // Output only. The current serving state of the cluster. State pulumi.StringPtrInput // The subscrition type of cluster. @@ -631,7 +646,8 @@ type clusterArgs struct { // If no policy is provided then the default policy will be used. The default policy takes one backup a day and retains backups for 14 days. // Structure is documented below. ContinuousBackupConfig *ClusterContinuousBackupConfig `pulumi:"continuousBackupConfig"` - // The database engine major version. This is an optional field and it's populated at the Cluster creation time. This field cannot be changed after cluster creation. + // The database engine major version. This is an optional field and it's populated at the Cluster creation time. + // Note: Changing this field to a higer version results in upgrading the AlloyDB cluster which is an irreversible change. DatabaseVersion *string `pulumi:"databaseVersion"` // Policy to determine if the cluster should be deleted forcefully. // Deleting a cluster forcefully, deletes the cluster and all its associated instances within the cluster. @@ -677,6 +693,10 @@ type clusterArgs struct { // Configuration of the secondary cluster for Cross Region Replication. This should be set if and only if the cluster is of type SECONDARY. // Structure is documented below. SecondaryConfig *ClusterSecondaryConfig `pulumi:"secondaryConfig"` + // Set to true to skip awaiting on the major version upgrade of the cluster. + // Possible values: true, false + // Default value: "true" + SkipAwaitMajorVersionUpgrade *bool `pulumi:"skipAwaitMajorVersionUpgrade"` // The subscrition type of cluster. // Possible values are: `TRIAL`, `STANDARD`. SubscriptionType *string `pulumi:"subscriptionType"` @@ -703,7 +723,8 @@ type ClusterArgs struct { // If no policy is provided then the default policy will be used. The default policy takes one backup a day and retains backups for 14 days. // Structure is documented below. ContinuousBackupConfig ClusterContinuousBackupConfigPtrInput - // The database engine major version. This is an optional field and it's populated at the Cluster creation time. This field cannot be changed after cluster creation. + // The database engine major version. This is an optional field and it's populated at the Cluster creation time. + // Note: Changing this field to a higer version results in upgrading the AlloyDB cluster which is an irreversible change. DatabaseVersion pulumi.StringPtrInput // Policy to determine if the cluster should be deleted forcefully. // Deleting a cluster forcefully, deletes the cluster and all its associated instances within the cluster. @@ -749,6 +770,10 @@ type ClusterArgs struct { // Configuration of the secondary cluster for Cross Region Replication. This should be set if and only if the cluster is of type SECONDARY. // Structure is documented below. SecondaryConfig ClusterSecondaryConfigPtrInput + // Set to true to skip awaiting on the major version upgrade of the cluster. + // Possible values: true, false + // Default value: "true" + SkipAwaitMajorVersionUpgrade pulumi.BoolPtrInput // The subscrition type of cluster. // Possible values are: `TRIAL`, `STANDARD`. SubscriptionType pulumi.StringPtrInput @@ -887,7 +912,8 @@ func (o ClusterOutput) ContinuousBackupInfos() ClusterContinuousBackupInfoArrayO return o.ApplyT(func(v *Cluster) ClusterContinuousBackupInfoArrayOutput { return v.ContinuousBackupInfos }).(ClusterContinuousBackupInfoArrayOutput) } -// The database engine major version. This is an optional field and it's populated at the Cluster creation time. This field cannot be changed after cluster creation. +// The database engine major version. This is an optional field and it's populated at the Cluster creation time. +// Note: Changing this field to a higer version results in upgrading the AlloyDB cluster which is an irreversible change. func (o ClusterOutput) DatabaseVersion() pulumi.StringOutput { return o.ApplyT(func(v *Cluster) pulumi.StringOutput { return v.DatabaseVersion }).(pulumi.StringOutput) } @@ -1018,6 +1044,13 @@ func (o ClusterOutput) SecondaryConfig() ClusterSecondaryConfigPtrOutput { return o.ApplyT(func(v *Cluster) ClusterSecondaryConfigPtrOutput { return v.SecondaryConfig }).(ClusterSecondaryConfigPtrOutput) } +// Set to true to skip awaiting on the major version upgrade of the cluster. +// Possible values: true, false +// Default value: "true" +func (o ClusterOutput) SkipAwaitMajorVersionUpgrade() pulumi.BoolPtrOutput { + return o.ApplyT(func(v *Cluster) pulumi.BoolPtrOutput { return v.SkipAwaitMajorVersionUpgrade }).(pulumi.BoolPtrOutput) +} + // Output only. The current serving state of the cluster. func (o ClusterOutput) State() pulumi.StringOutput { return o.ApplyT(func(v *Cluster) pulumi.StringOutput { return v.State }).(pulumi.StringOutput) diff --git a/sdk/go/gcp/apigee/endpointAttachment.go b/sdk/go/gcp/apigee/endpointAttachment.go index d3dae5f321..1e08e4b76b 100644 --- a/sdk/go/gcp/apigee/endpointAttachment.go +++ b/sdk/go/gcp/apigee/endpointAttachment.go @@ -20,80 +20,6 @@ import ( // * How-to Guides // - [Creating an environment](https://cloud.google.com/apigee/docs/api-platform/get-started/create-environment) // -// ## Example Usage -// -// ### Apigee Endpoint Attachment Basic -// -// ```go -// package main -// -// import ( -// -// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/apigee" -// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute" -// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations" -// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/servicenetworking" -// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" -// -// ) -// -// func main() { -// pulumi.Run(func(ctx *pulumi.Context) error { -// current, err := organizations.GetClientConfig(ctx, map[string]interface{}{}, nil) -// if err != nil { -// return err -// } -// apigeeNetwork, err := compute.NewNetwork(ctx, "apigee_network", &compute.NetworkArgs{ -// Name: pulumi.String("apigee-network"), -// }) -// if err != nil { -// return err -// } -// apigeeRange, err := compute.NewGlobalAddress(ctx, "apigee_range", &compute.GlobalAddressArgs{ -// Name: pulumi.String("apigee-range"), -// Purpose: pulumi.String("VPC_PEERING"), -// AddressType: pulumi.String("INTERNAL"), -// PrefixLength: pulumi.Int(16), -// Network: apigeeNetwork.ID(), -// }) -// if err != nil { -// return err -// } -// apigeeVpcConnection, err := servicenetworking.NewConnection(ctx, "apigee_vpc_connection", &servicenetworking.ConnectionArgs{ -// Network: apigeeNetwork.ID(), -// Service: pulumi.String("servicenetworking.googleapis.com"), -// ReservedPeeringRanges: pulumi.StringArray{ -// apigeeRange.Name, -// }, -// }) -// if err != nil { -// return err -// } -// apigeeOrg, err := apigee.NewOrganization(ctx, "apigee_org", &apigee.OrganizationArgs{ -// AnalyticsRegion: pulumi.String("us-central1"), -// ProjectId: pulumi.String(current.Project), -// AuthorizedNetwork: apigeeNetwork.ID(), -// }, pulumi.DependsOn([]pulumi.Resource{ -// apigeeVpcConnection, -// })) -// if err != nil { -// return err -// } -// _, err = apigee.NewEndpointAttachment(ctx, "apigee_endpoint_attachment", &apigee.EndpointAttachmentArgs{ -// OrgId: apigeeOrg.ID(), -// EndpointAttachmentId: pulumi.String("test1"), -// Location: pulumi.String("{google_compute_service_attachment location}"), -// ServiceAttachment: pulumi.String("{google_compute_service_attachment id}"), -// }) -// if err != nil { -// return err -// } -// return nil -// }) -// } -// -// ``` -// // ## Import // // EndpointAttachment can be imported using any of these accepted formats: diff --git a/sdk/go/gcp/apigee/environment.go b/sdk/go/gcp/apigee/environment.go index 4dc2f4b030..7b00d5b70e 100644 --- a/sdk/go/gcp/apigee/environment.go +++ b/sdk/go/gcp/apigee/environment.go @@ -143,6 +143,9 @@ type Environment struct { // // *** OrgId pulumi.StringOutput `pulumi:"orgId"` + // Key-value pairs that may be used for customizing the environment. + // Structure is documented below. + Properties EnvironmentPropertiesPtrOutput `pulumi:"properties"` // Types that can be selected for an Environment. Each of the types are // limited by capability and capacity. Refer to Apigee's public documentation // to understand about each of these types in details. @@ -213,6 +216,9 @@ type environmentState struct { // // *** OrgId *string `pulumi:"orgId"` + // Key-value pairs that may be used for customizing the environment. + // Structure is documented below. + Properties *EnvironmentProperties `pulumi:"properties"` // Types that can be selected for an Environment. Each of the types are // limited by capability and capacity. Refer to Apigee's public documentation // to understand about each of these types in details. @@ -251,6 +257,9 @@ type EnvironmentState struct { // // *** OrgId pulumi.StringPtrInput + // Key-value pairs that may be used for customizing the environment. + // Structure is documented below. + Properties EnvironmentPropertiesPtrInput // Types that can be selected for an Environment. Each of the types are // limited by capability and capacity. Refer to Apigee's public documentation // to understand about each of these types in details. @@ -293,6 +302,9 @@ type environmentArgs struct { // // *** OrgId string `pulumi:"orgId"` + // Key-value pairs that may be used for customizing the environment. + // Structure is documented below. + Properties *EnvironmentProperties `pulumi:"properties"` // Types that can be selected for an Environment. Each of the types are // limited by capability and capacity. Refer to Apigee's public documentation // to understand about each of these types in details. @@ -332,6 +344,9 @@ type EnvironmentArgs struct { // // *** OrgId pulumi.StringInput + // Key-value pairs that may be used for customizing the environment. + // Structure is documented below. + Properties EnvironmentPropertiesPtrInput // Types that can be selected for an Environment. Each of the types are // limited by capability and capacity. Refer to Apigee's public documentation // to understand about each of these types in details. @@ -480,6 +495,12 @@ func (o EnvironmentOutput) OrgId() pulumi.StringOutput { return o.ApplyT(func(v *Environment) pulumi.StringOutput { return v.OrgId }).(pulumi.StringOutput) } +// Key-value pairs that may be used for customizing the environment. +// Structure is documented below. +func (o EnvironmentOutput) Properties() EnvironmentPropertiesPtrOutput { + return o.ApplyT(func(v *Environment) EnvironmentPropertiesPtrOutput { return v.Properties }).(EnvironmentPropertiesPtrOutput) +} + // Types that can be selected for an Environment. Each of the types are // limited by capability and capacity. Refer to Apigee's public documentation // to understand about each of these types in details. diff --git a/sdk/go/gcp/apigee/pulumiTypes.go b/sdk/go/gcp/apigee/pulumiTypes.go index c39b0a29ab..f1df9b3143 100644 --- a/sdk/go/gcp/apigee/pulumiTypes.go +++ b/sdk/go/gcp/apigee/pulumiTypes.go @@ -1839,6 +1839,253 @@ func (o EnvironmentNodeConfigPtrOutput) MinNodeCount() pulumi.StringPtrOutput { }).(pulumi.StringPtrOutput) } +type EnvironmentProperties struct { + // List of all properties in the object. + // Structure is documented below. + Properties []EnvironmentPropertiesProperty `pulumi:"properties"` +} + +// EnvironmentPropertiesInput is an input type that accepts EnvironmentPropertiesArgs and EnvironmentPropertiesOutput values. +// You can construct a concrete instance of `EnvironmentPropertiesInput` via: +// +// EnvironmentPropertiesArgs{...} +type EnvironmentPropertiesInput interface { + pulumi.Input + + ToEnvironmentPropertiesOutput() EnvironmentPropertiesOutput + ToEnvironmentPropertiesOutputWithContext(context.Context) EnvironmentPropertiesOutput +} + +type EnvironmentPropertiesArgs struct { + // List of all properties in the object. + // Structure is documented below. + Properties EnvironmentPropertiesPropertyArrayInput `pulumi:"properties"` +} + +func (EnvironmentPropertiesArgs) ElementType() reflect.Type { + return reflect.TypeOf((*EnvironmentProperties)(nil)).Elem() +} + +func (i EnvironmentPropertiesArgs) ToEnvironmentPropertiesOutput() EnvironmentPropertiesOutput { + return i.ToEnvironmentPropertiesOutputWithContext(context.Background()) +} + +func (i EnvironmentPropertiesArgs) ToEnvironmentPropertiesOutputWithContext(ctx context.Context) EnvironmentPropertiesOutput { + return pulumi.ToOutputWithContext(ctx, i).(EnvironmentPropertiesOutput) +} + +func (i EnvironmentPropertiesArgs) ToEnvironmentPropertiesPtrOutput() EnvironmentPropertiesPtrOutput { + return i.ToEnvironmentPropertiesPtrOutputWithContext(context.Background()) +} + +func (i EnvironmentPropertiesArgs) ToEnvironmentPropertiesPtrOutputWithContext(ctx context.Context) EnvironmentPropertiesPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(EnvironmentPropertiesOutput).ToEnvironmentPropertiesPtrOutputWithContext(ctx) +} + +// EnvironmentPropertiesPtrInput is an input type that accepts EnvironmentPropertiesArgs, EnvironmentPropertiesPtr and EnvironmentPropertiesPtrOutput values. +// You can construct a concrete instance of `EnvironmentPropertiesPtrInput` via: +// +// EnvironmentPropertiesArgs{...} +// +// or: +// +// nil +type EnvironmentPropertiesPtrInput interface { + pulumi.Input + + ToEnvironmentPropertiesPtrOutput() EnvironmentPropertiesPtrOutput + ToEnvironmentPropertiesPtrOutputWithContext(context.Context) EnvironmentPropertiesPtrOutput +} + +type environmentPropertiesPtrType EnvironmentPropertiesArgs + +func EnvironmentPropertiesPtr(v *EnvironmentPropertiesArgs) EnvironmentPropertiesPtrInput { + return (*environmentPropertiesPtrType)(v) +} + +func (*environmentPropertiesPtrType) ElementType() reflect.Type { + return reflect.TypeOf((**EnvironmentProperties)(nil)).Elem() +} + +func (i *environmentPropertiesPtrType) ToEnvironmentPropertiesPtrOutput() EnvironmentPropertiesPtrOutput { + return i.ToEnvironmentPropertiesPtrOutputWithContext(context.Background()) +} + +func (i *environmentPropertiesPtrType) ToEnvironmentPropertiesPtrOutputWithContext(ctx context.Context) EnvironmentPropertiesPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(EnvironmentPropertiesPtrOutput) +} + +type EnvironmentPropertiesOutput struct{ *pulumi.OutputState } + +func (EnvironmentPropertiesOutput) ElementType() reflect.Type { + return reflect.TypeOf((*EnvironmentProperties)(nil)).Elem() +} + +func (o EnvironmentPropertiesOutput) ToEnvironmentPropertiesOutput() EnvironmentPropertiesOutput { + return o +} + +func (o EnvironmentPropertiesOutput) ToEnvironmentPropertiesOutputWithContext(ctx context.Context) EnvironmentPropertiesOutput { + return o +} + +func (o EnvironmentPropertiesOutput) ToEnvironmentPropertiesPtrOutput() EnvironmentPropertiesPtrOutput { + return o.ToEnvironmentPropertiesPtrOutputWithContext(context.Background()) +} + +func (o EnvironmentPropertiesOutput) ToEnvironmentPropertiesPtrOutputWithContext(ctx context.Context) EnvironmentPropertiesPtrOutput { + return o.ApplyTWithContext(ctx, func(_ context.Context, v EnvironmentProperties) *EnvironmentProperties { + return &v + }).(EnvironmentPropertiesPtrOutput) +} + +// List of all properties in the object. +// Structure is documented below. +func (o EnvironmentPropertiesOutput) Properties() EnvironmentPropertiesPropertyArrayOutput { + return o.ApplyT(func(v EnvironmentProperties) []EnvironmentPropertiesProperty { return v.Properties }).(EnvironmentPropertiesPropertyArrayOutput) +} + +type EnvironmentPropertiesPtrOutput struct{ *pulumi.OutputState } + +func (EnvironmentPropertiesPtrOutput) ElementType() reflect.Type { + return reflect.TypeOf((**EnvironmentProperties)(nil)).Elem() +} + +func (o EnvironmentPropertiesPtrOutput) ToEnvironmentPropertiesPtrOutput() EnvironmentPropertiesPtrOutput { + return o +} + +func (o EnvironmentPropertiesPtrOutput) ToEnvironmentPropertiesPtrOutputWithContext(ctx context.Context) EnvironmentPropertiesPtrOutput { + return o +} + +func (o EnvironmentPropertiesPtrOutput) Elem() EnvironmentPropertiesOutput { + return o.ApplyT(func(v *EnvironmentProperties) EnvironmentProperties { + if v != nil { + return *v + } + var ret EnvironmentProperties + return ret + }).(EnvironmentPropertiesOutput) +} + +// List of all properties in the object. +// Structure is documented below. +func (o EnvironmentPropertiesPtrOutput) Properties() EnvironmentPropertiesPropertyArrayOutput { + return o.ApplyT(func(v *EnvironmentProperties) []EnvironmentPropertiesProperty { + if v == nil { + return nil + } + return v.Properties + }).(EnvironmentPropertiesPropertyArrayOutput) +} + +type EnvironmentPropertiesProperty struct { + // The property key. + Name *string `pulumi:"name"` + // The property value. + Value *string `pulumi:"value"` +} + +// EnvironmentPropertiesPropertyInput is an input type that accepts EnvironmentPropertiesPropertyArgs and EnvironmentPropertiesPropertyOutput values. +// You can construct a concrete instance of `EnvironmentPropertiesPropertyInput` via: +// +// EnvironmentPropertiesPropertyArgs{...} +type EnvironmentPropertiesPropertyInput interface { + pulumi.Input + + ToEnvironmentPropertiesPropertyOutput() EnvironmentPropertiesPropertyOutput + ToEnvironmentPropertiesPropertyOutputWithContext(context.Context) EnvironmentPropertiesPropertyOutput +} + +type EnvironmentPropertiesPropertyArgs struct { + // The property key. + Name pulumi.StringPtrInput `pulumi:"name"` + // The property value. + Value pulumi.StringPtrInput `pulumi:"value"` +} + +func (EnvironmentPropertiesPropertyArgs) ElementType() reflect.Type { + return reflect.TypeOf((*EnvironmentPropertiesProperty)(nil)).Elem() +} + +func (i EnvironmentPropertiesPropertyArgs) ToEnvironmentPropertiesPropertyOutput() EnvironmentPropertiesPropertyOutput { + return i.ToEnvironmentPropertiesPropertyOutputWithContext(context.Background()) +} + +func (i EnvironmentPropertiesPropertyArgs) ToEnvironmentPropertiesPropertyOutputWithContext(ctx context.Context) EnvironmentPropertiesPropertyOutput { + return pulumi.ToOutputWithContext(ctx, i).(EnvironmentPropertiesPropertyOutput) +} + +// EnvironmentPropertiesPropertyArrayInput is an input type that accepts EnvironmentPropertiesPropertyArray and EnvironmentPropertiesPropertyArrayOutput values. +// You can construct a concrete instance of `EnvironmentPropertiesPropertyArrayInput` via: +// +// EnvironmentPropertiesPropertyArray{ EnvironmentPropertiesPropertyArgs{...} } +type EnvironmentPropertiesPropertyArrayInput interface { + pulumi.Input + + ToEnvironmentPropertiesPropertyArrayOutput() EnvironmentPropertiesPropertyArrayOutput + ToEnvironmentPropertiesPropertyArrayOutputWithContext(context.Context) EnvironmentPropertiesPropertyArrayOutput +} + +type EnvironmentPropertiesPropertyArray []EnvironmentPropertiesPropertyInput + +func (EnvironmentPropertiesPropertyArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]EnvironmentPropertiesProperty)(nil)).Elem() +} + +func (i EnvironmentPropertiesPropertyArray) ToEnvironmentPropertiesPropertyArrayOutput() EnvironmentPropertiesPropertyArrayOutput { + return i.ToEnvironmentPropertiesPropertyArrayOutputWithContext(context.Background()) +} + +func (i EnvironmentPropertiesPropertyArray) ToEnvironmentPropertiesPropertyArrayOutputWithContext(ctx context.Context) EnvironmentPropertiesPropertyArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(EnvironmentPropertiesPropertyArrayOutput) +} + +type EnvironmentPropertiesPropertyOutput struct{ *pulumi.OutputState } + +func (EnvironmentPropertiesPropertyOutput) ElementType() reflect.Type { + return reflect.TypeOf((*EnvironmentPropertiesProperty)(nil)).Elem() +} + +func (o EnvironmentPropertiesPropertyOutput) ToEnvironmentPropertiesPropertyOutput() EnvironmentPropertiesPropertyOutput { + return o +} + +func (o EnvironmentPropertiesPropertyOutput) ToEnvironmentPropertiesPropertyOutputWithContext(ctx context.Context) EnvironmentPropertiesPropertyOutput { + return o +} + +// The property key. +func (o EnvironmentPropertiesPropertyOutput) Name() pulumi.StringPtrOutput { + return o.ApplyT(func(v EnvironmentPropertiesProperty) *string { return v.Name }).(pulumi.StringPtrOutput) +} + +// The property value. +func (o EnvironmentPropertiesPropertyOutput) Value() pulumi.StringPtrOutput { + return o.ApplyT(func(v EnvironmentPropertiesProperty) *string { return v.Value }).(pulumi.StringPtrOutput) +} + +type EnvironmentPropertiesPropertyArrayOutput struct{ *pulumi.OutputState } + +func (EnvironmentPropertiesPropertyArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]EnvironmentPropertiesProperty)(nil)).Elem() +} + +func (o EnvironmentPropertiesPropertyArrayOutput) ToEnvironmentPropertiesPropertyArrayOutput() EnvironmentPropertiesPropertyArrayOutput { + return o +} + +func (o EnvironmentPropertiesPropertyArrayOutput) ToEnvironmentPropertiesPropertyArrayOutputWithContext(ctx context.Context) EnvironmentPropertiesPropertyArrayOutput { + return o +} + +func (o EnvironmentPropertiesPropertyArrayOutput) Index(i pulumi.IntInput) EnvironmentPropertiesPropertyOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) EnvironmentPropertiesProperty { + return vs[0].([]EnvironmentPropertiesProperty)[vs[1].(int)] + }).(EnvironmentPropertiesPropertyOutput) +} + type KeystoresAliasesKeyCertFileCertsInfo struct { // (Output) // List of all properties in the object. @@ -4097,6 +4344,10 @@ func init() { pulumi.RegisterInputType(reflect.TypeOf((*EnvironmentIamMemberConditionPtrInput)(nil)).Elem(), EnvironmentIamMemberConditionArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*EnvironmentNodeConfigInput)(nil)).Elem(), EnvironmentNodeConfigArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*EnvironmentNodeConfigPtrInput)(nil)).Elem(), EnvironmentNodeConfigArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*EnvironmentPropertiesInput)(nil)).Elem(), EnvironmentPropertiesArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*EnvironmentPropertiesPtrInput)(nil)).Elem(), EnvironmentPropertiesArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*EnvironmentPropertiesPropertyInput)(nil)).Elem(), EnvironmentPropertiesPropertyArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*EnvironmentPropertiesPropertyArrayInput)(nil)).Elem(), EnvironmentPropertiesPropertyArray{}) pulumi.RegisterInputType(reflect.TypeOf((*KeystoresAliasesKeyCertFileCertsInfoInput)(nil)).Elem(), KeystoresAliasesKeyCertFileCertsInfoArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*KeystoresAliasesKeyCertFileCertsInfoPtrInput)(nil)).Elem(), KeystoresAliasesKeyCertFileCertsInfoArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*KeystoresAliasesKeyCertFileCertsInfoCertInfoInput)(nil)).Elem(), KeystoresAliasesKeyCertFileCertsInfoCertInfoArgs{}) @@ -4147,6 +4398,10 @@ func init() { pulumi.RegisterOutputType(EnvironmentIamMemberConditionPtrOutput{}) pulumi.RegisterOutputType(EnvironmentNodeConfigOutput{}) pulumi.RegisterOutputType(EnvironmentNodeConfigPtrOutput{}) + pulumi.RegisterOutputType(EnvironmentPropertiesOutput{}) + pulumi.RegisterOutputType(EnvironmentPropertiesPtrOutput{}) + pulumi.RegisterOutputType(EnvironmentPropertiesPropertyOutput{}) + pulumi.RegisterOutputType(EnvironmentPropertiesPropertyArrayOutput{}) pulumi.RegisterOutputType(KeystoresAliasesKeyCertFileCertsInfoOutput{}) pulumi.RegisterOutputType(KeystoresAliasesKeyCertFileCertsInfoPtrOutput{}) pulumi.RegisterOutputType(KeystoresAliasesKeyCertFileCertsInfoCertInfoOutput{}) diff --git a/sdk/go/gcp/apihub/apiHubInstance.go b/sdk/go/gcp/apihub/apiHubInstance.go new file mode 100644 index 0000000000..640cea55ae --- /dev/null +++ b/sdk/go/gcp/apihub/apiHubInstance.go @@ -0,0 +1,547 @@ +// Code generated by the Pulumi Terraform Bridge (tfgen) Tool DO NOT EDIT. +// *** WARNING: Do not edit by hand unless you're certain you know what you are doing! *** + +package apihub + +import ( + "context" + "reflect" + + "errors" + "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/internal" + "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +) + +// An ApiHubInstance represents the instance resources of the API Hub. +// Currently, only one ApiHub instance is allowed for each project. +// Currently, updation/deletion of ApiHub instance is not allowed. +// +// ## Example Usage +// +// ### Apihub Api Hub Instance Basic +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/apihub" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := apihub.NewApiHubInstance(ctx, "apihub-instance-without-search", &apihub.ApiHubInstanceArgs{ +// Location: pulumi.String("us-central1"), +// Config: &apihub.ApiHubInstanceConfigArgs{ +// DisableSearch: pulumi.Bool(true), +// }, +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// ### Apihub Api Hub Instance Full +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/apihub" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := apihub.NewApiHubInstance(ctx, "apihub-instance-search", &apihub.ApiHubInstanceArgs{ +// Project: pulumi.String("my-project"), +// ApiHubInstanceId: pulumi.String("test-instance-full"), +// Description: pulumi.String("Test API hub instance"), +// Location: pulumi.String("us-central1"), +// Config: &apihub.ApiHubInstanceConfigArgs{ +// EncryptionType: pulumi.String("CMEK"), +// CmekKeyName: pulumi.String("projects/my-project/locations/us-central1/keyRings/apihub/cryptoKeys/apihub-key"), +// DisableSearch: pulumi.Bool(false), +// VertexLocation: pulumi.String("us"), +// }, +// Labels: pulumi.StringMap{ +// "environment": pulumi.String("dev"), +// }, +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## Import +// +// ApiHubInstance can be imported using any of these accepted formats: +// +// * `projects/{{project}}/locations/{{location}}/apiHubInstances/{{api_hub_instance_id}}` +// +// * `{{project}}/{{location}}/{{api_hub_instance_id}}` +// +// * `{{location}}/{{api_hub_instance_id}}` +// +// When using the `pulumi import` command, ApiHubInstance can be imported using one of the formats above. For example: +// +// ```sh +// $ pulumi import gcp:apihub/apiHubInstance:ApiHubInstance default projects/{{project}}/locations/{{location}}/apiHubInstances/{{api_hub_instance_id}} +// ``` +// +// ```sh +// $ pulumi import gcp:apihub/apiHubInstance:ApiHubInstance default {{project}}/{{location}}/{{api_hub_instance_id}} +// ``` +// +// ```sh +// $ pulumi import gcp:apihub/apiHubInstance:ApiHubInstance default {{location}}/{{api_hub_instance_id}} +// ``` +type ApiHubInstance struct { + pulumi.CustomResourceState + + // Optional. Identifier to assign to the Api Hub instance. Must be unique within scope of the parent resource. If the field + // is not provided, system generated id will be used. This value should be 4-40 characters, and valid characters are + // '/a-z[0-9]-_/'. + ApiHubInstanceId pulumi.StringPtrOutput `pulumi:"apiHubInstanceId"` + // Available configurations to provision an ApiHub Instance. + // Structure is documented below. + Config ApiHubInstanceConfigOutput `pulumi:"config"` + // Output only. Creation timestamp. + CreateTime pulumi.StringOutput `pulumi:"createTime"` + // Optional. Description of the ApiHub instance. + Description pulumi.StringPtrOutput `pulumi:"description"` + // All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. + EffectiveLabels pulumi.StringMapOutput `pulumi:"effectiveLabels"` + // Optional. Instance labels to represent user-provided metadata. Refer to cloud documentation on labels for more details. + // https://cloud.google.com/compute/docs/labeling-resources **Note**: This field is non-authoritative, and will only manage + // the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels present on + // the resource. + Labels pulumi.StringMapOutput `pulumi:"labels"` + // Resource ID segment making up resource `name`. It identifies the resource within its parent collection as described in https://google.aip.dev/122. + Location pulumi.StringOutput `pulumi:"location"` + // Identifier. Format: + // `projects/{project}/locations/{location}/apiHubInstances/{apiHubInstance}`. + Name pulumi.StringOutput `pulumi:"name"` + Project pulumi.StringOutput `pulumi:"project"` + // The combination of labels configured directly on the resource + // and default labels configured on the provider. + PulumiLabels pulumi.StringMapOutput `pulumi:"pulumiLabels"` + // Output only. The current state of the ApiHub instance. + // Possible values: + // STATE_UNSPECIFIED + // INACTIVE + // CREATING + // ACTIVE + // UPDATING + // DELETING + // FAILED + State pulumi.StringOutput `pulumi:"state"` + // Output only. Extra information about ApiHub instance state. Currently the message + // would be populated when state is `FAILED`. + StateMessage pulumi.StringOutput `pulumi:"stateMessage"` + // Output only. Last update timestamp. + UpdateTime pulumi.StringOutput `pulumi:"updateTime"` +} + +// NewApiHubInstance registers a new resource with the given unique name, arguments, and options. +func NewApiHubInstance(ctx *pulumi.Context, + name string, args *ApiHubInstanceArgs, opts ...pulumi.ResourceOption) (*ApiHubInstance, error) { + if args == nil { + return nil, errors.New("missing one or more required arguments") + } + + if args.Config == nil { + return nil, errors.New("invalid value for required argument 'Config'") + } + if args.Location == nil { + return nil, errors.New("invalid value for required argument 'Location'") + } + secrets := pulumi.AdditionalSecretOutputs([]string{ + "effectiveLabels", + "pulumiLabels", + }) + opts = append(opts, secrets) + opts = internal.PkgResourceDefaultOpts(opts) + var resource ApiHubInstance + err := ctx.RegisterResource("gcp:apihub/apiHubInstance:ApiHubInstance", name, args, &resource, opts...) + if err != nil { + return nil, err + } + return &resource, nil +} + +// GetApiHubInstance gets an existing ApiHubInstance resource's state with the given name, ID, and optional +// state properties that are used to uniquely qualify the lookup (nil if not required). +func GetApiHubInstance(ctx *pulumi.Context, + name string, id pulumi.IDInput, state *ApiHubInstanceState, opts ...pulumi.ResourceOption) (*ApiHubInstance, error) { + var resource ApiHubInstance + err := ctx.ReadResource("gcp:apihub/apiHubInstance:ApiHubInstance", name, id, state, &resource, opts...) + if err != nil { + return nil, err + } + return &resource, nil +} + +// Input properties used for looking up and filtering ApiHubInstance resources. +type apiHubInstanceState struct { + // Optional. Identifier to assign to the Api Hub instance. Must be unique within scope of the parent resource. If the field + // is not provided, system generated id will be used. This value should be 4-40 characters, and valid characters are + // '/a-z[0-9]-_/'. + ApiHubInstanceId *string `pulumi:"apiHubInstanceId"` + // Available configurations to provision an ApiHub Instance. + // Structure is documented below. + Config *ApiHubInstanceConfig `pulumi:"config"` + // Output only. Creation timestamp. + CreateTime *string `pulumi:"createTime"` + // Optional. Description of the ApiHub instance. + Description *string `pulumi:"description"` + // All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. + EffectiveLabels map[string]string `pulumi:"effectiveLabels"` + // Optional. Instance labels to represent user-provided metadata. Refer to cloud documentation on labels for more details. + // https://cloud.google.com/compute/docs/labeling-resources **Note**: This field is non-authoritative, and will only manage + // the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels present on + // the resource. + Labels map[string]string `pulumi:"labels"` + // Resource ID segment making up resource `name`. It identifies the resource within its parent collection as described in https://google.aip.dev/122. + Location *string `pulumi:"location"` + // Identifier. Format: + // `projects/{project}/locations/{location}/apiHubInstances/{apiHubInstance}`. + Name *string `pulumi:"name"` + Project *string `pulumi:"project"` + // The combination of labels configured directly on the resource + // and default labels configured on the provider. + PulumiLabels map[string]string `pulumi:"pulumiLabels"` + // Output only. The current state of the ApiHub instance. + // Possible values: + // STATE_UNSPECIFIED + // INACTIVE + // CREATING + // ACTIVE + // UPDATING + // DELETING + // FAILED + State *string `pulumi:"state"` + // Output only. Extra information about ApiHub instance state. Currently the message + // would be populated when state is `FAILED`. + StateMessage *string `pulumi:"stateMessage"` + // Output only. Last update timestamp. + UpdateTime *string `pulumi:"updateTime"` +} + +type ApiHubInstanceState struct { + // Optional. Identifier to assign to the Api Hub instance. Must be unique within scope of the parent resource. If the field + // is not provided, system generated id will be used. This value should be 4-40 characters, and valid characters are + // '/a-z[0-9]-_/'. + ApiHubInstanceId pulumi.StringPtrInput + // Available configurations to provision an ApiHub Instance. + // Structure is documented below. + Config ApiHubInstanceConfigPtrInput + // Output only. Creation timestamp. + CreateTime pulumi.StringPtrInput + // Optional. Description of the ApiHub instance. + Description pulumi.StringPtrInput + // All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. + EffectiveLabels pulumi.StringMapInput + // Optional. Instance labels to represent user-provided metadata. Refer to cloud documentation on labels for more details. + // https://cloud.google.com/compute/docs/labeling-resources **Note**: This field is non-authoritative, and will only manage + // the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels present on + // the resource. + Labels pulumi.StringMapInput + // Resource ID segment making up resource `name`. It identifies the resource within its parent collection as described in https://google.aip.dev/122. + Location pulumi.StringPtrInput + // Identifier. Format: + // `projects/{project}/locations/{location}/apiHubInstances/{apiHubInstance}`. + Name pulumi.StringPtrInput + Project pulumi.StringPtrInput + // The combination of labels configured directly on the resource + // and default labels configured on the provider. + PulumiLabels pulumi.StringMapInput + // Output only. The current state of the ApiHub instance. + // Possible values: + // STATE_UNSPECIFIED + // INACTIVE + // CREATING + // ACTIVE + // UPDATING + // DELETING + // FAILED + State pulumi.StringPtrInput + // Output only. Extra information about ApiHub instance state. Currently the message + // would be populated when state is `FAILED`. + StateMessage pulumi.StringPtrInput + // Output only. Last update timestamp. + UpdateTime pulumi.StringPtrInput +} + +func (ApiHubInstanceState) ElementType() reflect.Type { + return reflect.TypeOf((*apiHubInstanceState)(nil)).Elem() +} + +type apiHubInstanceArgs struct { + // Optional. Identifier to assign to the Api Hub instance. Must be unique within scope of the parent resource. If the field + // is not provided, system generated id will be used. This value should be 4-40 characters, and valid characters are + // '/a-z[0-9]-_/'. + ApiHubInstanceId *string `pulumi:"apiHubInstanceId"` + // Available configurations to provision an ApiHub Instance. + // Structure is documented below. + Config ApiHubInstanceConfig `pulumi:"config"` + // Optional. Description of the ApiHub instance. + Description *string `pulumi:"description"` + // Optional. Instance labels to represent user-provided metadata. Refer to cloud documentation on labels for more details. + // https://cloud.google.com/compute/docs/labeling-resources **Note**: This field is non-authoritative, and will only manage + // the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels present on + // the resource. + Labels map[string]string `pulumi:"labels"` + // Resource ID segment making up resource `name`. It identifies the resource within its parent collection as described in https://google.aip.dev/122. + Location string `pulumi:"location"` + Project *string `pulumi:"project"` +} + +// The set of arguments for constructing a ApiHubInstance resource. +type ApiHubInstanceArgs struct { + // Optional. Identifier to assign to the Api Hub instance. Must be unique within scope of the parent resource. If the field + // is not provided, system generated id will be used. This value should be 4-40 characters, and valid characters are + // '/a-z[0-9]-_/'. + ApiHubInstanceId pulumi.StringPtrInput + // Available configurations to provision an ApiHub Instance. + // Structure is documented below. + Config ApiHubInstanceConfigInput + // Optional. Description of the ApiHub instance. + Description pulumi.StringPtrInput + // Optional. Instance labels to represent user-provided metadata. Refer to cloud documentation on labels for more details. + // https://cloud.google.com/compute/docs/labeling-resources **Note**: This field is non-authoritative, and will only manage + // the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels present on + // the resource. + Labels pulumi.StringMapInput + // Resource ID segment making up resource `name`. It identifies the resource within its parent collection as described in https://google.aip.dev/122. + Location pulumi.StringInput + Project pulumi.StringPtrInput +} + +func (ApiHubInstanceArgs) ElementType() reflect.Type { + return reflect.TypeOf((*apiHubInstanceArgs)(nil)).Elem() +} + +type ApiHubInstanceInput interface { + pulumi.Input + + ToApiHubInstanceOutput() ApiHubInstanceOutput + ToApiHubInstanceOutputWithContext(ctx context.Context) ApiHubInstanceOutput +} + +func (*ApiHubInstance) ElementType() reflect.Type { + return reflect.TypeOf((**ApiHubInstance)(nil)).Elem() +} + +func (i *ApiHubInstance) ToApiHubInstanceOutput() ApiHubInstanceOutput { + return i.ToApiHubInstanceOutputWithContext(context.Background()) +} + +func (i *ApiHubInstance) ToApiHubInstanceOutputWithContext(ctx context.Context) ApiHubInstanceOutput { + return pulumi.ToOutputWithContext(ctx, i).(ApiHubInstanceOutput) +} + +// ApiHubInstanceArrayInput is an input type that accepts ApiHubInstanceArray and ApiHubInstanceArrayOutput values. +// You can construct a concrete instance of `ApiHubInstanceArrayInput` via: +// +// ApiHubInstanceArray{ ApiHubInstanceArgs{...} } +type ApiHubInstanceArrayInput interface { + pulumi.Input + + ToApiHubInstanceArrayOutput() ApiHubInstanceArrayOutput + ToApiHubInstanceArrayOutputWithContext(context.Context) ApiHubInstanceArrayOutput +} + +type ApiHubInstanceArray []ApiHubInstanceInput + +func (ApiHubInstanceArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]*ApiHubInstance)(nil)).Elem() +} + +func (i ApiHubInstanceArray) ToApiHubInstanceArrayOutput() ApiHubInstanceArrayOutput { + return i.ToApiHubInstanceArrayOutputWithContext(context.Background()) +} + +func (i ApiHubInstanceArray) ToApiHubInstanceArrayOutputWithContext(ctx context.Context) ApiHubInstanceArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(ApiHubInstanceArrayOutput) +} + +// ApiHubInstanceMapInput is an input type that accepts ApiHubInstanceMap and ApiHubInstanceMapOutput values. +// You can construct a concrete instance of `ApiHubInstanceMapInput` via: +// +// ApiHubInstanceMap{ "key": ApiHubInstanceArgs{...} } +type ApiHubInstanceMapInput interface { + pulumi.Input + + ToApiHubInstanceMapOutput() ApiHubInstanceMapOutput + ToApiHubInstanceMapOutputWithContext(context.Context) ApiHubInstanceMapOutput +} + +type ApiHubInstanceMap map[string]ApiHubInstanceInput + +func (ApiHubInstanceMap) ElementType() reflect.Type { + return reflect.TypeOf((*map[string]*ApiHubInstance)(nil)).Elem() +} + +func (i ApiHubInstanceMap) ToApiHubInstanceMapOutput() ApiHubInstanceMapOutput { + return i.ToApiHubInstanceMapOutputWithContext(context.Background()) +} + +func (i ApiHubInstanceMap) ToApiHubInstanceMapOutputWithContext(ctx context.Context) ApiHubInstanceMapOutput { + return pulumi.ToOutputWithContext(ctx, i).(ApiHubInstanceMapOutput) +} + +type ApiHubInstanceOutput struct{ *pulumi.OutputState } + +func (ApiHubInstanceOutput) ElementType() reflect.Type { + return reflect.TypeOf((**ApiHubInstance)(nil)).Elem() +} + +func (o ApiHubInstanceOutput) ToApiHubInstanceOutput() ApiHubInstanceOutput { + return o +} + +func (o ApiHubInstanceOutput) ToApiHubInstanceOutputWithContext(ctx context.Context) ApiHubInstanceOutput { + return o +} + +// Optional. Identifier to assign to the Api Hub instance. Must be unique within scope of the parent resource. If the field +// is not provided, system generated id will be used. This value should be 4-40 characters, and valid characters are +// '/a-z[0-9]-_/'. +func (o ApiHubInstanceOutput) ApiHubInstanceId() pulumi.StringPtrOutput { + return o.ApplyT(func(v *ApiHubInstance) pulumi.StringPtrOutput { return v.ApiHubInstanceId }).(pulumi.StringPtrOutput) +} + +// Available configurations to provision an ApiHub Instance. +// Structure is documented below. +func (o ApiHubInstanceOutput) Config() ApiHubInstanceConfigOutput { + return o.ApplyT(func(v *ApiHubInstance) ApiHubInstanceConfigOutput { return v.Config }).(ApiHubInstanceConfigOutput) +} + +// Output only. Creation timestamp. +func (o ApiHubInstanceOutput) CreateTime() pulumi.StringOutput { + return o.ApplyT(func(v *ApiHubInstance) pulumi.StringOutput { return v.CreateTime }).(pulumi.StringOutput) +} + +// Optional. Description of the ApiHub instance. +func (o ApiHubInstanceOutput) Description() pulumi.StringPtrOutput { + return o.ApplyT(func(v *ApiHubInstance) pulumi.StringPtrOutput { return v.Description }).(pulumi.StringPtrOutput) +} + +// All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. +func (o ApiHubInstanceOutput) EffectiveLabels() pulumi.StringMapOutput { + return o.ApplyT(func(v *ApiHubInstance) pulumi.StringMapOutput { return v.EffectiveLabels }).(pulumi.StringMapOutput) +} + +// Optional. Instance labels to represent user-provided metadata. Refer to cloud documentation on labels for more details. +// https://cloud.google.com/compute/docs/labeling-resources **Note**: This field is non-authoritative, and will only manage +// the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels present on +// the resource. +func (o ApiHubInstanceOutput) Labels() pulumi.StringMapOutput { + return o.ApplyT(func(v *ApiHubInstance) pulumi.StringMapOutput { return v.Labels }).(pulumi.StringMapOutput) +} + +// Resource ID segment making up resource `name`. It identifies the resource within its parent collection as described in https://google.aip.dev/122. +func (o ApiHubInstanceOutput) Location() pulumi.StringOutput { + return o.ApplyT(func(v *ApiHubInstance) pulumi.StringOutput { return v.Location }).(pulumi.StringOutput) +} + +// Identifier. Format: +// `projects/{project}/locations/{location}/apiHubInstances/{apiHubInstance}`. +func (o ApiHubInstanceOutput) Name() pulumi.StringOutput { + return o.ApplyT(func(v *ApiHubInstance) pulumi.StringOutput { return v.Name }).(pulumi.StringOutput) +} + +func (o ApiHubInstanceOutput) Project() pulumi.StringOutput { + return o.ApplyT(func(v *ApiHubInstance) pulumi.StringOutput { return v.Project }).(pulumi.StringOutput) +} + +// The combination of labels configured directly on the resource +// and default labels configured on the provider. +func (o ApiHubInstanceOutput) PulumiLabels() pulumi.StringMapOutput { + return o.ApplyT(func(v *ApiHubInstance) pulumi.StringMapOutput { return v.PulumiLabels }).(pulumi.StringMapOutput) +} + +// Output only. The current state of the ApiHub instance. +// Possible values: +// STATE_UNSPECIFIED +// INACTIVE +// CREATING +// ACTIVE +// UPDATING +// DELETING +// FAILED +func (o ApiHubInstanceOutput) State() pulumi.StringOutput { + return o.ApplyT(func(v *ApiHubInstance) pulumi.StringOutput { return v.State }).(pulumi.StringOutput) +} + +// Output only. Extra information about ApiHub instance state. Currently the message +// would be populated when state is `FAILED`. +func (o ApiHubInstanceOutput) StateMessage() pulumi.StringOutput { + return o.ApplyT(func(v *ApiHubInstance) pulumi.StringOutput { return v.StateMessage }).(pulumi.StringOutput) +} + +// Output only. Last update timestamp. +func (o ApiHubInstanceOutput) UpdateTime() pulumi.StringOutput { + return o.ApplyT(func(v *ApiHubInstance) pulumi.StringOutput { return v.UpdateTime }).(pulumi.StringOutput) +} + +type ApiHubInstanceArrayOutput struct{ *pulumi.OutputState } + +func (ApiHubInstanceArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]*ApiHubInstance)(nil)).Elem() +} + +func (o ApiHubInstanceArrayOutput) ToApiHubInstanceArrayOutput() ApiHubInstanceArrayOutput { + return o +} + +func (o ApiHubInstanceArrayOutput) ToApiHubInstanceArrayOutputWithContext(ctx context.Context) ApiHubInstanceArrayOutput { + return o +} + +func (o ApiHubInstanceArrayOutput) Index(i pulumi.IntInput) ApiHubInstanceOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) *ApiHubInstance { + return vs[0].([]*ApiHubInstance)[vs[1].(int)] + }).(ApiHubInstanceOutput) +} + +type ApiHubInstanceMapOutput struct{ *pulumi.OutputState } + +func (ApiHubInstanceMapOutput) ElementType() reflect.Type { + return reflect.TypeOf((*map[string]*ApiHubInstance)(nil)).Elem() +} + +func (o ApiHubInstanceMapOutput) ToApiHubInstanceMapOutput() ApiHubInstanceMapOutput { + return o +} + +func (o ApiHubInstanceMapOutput) ToApiHubInstanceMapOutputWithContext(ctx context.Context) ApiHubInstanceMapOutput { + return o +} + +func (o ApiHubInstanceMapOutput) MapIndex(k pulumi.StringInput) ApiHubInstanceOutput { + return pulumi.All(o, k).ApplyT(func(vs []interface{}) *ApiHubInstance { + return vs[0].(map[string]*ApiHubInstance)[vs[1].(string)] + }).(ApiHubInstanceOutput) +} + +func init() { + pulumi.RegisterInputType(reflect.TypeOf((*ApiHubInstanceInput)(nil)).Elem(), &ApiHubInstance{}) + pulumi.RegisterInputType(reflect.TypeOf((*ApiHubInstanceArrayInput)(nil)).Elem(), ApiHubInstanceArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*ApiHubInstanceMapInput)(nil)).Elem(), ApiHubInstanceMap{}) + pulumi.RegisterOutputType(ApiHubInstanceOutput{}) + pulumi.RegisterOutputType(ApiHubInstanceArrayOutput{}) + pulumi.RegisterOutputType(ApiHubInstanceMapOutput{}) +} diff --git a/sdk/go/gcp/apihub/init.go b/sdk/go/gcp/apihub/init.go new file mode 100644 index 0000000000..225c5d9dde --- /dev/null +++ b/sdk/go/gcp/apihub/init.go @@ -0,0 +1,44 @@ +// Code generated by the Pulumi Terraform Bridge (tfgen) Tool DO NOT EDIT. +// *** WARNING: Do not edit by hand unless you're certain you know what you are doing! *** + +package apihub + +import ( + "fmt" + + "github.com/blang/semver" + "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/internal" + "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +) + +type module struct { + version semver.Version +} + +func (m *module) Version() semver.Version { + return m.version +} + +func (m *module) Construct(ctx *pulumi.Context, name, typ, urn string) (r pulumi.Resource, err error) { + switch typ { + case "gcp:apihub/apiHubInstance:ApiHubInstance": + r = &ApiHubInstance{} + default: + return nil, fmt.Errorf("unknown resource type: %s", typ) + } + + err = ctx.RegisterResource(typ, name, nil, r, pulumi.URN_(urn)) + return +} + +func init() { + version, err := internal.PkgVersion() + if err != nil { + version = semver.Version{Major: 1} + } + pulumi.RegisterResourceModule( + "gcp", + "apihub/apiHubInstance", + &module{version}, + ) +} diff --git a/sdk/go/gcp/apihub/pulumiTypes.go b/sdk/go/gcp/apihub/pulumiTypes.go new file mode 100644 index 0000000000..a73c070f29 --- /dev/null +++ b/sdk/go/gcp/apihub/pulumiTypes.go @@ -0,0 +1,267 @@ +// Code generated by the Pulumi Terraform Bridge (tfgen) Tool DO NOT EDIT. +// *** WARNING: Do not edit by hand unless you're certain you know what you are doing! *** + +package apihub + +import ( + "context" + "reflect" + + "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/internal" + "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +) + +var _ = internal.GetEnvOrDefault + +type ApiHubInstanceConfig struct { + // Optional. The Customer Managed Encryption Key (CMEK) used for data encryption. + // The CMEK name should follow the format of + // `projects/([^/]+)/locations/([^/]+)/keyRings/([^/]+)/cryptoKeys/([^/]+)`, + // where the location must match the instance location. + // If the CMEK is not provided, a GMEK will be created for the instance. + CmekKeyName *string `pulumi:"cmekKeyName"` + // Optional. If true, the search will be disabled for the instance. The default value + // is false. + DisableSearch *bool `pulumi:"disableSearch"` + // Optional. Encryption type for the region. If the encryption type is CMEK, the + // cmekKeyName must be provided. If no encryption type is provided, + // GMEK will be used. + // Possible values: + // ENCRYPTION_TYPE_UNSPECIFIED + // GMEK + // CMEK + EncryptionType *string `pulumi:"encryptionType"` + // Optional. The name of the Vertex AI location where the data store is stored. + // + // *** + VertexLocation *string `pulumi:"vertexLocation"` +} + +// ApiHubInstanceConfigInput is an input type that accepts ApiHubInstanceConfigArgs and ApiHubInstanceConfigOutput values. +// You can construct a concrete instance of `ApiHubInstanceConfigInput` via: +// +// ApiHubInstanceConfigArgs{...} +type ApiHubInstanceConfigInput interface { + pulumi.Input + + ToApiHubInstanceConfigOutput() ApiHubInstanceConfigOutput + ToApiHubInstanceConfigOutputWithContext(context.Context) ApiHubInstanceConfigOutput +} + +type ApiHubInstanceConfigArgs struct { + // Optional. The Customer Managed Encryption Key (CMEK) used for data encryption. + // The CMEK name should follow the format of + // `projects/([^/]+)/locations/([^/]+)/keyRings/([^/]+)/cryptoKeys/([^/]+)`, + // where the location must match the instance location. + // If the CMEK is not provided, a GMEK will be created for the instance. + CmekKeyName pulumi.StringPtrInput `pulumi:"cmekKeyName"` + // Optional. If true, the search will be disabled for the instance. The default value + // is false. + DisableSearch pulumi.BoolPtrInput `pulumi:"disableSearch"` + // Optional. Encryption type for the region. If the encryption type is CMEK, the + // cmekKeyName must be provided. If no encryption type is provided, + // GMEK will be used. + // Possible values: + // ENCRYPTION_TYPE_UNSPECIFIED + // GMEK + // CMEK + EncryptionType pulumi.StringPtrInput `pulumi:"encryptionType"` + // Optional. The name of the Vertex AI location where the data store is stored. + // + // *** + VertexLocation pulumi.StringPtrInput `pulumi:"vertexLocation"` +} + +func (ApiHubInstanceConfigArgs) ElementType() reflect.Type { + return reflect.TypeOf((*ApiHubInstanceConfig)(nil)).Elem() +} + +func (i ApiHubInstanceConfigArgs) ToApiHubInstanceConfigOutput() ApiHubInstanceConfigOutput { + return i.ToApiHubInstanceConfigOutputWithContext(context.Background()) +} + +func (i ApiHubInstanceConfigArgs) ToApiHubInstanceConfigOutputWithContext(ctx context.Context) ApiHubInstanceConfigOutput { + return pulumi.ToOutputWithContext(ctx, i).(ApiHubInstanceConfigOutput) +} + +func (i ApiHubInstanceConfigArgs) ToApiHubInstanceConfigPtrOutput() ApiHubInstanceConfigPtrOutput { + return i.ToApiHubInstanceConfigPtrOutputWithContext(context.Background()) +} + +func (i ApiHubInstanceConfigArgs) ToApiHubInstanceConfigPtrOutputWithContext(ctx context.Context) ApiHubInstanceConfigPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(ApiHubInstanceConfigOutput).ToApiHubInstanceConfigPtrOutputWithContext(ctx) +} + +// ApiHubInstanceConfigPtrInput is an input type that accepts ApiHubInstanceConfigArgs, ApiHubInstanceConfigPtr and ApiHubInstanceConfigPtrOutput values. +// You can construct a concrete instance of `ApiHubInstanceConfigPtrInput` via: +// +// ApiHubInstanceConfigArgs{...} +// +// or: +// +// nil +type ApiHubInstanceConfigPtrInput interface { + pulumi.Input + + ToApiHubInstanceConfigPtrOutput() ApiHubInstanceConfigPtrOutput + ToApiHubInstanceConfigPtrOutputWithContext(context.Context) ApiHubInstanceConfigPtrOutput +} + +type apiHubInstanceConfigPtrType ApiHubInstanceConfigArgs + +func ApiHubInstanceConfigPtr(v *ApiHubInstanceConfigArgs) ApiHubInstanceConfigPtrInput { + return (*apiHubInstanceConfigPtrType)(v) +} + +func (*apiHubInstanceConfigPtrType) ElementType() reflect.Type { + return reflect.TypeOf((**ApiHubInstanceConfig)(nil)).Elem() +} + +func (i *apiHubInstanceConfigPtrType) ToApiHubInstanceConfigPtrOutput() ApiHubInstanceConfigPtrOutput { + return i.ToApiHubInstanceConfigPtrOutputWithContext(context.Background()) +} + +func (i *apiHubInstanceConfigPtrType) ToApiHubInstanceConfigPtrOutputWithContext(ctx context.Context) ApiHubInstanceConfigPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(ApiHubInstanceConfigPtrOutput) +} + +type ApiHubInstanceConfigOutput struct{ *pulumi.OutputState } + +func (ApiHubInstanceConfigOutput) ElementType() reflect.Type { + return reflect.TypeOf((*ApiHubInstanceConfig)(nil)).Elem() +} + +func (o ApiHubInstanceConfigOutput) ToApiHubInstanceConfigOutput() ApiHubInstanceConfigOutput { + return o +} + +func (o ApiHubInstanceConfigOutput) ToApiHubInstanceConfigOutputWithContext(ctx context.Context) ApiHubInstanceConfigOutput { + return o +} + +func (o ApiHubInstanceConfigOutput) ToApiHubInstanceConfigPtrOutput() ApiHubInstanceConfigPtrOutput { + return o.ToApiHubInstanceConfigPtrOutputWithContext(context.Background()) +} + +func (o ApiHubInstanceConfigOutput) ToApiHubInstanceConfigPtrOutputWithContext(ctx context.Context) ApiHubInstanceConfigPtrOutput { + return o.ApplyTWithContext(ctx, func(_ context.Context, v ApiHubInstanceConfig) *ApiHubInstanceConfig { + return &v + }).(ApiHubInstanceConfigPtrOutput) +} + +// Optional. The Customer Managed Encryption Key (CMEK) used for data encryption. +// The CMEK name should follow the format of +// `projects/([^/]+)/locations/([^/]+)/keyRings/([^/]+)/cryptoKeys/([^/]+)`, +// where the location must match the instance location. +// If the CMEK is not provided, a GMEK will be created for the instance. +func (o ApiHubInstanceConfigOutput) CmekKeyName() pulumi.StringPtrOutput { + return o.ApplyT(func(v ApiHubInstanceConfig) *string { return v.CmekKeyName }).(pulumi.StringPtrOutput) +} + +// Optional. If true, the search will be disabled for the instance. The default value +// is false. +func (o ApiHubInstanceConfigOutput) DisableSearch() pulumi.BoolPtrOutput { + return o.ApplyT(func(v ApiHubInstanceConfig) *bool { return v.DisableSearch }).(pulumi.BoolPtrOutput) +} + +// Optional. Encryption type for the region. If the encryption type is CMEK, the +// cmekKeyName must be provided. If no encryption type is provided, +// GMEK will be used. +// Possible values: +// ENCRYPTION_TYPE_UNSPECIFIED +// GMEK +// CMEK +func (o ApiHubInstanceConfigOutput) EncryptionType() pulumi.StringPtrOutput { + return o.ApplyT(func(v ApiHubInstanceConfig) *string { return v.EncryptionType }).(pulumi.StringPtrOutput) +} + +// Optional. The name of the Vertex AI location where the data store is stored. +// +// *** +func (o ApiHubInstanceConfigOutput) VertexLocation() pulumi.StringPtrOutput { + return o.ApplyT(func(v ApiHubInstanceConfig) *string { return v.VertexLocation }).(pulumi.StringPtrOutput) +} + +type ApiHubInstanceConfigPtrOutput struct{ *pulumi.OutputState } + +func (ApiHubInstanceConfigPtrOutput) ElementType() reflect.Type { + return reflect.TypeOf((**ApiHubInstanceConfig)(nil)).Elem() +} + +func (o ApiHubInstanceConfigPtrOutput) ToApiHubInstanceConfigPtrOutput() ApiHubInstanceConfigPtrOutput { + return o +} + +func (o ApiHubInstanceConfigPtrOutput) ToApiHubInstanceConfigPtrOutputWithContext(ctx context.Context) ApiHubInstanceConfigPtrOutput { + return o +} + +func (o ApiHubInstanceConfigPtrOutput) Elem() ApiHubInstanceConfigOutput { + return o.ApplyT(func(v *ApiHubInstanceConfig) ApiHubInstanceConfig { + if v != nil { + return *v + } + var ret ApiHubInstanceConfig + return ret + }).(ApiHubInstanceConfigOutput) +} + +// Optional. The Customer Managed Encryption Key (CMEK) used for data encryption. +// The CMEK name should follow the format of +// `projects/([^/]+)/locations/([^/]+)/keyRings/([^/]+)/cryptoKeys/([^/]+)`, +// where the location must match the instance location. +// If the CMEK is not provided, a GMEK will be created for the instance. +func (o ApiHubInstanceConfigPtrOutput) CmekKeyName() pulumi.StringPtrOutput { + return o.ApplyT(func(v *ApiHubInstanceConfig) *string { + if v == nil { + return nil + } + return v.CmekKeyName + }).(pulumi.StringPtrOutput) +} + +// Optional. If true, the search will be disabled for the instance. The default value +// is false. +func (o ApiHubInstanceConfigPtrOutput) DisableSearch() pulumi.BoolPtrOutput { + return o.ApplyT(func(v *ApiHubInstanceConfig) *bool { + if v == nil { + return nil + } + return v.DisableSearch + }).(pulumi.BoolPtrOutput) +} + +// Optional. Encryption type for the region. If the encryption type is CMEK, the +// cmekKeyName must be provided. If no encryption type is provided, +// GMEK will be used. +// Possible values: +// ENCRYPTION_TYPE_UNSPECIFIED +// GMEK +// CMEK +func (o ApiHubInstanceConfigPtrOutput) EncryptionType() pulumi.StringPtrOutput { + return o.ApplyT(func(v *ApiHubInstanceConfig) *string { + if v == nil { + return nil + } + return v.EncryptionType + }).(pulumi.StringPtrOutput) +} + +// Optional. The name of the Vertex AI location where the data store is stored. +// +// *** +func (o ApiHubInstanceConfigPtrOutput) VertexLocation() pulumi.StringPtrOutput { + return o.ApplyT(func(v *ApiHubInstanceConfig) *string { + if v == nil { + return nil + } + return v.VertexLocation + }).(pulumi.StringPtrOutput) +} + +func init() { + pulumi.RegisterInputType(reflect.TypeOf((*ApiHubInstanceConfigInput)(nil)).Elem(), ApiHubInstanceConfigArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*ApiHubInstanceConfigPtrInput)(nil)).Elem(), ApiHubInstanceConfigArgs{}) + pulumi.RegisterOutputType(ApiHubInstanceConfigOutput{}) + pulumi.RegisterOutputType(ApiHubInstanceConfigPtrOutput{}) +} diff --git a/sdk/go/gcp/chronicle/init.go b/sdk/go/gcp/chronicle/init.go index 15fbcc48c7..5155a99c75 100644 --- a/sdk/go/gcp/chronicle/init.go +++ b/sdk/go/gcp/chronicle/init.go @@ -27,6 +27,8 @@ func (m *module) Construct(ctx *pulumi.Context, name, typ, urn string) (r pulumi r = &DataAccessScope{} case "gcp:chronicle/referenceList:ReferenceList": r = &ReferenceList{} + case "gcp:chronicle/retrohunt:Retrohunt": + r = &Retrohunt{} case "gcp:chronicle/rule:Rule": r = &Rule{} case "gcp:chronicle/ruleDeployment:RuleDeployment": @@ -61,6 +63,11 @@ func init() { "chronicle/referenceList", &module{version}, ) + pulumi.RegisterResourceModule( + "gcp", + "chronicle/retrohunt", + &module{version}, + ) pulumi.RegisterResourceModule( "gcp", "chronicle/rule", diff --git a/sdk/go/gcp/chronicle/pulumiTypes.go b/sdk/go/gcp/chronicle/pulumiTypes.go index 770c364477..e0cae4108a 100644 --- a/sdk/go/gcp/chronicle/pulumiTypes.go +++ b/sdk/go/gcp/chronicle/pulumiTypes.go @@ -914,6 +914,288 @@ func (o ReferenceListScopeInfoReferenceListScopeOutput) ScopeNames() pulumi.Stri return o.ApplyT(func(v ReferenceListScopeInfoReferenceListScope) []string { return v.ScopeNames }).(pulumi.StringArrayOutput) } +type RetrohuntExecutionInterval struct { + // Optional. Exclusive end of the interval. + // If specified, a Timestamp matching this interval will have to be before the + // end. + EndTime *string `pulumi:"endTime"` + // Optional. Inclusive start of the interval. + // If specified, a Timestamp matching this interval will have to be the same + // or after the start. + StartTime *string `pulumi:"startTime"` +} + +// RetrohuntExecutionIntervalInput is an input type that accepts RetrohuntExecutionIntervalArgs and RetrohuntExecutionIntervalOutput values. +// You can construct a concrete instance of `RetrohuntExecutionIntervalInput` via: +// +// RetrohuntExecutionIntervalArgs{...} +type RetrohuntExecutionIntervalInput interface { + pulumi.Input + + ToRetrohuntExecutionIntervalOutput() RetrohuntExecutionIntervalOutput + ToRetrohuntExecutionIntervalOutputWithContext(context.Context) RetrohuntExecutionIntervalOutput +} + +type RetrohuntExecutionIntervalArgs struct { + // Optional. Exclusive end of the interval. + // If specified, a Timestamp matching this interval will have to be before the + // end. + EndTime pulumi.StringPtrInput `pulumi:"endTime"` + // Optional. Inclusive start of the interval. + // If specified, a Timestamp matching this interval will have to be the same + // or after the start. + StartTime pulumi.StringPtrInput `pulumi:"startTime"` +} + +func (RetrohuntExecutionIntervalArgs) ElementType() reflect.Type { + return reflect.TypeOf((*RetrohuntExecutionInterval)(nil)).Elem() +} + +func (i RetrohuntExecutionIntervalArgs) ToRetrohuntExecutionIntervalOutput() RetrohuntExecutionIntervalOutput { + return i.ToRetrohuntExecutionIntervalOutputWithContext(context.Background()) +} + +func (i RetrohuntExecutionIntervalArgs) ToRetrohuntExecutionIntervalOutputWithContext(ctx context.Context) RetrohuntExecutionIntervalOutput { + return pulumi.ToOutputWithContext(ctx, i).(RetrohuntExecutionIntervalOutput) +} + +// RetrohuntExecutionIntervalArrayInput is an input type that accepts RetrohuntExecutionIntervalArray and RetrohuntExecutionIntervalArrayOutput values. +// You can construct a concrete instance of `RetrohuntExecutionIntervalArrayInput` via: +// +// RetrohuntExecutionIntervalArray{ RetrohuntExecutionIntervalArgs{...} } +type RetrohuntExecutionIntervalArrayInput interface { + pulumi.Input + + ToRetrohuntExecutionIntervalArrayOutput() RetrohuntExecutionIntervalArrayOutput + ToRetrohuntExecutionIntervalArrayOutputWithContext(context.Context) RetrohuntExecutionIntervalArrayOutput +} + +type RetrohuntExecutionIntervalArray []RetrohuntExecutionIntervalInput + +func (RetrohuntExecutionIntervalArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]RetrohuntExecutionInterval)(nil)).Elem() +} + +func (i RetrohuntExecutionIntervalArray) ToRetrohuntExecutionIntervalArrayOutput() RetrohuntExecutionIntervalArrayOutput { + return i.ToRetrohuntExecutionIntervalArrayOutputWithContext(context.Background()) +} + +func (i RetrohuntExecutionIntervalArray) ToRetrohuntExecutionIntervalArrayOutputWithContext(ctx context.Context) RetrohuntExecutionIntervalArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(RetrohuntExecutionIntervalArrayOutput) +} + +type RetrohuntExecutionIntervalOutput struct{ *pulumi.OutputState } + +func (RetrohuntExecutionIntervalOutput) ElementType() reflect.Type { + return reflect.TypeOf((*RetrohuntExecutionInterval)(nil)).Elem() +} + +func (o RetrohuntExecutionIntervalOutput) ToRetrohuntExecutionIntervalOutput() RetrohuntExecutionIntervalOutput { + return o +} + +func (o RetrohuntExecutionIntervalOutput) ToRetrohuntExecutionIntervalOutputWithContext(ctx context.Context) RetrohuntExecutionIntervalOutput { + return o +} + +// Optional. Exclusive end of the interval. +// If specified, a Timestamp matching this interval will have to be before the +// end. +func (o RetrohuntExecutionIntervalOutput) EndTime() pulumi.StringPtrOutput { + return o.ApplyT(func(v RetrohuntExecutionInterval) *string { return v.EndTime }).(pulumi.StringPtrOutput) +} + +// Optional. Inclusive start of the interval. +// If specified, a Timestamp matching this interval will have to be the same +// or after the start. +func (o RetrohuntExecutionIntervalOutput) StartTime() pulumi.StringPtrOutput { + return o.ApplyT(func(v RetrohuntExecutionInterval) *string { return v.StartTime }).(pulumi.StringPtrOutput) +} + +type RetrohuntExecutionIntervalArrayOutput struct{ *pulumi.OutputState } + +func (RetrohuntExecutionIntervalArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]RetrohuntExecutionInterval)(nil)).Elem() +} + +func (o RetrohuntExecutionIntervalArrayOutput) ToRetrohuntExecutionIntervalArrayOutput() RetrohuntExecutionIntervalArrayOutput { + return o +} + +func (o RetrohuntExecutionIntervalArrayOutput) ToRetrohuntExecutionIntervalArrayOutputWithContext(ctx context.Context) RetrohuntExecutionIntervalArrayOutput { + return o +} + +func (o RetrohuntExecutionIntervalArrayOutput) Index(i pulumi.IntInput) RetrohuntExecutionIntervalOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) RetrohuntExecutionInterval { + return vs[0].([]RetrohuntExecutionInterval)[vs[1].(int)] + }).(RetrohuntExecutionIntervalOutput) +} + +type RetrohuntProcessInterval struct { + // Exclusive end of the interval. + // + // *** + EndTime string `pulumi:"endTime"` + // Inclusive start of the interval. + StartTime string `pulumi:"startTime"` +} + +// RetrohuntProcessIntervalInput is an input type that accepts RetrohuntProcessIntervalArgs and RetrohuntProcessIntervalOutput values. +// You can construct a concrete instance of `RetrohuntProcessIntervalInput` via: +// +// RetrohuntProcessIntervalArgs{...} +type RetrohuntProcessIntervalInput interface { + pulumi.Input + + ToRetrohuntProcessIntervalOutput() RetrohuntProcessIntervalOutput + ToRetrohuntProcessIntervalOutputWithContext(context.Context) RetrohuntProcessIntervalOutput +} + +type RetrohuntProcessIntervalArgs struct { + // Exclusive end of the interval. + // + // *** + EndTime pulumi.StringInput `pulumi:"endTime"` + // Inclusive start of the interval. + StartTime pulumi.StringInput `pulumi:"startTime"` +} + +func (RetrohuntProcessIntervalArgs) ElementType() reflect.Type { + return reflect.TypeOf((*RetrohuntProcessInterval)(nil)).Elem() +} + +func (i RetrohuntProcessIntervalArgs) ToRetrohuntProcessIntervalOutput() RetrohuntProcessIntervalOutput { + return i.ToRetrohuntProcessIntervalOutputWithContext(context.Background()) +} + +func (i RetrohuntProcessIntervalArgs) ToRetrohuntProcessIntervalOutputWithContext(ctx context.Context) RetrohuntProcessIntervalOutput { + return pulumi.ToOutputWithContext(ctx, i).(RetrohuntProcessIntervalOutput) +} + +func (i RetrohuntProcessIntervalArgs) ToRetrohuntProcessIntervalPtrOutput() RetrohuntProcessIntervalPtrOutput { + return i.ToRetrohuntProcessIntervalPtrOutputWithContext(context.Background()) +} + +func (i RetrohuntProcessIntervalArgs) ToRetrohuntProcessIntervalPtrOutputWithContext(ctx context.Context) RetrohuntProcessIntervalPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(RetrohuntProcessIntervalOutput).ToRetrohuntProcessIntervalPtrOutputWithContext(ctx) +} + +// RetrohuntProcessIntervalPtrInput is an input type that accepts RetrohuntProcessIntervalArgs, RetrohuntProcessIntervalPtr and RetrohuntProcessIntervalPtrOutput values. +// You can construct a concrete instance of `RetrohuntProcessIntervalPtrInput` via: +// +// RetrohuntProcessIntervalArgs{...} +// +// or: +// +// nil +type RetrohuntProcessIntervalPtrInput interface { + pulumi.Input + + ToRetrohuntProcessIntervalPtrOutput() RetrohuntProcessIntervalPtrOutput + ToRetrohuntProcessIntervalPtrOutputWithContext(context.Context) RetrohuntProcessIntervalPtrOutput +} + +type retrohuntProcessIntervalPtrType RetrohuntProcessIntervalArgs + +func RetrohuntProcessIntervalPtr(v *RetrohuntProcessIntervalArgs) RetrohuntProcessIntervalPtrInput { + return (*retrohuntProcessIntervalPtrType)(v) +} + +func (*retrohuntProcessIntervalPtrType) ElementType() reflect.Type { + return reflect.TypeOf((**RetrohuntProcessInterval)(nil)).Elem() +} + +func (i *retrohuntProcessIntervalPtrType) ToRetrohuntProcessIntervalPtrOutput() RetrohuntProcessIntervalPtrOutput { + return i.ToRetrohuntProcessIntervalPtrOutputWithContext(context.Background()) +} + +func (i *retrohuntProcessIntervalPtrType) ToRetrohuntProcessIntervalPtrOutputWithContext(ctx context.Context) RetrohuntProcessIntervalPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(RetrohuntProcessIntervalPtrOutput) +} + +type RetrohuntProcessIntervalOutput struct{ *pulumi.OutputState } + +func (RetrohuntProcessIntervalOutput) ElementType() reflect.Type { + return reflect.TypeOf((*RetrohuntProcessInterval)(nil)).Elem() +} + +func (o RetrohuntProcessIntervalOutput) ToRetrohuntProcessIntervalOutput() RetrohuntProcessIntervalOutput { + return o +} + +func (o RetrohuntProcessIntervalOutput) ToRetrohuntProcessIntervalOutputWithContext(ctx context.Context) RetrohuntProcessIntervalOutput { + return o +} + +func (o RetrohuntProcessIntervalOutput) ToRetrohuntProcessIntervalPtrOutput() RetrohuntProcessIntervalPtrOutput { + return o.ToRetrohuntProcessIntervalPtrOutputWithContext(context.Background()) +} + +func (o RetrohuntProcessIntervalOutput) ToRetrohuntProcessIntervalPtrOutputWithContext(ctx context.Context) RetrohuntProcessIntervalPtrOutput { + return o.ApplyTWithContext(ctx, func(_ context.Context, v RetrohuntProcessInterval) *RetrohuntProcessInterval { + return &v + }).(RetrohuntProcessIntervalPtrOutput) +} + +// Exclusive end of the interval. +// +// *** +func (o RetrohuntProcessIntervalOutput) EndTime() pulumi.StringOutput { + return o.ApplyT(func(v RetrohuntProcessInterval) string { return v.EndTime }).(pulumi.StringOutput) +} + +// Inclusive start of the interval. +func (o RetrohuntProcessIntervalOutput) StartTime() pulumi.StringOutput { + return o.ApplyT(func(v RetrohuntProcessInterval) string { return v.StartTime }).(pulumi.StringOutput) +} + +type RetrohuntProcessIntervalPtrOutput struct{ *pulumi.OutputState } + +func (RetrohuntProcessIntervalPtrOutput) ElementType() reflect.Type { + return reflect.TypeOf((**RetrohuntProcessInterval)(nil)).Elem() +} + +func (o RetrohuntProcessIntervalPtrOutput) ToRetrohuntProcessIntervalPtrOutput() RetrohuntProcessIntervalPtrOutput { + return o +} + +func (o RetrohuntProcessIntervalPtrOutput) ToRetrohuntProcessIntervalPtrOutputWithContext(ctx context.Context) RetrohuntProcessIntervalPtrOutput { + return o +} + +func (o RetrohuntProcessIntervalPtrOutput) Elem() RetrohuntProcessIntervalOutput { + return o.ApplyT(func(v *RetrohuntProcessInterval) RetrohuntProcessInterval { + if v != nil { + return *v + } + var ret RetrohuntProcessInterval + return ret + }).(RetrohuntProcessIntervalOutput) +} + +// Exclusive end of the interval. +// +// *** +func (o RetrohuntProcessIntervalPtrOutput) EndTime() pulumi.StringPtrOutput { + return o.ApplyT(func(v *RetrohuntProcessInterval) *string { + if v == nil { + return nil + } + return &v.EndTime + }).(pulumi.StringPtrOutput) +} + +// Inclusive start of the interval. +func (o RetrohuntProcessIntervalPtrOutput) StartTime() pulumi.StringPtrOutput { + return o.ApplyT(func(v *RetrohuntProcessInterval) *string { + if v == nil { + return nil + } + return &v.StartTime + }).(pulumi.StringPtrOutput) +} + type RuleCompilationDiagnostic struct { // (Output) // Output only. The diagnostic message. @@ -1901,6 +2183,10 @@ func init() { pulumi.RegisterInputType(reflect.TypeOf((*ReferenceListScopeInfoInput)(nil)).Elem(), ReferenceListScopeInfoArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*ReferenceListScopeInfoArrayInput)(nil)).Elem(), ReferenceListScopeInfoArray{}) pulumi.RegisterInputType(reflect.TypeOf((*ReferenceListScopeInfoReferenceListScopeInput)(nil)).Elem(), ReferenceListScopeInfoReferenceListScopeArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*RetrohuntExecutionIntervalInput)(nil)).Elem(), RetrohuntExecutionIntervalArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*RetrohuntExecutionIntervalArrayInput)(nil)).Elem(), RetrohuntExecutionIntervalArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*RetrohuntProcessIntervalInput)(nil)).Elem(), RetrohuntProcessIntervalArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*RetrohuntProcessIntervalPtrInput)(nil)).Elem(), RetrohuntProcessIntervalArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*RuleCompilationDiagnosticInput)(nil)).Elem(), RuleCompilationDiagnosticArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*RuleCompilationDiagnosticArrayInput)(nil)).Elem(), RuleCompilationDiagnosticArray{}) pulumi.RegisterInputType(reflect.TypeOf((*RuleCompilationDiagnosticPositionInput)(nil)).Elem(), RuleCompilationDiagnosticPositionArgs{}) @@ -1928,6 +2214,10 @@ func init() { pulumi.RegisterOutputType(ReferenceListScopeInfoOutput{}) pulumi.RegisterOutputType(ReferenceListScopeInfoArrayOutput{}) pulumi.RegisterOutputType(ReferenceListScopeInfoReferenceListScopeOutput{}) + pulumi.RegisterOutputType(RetrohuntExecutionIntervalOutput{}) + pulumi.RegisterOutputType(RetrohuntExecutionIntervalArrayOutput{}) + pulumi.RegisterOutputType(RetrohuntProcessIntervalOutput{}) + pulumi.RegisterOutputType(RetrohuntProcessIntervalPtrOutput{}) pulumi.RegisterOutputType(RuleCompilationDiagnosticOutput{}) pulumi.RegisterOutputType(RuleCompilationDiagnosticArrayOutput{}) pulumi.RegisterOutputType(RuleCompilationDiagnosticPositionOutput{}) diff --git a/sdk/go/gcp/chronicle/retrohunt.go b/sdk/go/gcp/chronicle/retrohunt.go new file mode 100644 index 0000000000..0c388b6f73 --- /dev/null +++ b/sdk/go/gcp/chronicle/retrohunt.go @@ -0,0 +1,459 @@ +// Code generated by the Pulumi Terraform Bridge (tfgen) Tool DO NOT EDIT. +// *** WARNING: Do not edit by hand unless you're certain you know what you are doing! *** + +package chronicle + +import ( + "context" + "reflect" + + "errors" + "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/internal" + "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +) + +// Retrohunt is an execution of a Rule over a time range in the past. +// +// To get more information about Retrohunt, see: +// +// * [API documentation](https://cloud.google.com/chronicle/docs/reference/rest/v1alpha/projects.locations.instances.rules.retrohunts) +// * How-to Guides +// - [Google SecOps Guides](https://cloud.google.com/chronicle/docs/secops/secops-overview) +// +// ## Example Usage +// +// ## Import +// +// Retrohunt can be imported using any of these accepted formats: +// +// * `projects/{{project}}/locations/{{location}}/instances/{{instance}}/rules/{{rule}}/retrohunts/{{retrohunt}}` +// +// * `{{project}}/{{location}}/{{instance}}/{{rule}}/{{retrohunt}}` +// +// * `{{location}}/{{instance}}/{{rule}}/{{retrohunt}}` +// +// When using the `pulumi import` command, Retrohunt can be imported using one of the formats above. For example: +// +// ```sh +// $ pulumi import gcp:chronicle/retrohunt:Retrohunt default projects/{{project}}/locations/{{location}}/instances/{{instance}}/rules/{{rule}}/retrohunts/{{retrohunt}} +// ``` +// +// ```sh +// $ pulumi import gcp:chronicle/retrohunt:Retrohunt default {{project}}/{{location}}/{{instance}}/{{rule}}/{{retrohunt}} +// ``` +// +// ```sh +// $ pulumi import gcp:chronicle/retrohunt:Retrohunt default {{location}}/{{instance}}/{{rule}}/{{retrohunt}} +// ``` +type Retrohunt struct { + pulumi.CustomResourceState + + // The retrohunt ID of the Retrohunt. A retrohunt is an execution of a Rule over a time range in the past. + RetrohuntId pulumi.StringOutput `pulumi:"RetrohuntId"` + // Represents a time interval, encoded as a Timestamp start (inclusive) and a + // Timestamp end (exclusive). + // The start must be less than or equal to the end. + // When the start equals the end, the interval is empty (matches no time). + // When both start and end are unspecified, the interval matches any time. + // Structure is documented below. + ExecutionIntervals RetrohuntExecutionIntervalArrayOutput `pulumi:"executionIntervals"` + // The unique identifier for the Chronicle instance, which is the same as the customer ID. + Instance pulumi.StringOutput `pulumi:"instance"` + // The location of the resource. This is the geographical region where the Chronicle instance resides, such as "us" or "europe-west2". + Location pulumi.StringOutput `pulumi:"location"` + // The resource name of the retrohunt. + // Retrohunt is the child of a rule revision. {rule} in the format below is + // structured as {rule_id@revision_id}. + // Format: + // projects/{project}/locations/{location}/instances/{instance}/rules/{rule}/retrohunts/{retrohunt} + Name pulumi.StringOutput `pulumi:"name"` + // Represents a time interval, encoded as a Timestamp start (inclusive) and a + // Timestamp end (exclusive). + // The start must be less than or equal to the end. + // When the start equals the end, the interval is empty (matches no time). + // When both start and end are unspecified, the interval matches any time. + // Structure is documented below. + ProcessInterval RetrohuntProcessIntervalOutput `pulumi:"processInterval"` + // Output only. Percent progress of the retrohunt towards completion, from 0.00 to 100.00. + ProgressPercentage pulumi.Float64Output `pulumi:"progressPercentage"` + Project pulumi.StringOutput `pulumi:"project"` + // The Rule ID of the rule. + Rule pulumi.StringOutput `pulumi:"rule"` + // Output only. The state of the retrohunt. + // Possible values: + // RUNNING + // DONE + // CANCELLED + // FAILED + State pulumi.StringOutput `pulumi:"state"` +} + +// NewRetrohunt registers a new resource with the given unique name, arguments, and options. +func NewRetrohunt(ctx *pulumi.Context, + name string, args *RetrohuntArgs, opts ...pulumi.ResourceOption) (*Retrohunt, error) { + if args == nil { + return nil, errors.New("missing one or more required arguments") + } + + if args.Instance == nil { + return nil, errors.New("invalid value for required argument 'Instance'") + } + if args.Location == nil { + return nil, errors.New("invalid value for required argument 'Location'") + } + if args.ProcessInterval == nil { + return nil, errors.New("invalid value for required argument 'ProcessInterval'") + } + if args.Rule == nil { + return nil, errors.New("invalid value for required argument 'Rule'") + } + opts = internal.PkgResourceDefaultOpts(opts) + var resource Retrohunt + err := ctx.RegisterResource("gcp:chronicle/retrohunt:Retrohunt", name, args, &resource, opts...) + if err != nil { + return nil, err + } + return &resource, nil +} + +// GetRetrohunt gets an existing Retrohunt resource's state with the given name, ID, and optional +// state properties that are used to uniquely qualify the lookup (nil if not required). +func GetRetrohunt(ctx *pulumi.Context, + name string, id pulumi.IDInput, state *RetrohuntState, opts ...pulumi.ResourceOption) (*Retrohunt, error) { + var resource Retrohunt + err := ctx.ReadResource("gcp:chronicle/retrohunt:Retrohunt", name, id, state, &resource, opts...) + if err != nil { + return nil, err + } + return &resource, nil +} + +// Input properties used for looking up and filtering Retrohunt resources. +type retrohuntState struct { + // The retrohunt ID of the Retrohunt. A retrohunt is an execution of a Rule over a time range in the past. + RetrohuntId *string `pulumi:"RetrohuntId"` + // Represents a time interval, encoded as a Timestamp start (inclusive) and a + // Timestamp end (exclusive). + // The start must be less than or equal to the end. + // When the start equals the end, the interval is empty (matches no time). + // When both start and end are unspecified, the interval matches any time. + // Structure is documented below. + ExecutionIntervals []RetrohuntExecutionInterval `pulumi:"executionIntervals"` + // The unique identifier for the Chronicle instance, which is the same as the customer ID. + Instance *string `pulumi:"instance"` + // The location of the resource. This is the geographical region where the Chronicle instance resides, such as "us" or "europe-west2". + Location *string `pulumi:"location"` + // The resource name of the retrohunt. + // Retrohunt is the child of a rule revision. {rule} in the format below is + // structured as {rule_id@revision_id}. + // Format: + // projects/{project}/locations/{location}/instances/{instance}/rules/{rule}/retrohunts/{retrohunt} + Name *string `pulumi:"name"` + // Represents a time interval, encoded as a Timestamp start (inclusive) and a + // Timestamp end (exclusive). + // The start must be less than or equal to the end. + // When the start equals the end, the interval is empty (matches no time). + // When both start and end are unspecified, the interval matches any time. + // Structure is documented below. + ProcessInterval *RetrohuntProcessInterval `pulumi:"processInterval"` + // Output only. Percent progress of the retrohunt towards completion, from 0.00 to 100.00. + ProgressPercentage *float64 `pulumi:"progressPercentage"` + Project *string `pulumi:"project"` + // The Rule ID of the rule. + Rule *string `pulumi:"rule"` + // Output only. The state of the retrohunt. + // Possible values: + // RUNNING + // DONE + // CANCELLED + // FAILED + State *string `pulumi:"state"` +} + +type RetrohuntState struct { + // The retrohunt ID of the Retrohunt. A retrohunt is an execution of a Rule over a time range in the past. + RetrohuntId pulumi.StringPtrInput + // Represents a time interval, encoded as a Timestamp start (inclusive) and a + // Timestamp end (exclusive). + // The start must be less than or equal to the end. + // When the start equals the end, the interval is empty (matches no time). + // When both start and end are unspecified, the interval matches any time. + // Structure is documented below. + ExecutionIntervals RetrohuntExecutionIntervalArrayInput + // The unique identifier for the Chronicle instance, which is the same as the customer ID. + Instance pulumi.StringPtrInput + // The location of the resource. This is the geographical region where the Chronicle instance resides, such as "us" or "europe-west2". + Location pulumi.StringPtrInput + // The resource name of the retrohunt. + // Retrohunt is the child of a rule revision. {rule} in the format below is + // structured as {rule_id@revision_id}. + // Format: + // projects/{project}/locations/{location}/instances/{instance}/rules/{rule}/retrohunts/{retrohunt} + Name pulumi.StringPtrInput + // Represents a time interval, encoded as a Timestamp start (inclusive) and a + // Timestamp end (exclusive). + // The start must be less than or equal to the end. + // When the start equals the end, the interval is empty (matches no time). + // When both start and end are unspecified, the interval matches any time. + // Structure is documented below. + ProcessInterval RetrohuntProcessIntervalPtrInput + // Output only. Percent progress of the retrohunt towards completion, from 0.00 to 100.00. + ProgressPercentage pulumi.Float64PtrInput + Project pulumi.StringPtrInput + // The Rule ID of the rule. + Rule pulumi.StringPtrInput + // Output only. The state of the retrohunt. + // Possible values: + // RUNNING + // DONE + // CANCELLED + // FAILED + State pulumi.StringPtrInput +} + +func (RetrohuntState) ElementType() reflect.Type { + return reflect.TypeOf((*retrohuntState)(nil)).Elem() +} + +type retrohuntArgs struct { + // The retrohunt ID of the Retrohunt. A retrohunt is an execution of a Rule over a time range in the past. + RetrohuntId *string `pulumi:"RetrohuntId"` + // The unique identifier for the Chronicle instance, which is the same as the customer ID. + Instance string `pulumi:"instance"` + // The location of the resource. This is the geographical region where the Chronicle instance resides, such as "us" or "europe-west2". + Location string `pulumi:"location"` + // Represents a time interval, encoded as a Timestamp start (inclusive) and a + // Timestamp end (exclusive). + // The start must be less than or equal to the end. + // When the start equals the end, the interval is empty (matches no time). + // When both start and end are unspecified, the interval matches any time. + // Structure is documented below. + ProcessInterval RetrohuntProcessInterval `pulumi:"processInterval"` + Project *string `pulumi:"project"` + // The Rule ID of the rule. + Rule string `pulumi:"rule"` +} + +// The set of arguments for constructing a Retrohunt resource. +type RetrohuntArgs struct { + // The retrohunt ID of the Retrohunt. A retrohunt is an execution of a Rule over a time range in the past. + RetrohuntId pulumi.StringPtrInput + // The unique identifier for the Chronicle instance, which is the same as the customer ID. + Instance pulumi.StringInput + // The location of the resource. This is the geographical region where the Chronicle instance resides, such as "us" or "europe-west2". + Location pulumi.StringInput + // Represents a time interval, encoded as a Timestamp start (inclusive) and a + // Timestamp end (exclusive). + // The start must be less than or equal to the end. + // When the start equals the end, the interval is empty (matches no time). + // When both start and end are unspecified, the interval matches any time. + // Structure is documented below. + ProcessInterval RetrohuntProcessIntervalInput + Project pulumi.StringPtrInput + // The Rule ID of the rule. + Rule pulumi.StringInput +} + +func (RetrohuntArgs) ElementType() reflect.Type { + return reflect.TypeOf((*retrohuntArgs)(nil)).Elem() +} + +type RetrohuntInput interface { + pulumi.Input + + ToRetrohuntOutput() RetrohuntOutput + ToRetrohuntOutputWithContext(ctx context.Context) RetrohuntOutput +} + +func (*Retrohunt) ElementType() reflect.Type { + return reflect.TypeOf((**Retrohunt)(nil)).Elem() +} + +func (i *Retrohunt) ToRetrohuntOutput() RetrohuntOutput { + return i.ToRetrohuntOutputWithContext(context.Background()) +} + +func (i *Retrohunt) ToRetrohuntOutputWithContext(ctx context.Context) RetrohuntOutput { + return pulumi.ToOutputWithContext(ctx, i).(RetrohuntOutput) +} + +// RetrohuntArrayInput is an input type that accepts RetrohuntArray and RetrohuntArrayOutput values. +// You can construct a concrete instance of `RetrohuntArrayInput` via: +// +// RetrohuntArray{ RetrohuntArgs{...} } +type RetrohuntArrayInput interface { + pulumi.Input + + ToRetrohuntArrayOutput() RetrohuntArrayOutput + ToRetrohuntArrayOutputWithContext(context.Context) RetrohuntArrayOutput +} + +type RetrohuntArray []RetrohuntInput + +func (RetrohuntArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]*Retrohunt)(nil)).Elem() +} + +func (i RetrohuntArray) ToRetrohuntArrayOutput() RetrohuntArrayOutput { + return i.ToRetrohuntArrayOutputWithContext(context.Background()) +} + +func (i RetrohuntArray) ToRetrohuntArrayOutputWithContext(ctx context.Context) RetrohuntArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(RetrohuntArrayOutput) +} + +// RetrohuntMapInput is an input type that accepts RetrohuntMap and RetrohuntMapOutput values. +// You can construct a concrete instance of `RetrohuntMapInput` via: +// +// RetrohuntMap{ "key": RetrohuntArgs{...} } +type RetrohuntMapInput interface { + pulumi.Input + + ToRetrohuntMapOutput() RetrohuntMapOutput + ToRetrohuntMapOutputWithContext(context.Context) RetrohuntMapOutput +} + +type RetrohuntMap map[string]RetrohuntInput + +func (RetrohuntMap) ElementType() reflect.Type { + return reflect.TypeOf((*map[string]*Retrohunt)(nil)).Elem() +} + +func (i RetrohuntMap) ToRetrohuntMapOutput() RetrohuntMapOutput { + return i.ToRetrohuntMapOutputWithContext(context.Background()) +} + +func (i RetrohuntMap) ToRetrohuntMapOutputWithContext(ctx context.Context) RetrohuntMapOutput { + return pulumi.ToOutputWithContext(ctx, i).(RetrohuntMapOutput) +} + +type RetrohuntOutput struct{ *pulumi.OutputState } + +func (RetrohuntOutput) ElementType() reflect.Type { + return reflect.TypeOf((**Retrohunt)(nil)).Elem() +} + +func (o RetrohuntOutput) ToRetrohuntOutput() RetrohuntOutput { + return o +} + +func (o RetrohuntOutput) ToRetrohuntOutputWithContext(ctx context.Context) RetrohuntOutput { + return o +} + +// The retrohunt ID of the Retrohunt. A retrohunt is an execution of a Rule over a time range in the past. +func (o RetrohuntOutput) RetrohuntId() pulumi.StringOutput { + return o.ApplyT(func(v *Retrohunt) pulumi.StringOutput { return v.RetrohuntId }).(pulumi.StringOutput) +} + +// Represents a time interval, encoded as a Timestamp start (inclusive) and a +// Timestamp end (exclusive). +// The start must be less than or equal to the end. +// When the start equals the end, the interval is empty (matches no time). +// When both start and end are unspecified, the interval matches any time. +// Structure is documented below. +func (o RetrohuntOutput) ExecutionIntervals() RetrohuntExecutionIntervalArrayOutput { + return o.ApplyT(func(v *Retrohunt) RetrohuntExecutionIntervalArrayOutput { return v.ExecutionIntervals }).(RetrohuntExecutionIntervalArrayOutput) +} + +// The unique identifier for the Chronicle instance, which is the same as the customer ID. +func (o RetrohuntOutput) Instance() pulumi.StringOutput { + return o.ApplyT(func(v *Retrohunt) pulumi.StringOutput { return v.Instance }).(pulumi.StringOutput) +} + +// The location of the resource. This is the geographical region where the Chronicle instance resides, such as "us" or "europe-west2". +func (o RetrohuntOutput) Location() pulumi.StringOutput { + return o.ApplyT(func(v *Retrohunt) pulumi.StringOutput { return v.Location }).(pulumi.StringOutput) +} + +// The resource name of the retrohunt. +// Retrohunt is the child of a rule revision. {rule} in the format below is +// structured as {rule_id@revision_id}. +// Format: +// projects/{project}/locations/{location}/instances/{instance}/rules/{rule}/retrohunts/{retrohunt} +func (o RetrohuntOutput) Name() pulumi.StringOutput { + return o.ApplyT(func(v *Retrohunt) pulumi.StringOutput { return v.Name }).(pulumi.StringOutput) +} + +// Represents a time interval, encoded as a Timestamp start (inclusive) and a +// Timestamp end (exclusive). +// The start must be less than or equal to the end. +// When the start equals the end, the interval is empty (matches no time). +// When both start and end are unspecified, the interval matches any time. +// Structure is documented below. +func (o RetrohuntOutput) ProcessInterval() RetrohuntProcessIntervalOutput { + return o.ApplyT(func(v *Retrohunt) RetrohuntProcessIntervalOutput { return v.ProcessInterval }).(RetrohuntProcessIntervalOutput) +} + +// Output only. Percent progress of the retrohunt towards completion, from 0.00 to 100.00. +func (o RetrohuntOutput) ProgressPercentage() pulumi.Float64Output { + return o.ApplyT(func(v *Retrohunt) pulumi.Float64Output { return v.ProgressPercentage }).(pulumi.Float64Output) +} + +func (o RetrohuntOutput) Project() pulumi.StringOutput { + return o.ApplyT(func(v *Retrohunt) pulumi.StringOutput { return v.Project }).(pulumi.StringOutput) +} + +// The Rule ID of the rule. +func (o RetrohuntOutput) Rule() pulumi.StringOutput { + return o.ApplyT(func(v *Retrohunt) pulumi.StringOutput { return v.Rule }).(pulumi.StringOutput) +} + +// Output only. The state of the retrohunt. +// Possible values: +// RUNNING +// DONE +// CANCELLED +// FAILED +func (o RetrohuntOutput) State() pulumi.StringOutput { + return o.ApplyT(func(v *Retrohunt) pulumi.StringOutput { return v.State }).(pulumi.StringOutput) +} + +type RetrohuntArrayOutput struct{ *pulumi.OutputState } + +func (RetrohuntArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]*Retrohunt)(nil)).Elem() +} + +func (o RetrohuntArrayOutput) ToRetrohuntArrayOutput() RetrohuntArrayOutput { + return o +} + +func (o RetrohuntArrayOutput) ToRetrohuntArrayOutputWithContext(ctx context.Context) RetrohuntArrayOutput { + return o +} + +func (o RetrohuntArrayOutput) Index(i pulumi.IntInput) RetrohuntOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) *Retrohunt { + return vs[0].([]*Retrohunt)[vs[1].(int)] + }).(RetrohuntOutput) +} + +type RetrohuntMapOutput struct{ *pulumi.OutputState } + +func (RetrohuntMapOutput) ElementType() reflect.Type { + return reflect.TypeOf((*map[string]*Retrohunt)(nil)).Elem() +} + +func (o RetrohuntMapOutput) ToRetrohuntMapOutput() RetrohuntMapOutput { + return o +} + +func (o RetrohuntMapOutput) ToRetrohuntMapOutputWithContext(ctx context.Context) RetrohuntMapOutput { + return o +} + +func (o RetrohuntMapOutput) MapIndex(k pulumi.StringInput) RetrohuntOutput { + return pulumi.All(o, k).ApplyT(func(vs []interface{}) *Retrohunt { + return vs[0].(map[string]*Retrohunt)[vs[1].(string)] + }).(RetrohuntOutput) +} + +func init() { + pulumi.RegisterInputType(reflect.TypeOf((*RetrohuntInput)(nil)).Elem(), &Retrohunt{}) + pulumi.RegisterInputType(reflect.TypeOf((*RetrohuntArrayInput)(nil)).Elem(), RetrohuntArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*RetrohuntMapInput)(nil)).Elem(), RetrohuntMap{}) + pulumi.RegisterOutputType(RetrohuntOutput{}) + pulumi.RegisterOutputType(RetrohuntArrayOutput{}) + pulumi.RegisterOutputType(RetrohuntMapOutput{}) +} diff --git a/sdk/go/gcp/cloudrunv2/getService.go b/sdk/go/gcp/cloudrunv2/getService.go index 0827307215..ccd1ace2d7 100644 --- a/sdk/go/gcp/cloudrunv2/getService.go +++ b/sdk/go/gcp/cloudrunv2/getService.go @@ -68,6 +68,7 @@ type LookupServiceArgs struct { type LookupServiceResult struct { Annotations map[string]string `pulumi:"annotations"` BinaryAuthorizations []GetServiceBinaryAuthorization `pulumi:"binaryAuthorizations"` + BuildConfigs []GetServiceBuildConfig `pulumi:"buildConfigs"` Client string `pulumi:"client"` ClientVersion string `pulumi:"clientVersion"` Conditions []GetServiceCondition `pulumi:"conditions"` @@ -158,6 +159,10 @@ func (o LookupServiceResultOutput) BinaryAuthorizations() GetServiceBinaryAuthor return o.ApplyT(func(v LookupServiceResult) []GetServiceBinaryAuthorization { return v.BinaryAuthorizations }).(GetServiceBinaryAuthorizationArrayOutput) } +func (o LookupServiceResultOutput) BuildConfigs() GetServiceBuildConfigArrayOutput { + return o.ApplyT(func(v LookupServiceResult) []GetServiceBuildConfig { return v.BuildConfigs }).(GetServiceBuildConfigArrayOutput) +} + func (o LookupServiceResultOutput) Client() pulumi.StringOutput { return o.ApplyT(func(v LookupServiceResult) string { return v.Client }).(pulumi.StringOutput) } diff --git a/sdk/go/gcp/cloudrunv2/pulumiTypes.go b/sdk/go/gcp/cloudrunv2/pulumiTypes.go index dc1ff400ad..7856178b49 100644 --- a/sdk/go/gcp/cloudrunv2/pulumiTypes.go +++ b/sdk/go/gcp/cloudrunv2/pulumiTypes.go @@ -4103,6 +4103,299 @@ func (o ServiceBinaryAuthorizationPtrOutput) UseDefault() pulumi.BoolPtrOutput { }).(pulumi.BoolPtrOutput) } +type ServiceBuildConfig struct { + // The base image used to build the function. + BaseImage *string `pulumi:"baseImage"` + // Sets whether the function will receive automatic base image updates. + EnableAutomaticUpdates *bool `pulumi:"enableAutomaticUpdates"` + // User-provided build-time environment variables for the function. + EnvironmentVariables map[string]string `pulumi:"environmentVariables"` + // The name of the function (as defined in source code) that will be executed. Defaults to the resource name suffix, if not specified. For backward compatibility, if function with given name is not found, then the system will try to use function named "function". + FunctionTarget *string `pulumi:"functionTarget"` + // Artifact Registry URI to store the built image. + ImageUri *string `pulumi:"imageUri"` + // (Output) + // The Cloud Build name of the latest successful deployment of the function. + Name *string `pulumi:"name"` + // Service account to be used for building the container. The format of this field is `projects/{projectId}/serviceAccounts/{serviceAccountEmail}`. + ServiceAccount *string `pulumi:"serviceAccount"` + // The Cloud Storage bucket URI where the function source code is located. + SourceLocation *string `pulumi:"sourceLocation"` + // Name of the Cloud Build Custom Worker Pool that should be used to build the Cloud Run function. The format of this field is `projects/{project}/locations/{region}/workerPools/{workerPool}` where {project} and {region} are the project id and region respectively where the worker pool is defined and {workerPool} is the short name of the worker pool. + WorkerPool *string `pulumi:"workerPool"` +} + +// ServiceBuildConfigInput is an input type that accepts ServiceBuildConfigArgs and ServiceBuildConfigOutput values. +// You can construct a concrete instance of `ServiceBuildConfigInput` via: +// +// ServiceBuildConfigArgs{...} +type ServiceBuildConfigInput interface { + pulumi.Input + + ToServiceBuildConfigOutput() ServiceBuildConfigOutput + ToServiceBuildConfigOutputWithContext(context.Context) ServiceBuildConfigOutput +} + +type ServiceBuildConfigArgs struct { + // The base image used to build the function. + BaseImage pulumi.StringPtrInput `pulumi:"baseImage"` + // Sets whether the function will receive automatic base image updates. + EnableAutomaticUpdates pulumi.BoolPtrInput `pulumi:"enableAutomaticUpdates"` + // User-provided build-time environment variables for the function. + EnvironmentVariables pulumi.StringMapInput `pulumi:"environmentVariables"` + // The name of the function (as defined in source code) that will be executed. Defaults to the resource name suffix, if not specified. For backward compatibility, if function with given name is not found, then the system will try to use function named "function". + FunctionTarget pulumi.StringPtrInput `pulumi:"functionTarget"` + // Artifact Registry URI to store the built image. + ImageUri pulumi.StringPtrInput `pulumi:"imageUri"` + // (Output) + // The Cloud Build name of the latest successful deployment of the function. + Name pulumi.StringPtrInput `pulumi:"name"` + // Service account to be used for building the container. The format of this field is `projects/{projectId}/serviceAccounts/{serviceAccountEmail}`. + ServiceAccount pulumi.StringPtrInput `pulumi:"serviceAccount"` + // The Cloud Storage bucket URI where the function source code is located. + SourceLocation pulumi.StringPtrInput `pulumi:"sourceLocation"` + // Name of the Cloud Build Custom Worker Pool that should be used to build the Cloud Run function. The format of this field is `projects/{project}/locations/{region}/workerPools/{workerPool}` where {project} and {region} are the project id and region respectively where the worker pool is defined and {workerPool} is the short name of the worker pool. + WorkerPool pulumi.StringPtrInput `pulumi:"workerPool"` +} + +func (ServiceBuildConfigArgs) ElementType() reflect.Type { + return reflect.TypeOf((*ServiceBuildConfig)(nil)).Elem() +} + +func (i ServiceBuildConfigArgs) ToServiceBuildConfigOutput() ServiceBuildConfigOutput { + return i.ToServiceBuildConfigOutputWithContext(context.Background()) +} + +func (i ServiceBuildConfigArgs) ToServiceBuildConfigOutputWithContext(ctx context.Context) ServiceBuildConfigOutput { + return pulumi.ToOutputWithContext(ctx, i).(ServiceBuildConfigOutput) +} + +func (i ServiceBuildConfigArgs) ToServiceBuildConfigPtrOutput() ServiceBuildConfigPtrOutput { + return i.ToServiceBuildConfigPtrOutputWithContext(context.Background()) +} + +func (i ServiceBuildConfigArgs) ToServiceBuildConfigPtrOutputWithContext(ctx context.Context) ServiceBuildConfigPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(ServiceBuildConfigOutput).ToServiceBuildConfigPtrOutputWithContext(ctx) +} + +// ServiceBuildConfigPtrInput is an input type that accepts ServiceBuildConfigArgs, ServiceBuildConfigPtr and ServiceBuildConfigPtrOutput values. +// You can construct a concrete instance of `ServiceBuildConfigPtrInput` via: +// +// ServiceBuildConfigArgs{...} +// +// or: +// +// nil +type ServiceBuildConfigPtrInput interface { + pulumi.Input + + ToServiceBuildConfigPtrOutput() ServiceBuildConfigPtrOutput + ToServiceBuildConfigPtrOutputWithContext(context.Context) ServiceBuildConfigPtrOutput +} + +type serviceBuildConfigPtrType ServiceBuildConfigArgs + +func ServiceBuildConfigPtr(v *ServiceBuildConfigArgs) ServiceBuildConfigPtrInput { + return (*serviceBuildConfigPtrType)(v) +} + +func (*serviceBuildConfigPtrType) ElementType() reflect.Type { + return reflect.TypeOf((**ServiceBuildConfig)(nil)).Elem() +} + +func (i *serviceBuildConfigPtrType) ToServiceBuildConfigPtrOutput() ServiceBuildConfigPtrOutput { + return i.ToServiceBuildConfigPtrOutputWithContext(context.Background()) +} + +func (i *serviceBuildConfigPtrType) ToServiceBuildConfigPtrOutputWithContext(ctx context.Context) ServiceBuildConfigPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(ServiceBuildConfigPtrOutput) +} + +type ServiceBuildConfigOutput struct{ *pulumi.OutputState } + +func (ServiceBuildConfigOutput) ElementType() reflect.Type { + return reflect.TypeOf((*ServiceBuildConfig)(nil)).Elem() +} + +func (o ServiceBuildConfigOutput) ToServiceBuildConfigOutput() ServiceBuildConfigOutput { + return o +} + +func (o ServiceBuildConfigOutput) ToServiceBuildConfigOutputWithContext(ctx context.Context) ServiceBuildConfigOutput { + return o +} + +func (o ServiceBuildConfigOutput) ToServiceBuildConfigPtrOutput() ServiceBuildConfigPtrOutput { + return o.ToServiceBuildConfigPtrOutputWithContext(context.Background()) +} + +func (o ServiceBuildConfigOutput) ToServiceBuildConfigPtrOutputWithContext(ctx context.Context) ServiceBuildConfigPtrOutput { + return o.ApplyTWithContext(ctx, func(_ context.Context, v ServiceBuildConfig) *ServiceBuildConfig { + return &v + }).(ServiceBuildConfigPtrOutput) +} + +// The base image used to build the function. +func (o ServiceBuildConfigOutput) BaseImage() pulumi.StringPtrOutput { + return o.ApplyT(func(v ServiceBuildConfig) *string { return v.BaseImage }).(pulumi.StringPtrOutput) +} + +// Sets whether the function will receive automatic base image updates. +func (o ServiceBuildConfigOutput) EnableAutomaticUpdates() pulumi.BoolPtrOutput { + return o.ApplyT(func(v ServiceBuildConfig) *bool { return v.EnableAutomaticUpdates }).(pulumi.BoolPtrOutput) +} + +// User-provided build-time environment variables for the function. +func (o ServiceBuildConfigOutput) EnvironmentVariables() pulumi.StringMapOutput { + return o.ApplyT(func(v ServiceBuildConfig) map[string]string { return v.EnvironmentVariables }).(pulumi.StringMapOutput) +} + +// The name of the function (as defined in source code) that will be executed. Defaults to the resource name suffix, if not specified. For backward compatibility, if function with given name is not found, then the system will try to use function named "function". +func (o ServiceBuildConfigOutput) FunctionTarget() pulumi.StringPtrOutput { + return o.ApplyT(func(v ServiceBuildConfig) *string { return v.FunctionTarget }).(pulumi.StringPtrOutput) +} + +// Artifact Registry URI to store the built image. +func (o ServiceBuildConfigOutput) ImageUri() pulumi.StringPtrOutput { + return o.ApplyT(func(v ServiceBuildConfig) *string { return v.ImageUri }).(pulumi.StringPtrOutput) +} + +// (Output) +// The Cloud Build name of the latest successful deployment of the function. +func (o ServiceBuildConfigOutput) Name() pulumi.StringPtrOutput { + return o.ApplyT(func(v ServiceBuildConfig) *string { return v.Name }).(pulumi.StringPtrOutput) +} + +// Service account to be used for building the container. The format of this field is `projects/{projectId}/serviceAccounts/{serviceAccountEmail}`. +func (o ServiceBuildConfigOutput) ServiceAccount() pulumi.StringPtrOutput { + return o.ApplyT(func(v ServiceBuildConfig) *string { return v.ServiceAccount }).(pulumi.StringPtrOutput) +} + +// The Cloud Storage bucket URI where the function source code is located. +func (o ServiceBuildConfigOutput) SourceLocation() pulumi.StringPtrOutput { + return o.ApplyT(func(v ServiceBuildConfig) *string { return v.SourceLocation }).(pulumi.StringPtrOutput) +} + +// Name of the Cloud Build Custom Worker Pool that should be used to build the Cloud Run function. The format of this field is `projects/{project}/locations/{region}/workerPools/{workerPool}` where {project} and {region} are the project id and region respectively where the worker pool is defined and {workerPool} is the short name of the worker pool. +func (o ServiceBuildConfigOutput) WorkerPool() pulumi.StringPtrOutput { + return o.ApplyT(func(v ServiceBuildConfig) *string { return v.WorkerPool }).(pulumi.StringPtrOutput) +} + +type ServiceBuildConfigPtrOutput struct{ *pulumi.OutputState } + +func (ServiceBuildConfigPtrOutput) ElementType() reflect.Type { + return reflect.TypeOf((**ServiceBuildConfig)(nil)).Elem() +} + +func (o ServiceBuildConfigPtrOutput) ToServiceBuildConfigPtrOutput() ServiceBuildConfigPtrOutput { + return o +} + +func (o ServiceBuildConfigPtrOutput) ToServiceBuildConfigPtrOutputWithContext(ctx context.Context) ServiceBuildConfigPtrOutput { + return o +} + +func (o ServiceBuildConfigPtrOutput) Elem() ServiceBuildConfigOutput { + return o.ApplyT(func(v *ServiceBuildConfig) ServiceBuildConfig { + if v != nil { + return *v + } + var ret ServiceBuildConfig + return ret + }).(ServiceBuildConfigOutput) +} + +// The base image used to build the function. +func (o ServiceBuildConfigPtrOutput) BaseImage() pulumi.StringPtrOutput { + return o.ApplyT(func(v *ServiceBuildConfig) *string { + if v == nil { + return nil + } + return v.BaseImage + }).(pulumi.StringPtrOutput) +} + +// Sets whether the function will receive automatic base image updates. +func (o ServiceBuildConfigPtrOutput) EnableAutomaticUpdates() pulumi.BoolPtrOutput { + return o.ApplyT(func(v *ServiceBuildConfig) *bool { + if v == nil { + return nil + } + return v.EnableAutomaticUpdates + }).(pulumi.BoolPtrOutput) +} + +// User-provided build-time environment variables for the function. +func (o ServiceBuildConfigPtrOutput) EnvironmentVariables() pulumi.StringMapOutput { + return o.ApplyT(func(v *ServiceBuildConfig) map[string]string { + if v == nil { + return nil + } + return v.EnvironmentVariables + }).(pulumi.StringMapOutput) +} + +// The name of the function (as defined in source code) that will be executed. Defaults to the resource name suffix, if not specified. For backward compatibility, if function with given name is not found, then the system will try to use function named "function". +func (o ServiceBuildConfigPtrOutput) FunctionTarget() pulumi.StringPtrOutput { + return o.ApplyT(func(v *ServiceBuildConfig) *string { + if v == nil { + return nil + } + return v.FunctionTarget + }).(pulumi.StringPtrOutput) +} + +// Artifact Registry URI to store the built image. +func (o ServiceBuildConfigPtrOutput) ImageUri() pulumi.StringPtrOutput { + return o.ApplyT(func(v *ServiceBuildConfig) *string { + if v == nil { + return nil + } + return v.ImageUri + }).(pulumi.StringPtrOutput) +} + +// (Output) +// The Cloud Build name of the latest successful deployment of the function. +func (o ServiceBuildConfigPtrOutput) Name() pulumi.StringPtrOutput { + return o.ApplyT(func(v *ServiceBuildConfig) *string { + if v == nil { + return nil + } + return v.Name + }).(pulumi.StringPtrOutput) +} + +// Service account to be used for building the container. The format of this field is `projects/{projectId}/serviceAccounts/{serviceAccountEmail}`. +func (o ServiceBuildConfigPtrOutput) ServiceAccount() pulumi.StringPtrOutput { + return o.ApplyT(func(v *ServiceBuildConfig) *string { + if v == nil { + return nil + } + return v.ServiceAccount + }).(pulumi.StringPtrOutput) +} + +// The Cloud Storage bucket URI where the function source code is located. +func (o ServiceBuildConfigPtrOutput) SourceLocation() pulumi.StringPtrOutput { + return o.ApplyT(func(v *ServiceBuildConfig) *string { + if v == nil { + return nil + } + return v.SourceLocation + }).(pulumi.StringPtrOutput) +} + +// Name of the Cloud Build Custom Worker Pool that should be used to build the Cloud Run function. The format of this field is `projects/{project}/locations/{region}/workerPools/{workerPool}` where {project} and {region} are the project id and region respectively where the worker pool is defined and {workerPool} is the short name of the worker pool. +func (o ServiceBuildConfigPtrOutput) WorkerPool() pulumi.StringPtrOutput { + return o.ApplyT(func(v *ServiceBuildConfig) *string { + if v == nil { + return nil + } + return v.WorkerPool + }).(pulumi.StringPtrOutput) +} + type ServiceCondition struct { // (Output) // A reason for the execution condition. @@ -13229,6 +13522,175 @@ func (o GetServiceBinaryAuthorizationArrayOutput) Index(i pulumi.IntInput) GetSe }).(GetServiceBinaryAuthorizationOutput) } +type GetServiceBuildConfig struct { + // The base image used to build the function. + BaseImage string `pulumi:"baseImage"` + // Sets whether the function will receive automatic base image updates. + EnableAutomaticUpdates bool `pulumi:"enableAutomaticUpdates"` + // User-provided build-time environment variables for the function. + EnvironmentVariables map[string]string `pulumi:"environmentVariables"` + // The name of the function (as defined in source code) that will be executed. Defaults to the resource name suffix, if not specified. For backward compatibility, if function with given name is not found, then the system will try to use function named "function". + FunctionTarget string `pulumi:"functionTarget"` + // Artifact Registry URI to store the built image. + ImageUri string `pulumi:"imageUri"` + // The name of the Cloud Run v2 Service. + Name string `pulumi:"name"` + // Service account to be used for building the container. The format of this field is 'projects/{projectId}/serviceAccounts/{serviceAccountEmail}'. + ServiceAccount string `pulumi:"serviceAccount"` + // The Cloud Storage bucket URI where the function source code is located. + SourceLocation string `pulumi:"sourceLocation"` + // Name of the Cloud Build Custom Worker Pool that should be used to build the Cloud Run function. The format of this field is 'projects/{project}/locations/{region}/workerPools/{workerPool}' where {project} and {region} are the project id and region respectively where the worker pool is defined and {workerPool} is the short name of the worker pool. + WorkerPool string `pulumi:"workerPool"` +} + +// GetServiceBuildConfigInput is an input type that accepts GetServiceBuildConfigArgs and GetServiceBuildConfigOutput values. +// You can construct a concrete instance of `GetServiceBuildConfigInput` via: +// +// GetServiceBuildConfigArgs{...} +type GetServiceBuildConfigInput interface { + pulumi.Input + + ToGetServiceBuildConfigOutput() GetServiceBuildConfigOutput + ToGetServiceBuildConfigOutputWithContext(context.Context) GetServiceBuildConfigOutput +} + +type GetServiceBuildConfigArgs struct { + // The base image used to build the function. + BaseImage pulumi.StringInput `pulumi:"baseImage"` + // Sets whether the function will receive automatic base image updates. + EnableAutomaticUpdates pulumi.BoolInput `pulumi:"enableAutomaticUpdates"` + // User-provided build-time environment variables for the function. + EnvironmentVariables pulumi.StringMapInput `pulumi:"environmentVariables"` + // The name of the function (as defined in source code) that will be executed. Defaults to the resource name suffix, if not specified. For backward compatibility, if function with given name is not found, then the system will try to use function named "function". + FunctionTarget pulumi.StringInput `pulumi:"functionTarget"` + // Artifact Registry URI to store the built image. + ImageUri pulumi.StringInput `pulumi:"imageUri"` + // The name of the Cloud Run v2 Service. + Name pulumi.StringInput `pulumi:"name"` + // Service account to be used for building the container. The format of this field is 'projects/{projectId}/serviceAccounts/{serviceAccountEmail}'. + ServiceAccount pulumi.StringInput `pulumi:"serviceAccount"` + // The Cloud Storage bucket URI where the function source code is located. + SourceLocation pulumi.StringInput `pulumi:"sourceLocation"` + // Name of the Cloud Build Custom Worker Pool that should be used to build the Cloud Run function. The format of this field is 'projects/{project}/locations/{region}/workerPools/{workerPool}' where {project} and {region} are the project id and region respectively where the worker pool is defined and {workerPool} is the short name of the worker pool. + WorkerPool pulumi.StringInput `pulumi:"workerPool"` +} + +func (GetServiceBuildConfigArgs) ElementType() reflect.Type { + return reflect.TypeOf((*GetServiceBuildConfig)(nil)).Elem() +} + +func (i GetServiceBuildConfigArgs) ToGetServiceBuildConfigOutput() GetServiceBuildConfigOutput { + return i.ToGetServiceBuildConfigOutputWithContext(context.Background()) +} + +func (i GetServiceBuildConfigArgs) ToGetServiceBuildConfigOutputWithContext(ctx context.Context) GetServiceBuildConfigOutput { + return pulumi.ToOutputWithContext(ctx, i).(GetServiceBuildConfigOutput) +} + +// GetServiceBuildConfigArrayInput is an input type that accepts GetServiceBuildConfigArray and GetServiceBuildConfigArrayOutput values. +// You can construct a concrete instance of `GetServiceBuildConfigArrayInput` via: +// +// GetServiceBuildConfigArray{ GetServiceBuildConfigArgs{...} } +type GetServiceBuildConfigArrayInput interface { + pulumi.Input + + ToGetServiceBuildConfigArrayOutput() GetServiceBuildConfigArrayOutput + ToGetServiceBuildConfigArrayOutputWithContext(context.Context) GetServiceBuildConfigArrayOutput +} + +type GetServiceBuildConfigArray []GetServiceBuildConfigInput + +func (GetServiceBuildConfigArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]GetServiceBuildConfig)(nil)).Elem() +} + +func (i GetServiceBuildConfigArray) ToGetServiceBuildConfigArrayOutput() GetServiceBuildConfigArrayOutput { + return i.ToGetServiceBuildConfigArrayOutputWithContext(context.Background()) +} + +func (i GetServiceBuildConfigArray) ToGetServiceBuildConfigArrayOutputWithContext(ctx context.Context) GetServiceBuildConfigArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(GetServiceBuildConfigArrayOutput) +} + +type GetServiceBuildConfigOutput struct{ *pulumi.OutputState } + +func (GetServiceBuildConfigOutput) ElementType() reflect.Type { + return reflect.TypeOf((*GetServiceBuildConfig)(nil)).Elem() +} + +func (o GetServiceBuildConfigOutput) ToGetServiceBuildConfigOutput() GetServiceBuildConfigOutput { + return o +} + +func (o GetServiceBuildConfigOutput) ToGetServiceBuildConfigOutputWithContext(ctx context.Context) GetServiceBuildConfigOutput { + return o +} + +// The base image used to build the function. +func (o GetServiceBuildConfigOutput) BaseImage() pulumi.StringOutput { + return o.ApplyT(func(v GetServiceBuildConfig) string { return v.BaseImage }).(pulumi.StringOutput) +} + +// Sets whether the function will receive automatic base image updates. +func (o GetServiceBuildConfigOutput) EnableAutomaticUpdates() pulumi.BoolOutput { + return o.ApplyT(func(v GetServiceBuildConfig) bool { return v.EnableAutomaticUpdates }).(pulumi.BoolOutput) +} + +// User-provided build-time environment variables for the function. +func (o GetServiceBuildConfigOutput) EnvironmentVariables() pulumi.StringMapOutput { + return o.ApplyT(func(v GetServiceBuildConfig) map[string]string { return v.EnvironmentVariables }).(pulumi.StringMapOutput) +} + +// The name of the function (as defined in source code) that will be executed. Defaults to the resource name suffix, if not specified. For backward compatibility, if function with given name is not found, then the system will try to use function named "function". +func (o GetServiceBuildConfigOutput) FunctionTarget() pulumi.StringOutput { + return o.ApplyT(func(v GetServiceBuildConfig) string { return v.FunctionTarget }).(pulumi.StringOutput) +} + +// Artifact Registry URI to store the built image. +func (o GetServiceBuildConfigOutput) ImageUri() pulumi.StringOutput { + return o.ApplyT(func(v GetServiceBuildConfig) string { return v.ImageUri }).(pulumi.StringOutput) +} + +// The name of the Cloud Run v2 Service. +func (o GetServiceBuildConfigOutput) Name() pulumi.StringOutput { + return o.ApplyT(func(v GetServiceBuildConfig) string { return v.Name }).(pulumi.StringOutput) +} + +// Service account to be used for building the container. The format of this field is 'projects/{projectId}/serviceAccounts/{serviceAccountEmail}'. +func (o GetServiceBuildConfigOutput) ServiceAccount() pulumi.StringOutput { + return o.ApplyT(func(v GetServiceBuildConfig) string { return v.ServiceAccount }).(pulumi.StringOutput) +} + +// The Cloud Storage bucket URI where the function source code is located. +func (o GetServiceBuildConfigOutput) SourceLocation() pulumi.StringOutput { + return o.ApplyT(func(v GetServiceBuildConfig) string { return v.SourceLocation }).(pulumi.StringOutput) +} + +// Name of the Cloud Build Custom Worker Pool that should be used to build the Cloud Run function. The format of this field is 'projects/{project}/locations/{region}/workerPools/{workerPool}' where {project} and {region} are the project id and region respectively where the worker pool is defined and {workerPool} is the short name of the worker pool. +func (o GetServiceBuildConfigOutput) WorkerPool() pulumi.StringOutput { + return o.ApplyT(func(v GetServiceBuildConfig) string { return v.WorkerPool }).(pulumi.StringOutput) +} + +type GetServiceBuildConfigArrayOutput struct{ *pulumi.OutputState } + +func (GetServiceBuildConfigArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]GetServiceBuildConfig)(nil)).Elem() +} + +func (o GetServiceBuildConfigArrayOutput) ToGetServiceBuildConfigArrayOutput() GetServiceBuildConfigArrayOutput { + return o +} + +func (o GetServiceBuildConfigArrayOutput) ToGetServiceBuildConfigArrayOutputWithContext(ctx context.Context) GetServiceBuildConfigArrayOutput { + return o +} + +func (o GetServiceBuildConfigArrayOutput) Index(i pulumi.IntInput) GetServiceBuildConfigOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) GetServiceBuildConfig { + return vs[0].([]GetServiceBuildConfig)[vs[1].(int)] + }).(GetServiceBuildConfigOutput) +} + type GetServiceCondition struct { // A reason for the execution condition. ExecutionReason string `pulumi:"executionReason"` @@ -17631,6 +18093,8 @@ func init() { pulumi.RegisterInputType(reflect.TypeOf((*JobTerminalConditionArrayInput)(nil)).Elem(), JobTerminalConditionArray{}) pulumi.RegisterInputType(reflect.TypeOf((*ServiceBinaryAuthorizationInput)(nil)).Elem(), ServiceBinaryAuthorizationArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*ServiceBinaryAuthorizationPtrInput)(nil)).Elem(), ServiceBinaryAuthorizationArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*ServiceBuildConfigInput)(nil)).Elem(), ServiceBuildConfigArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*ServiceBuildConfigPtrInput)(nil)).Elem(), ServiceBuildConfigArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*ServiceConditionInput)(nil)).Elem(), ServiceConditionArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*ServiceConditionArrayInput)(nil)).Elem(), ServiceConditionArray{}) pulumi.RegisterInputType(reflect.TypeOf((*ServiceIamBindingConditionInput)(nil)).Elem(), ServiceIamBindingConditionArgs{}) @@ -17751,6 +18215,8 @@ func init() { pulumi.RegisterInputType(reflect.TypeOf((*GetJobTerminalConditionArrayInput)(nil)).Elem(), GetJobTerminalConditionArray{}) pulumi.RegisterInputType(reflect.TypeOf((*GetServiceBinaryAuthorizationInput)(nil)).Elem(), GetServiceBinaryAuthorizationArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*GetServiceBinaryAuthorizationArrayInput)(nil)).Elem(), GetServiceBinaryAuthorizationArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*GetServiceBuildConfigInput)(nil)).Elem(), GetServiceBuildConfigArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*GetServiceBuildConfigArrayInput)(nil)).Elem(), GetServiceBuildConfigArray{}) pulumi.RegisterInputType(reflect.TypeOf((*GetServiceConditionInput)(nil)).Elem(), GetServiceConditionArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*GetServiceConditionArrayInput)(nil)).Elem(), GetServiceConditionArray{}) pulumi.RegisterInputType(reflect.TypeOf((*GetServiceScalingInput)(nil)).Elem(), GetServiceScalingArgs{}) @@ -17871,6 +18337,8 @@ func init() { pulumi.RegisterOutputType(JobTerminalConditionArrayOutput{}) pulumi.RegisterOutputType(ServiceBinaryAuthorizationOutput{}) pulumi.RegisterOutputType(ServiceBinaryAuthorizationPtrOutput{}) + pulumi.RegisterOutputType(ServiceBuildConfigOutput{}) + pulumi.RegisterOutputType(ServiceBuildConfigPtrOutput{}) pulumi.RegisterOutputType(ServiceConditionOutput{}) pulumi.RegisterOutputType(ServiceConditionArrayOutput{}) pulumi.RegisterOutputType(ServiceIamBindingConditionOutput{}) @@ -17991,6 +18459,8 @@ func init() { pulumi.RegisterOutputType(GetJobTerminalConditionArrayOutput{}) pulumi.RegisterOutputType(GetServiceBinaryAuthorizationOutput{}) pulumi.RegisterOutputType(GetServiceBinaryAuthorizationArrayOutput{}) + pulumi.RegisterOutputType(GetServiceBuildConfigOutput{}) + pulumi.RegisterOutputType(GetServiceBuildConfigArrayOutput{}) pulumi.RegisterOutputType(GetServiceConditionOutput{}) pulumi.RegisterOutputType(GetServiceConditionArrayOutput{}) pulumi.RegisterOutputType(GetServiceScalingOutput{}) diff --git a/sdk/go/gcp/cloudrunv2/service.go b/sdk/go/gcp/cloudrunv2/service.go index 2a4d7f7770..c949bfc4c3 100644 --- a/sdk/go/gcp/cloudrunv2/service.go +++ b/sdk/go/gcp/cloudrunv2/service.go @@ -835,6 +835,113 @@ import ( // } // // ``` +// ### Cloudrunv2 Service Function +// +// ```go +// package main +// +// import ( +// +// "fmt" +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/cloudrunv2" +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations" +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/projects" +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/serviceaccount" +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/storage" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// project, err := organizations.LookupProject(ctx, &organizations.LookupProjectArgs{}, nil) +// if err != nil { +// return err +// } +// bucket, err := storage.NewBucket(ctx, "bucket", &storage.BucketArgs{ +// Name: pulumi.Sprintf("%v-gcf-source", project.ProjectId), +// Location: pulumi.String("US"), +// UniformBucketLevelAccess: pulumi.Bool(true), +// }) +// if err != nil { +// return err +// } +// object, err := storage.NewBucketObject(ctx, "object", &storage.BucketObjectArgs{ +// Name: pulumi.String("function-source.zip"), +// Bucket: bucket.Name, +// Source: pulumi.NewFileAsset("function_source.zip"), +// }) +// if err != nil { +// return err +// } +// cloudbuildServiceAccount, err := serviceaccount.NewAccount(ctx, "cloudbuild_service_account", &serviceaccount.AccountArgs{ +// AccountId: pulumi.String("build-sa"), +// }) +// if err != nil { +// return err +// } +// actAs, err := projects.NewIAMMember(ctx, "act_as", &projects.IAMMemberArgs{ +// Project: pulumi.String(project.ProjectId), +// Role: pulumi.String("roles/iam.serviceAccountUser"), +// Member: cloudbuildServiceAccount.Email.ApplyT(func(email string) (string, error) { +// return fmt.Sprintf("serviceAccount:%v", email), nil +// }).(pulumi.StringOutput), +// }) +// if err != nil { +// return err +// } +// logsWriter, err := projects.NewIAMMember(ctx, "logs_writer", &projects.IAMMemberArgs{ +// Project: pulumi.String(project.ProjectId), +// Role: pulumi.String("roles/logging.logWriter"), +// Member: cloudbuildServiceAccount.Email.ApplyT(func(email string) (string, error) { +// return fmt.Sprintf("serviceAccount:%v", email), nil +// }).(pulumi.StringOutput), +// }) +// if err != nil { +// return err +// } +// _, err = cloudrunv2.NewService(ctx, "default", &cloudrunv2.ServiceArgs{ +// Name: pulumi.String("cloudrun-service"), +// Location: pulumi.String("us-central1"), +// DeletionProtection: pulumi.Bool(false), +// Ingress: pulumi.String("INGRESS_TRAFFIC_ALL"), +// Template: &cloudrunv2.ServiceTemplateArgs{ +// Containers: cloudrunv2.ServiceTemplateContainerArray{ +// &cloudrunv2.ServiceTemplateContainerArgs{ +// Image: pulumi.String("us-docker.pkg.dev/cloudrun/container/hello"), +// }, +// }, +// }, +// BuildConfig: &cloudrunv2.ServiceBuildConfigArgs{ +// SourceLocation: pulumi.All(bucket.Name, object.Name).ApplyT(func(_args []interface{}) (string, error) { +// bucketName := _args[0].(string) +// objectName := _args[1].(string) +// return fmt.Sprintf("gs://%v/%v", bucketName, objectName), nil +// }).(pulumi.StringOutput), +// FunctionTarget: pulumi.String("helloHttp"), +// ImageUri: pulumi.String("us-docker.pkg.dev/cloudrun/container/hello"), +// BaseImage: pulumi.String("us-central1-docker.pkg.dev/serverless-runtimes/google-22-full/runtimes/nodejs22"), +// EnableAutomaticUpdates: pulumi.Bool(true), +// WorkerPool: pulumi.String("worker-pool"), +// EnvironmentVariables: pulumi.StringMap{ +// "FOO_KEY": pulumi.String("FOO_VALUE"), +// "BAR_KEY": pulumi.String("BAR_VALUE"), +// }, +// ServiceAccount: cloudbuildServiceAccount.ID(), +// }, +// }, pulumi.DependsOn([]pulumi.Resource{ +// actAs, +// logsWriter, +// })) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` // // ## Import // @@ -872,6 +979,8 @@ type Service struct { Annotations pulumi.StringMapOutput `pulumi:"annotations"` // Settings for the Binary Authorization feature. BinaryAuthorization ServiceBinaryAuthorizationPtrOutput `pulumi:"binaryAuthorization"` + // Configuration for building a Cloud Run function. + BuildConfig ServiceBuildConfigPtrOutput `pulumi:"buildConfig"` // Arbitrary identifier for the API client. Client pulumi.StringPtrOutput `pulumi:"client"` // Arbitrary version identifier for the API client. @@ -1023,6 +1132,8 @@ type serviceState struct { Annotations map[string]string `pulumi:"annotations"` // Settings for the Binary Authorization feature. BinaryAuthorization *ServiceBinaryAuthorization `pulumi:"binaryAuthorization"` + // Configuration for building a Cloud Run function. + BuildConfig *ServiceBuildConfig `pulumi:"buildConfig"` // Arbitrary identifier for the API client. Client *string `pulumi:"client"` // Arbitrary version identifier for the API client. @@ -1134,6 +1245,8 @@ type ServiceState struct { Annotations pulumi.StringMapInput // Settings for the Binary Authorization feature. BinaryAuthorization ServiceBinaryAuthorizationPtrInput + // Configuration for building a Cloud Run function. + BuildConfig ServiceBuildConfigPtrInput // Arbitrary identifier for the API client. Client pulumi.StringPtrInput // Arbitrary version identifier for the API client. @@ -1249,6 +1362,8 @@ type serviceArgs struct { Annotations map[string]string `pulumi:"annotations"` // Settings for the Binary Authorization feature. BinaryAuthorization *ServiceBinaryAuthorization `pulumi:"binaryAuthorization"` + // Configuration for building a Cloud Run function. + BuildConfig *ServiceBuildConfig `pulumi:"buildConfig"` // Arbitrary identifier for the API client. Client *string `pulumi:"client"` // Arbitrary version identifier for the API client. @@ -1312,6 +1427,8 @@ type ServiceArgs struct { Annotations pulumi.StringMapInput // Settings for the Binary Authorization feature. BinaryAuthorization ServiceBinaryAuthorizationPtrInput + // Configuration for building a Cloud Run function. + BuildConfig ServiceBuildConfigPtrInput // Arbitrary identifier for the API client. Client pulumi.StringPtrInput // Arbitrary version identifier for the API client. @@ -1466,6 +1583,11 @@ func (o ServiceOutput) BinaryAuthorization() ServiceBinaryAuthorizationPtrOutput return o.ApplyT(func(v *Service) ServiceBinaryAuthorizationPtrOutput { return v.BinaryAuthorization }).(ServiceBinaryAuthorizationPtrOutput) } +// Configuration for building a Cloud Run function. +func (o ServiceOutput) BuildConfig() ServiceBuildConfigPtrOutput { + return o.ApplyT(func(v *Service) ServiceBuildConfigPtrOutput { return v.BuildConfig }).(ServiceBuildConfigPtrOutput) +} + // Arbitrary identifier for the API client. func (o ServiceOutput) Client() pulumi.StringPtrOutput { return o.ApplyT(func(v *Service) pulumi.StringPtrOutput { return v.Client }).(pulumi.StringPtrOutput) diff --git a/sdk/go/gcp/colab/getRuntimeTemplateIamPolicy.go b/sdk/go/gcp/colab/getRuntimeTemplateIamPolicy.go new file mode 100644 index 0000000000..9e40d41501 --- /dev/null +++ b/sdk/go/gcp/colab/getRuntimeTemplateIamPolicy.go @@ -0,0 +1,151 @@ +// Code generated by the Pulumi Terraform Bridge (tfgen) Tool DO NOT EDIT. +// *** WARNING: Do not edit by hand unless you're certain you know what you are doing! *** + +package colab + +import ( + "context" + "reflect" + + "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/internal" + "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +) + +// Retrieves the current IAM policy data for runtimetemplate +// +// ## example +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/colab" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := colab.LookupRuntimeTemplateIamPolicy(ctx, &colab.LookupRuntimeTemplateIamPolicyArgs{ +// Project: pulumi.StringRef(runtime_template.Project), +// Location: pulumi.StringRef(runtime_template.Location), +// RuntimeTemplate: runtime_template.Name, +// }, nil) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +func LookupRuntimeTemplateIamPolicy(ctx *pulumi.Context, args *LookupRuntimeTemplateIamPolicyArgs, opts ...pulumi.InvokeOption) (*LookupRuntimeTemplateIamPolicyResult, error) { + opts = internal.PkgInvokeDefaultOpts(opts) + var rv LookupRuntimeTemplateIamPolicyResult + err := ctx.Invoke("gcp:colab/getRuntimeTemplateIamPolicy:getRuntimeTemplateIamPolicy", args, &rv, opts...) + if err != nil { + return nil, err + } + return &rv, nil +} + +// A collection of arguments for invoking getRuntimeTemplateIamPolicy. +type LookupRuntimeTemplateIamPolicyArgs struct { + // The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + // the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + // location is specified, it is taken from the provider configuration. + Location *string `pulumi:"location"` + // The ID of the project in which the resource belongs. + // If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + Project *string `pulumi:"project"` + // Used to find the parent resource to bind the IAM policy to + RuntimeTemplate string `pulumi:"runtimeTemplate"` +} + +// A collection of values returned by getRuntimeTemplateIamPolicy. +type LookupRuntimeTemplateIamPolicyResult struct { + // (Computed) The etag of the IAM policy. + Etag string `pulumi:"etag"` + // The provider-assigned unique ID for this managed resource. + Id string `pulumi:"id"` + Location string `pulumi:"location"` + // (Required only by `colab.RuntimeTemplateIamPolicy`) The policy data generated by + // a `organizations.getIAMPolicy` data source. + PolicyData string `pulumi:"policyData"` + Project string `pulumi:"project"` + RuntimeTemplate string `pulumi:"runtimeTemplate"` +} + +func LookupRuntimeTemplateIamPolicyOutput(ctx *pulumi.Context, args LookupRuntimeTemplateIamPolicyOutputArgs, opts ...pulumi.InvokeOption) LookupRuntimeTemplateIamPolicyResultOutput { + return pulumi.ToOutputWithContext(ctx.Context(), args). + ApplyT(func(v interface{}) (LookupRuntimeTemplateIamPolicyResultOutput, error) { + args := v.(LookupRuntimeTemplateIamPolicyArgs) + options := pulumi.InvokeOutputOptions{InvokeOptions: internal.PkgInvokeDefaultOpts(opts)} + return ctx.InvokeOutput("gcp:colab/getRuntimeTemplateIamPolicy:getRuntimeTemplateIamPolicy", args, LookupRuntimeTemplateIamPolicyResultOutput{}, options).(LookupRuntimeTemplateIamPolicyResultOutput), nil + }).(LookupRuntimeTemplateIamPolicyResultOutput) +} + +// A collection of arguments for invoking getRuntimeTemplateIamPolicy. +type LookupRuntimeTemplateIamPolicyOutputArgs struct { + // The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + // the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + // location is specified, it is taken from the provider configuration. + Location pulumi.StringPtrInput `pulumi:"location"` + // The ID of the project in which the resource belongs. + // If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + Project pulumi.StringPtrInput `pulumi:"project"` + // Used to find the parent resource to bind the IAM policy to + RuntimeTemplate pulumi.StringInput `pulumi:"runtimeTemplate"` +} + +func (LookupRuntimeTemplateIamPolicyOutputArgs) ElementType() reflect.Type { + return reflect.TypeOf((*LookupRuntimeTemplateIamPolicyArgs)(nil)).Elem() +} + +// A collection of values returned by getRuntimeTemplateIamPolicy. +type LookupRuntimeTemplateIamPolicyResultOutput struct{ *pulumi.OutputState } + +func (LookupRuntimeTemplateIamPolicyResultOutput) ElementType() reflect.Type { + return reflect.TypeOf((*LookupRuntimeTemplateIamPolicyResult)(nil)).Elem() +} + +func (o LookupRuntimeTemplateIamPolicyResultOutput) ToLookupRuntimeTemplateIamPolicyResultOutput() LookupRuntimeTemplateIamPolicyResultOutput { + return o +} + +func (o LookupRuntimeTemplateIamPolicyResultOutput) ToLookupRuntimeTemplateIamPolicyResultOutputWithContext(ctx context.Context) LookupRuntimeTemplateIamPolicyResultOutput { + return o +} + +// (Computed) The etag of the IAM policy. +func (o LookupRuntimeTemplateIamPolicyResultOutput) Etag() pulumi.StringOutput { + return o.ApplyT(func(v LookupRuntimeTemplateIamPolicyResult) string { return v.Etag }).(pulumi.StringOutput) +} + +// The provider-assigned unique ID for this managed resource. +func (o LookupRuntimeTemplateIamPolicyResultOutput) Id() pulumi.StringOutput { + return o.ApplyT(func(v LookupRuntimeTemplateIamPolicyResult) string { return v.Id }).(pulumi.StringOutput) +} + +func (o LookupRuntimeTemplateIamPolicyResultOutput) Location() pulumi.StringOutput { + return o.ApplyT(func(v LookupRuntimeTemplateIamPolicyResult) string { return v.Location }).(pulumi.StringOutput) +} + +// (Required only by `colab.RuntimeTemplateIamPolicy`) The policy data generated by +// a `organizations.getIAMPolicy` data source. +func (o LookupRuntimeTemplateIamPolicyResultOutput) PolicyData() pulumi.StringOutput { + return o.ApplyT(func(v LookupRuntimeTemplateIamPolicyResult) string { return v.PolicyData }).(pulumi.StringOutput) +} + +func (o LookupRuntimeTemplateIamPolicyResultOutput) Project() pulumi.StringOutput { + return o.ApplyT(func(v LookupRuntimeTemplateIamPolicyResult) string { return v.Project }).(pulumi.StringOutput) +} + +func (o LookupRuntimeTemplateIamPolicyResultOutput) RuntimeTemplate() pulumi.StringOutput { + return o.ApplyT(func(v LookupRuntimeTemplateIamPolicyResult) string { return v.RuntimeTemplate }).(pulumi.StringOutput) +} + +func init() { + pulumi.RegisterOutputType(LookupRuntimeTemplateIamPolicyResultOutput{}) +} diff --git a/sdk/go/gcp/colab/init.go b/sdk/go/gcp/colab/init.go index 8965431ab2..4db88f84c4 100644 --- a/sdk/go/gcp/colab/init.go +++ b/sdk/go/gcp/colab/init.go @@ -21,8 +21,16 @@ func (m *module) Version() semver.Version { func (m *module) Construct(ctx *pulumi.Context, name, typ, urn string) (r pulumi.Resource, err error) { switch typ { + case "gcp:colab/runtime:Runtime": + r = &Runtime{} case "gcp:colab/runtimeTemplate:RuntimeTemplate": r = &RuntimeTemplate{} + case "gcp:colab/runtimeTemplateIamBinding:RuntimeTemplateIamBinding": + r = &RuntimeTemplateIamBinding{} + case "gcp:colab/runtimeTemplateIamMember:RuntimeTemplateIamMember": + r = &RuntimeTemplateIamMember{} + case "gcp:colab/runtimeTemplateIamPolicy:RuntimeTemplateIamPolicy": + r = &RuntimeTemplateIamPolicy{} default: return nil, fmt.Errorf("unknown resource type: %s", typ) } @@ -36,9 +44,29 @@ func init() { if err != nil { version = semver.Version{Major: 1} } + pulumi.RegisterResourceModule( + "gcp", + "colab/runtime", + &module{version}, + ) pulumi.RegisterResourceModule( "gcp", "colab/runtimeTemplate", &module{version}, ) + pulumi.RegisterResourceModule( + "gcp", + "colab/runtimeTemplateIamBinding", + &module{version}, + ) + pulumi.RegisterResourceModule( + "gcp", + "colab/runtimeTemplateIamMember", + &module{version}, + ) + pulumi.RegisterResourceModule( + "gcp", + "colab/runtimeTemplateIamPolicy", + &module{version}, + ) } diff --git a/sdk/go/gcp/colab/pulumiTypes.go b/sdk/go/gcp/colab/pulumiTypes.go index d182592abc..76668c34d6 100644 --- a/sdk/go/gcp/colab/pulumiTypes.go +++ b/sdk/go/gcp/colab/pulumiTypes.go @@ -13,6 +13,143 @@ import ( var _ = internal.GetEnvOrDefault +type RuntimeNotebookRuntimeTemplateRef struct { + // The resource name of the NotebookRuntimeTemplate based on which a NotebookRuntime will be created. + NotebookRuntimeTemplate string `pulumi:"notebookRuntimeTemplate"` +} + +// RuntimeNotebookRuntimeTemplateRefInput is an input type that accepts RuntimeNotebookRuntimeTemplateRefArgs and RuntimeNotebookRuntimeTemplateRefOutput values. +// You can construct a concrete instance of `RuntimeNotebookRuntimeTemplateRefInput` via: +// +// RuntimeNotebookRuntimeTemplateRefArgs{...} +type RuntimeNotebookRuntimeTemplateRefInput interface { + pulumi.Input + + ToRuntimeNotebookRuntimeTemplateRefOutput() RuntimeNotebookRuntimeTemplateRefOutput + ToRuntimeNotebookRuntimeTemplateRefOutputWithContext(context.Context) RuntimeNotebookRuntimeTemplateRefOutput +} + +type RuntimeNotebookRuntimeTemplateRefArgs struct { + // The resource name of the NotebookRuntimeTemplate based on which a NotebookRuntime will be created. + NotebookRuntimeTemplate pulumi.StringInput `pulumi:"notebookRuntimeTemplate"` +} + +func (RuntimeNotebookRuntimeTemplateRefArgs) ElementType() reflect.Type { + return reflect.TypeOf((*RuntimeNotebookRuntimeTemplateRef)(nil)).Elem() +} + +func (i RuntimeNotebookRuntimeTemplateRefArgs) ToRuntimeNotebookRuntimeTemplateRefOutput() RuntimeNotebookRuntimeTemplateRefOutput { + return i.ToRuntimeNotebookRuntimeTemplateRefOutputWithContext(context.Background()) +} + +func (i RuntimeNotebookRuntimeTemplateRefArgs) ToRuntimeNotebookRuntimeTemplateRefOutputWithContext(ctx context.Context) RuntimeNotebookRuntimeTemplateRefOutput { + return pulumi.ToOutputWithContext(ctx, i).(RuntimeNotebookRuntimeTemplateRefOutput) +} + +func (i RuntimeNotebookRuntimeTemplateRefArgs) ToRuntimeNotebookRuntimeTemplateRefPtrOutput() RuntimeNotebookRuntimeTemplateRefPtrOutput { + return i.ToRuntimeNotebookRuntimeTemplateRefPtrOutputWithContext(context.Background()) +} + +func (i RuntimeNotebookRuntimeTemplateRefArgs) ToRuntimeNotebookRuntimeTemplateRefPtrOutputWithContext(ctx context.Context) RuntimeNotebookRuntimeTemplateRefPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(RuntimeNotebookRuntimeTemplateRefOutput).ToRuntimeNotebookRuntimeTemplateRefPtrOutputWithContext(ctx) +} + +// RuntimeNotebookRuntimeTemplateRefPtrInput is an input type that accepts RuntimeNotebookRuntimeTemplateRefArgs, RuntimeNotebookRuntimeTemplateRefPtr and RuntimeNotebookRuntimeTemplateRefPtrOutput values. +// You can construct a concrete instance of `RuntimeNotebookRuntimeTemplateRefPtrInput` via: +// +// RuntimeNotebookRuntimeTemplateRefArgs{...} +// +// or: +// +// nil +type RuntimeNotebookRuntimeTemplateRefPtrInput interface { + pulumi.Input + + ToRuntimeNotebookRuntimeTemplateRefPtrOutput() RuntimeNotebookRuntimeTemplateRefPtrOutput + ToRuntimeNotebookRuntimeTemplateRefPtrOutputWithContext(context.Context) RuntimeNotebookRuntimeTemplateRefPtrOutput +} + +type runtimeNotebookRuntimeTemplateRefPtrType RuntimeNotebookRuntimeTemplateRefArgs + +func RuntimeNotebookRuntimeTemplateRefPtr(v *RuntimeNotebookRuntimeTemplateRefArgs) RuntimeNotebookRuntimeTemplateRefPtrInput { + return (*runtimeNotebookRuntimeTemplateRefPtrType)(v) +} + +func (*runtimeNotebookRuntimeTemplateRefPtrType) ElementType() reflect.Type { + return reflect.TypeOf((**RuntimeNotebookRuntimeTemplateRef)(nil)).Elem() +} + +func (i *runtimeNotebookRuntimeTemplateRefPtrType) ToRuntimeNotebookRuntimeTemplateRefPtrOutput() RuntimeNotebookRuntimeTemplateRefPtrOutput { + return i.ToRuntimeNotebookRuntimeTemplateRefPtrOutputWithContext(context.Background()) +} + +func (i *runtimeNotebookRuntimeTemplateRefPtrType) ToRuntimeNotebookRuntimeTemplateRefPtrOutputWithContext(ctx context.Context) RuntimeNotebookRuntimeTemplateRefPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(RuntimeNotebookRuntimeTemplateRefPtrOutput) +} + +type RuntimeNotebookRuntimeTemplateRefOutput struct{ *pulumi.OutputState } + +func (RuntimeNotebookRuntimeTemplateRefOutput) ElementType() reflect.Type { + return reflect.TypeOf((*RuntimeNotebookRuntimeTemplateRef)(nil)).Elem() +} + +func (o RuntimeNotebookRuntimeTemplateRefOutput) ToRuntimeNotebookRuntimeTemplateRefOutput() RuntimeNotebookRuntimeTemplateRefOutput { + return o +} + +func (o RuntimeNotebookRuntimeTemplateRefOutput) ToRuntimeNotebookRuntimeTemplateRefOutputWithContext(ctx context.Context) RuntimeNotebookRuntimeTemplateRefOutput { + return o +} + +func (o RuntimeNotebookRuntimeTemplateRefOutput) ToRuntimeNotebookRuntimeTemplateRefPtrOutput() RuntimeNotebookRuntimeTemplateRefPtrOutput { + return o.ToRuntimeNotebookRuntimeTemplateRefPtrOutputWithContext(context.Background()) +} + +func (o RuntimeNotebookRuntimeTemplateRefOutput) ToRuntimeNotebookRuntimeTemplateRefPtrOutputWithContext(ctx context.Context) RuntimeNotebookRuntimeTemplateRefPtrOutput { + return o.ApplyTWithContext(ctx, func(_ context.Context, v RuntimeNotebookRuntimeTemplateRef) *RuntimeNotebookRuntimeTemplateRef { + return &v + }).(RuntimeNotebookRuntimeTemplateRefPtrOutput) +} + +// The resource name of the NotebookRuntimeTemplate based on which a NotebookRuntime will be created. +func (o RuntimeNotebookRuntimeTemplateRefOutput) NotebookRuntimeTemplate() pulumi.StringOutput { + return o.ApplyT(func(v RuntimeNotebookRuntimeTemplateRef) string { return v.NotebookRuntimeTemplate }).(pulumi.StringOutput) +} + +type RuntimeNotebookRuntimeTemplateRefPtrOutput struct{ *pulumi.OutputState } + +func (RuntimeNotebookRuntimeTemplateRefPtrOutput) ElementType() reflect.Type { + return reflect.TypeOf((**RuntimeNotebookRuntimeTemplateRef)(nil)).Elem() +} + +func (o RuntimeNotebookRuntimeTemplateRefPtrOutput) ToRuntimeNotebookRuntimeTemplateRefPtrOutput() RuntimeNotebookRuntimeTemplateRefPtrOutput { + return o +} + +func (o RuntimeNotebookRuntimeTemplateRefPtrOutput) ToRuntimeNotebookRuntimeTemplateRefPtrOutputWithContext(ctx context.Context) RuntimeNotebookRuntimeTemplateRefPtrOutput { + return o +} + +func (o RuntimeNotebookRuntimeTemplateRefPtrOutput) Elem() RuntimeNotebookRuntimeTemplateRefOutput { + return o.ApplyT(func(v *RuntimeNotebookRuntimeTemplateRef) RuntimeNotebookRuntimeTemplateRef { + if v != nil { + return *v + } + var ret RuntimeNotebookRuntimeTemplateRef + return ret + }).(RuntimeNotebookRuntimeTemplateRefOutput) +} + +// The resource name of the NotebookRuntimeTemplate based on which a NotebookRuntime will be created. +func (o RuntimeNotebookRuntimeTemplateRefPtrOutput) NotebookRuntimeTemplate() pulumi.StringPtrOutput { + return o.ApplyT(func(v *RuntimeNotebookRuntimeTemplateRef) *string { + if v == nil { + return nil + } + return &v.NotebookRuntimeTemplate + }).(pulumi.StringPtrOutput) +} + type RuntimeTemplateDataPersistentDiskSpec struct { // The disk size of the runtime in GB. If specified, the diskType must also be specified. The minimum size is 10GB and the maximum is 65536GB. DiskSizeGb *string `pulumi:"diskSizeGb"` @@ -443,6 +580,332 @@ func (o RuntimeTemplateEucConfigPtrOutput) EucDisabled() pulumi.BoolPtrOutput { }).(pulumi.BoolPtrOutput) } +type RuntimeTemplateIamBindingCondition struct { + Description *string `pulumi:"description"` + Expression string `pulumi:"expression"` + Title string `pulumi:"title"` +} + +// RuntimeTemplateIamBindingConditionInput is an input type that accepts RuntimeTemplateIamBindingConditionArgs and RuntimeTemplateIamBindingConditionOutput values. +// You can construct a concrete instance of `RuntimeTemplateIamBindingConditionInput` via: +// +// RuntimeTemplateIamBindingConditionArgs{...} +type RuntimeTemplateIamBindingConditionInput interface { + pulumi.Input + + ToRuntimeTemplateIamBindingConditionOutput() RuntimeTemplateIamBindingConditionOutput + ToRuntimeTemplateIamBindingConditionOutputWithContext(context.Context) RuntimeTemplateIamBindingConditionOutput +} + +type RuntimeTemplateIamBindingConditionArgs struct { + Description pulumi.StringPtrInput `pulumi:"description"` + Expression pulumi.StringInput `pulumi:"expression"` + Title pulumi.StringInput `pulumi:"title"` +} + +func (RuntimeTemplateIamBindingConditionArgs) ElementType() reflect.Type { + return reflect.TypeOf((*RuntimeTemplateIamBindingCondition)(nil)).Elem() +} + +func (i RuntimeTemplateIamBindingConditionArgs) ToRuntimeTemplateIamBindingConditionOutput() RuntimeTemplateIamBindingConditionOutput { + return i.ToRuntimeTemplateIamBindingConditionOutputWithContext(context.Background()) +} + +func (i RuntimeTemplateIamBindingConditionArgs) ToRuntimeTemplateIamBindingConditionOutputWithContext(ctx context.Context) RuntimeTemplateIamBindingConditionOutput { + return pulumi.ToOutputWithContext(ctx, i).(RuntimeTemplateIamBindingConditionOutput) +} + +func (i RuntimeTemplateIamBindingConditionArgs) ToRuntimeTemplateIamBindingConditionPtrOutput() RuntimeTemplateIamBindingConditionPtrOutput { + return i.ToRuntimeTemplateIamBindingConditionPtrOutputWithContext(context.Background()) +} + +func (i RuntimeTemplateIamBindingConditionArgs) ToRuntimeTemplateIamBindingConditionPtrOutputWithContext(ctx context.Context) RuntimeTemplateIamBindingConditionPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(RuntimeTemplateIamBindingConditionOutput).ToRuntimeTemplateIamBindingConditionPtrOutputWithContext(ctx) +} + +// RuntimeTemplateIamBindingConditionPtrInput is an input type that accepts RuntimeTemplateIamBindingConditionArgs, RuntimeTemplateIamBindingConditionPtr and RuntimeTemplateIamBindingConditionPtrOutput values. +// You can construct a concrete instance of `RuntimeTemplateIamBindingConditionPtrInput` via: +// +// RuntimeTemplateIamBindingConditionArgs{...} +// +// or: +// +// nil +type RuntimeTemplateIamBindingConditionPtrInput interface { + pulumi.Input + + ToRuntimeTemplateIamBindingConditionPtrOutput() RuntimeTemplateIamBindingConditionPtrOutput + ToRuntimeTemplateIamBindingConditionPtrOutputWithContext(context.Context) RuntimeTemplateIamBindingConditionPtrOutput +} + +type runtimeTemplateIamBindingConditionPtrType RuntimeTemplateIamBindingConditionArgs + +func RuntimeTemplateIamBindingConditionPtr(v *RuntimeTemplateIamBindingConditionArgs) RuntimeTemplateIamBindingConditionPtrInput { + return (*runtimeTemplateIamBindingConditionPtrType)(v) +} + +func (*runtimeTemplateIamBindingConditionPtrType) ElementType() reflect.Type { + return reflect.TypeOf((**RuntimeTemplateIamBindingCondition)(nil)).Elem() +} + +func (i *runtimeTemplateIamBindingConditionPtrType) ToRuntimeTemplateIamBindingConditionPtrOutput() RuntimeTemplateIamBindingConditionPtrOutput { + return i.ToRuntimeTemplateIamBindingConditionPtrOutputWithContext(context.Background()) +} + +func (i *runtimeTemplateIamBindingConditionPtrType) ToRuntimeTemplateIamBindingConditionPtrOutputWithContext(ctx context.Context) RuntimeTemplateIamBindingConditionPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(RuntimeTemplateIamBindingConditionPtrOutput) +} + +type RuntimeTemplateIamBindingConditionOutput struct{ *pulumi.OutputState } + +func (RuntimeTemplateIamBindingConditionOutput) ElementType() reflect.Type { + return reflect.TypeOf((*RuntimeTemplateIamBindingCondition)(nil)).Elem() +} + +func (o RuntimeTemplateIamBindingConditionOutput) ToRuntimeTemplateIamBindingConditionOutput() RuntimeTemplateIamBindingConditionOutput { + return o +} + +func (o RuntimeTemplateIamBindingConditionOutput) ToRuntimeTemplateIamBindingConditionOutputWithContext(ctx context.Context) RuntimeTemplateIamBindingConditionOutput { + return o +} + +func (o RuntimeTemplateIamBindingConditionOutput) ToRuntimeTemplateIamBindingConditionPtrOutput() RuntimeTemplateIamBindingConditionPtrOutput { + return o.ToRuntimeTemplateIamBindingConditionPtrOutputWithContext(context.Background()) +} + +func (o RuntimeTemplateIamBindingConditionOutput) ToRuntimeTemplateIamBindingConditionPtrOutputWithContext(ctx context.Context) RuntimeTemplateIamBindingConditionPtrOutput { + return o.ApplyTWithContext(ctx, func(_ context.Context, v RuntimeTemplateIamBindingCondition) *RuntimeTemplateIamBindingCondition { + return &v + }).(RuntimeTemplateIamBindingConditionPtrOutput) +} + +func (o RuntimeTemplateIamBindingConditionOutput) Description() pulumi.StringPtrOutput { + return o.ApplyT(func(v RuntimeTemplateIamBindingCondition) *string { return v.Description }).(pulumi.StringPtrOutput) +} + +func (o RuntimeTemplateIamBindingConditionOutput) Expression() pulumi.StringOutput { + return o.ApplyT(func(v RuntimeTemplateIamBindingCondition) string { return v.Expression }).(pulumi.StringOutput) +} + +func (o RuntimeTemplateIamBindingConditionOutput) Title() pulumi.StringOutput { + return o.ApplyT(func(v RuntimeTemplateIamBindingCondition) string { return v.Title }).(pulumi.StringOutput) +} + +type RuntimeTemplateIamBindingConditionPtrOutput struct{ *pulumi.OutputState } + +func (RuntimeTemplateIamBindingConditionPtrOutput) ElementType() reflect.Type { + return reflect.TypeOf((**RuntimeTemplateIamBindingCondition)(nil)).Elem() +} + +func (o RuntimeTemplateIamBindingConditionPtrOutput) ToRuntimeTemplateIamBindingConditionPtrOutput() RuntimeTemplateIamBindingConditionPtrOutput { + return o +} + +func (o RuntimeTemplateIamBindingConditionPtrOutput) ToRuntimeTemplateIamBindingConditionPtrOutputWithContext(ctx context.Context) RuntimeTemplateIamBindingConditionPtrOutput { + return o +} + +func (o RuntimeTemplateIamBindingConditionPtrOutput) Elem() RuntimeTemplateIamBindingConditionOutput { + return o.ApplyT(func(v *RuntimeTemplateIamBindingCondition) RuntimeTemplateIamBindingCondition { + if v != nil { + return *v + } + var ret RuntimeTemplateIamBindingCondition + return ret + }).(RuntimeTemplateIamBindingConditionOutput) +} + +func (o RuntimeTemplateIamBindingConditionPtrOutput) Description() pulumi.StringPtrOutput { + return o.ApplyT(func(v *RuntimeTemplateIamBindingCondition) *string { + if v == nil { + return nil + } + return v.Description + }).(pulumi.StringPtrOutput) +} + +func (o RuntimeTemplateIamBindingConditionPtrOutput) Expression() pulumi.StringPtrOutput { + return o.ApplyT(func(v *RuntimeTemplateIamBindingCondition) *string { + if v == nil { + return nil + } + return &v.Expression + }).(pulumi.StringPtrOutput) +} + +func (o RuntimeTemplateIamBindingConditionPtrOutput) Title() pulumi.StringPtrOutput { + return o.ApplyT(func(v *RuntimeTemplateIamBindingCondition) *string { + if v == nil { + return nil + } + return &v.Title + }).(pulumi.StringPtrOutput) +} + +type RuntimeTemplateIamMemberCondition struct { + Description *string `pulumi:"description"` + Expression string `pulumi:"expression"` + Title string `pulumi:"title"` +} + +// RuntimeTemplateIamMemberConditionInput is an input type that accepts RuntimeTemplateIamMemberConditionArgs and RuntimeTemplateIamMemberConditionOutput values. +// You can construct a concrete instance of `RuntimeTemplateIamMemberConditionInput` via: +// +// RuntimeTemplateIamMemberConditionArgs{...} +type RuntimeTemplateIamMemberConditionInput interface { + pulumi.Input + + ToRuntimeTemplateIamMemberConditionOutput() RuntimeTemplateIamMemberConditionOutput + ToRuntimeTemplateIamMemberConditionOutputWithContext(context.Context) RuntimeTemplateIamMemberConditionOutput +} + +type RuntimeTemplateIamMemberConditionArgs struct { + Description pulumi.StringPtrInput `pulumi:"description"` + Expression pulumi.StringInput `pulumi:"expression"` + Title pulumi.StringInput `pulumi:"title"` +} + +func (RuntimeTemplateIamMemberConditionArgs) ElementType() reflect.Type { + return reflect.TypeOf((*RuntimeTemplateIamMemberCondition)(nil)).Elem() +} + +func (i RuntimeTemplateIamMemberConditionArgs) ToRuntimeTemplateIamMemberConditionOutput() RuntimeTemplateIamMemberConditionOutput { + return i.ToRuntimeTemplateIamMemberConditionOutputWithContext(context.Background()) +} + +func (i RuntimeTemplateIamMemberConditionArgs) ToRuntimeTemplateIamMemberConditionOutputWithContext(ctx context.Context) RuntimeTemplateIamMemberConditionOutput { + return pulumi.ToOutputWithContext(ctx, i).(RuntimeTemplateIamMemberConditionOutput) +} + +func (i RuntimeTemplateIamMemberConditionArgs) ToRuntimeTemplateIamMemberConditionPtrOutput() RuntimeTemplateIamMemberConditionPtrOutput { + return i.ToRuntimeTemplateIamMemberConditionPtrOutputWithContext(context.Background()) +} + +func (i RuntimeTemplateIamMemberConditionArgs) ToRuntimeTemplateIamMemberConditionPtrOutputWithContext(ctx context.Context) RuntimeTemplateIamMemberConditionPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(RuntimeTemplateIamMemberConditionOutput).ToRuntimeTemplateIamMemberConditionPtrOutputWithContext(ctx) +} + +// RuntimeTemplateIamMemberConditionPtrInput is an input type that accepts RuntimeTemplateIamMemberConditionArgs, RuntimeTemplateIamMemberConditionPtr and RuntimeTemplateIamMemberConditionPtrOutput values. +// You can construct a concrete instance of `RuntimeTemplateIamMemberConditionPtrInput` via: +// +// RuntimeTemplateIamMemberConditionArgs{...} +// +// or: +// +// nil +type RuntimeTemplateIamMemberConditionPtrInput interface { + pulumi.Input + + ToRuntimeTemplateIamMemberConditionPtrOutput() RuntimeTemplateIamMemberConditionPtrOutput + ToRuntimeTemplateIamMemberConditionPtrOutputWithContext(context.Context) RuntimeTemplateIamMemberConditionPtrOutput +} + +type runtimeTemplateIamMemberConditionPtrType RuntimeTemplateIamMemberConditionArgs + +func RuntimeTemplateIamMemberConditionPtr(v *RuntimeTemplateIamMemberConditionArgs) RuntimeTemplateIamMemberConditionPtrInput { + return (*runtimeTemplateIamMemberConditionPtrType)(v) +} + +func (*runtimeTemplateIamMemberConditionPtrType) ElementType() reflect.Type { + return reflect.TypeOf((**RuntimeTemplateIamMemberCondition)(nil)).Elem() +} + +func (i *runtimeTemplateIamMemberConditionPtrType) ToRuntimeTemplateIamMemberConditionPtrOutput() RuntimeTemplateIamMemberConditionPtrOutput { + return i.ToRuntimeTemplateIamMemberConditionPtrOutputWithContext(context.Background()) +} + +func (i *runtimeTemplateIamMemberConditionPtrType) ToRuntimeTemplateIamMemberConditionPtrOutputWithContext(ctx context.Context) RuntimeTemplateIamMemberConditionPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(RuntimeTemplateIamMemberConditionPtrOutput) +} + +type RuntimeTemplateIamMemberConditionOutput struct{ *pulumi.OutputState } + +func (RuntimeTemplateIamMemberConditionOutput) ElementType() reflect.Type { + return reflect.TypeOf((*RuntimeTemplateIamMemberCondition)(nil)).Elem() +} + +func (o RuntimeTemplateIamMemberConditionOutput) ToRuntimeTemplateIamMemberConditionOutput() RuntimeTemplateIamMemberConditionOutput { + return o +} + +func (o RuntimeTemplateIamMemberConditionOutput) ToRuntimeTemplateIamMemberConditionOutputWithContext(ctx context.Context) RuntimeTemplateIamMemberConditionOutput { + return o +} + +func (o RuntimeTemplateIamMemberConditionOutput) ToRuntimeTemplateIamMemberConditionPtrOutput() RuntimeTemplateIamMemberConditionPtrOutput { + return o.ToRuntimeTemplateIamMemberConditionPtrOutputWithContext(context.Background()) +} + +func (o RuntimeTemplateIamMemberConditionOutput) ToRuntimeTemplateIamMemberConditionPtrOutputWithContext(ctx context.Context) RuntimeTemplateIamMemberConditionPtrOutput { + return o.ApplyTWithContext(ctx, func(_ context.Context, v RuntimeTemplateIamMemberCondition) *RuntimeTemplateIamMemberCondition { + return &v + }).(RuntimeTemplateIamMemberConditionPtrOutput) +} + +func (o RuntimeTemplateIamMemberConditionOutput) Description() pulumi.StringPtrOutput { + return o.ApplyT(func(v RuntimeTemplateIamMemberCondition) *string { return v.Description }).(pulumi.StringPtrOutput) +} + +func (o RuntimeTemplateIamMemberConditionOutput) Expression() pulumi.StringOutput { + return o.ApplyT(func(v RuntimeTemplateIamMemberCondition) string { return v.Expression }).(pulumi.StringOutput) +} + +func (o RuntimeTemplateIamMemberConditionOutput) Title() pulumi.StringOutput { + return o.ApplyT(func(v RuntimeTemplateIamMemberCondition) string { return v.Title }).(pulumi.StringOutput) +} + +type RuntimeTemplateIamMemberConditionPtrOutput struct{ *pulumi.OutputState } + +func (RuntimeTemplateIamMemberConditionPtrOutput) ElementType() reflect.Type { + return reflect.TypeOf((**RuntimeTemplateIamMemberCondition)(nil)).Elem() +} + +func (o RuntimeTemplateIamMemberConditionPtrOutput) ToRuntimeTemplateIamMemberConditionPtrOutput() RuntimeTemplateIamMemberConditionPtrOutput { + return o +} + +func (o RuntimeTemplateIamMemberConditionPtrOutput) ToRuntimeTemplateIamMemberConditionPtrOutputWithContext(ctx context.Context) RuntimeTemplateIamMemberConditionPtrOutput { + return o +} + +func (o RuntimeTemplateIamMemberConditionPtrOutput) Elem() RuntimeTemplateIamMemberConditionOutput { + return o.ApplyT(func(v *RuntimeTemplateIamMemberCondition) RuntimeTemplateIamMemberCondition { + if v != nil { + return *v + } + var ret RuntimeTemplateIamMemberCondition + return ret + }).(RuntimeTemplateIamMemberConditionOutput) +} + +func (o RuntimeTemplateIamMemberConditionPtrOutput) Description() pulumi.StringPtrOutput { + return o.ApplyT(func(v *RuntimeTemplateIamMemberCondition) *string { + if v == nil { + return nil + } + return v.Description + }).(pulumi.StringPtrOutput) +} + +func (o RuntimeTemplateIamMemberConditionPtrOutput) Expression() pulumi.StringPtrOutput { + return o.ApplyT(func(v *RuntimeTemplateIamMemberCondition) *string { + if v == nil { + return nil + } + return &v.Expression + }).(pulumi.StringPtrOutput) +} + +func (o RuntimeTemplateIamMemberConditionPtrOutput) Title() pulumi.StringPtrOutput { + return o.ApplyT(func(v *RuntimeTemplateIamMemberCondition) *string { + if v == nil { + return nil + } + return &v.Title + }).(pulumi.StringPtrOutput) +} + type RuntimeTemplateIdleShutdownConfig struct { // The duration after which the runtime is automatically shut down. An input of 0s disables the idle shutdown feature, and a valid range is [10m, 24h]. IdleTimeout *string `pulumi:"idleTimeout"` @@ -1068,12 +1531,18 @@ func (o RuntimeTemplateShieldedVmConfigPtrOutput) EnableSecureBoot() pulumi.Bool } func init() { + pulumi.RegisterInputType(reflect.TypeOf((*RuntimeNotebookRuntimeTemplateRefInput)(nil)).Elem(), RuntimeNotebookRuntimeTemplateRefArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*RuntimeNotebookRuntimeTemplateRefPtrInput)(nil)).Elem(), RuntimeNotebookRuntimeTemplateRefArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*RuntimeTemplateDataPersistentDiskSpecInput)(nil)).Elem(), RuntimeTemplateDataPersistentDiskSpecArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*RuntimeTemplateDataPersistentDiskSpecPtrInput)(nil)).Elem(), RuntimeTemplateDataPersistentDiskSpecArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*RuntimeTemplateEncryptionSpecInput)(nil)).Elem(), RuntimeTemplateEncryptionSpecArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*RuntimeTemplateEncryptionSpecPtrInput)(nil)).Elem(), RuntimeTemplateEncryptionSpecArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*RuntimeTemplateEucConfigInput)(nil)).Elem(), RuntimeTemplateEucConfigArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*RuntimeTemplateEucConfigPtrInput)(nil)).Elem(), RuntimeTemplateEucConfigArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*RuntimeTemplateIamBindingConditionInput)(nil)).Elem(), RuntimeTemplateIamBindingConditionArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*RuntimeTemplateIamBindingConditionPtrInput)(nil)).Elem(), RuntimeTemplateIamBindingConditionArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*RuntimeTemplateIamMemberConditionInput)(nil)).Elem(), RuntimeTemplateIamMemberConditionArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*RuntimeTemplateIamMemberConditionPtrInput)(nil)).Elem(), RuntimeTemplateIamMemberConditionArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*RuntimeTemplateIdleShutdownConfigInput)(nil)).Elem(), RuntimeTemplateIdleShutdownConfigArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*RuntimeTemplateIdleShutdownConfigPtrInput)(nil)).Elem(), RuntimeTemplateIdleShutdownConfigArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*RuntimeTemplateMachineSpecInput)(nil)).Elem(), RuntimeTemplateMachineSpecArgs{}) @@ -1082,12 +1551,18 @@ func init() { pulumi.RegisterInputType(reflect.TypeOf((*RuntimeTemplateNetworkSpecPtrInput)(nil)).Elem(), RuntimeTemplateNetworkSpecArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*RuntimeTemplateShieldedVmConfigInput)(nil)).Elem(), RuntimeTemplateShieldedVmConfigArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*RuntimeTemplateShieldedVmConfigPtrInput)(nil)).Elem(), RuntimeTemplateShieldedVmConfigArgs{}) + pulumi.RegisterOutputType(RuntimeNotebookRuntimeTemplateRefOutput{}) + pulumi.RegisterOutputType(RuntimeNotebookRuntimeTemplateRefPtrOutput{}) pulumi.RegisterOutputType(RuntimeTemplateDataPersistentDiskSpecOutput{}) pulumi.RegisterOutputType(RuntimeTemplateDataPersistentDiskSpecPtrOutput{}) pulumi.RegisterOutputType(RuntimeTemplateEncryptionSpecOutput{}) pulumi.RegisterOutputType(RuntimeTemplateEncryptionSpecPtrOutput{}) pulumi.RegisterOutputType(RuntimeTemplateEucConfigOutput{}) pulumi.RegisterOutputType(RuntimeTemplateEucConfigPtrOutput{}) + pulumi.RegisterOutputType(RuntimeTemplateIamBindingConditionOutput{}) + pulumi.RegisterOutputType(RuntimeTemplateIamBindingConditionPtrOutput{}) + pulumi.RegisterOutputType(RuntimeTemplateIamMemberConditionOutput{}) + pulumi.RegisterOutputType(RuntimeTemplateIamMemberConditionPtrOutput{}) pulumi.RegisterOutputType(RuntimeTemplateIdleShutdownConfigOutput{}) pulumi.RegisterOutputType(RuntimeTemplateIdleShutdownConfigPtrOutput{}) pulumi.RegisterOutputType(RuntimeTemplateMachineSpecOutput{}) diff --git a/sdk/go/gcp/colab/runtime.go b/sdk/go/gcp/colab/runtime.go new file mode 100644 index 0000000000..b911c9ddda --- /dev/null +++ b/sdk/go/gcp/colab/runtime.go @@ -0,0 +1,493 @@ +// Code generated by the Pulumi Terraform Bridge (tfgen) Tool DO NOT EDIT. +// *** WARNING: Do not edit by hand unless you're certain you know what you are doing! *** + +package colab + +import ( + "context" + "reflect" + + "errors" + "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/internal" + "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +) + +// 'A runtime is a Google-provisioned virtual machine (VM) that can run the code in your notebook (IPYNB file).' +// +// To get more information about Runtime, see: +// +// * [API documentation](https://cloud.google.com/vertex-ai/docs/reference/rest/v1/projects.locations.notebookRuntimes) +// * How-to Guides +// - [Create a runtime](https://cloud.google.com/colab/docs/create-runtime) +// +// ## Example Usage +// +// ### Colab Runtime Basic +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/colab" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// myTemplate, err := colab.NewRuntimeTemplate(ctx, "my_template", &colab.RuntimeTemplateArgs{ +// Name: pulumi.String("colab-runtime"), +// DisplayName: pulumi.String("Runtime template basic"), +// Location: pulumi.String("us-central1"), +// MachineSpec: &colab.RuntimeTemplateMachineSpecArgs{ +// MachineType: pulumi.String("e2-standard-4"), +// }, +// NetworkSpec: &colab.RuntimeTemplateNetworkSpecArgs{ +// EnableInternetAccess: pulumi.Bool(true), +// }, +// }) +// if err != nil { +// return err +// } +// _, err = colab.NewRuntime(ctx, "runtime", &colab.RuntimeArgs{ +// Name: pulumi.String("colab-runtime"), +// Location: pulumi.String("us-central1"), +// NotebookRuntimeTemplateRef: &colab.RuntimeNotebookRuntimeTemplateRefArgs{ +// NotebookRuntimeTemplate: myTemplate.ID(), +// }, +// DisplayName: pulumi.String("Runtime basic"), +// RuntimeUser: pulumi.String("gterraformtestuser@gmail.com"), +// }, pulumi.DependsOn([]pulumi.Resource{ +// myTemplate, +// })) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// ### Colab Runtime Full +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/colab" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// myTemplate, err := colab.NewRuntimeTemplate(ctx, "my_template", &colab.RuntimeTemplateArgs{ +// Name: pulumi.String("colab-runtime"), +// DisplayName: pulumi.String("Runtime template full"), +// Location: pulumi.String("us-central1"), +// Description: pulumi.String("Full runtime template"), +// MachineSpec: &colab.RuntimeTemplateMachineSpecArgs{ +// MachineType: pulumi.String("n1-standard-2"), +// AcceleratorType: pulumi.String("NVIDIA_TESLA_T4"), +// AcceleratorCount: pulumi.Int(1), +// }, +// DataPersistentDiskSpec: &colab.RuntimeTemplateDataPersistentDiskSpecArgs{ +// DiskType: pulumi.String("pd-standard"), +// DiskSizeGb: pulumi.String("200"), +// }, +// NetworkSpec: &colab.RuntimeTemplateNetworkSpecArgs{ +// EnableInternetAccess: pulumi.Bool(true), +// }, +// Labels: pulumi.StringMap{ +// "k": pulumi.String("val"), +// }, +// IdleShutdownConfig: &colab.RuntimeTemplateIdleShutdownConfigArgs{ +// IdleTimeout: pulumi.String("3600s"), +// }, +// EucConfig: &colab.RuntimeTemplateEucConfigArgs{ +// EucDisabled: pulumi.Bool(true), +// }, +// ShieldedVmConfig: &colab.RuntimeTemplateShieldedVmConfigArgs{ +// EnableSecureBoot: pulumi.Bool(true), +// }, +// NetworkTags: pulumi.StringArray{ +// pulumi.String("abc"), +// pulumi.String("def"), +// }, +// EncryptionSpec: &colab.RuntimeTemplateEncryptionSpecArgs{ +// KmsKeyName: pulumi.String("my-crypto-key"), +// }, +// }) +// if err != nil { +// return err +// } +// _, err = colab.NewRuntime(ctx, "runtime", &colab.RuntimeArgs{ +// Name: pulumi.String("colab-runtime"), +// Location: pulumi.String("us-central1"), +// NotebookRuntimeTemplateRef: &colab.RuntimeNotebookRuntimeTemplateRefArgs{ +// NotebookRuntimeTemplate: myTemplate.ID(), +// }, +// DisplayName: pulumi.String("Runtime full"), +// RuntimeUser: pulumi.String("gterraformtestuser@gmail.com"), +// Description: pulumi.String("Full runtime"), +// }, pulumi.DependsOn([]pulumi.Resource{ +// myTemplate, +// })) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## Import +// +// Runtime can be imported using any of these accepted formats: +// +// * `projects/{{project}}/locations/{{location}}/notebookRuntimes/{{name}}` +// +// * `{{project}}/{{location}}/{{name}}` +// +// * `{{location}}/{{name}}` +// +// When using the `pulumi import` command, Runtime can be imported using one of the formats above. For example: +// +// ```sh +// $ pulumi import gcp:colab/runtime:Runtime default projects/{{project}}/locations/{{location}}/notebookRuntimes/{{name}} +// ``` +// +// ```sh +// $ pulumi import gcp:colab/runtime:Runtime default {{project}}/{{location}}/{{name}} +// ``` +// +// ```sh +// $ pulumi import gcp:colab/runtime:Runtime default {{location}}/{{name}} +// ``` +type Runtime struct { + pulumi.CustomResourceState + + // The description of the Runtime. + Description pulumi.StringPtrOutput `pulumi:"description"` + // Required. The display name of the Runtime. + DisplayName pulumi.StringOutput `pulumi:"displayName"` + // The location for the resource: https://cloud.google.com/colab/docs/locations + // + // *** + Location pulumi.StringOutput `pulumi:"location"` + // The resource name of the Runtime + Name pulumi.StringOutput `pulumi:"name"` + // 'Runtime specific information used for NotebookRuntime creation.' + // Structure is documented below. + NotebookRuntimeTemplateRef RuntimeNotebookRuntimeTemplateRefPtrOutput `pulumi:"notebookRuntimeTemplateRef"` + // The ID of the project in which the resource belongs. + // If it is not provided, the provider project is used. + Project pulumi.StringOutput `pulumi:"project"` + // The user email of the NotebookRuntime. + RuntimeUser pulumi.StringOutput `pulumi:"runtimeUser"` +} + +// NewRuntime registers a new resource with the given unique name, arguments, and options. +func NewRuntime(ctx *pulumi.Context, + name string, args *RuntimeArgs, opts ...pulumi.ResourceOption) (*Runtime, error) { + if args == nil { + return nil, errors.New("missing one or more required arguments") + } + + if args.DisplayName == nil { + return nil, errors.New("invalid value for required argument 'DisplayName'") + } + if args.Location == nil { + return nil, errors.New("invalid value for required argument 'Location'") + } + if args.RuntimeUser == nil { + return nil, errors.New("invalid value for required argument 'RuntimeUser'") + } + opts = internal.PkgResourceDefaultOpts(opts) + var resource Runtime + err := ctx.RegisterResource("gcp:colab/runtime:Runtime", name, args, &resource, opts...) + if err != nil { + return nil, err + } + return &resource, nil +} + +// GetRuntime gets an existing Runtime resource's state with the given name, ID, and optional +// state properties that are used to uniquely qualify the lookup (nil if not required). +func GetRuntime(ctx *pulumi.Context, + name string, id pulumi.IDInput, state *RuntimeState, opts ...pulumi.ResourceOption) (*Runtime, error) { + var resource Runtime + err := ctx.ReadResource("gcp:colab/runtime:Runtime", name, id, state, &resource, opts...) + if err != nil { + return nil, err + } + return &resource, nil +} + +// Input properties used for looking up and filtering Runtime resources. +type runtimeState struct { + // The description of the Runtime. + Description *string `pulumi:"description"` + // Required. The display name of the Runtime. + DisplayName *string `pulumi:"displayName"` + // The location for the resource: https://cloud.google.com/colab/docs/locations + // + // *** + Location *string `pulumi:"location"` + // The resource name of the Runtime + Name *string `pulumi:"name"` + // 'Runtime specific information used for NotebookRuntime creation.' + // Structure is documented below. + NotebookRuntimeTemplateRef *RuntimeNotebookRuntimeTemplateRef `pulumi:"notebookRuntimeTemplateRef"` + // The ID of the project in which the resource belongs. + // If it is not provided, the provider project is used. + Project *string `pulumi:"project"` + // The user email of the NotebookRuntime. + RuntimeUser *string `pulumi:"runtimeUser"` +} + +type RuntimeState struct { + // The description of the Runtime. + Description pulumi.StringPtrInput + // Required. The display name of the Runtime. + DisplayName pulumi.StringPtrInput + // The location for the resource: https://cloud.google.com/colab/docs/locations + // + // *** + Location pulumi.StringPtrInput + // The resource name of the Runtime + Name pulumi.StringPtrInput + // 'Runtime specific information used for NotebookRuntime creation.' + // Structure is documented below. + NotebookRuntimeTemplateRef RuntimeNotebookRuntimeTemplateRefPtrInput + // The ID of the project in which the resource belongs. + // If it is not provided, the provider project is used. + Project pulumi.StringPtrInput + // The user email of the NotebookRuntime. + RuntimeUser pulumi.StringPtrInput +} + +func (RuntimeState) ElementType() reflect.Type { + return reflect.TypeOf((*runtimeState)(nil)).Elem() +} + +type runtimeArgs struct { + // The description of the Runtime. + Description *string `pulumi:"description"` + // Required. The display name of the Runtime. + DisplayName string `pulumi:"displayName"` + // The location for the resource: https://cloud.google.com/colab/docs/locations + // + // *** + Location string `pulumi:"location"` + // The resource name of the Runtime + Name *string `pulumi:"name"` + // 'Runtime specific information used for NotebookRuntime creation.' + // Structure is documented below. + NotebookRuntimeTemplateRef *RuntimeNotebookRuntimeTemplateRef `pulumi:"notebookRuntimeTemplateRef"` + // The ID of the project in which the resource belongs. + // If it is not provided, the provider project is used. + Project *string `pulumi:"project"` + // The user email of the NotebookRuntime. + RuntimeUser string `pulumi:"runtimeUser"` +} + +// The set of arguments for constructing a Runtime resource. +type RuntimeArgs struct { + // The description of the Runtime. + Description pulumi.StringPtrInput + // Required. The display name of the Runtime. + DisplayName pulumi.StringInput + // The location for the resource: https://cloud.google.com/colab/docs/locations + // + // *** + Location pulumi.StringInput + // The resource name of the Runtime + Name pulumi.StringPtrInput + // 'Runtime specific information used for NotebookRuntime creation.' + // Structure is documented below. + NotebookRuntimeTemplateRef RuntimeNotebookRuntimeTemplateRefPtrInput + // The ID of the project in which the resource belongs. + // If it is not provided, the provider project is used. + Project pulumi.StringPtrInput + // The user email of the NotebookRuntime. + RuntimeUser pulumi.StringInput +} + +func (RuntimeArgs) ElementType() reflect.Type { + return reflect.TypeOf((*runtimeArgs)(nil)).Elem() +} + +type RuntimeInput interface { + pulumi.Input + + ToRuntimeOutput() RuntimeOutput + ToRuntimeOutputWithContext(ctx context.Context) RuntimeOutput +} + +func (*Runtime) ElementType() reflect.Type { + return reflect.TypeOf((**Runtime)(nil)).Elem() +} + +func (i *Runtime) ToRuntimeOutput() RuntimeOutput { + return i.ToRuntimeOutputWithContext(context.Background()) +} + +func (i *Runtime) ToRuntimeOutputWithContext(ctx context.Context) RuntimeOutput { + return pulumi.ToOutputWithContext(ctx, i).(RuntimeOutput) +} + +// RuntimeArrayInput is an input type that accepts RuntimeArray and RuntimeArrayOutput values. +// You can construct a concrete instance of `RuntimeArrayInput` via: +// +// RuntimeArray{ RuntimeArgs{...} } +type RuntimeArrayInput interface { + pulumi.Input + + ToRuntimeArrayOutput() RuntimeArrayOutput + ToRuntimeArrayOutputWithContext(context.Context) RuntimeArrayOutput +} + +type RuntimeArray []RuntimeInput + +func (RuntimeArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]*Runtime)(nil)).Elem() +} + +func (i RuntimeArray) ToRuntimeArrayOutput() RuntimeArrayOutput { + return i.ToRuntimeArrayOutputWithContext(context.Background()) +} + +func (i RuntimeArray) ToRuntimeArrayOutputWithContext(ctx context.Context) RuntimeArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(RuntimeArrayOutput) +} + +// RuntimeMapInput is an input type that accepts RuntimeMap and RuntimeMapOutput values. +// You can construct a concrete instance of `RuntimeMapInput` via: +// +// RuntimeMap{ "key": RuntimeArgs{...} } +type RuntimeMapInput interface { + pulumi.Input + + ToRuntimeMapOutput() RuntimeMapOutput + ToRuntimeMapOutputWithContext(context.Context) RuntimeMapOutput +} + +type RuntimeMap map[string]RuntimeInput + +func (RuntimeMap) ElementType() reflect.Type { + return reflect.TypeOf((*map[string]*Runtime)(nil)).Elem() +} + +func (i RuntimeMap) ToRuntimeMapOutput() RuntimeMapOutput { + return i.ToRuntimeMapOutputWithContext(context.Background()) +} + +func (i RuntimeMap) ToRuntimeMapOutputWithContext(ctx context.Context) RuntimeMapOutput { + return pulumi.ToOutputWithContext(ctx, i).(RuntimeMapOutput) +} + +type RuntimeOutput struct{ *pulumi.OutputState } + +func (RuntimeOutput) ElementType() reflect.Type { + return reflect.TypeOf((**Runtime)(nil)).Elem() +} + +func (o RuntimeOutput) ToRuntimeOutput() RuntimeOutput { + return o +} + +func (o RuntimeOutput) ToRuntimeOutputWithContext(ctx context.Context) RuntimeOutput { + return o +} + +// The description of the Runtime. +func (o RuntimeOutput) Description() pulumi.StringPtrOutput { + return o.ApplyT(func(v *Runtime) pulumi.StringPtrOutput { return v.Description }).(pulumi.StringPtrOutput) +} + +// Required. The display name of the Runtime. +func (o RuntimeOutput) DisplayName() pulumi.StringOutput { + return o.ApplyT(func(v *Runtime) pulumi.StringOutput { return v.DisplayName }).(pulumi.StringOutput) +} + +// The location for the resource: https://cloud.google.com/colab/docs/locations +// +// *** +func (o RuntimeOutput) Location() pulumi.StringOutput { + return o.ApplyT(func(v *Runtime) pulumi.StringOutput { return v.Location }).(pulumi.StringOutput) +} + +// The resource name of the Runtime +func (o RuntimeOutput) Name() pulumi.StringOutput { + return o.ApplyT(func(v *Runtime) pulumi.StringOutput { return v.Name }).(pulumi.StringOutput) +} + +// 'Runtime specific information used for NotebookRuntime creation.' +// Structure is documented below. +func (o RuntimeOutput) NotebookRuntimeTemplateRef() RuntimeNotebookRuntimeTemplateRefPtrOutput { + return o.ApplyT(func(v *Runtime) RuntimeNotebookRuntimeTemplateRefPtrOutput { return v.NotebookRuntimeTemplateRef }).(RuntimeNotebookRuntimeTemplateRefPtrOutput) +} + +// The ID of the project in which the resource belongs. +// If it is not provided, the provider project is used. +func (o RuntimeOutput) Project() pulumi.StringOutput { + return o.ApplyT(func(v *Runtime) pulumi.StringOutput { return v.Project }).(pulumi.StringOutput) +} + +// The user email of the NotebookRuntime. +func (o RuntimeOutput) RuntimeUser() pulumi.StringOutput { + return o.ApplyT(func(v *Runtime) pulumi.StringOutput { return v.RuntimeUser }).(pulumi.StringOutput) +} + +type RuntimeArrayOutput struct{ *pulumi.OutputState } + +func (RuntimeArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]*Runtime)(nil)).Elem() +} + +func (o RuntimeArrayOutput) ToRuntimeArrayOutput() RuntimeArrayOutput { + return o +} + +func (o RuntimeArrayOutput) ToRuntimeArrayOutputWithContext(ctx context.Context) RuntimeArrayOutput { + return o +} + +func (o RuntimeArrayOutput) Index(i pulumi.IntInput) RuntimeOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) *Runtime { + return vs[0].([]*Runtime)[vs[1].(int)] + }).(RuntimeOutput) +} + +type RuntimeMapOutput struct{ *pulumi.OutputState } + +func (RuntimeMapOutput) ElementType() reflect.Type { + return reflect.TypeOf((*map[string]*Runtime)(nil)).Elem() +} + +func (o RuntimeMapOutput) ToRuntimeMapOutput() RuntimeMapOutput { + return o +} + +func (o RuntimeMapOutput) ToRuntimeMapOutputWithContext(ctx context.Context) RuntimeMapOutput { + return o +} + +func (o RuntimeMapOutput) MapIndex(k pulumi.StringInput) RuntimeOutput { + return pulumi.All(o, k).ApplyT(func(vs []interface{}) *Runtime { + return vs[0].(map[string]*Runtime)[vs[1].(string)] + }).(RuntimeOutput) +} + +func init() { + pulumi.RegisterInputType(reflect.TypeOf((*RuntimeInput)(nil)).Elem(), &Runtime{}) + pulumi.RegisterInputType(reflect.TypeOf((*RuntimeArrayInput)(nil)).Elem(), RuntimeArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*RuntimeMapInput)(nil)).Elem(), RuntimeMap{}) + pulumi.RegisterOutputType(RuntimeOutput{}) + pulumi.RegisterOutputType(RuntimeArrayOutput{}) + pulumi.RegisterOutputType(RuntimeMapOutput{}) +} diff --git a/sdk/go/gcp/colab/runtimeTemplateIamBinding.go b/sdk/go/gcp/colab/runtimeTemplateIamBinding.go new file mode 100644 index 0000000000..e0e91cd63d --- /dev/null +++ b/sdk/go/gcp/colab/runtimeTemplateIamBinding.go @@ -0,0 +1,674 @@ +// Code generated by the Pulumi Terraform Bridge (tfgen) Tool DO NOT EDIT. +// *** WARNING: Do not edit by hand unless you're certain you know what you are doing! *** + +package colab + +import ( + "context" + "reflect" + + "errors" + "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/internal" + "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +) + +// Three different resources help you manage your IAM policy for Colab Enterprise RuntimeTemplate. Each of these resources serves a different use case: +// +// * `colab.RuntimeTemplateIamPolicy`: Authoritative. Sets the IAM policy for the runtimetemplate and replaces any existing policy already attached. +// * `colab.RuntimeTemplateIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the runtimetemplate are preserved. +// * `colab.RuntimeTemplateIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the runtimetemplate are preserved. +// +// # A data source can be used to retrieve policy data in advent you do not need creation +// +// * `colab.RuntimeTemplateIamPolicy`: Retrieves the IAM policy for the runtimetemplate +// +// > **Note:** `colab.RuntimeTemplateIamPolicy` **cannot** be used in conjunction with `colab.RuntimeTemplateIamBinding` and `colab.RuntimeTemplateIamMember` or they will fight over what your policy should be. +// +// > **Note:** `colab.RuntimeTemplateIamBinding` resources **can be** used in conjunction with `colab.RuntimeTemplateIamMember` resources **only if** they do not grant privilege to the same role. +// +// ## colab.RuntimeTemplateIamPolicy +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/colab" +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{ +// Bindings: []organizations.GetIAMPolicyBinding{ +// { +// Role: "roles/viewer", +// Members: []string{ +// "user:jane@example.com", +// }, +// }, +// }, +// }, nil) +// if err != nil { +// return err +// } +// _, err = colab.NewRuntimeTemplateIamPolicy(ctx, "policy", &colab.RuntimeTemplateIamPolicyArgs{ +// Project: pulumi.Any(runtime_template.Project), +// Location: pulumi.Any(runtime_template.Location), +// RuntimeTemplate: pulumi.Any(runtime_template.Name), +// PolicyData: pulumi.String(admin.PolicyData), +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## colab.RuntimeTemplateIamBinding +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/colab" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := colab.NewRuntimeTemplateIamBinding(ctx, "binding", &colab.RuntimeTemplateIamBindingArgs{ +// Project: pulumi.Any(runtime_template.Project), +// Location: pulumi.Any(runtime_template.Location), +// RuntimeTemplate: pulumi.Any(runtime_template.Name), +// Role: pulumi.String("roles/viewer"), +// Members: pulumi.StringArray{ +// pulumi.String("user:jane@example.com"), +// }, +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## colab.RuntimeTemplateIamMember +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/colab" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := colab.NewRuntimeTemplateIamMember(ctx, "member", &colab.RuntimeTemplateIamMemberArgs{ +// Project: pulumi.Any(runtime_template.Project), +// Location: pulumi.Any(runtime_template.Location), +// RuntimeTemplate: pulumi.Any(runtime_template.Name), +// Role: pulumi.String("roles/viewer"), +// Member: pulumi.String("user:jane@example.com"), +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## This resource supports User Project Overrides. +// +// - +// +// # IAM policy for Colab Enterprise RuntimeTemplate +// Three different resources help you manage your IAM policy for Colab Enterprise RuntimeTemplate. Each of these resources serves a different use case: +// +// * `colab.RuntimeTemplateIamPolicy`: Authoritative. Sets the IAM policy for the runtimetemplate and replaces any existing policy already attached. +// * `colab.RuntimeTemplateIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the runtimetemplate are preserved. +// * `colab.RuntimeTemplateIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the runtimetemplate are preserved. +// +// # A data source can be used to retrieve policy data in advent you do not need creation +// +// * `colab.RuntimeTemplateIamPolicy`: Retrieves the IAM policy for the runtimetemplate +// +// > **Note:** `colab.RuntimeTemplateIamPolicy` **cannot** be used in conjunction with `colab.RuntimeTemplateIamBinding` and `colab.RuntimeTemplateIamMember` or they will fight over what your policy should be. +// +// > **Note:** `colab.RuntimeTemplateIamBinding` resources **can be** used in conjunction with `colab.RuntimeTemplateIamMember` resources **only if** they do not grant privilege to the same role. +// +// ## colab.RuntimeTemplateIamPolicy +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/colab" +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{ +// Bindings: []organizations.GetIAMPolicyBinding{ +// { +// Role: "roles/viewer", +// Members: []string{ +// "user:jane@example.com", +// }, +// }, +// }, +// }, nil) +// if err != nil { +// return err +// } +// _, err = colab.NewRuntimeTemplateIamPolicy(ctx, "policy", &colab.RuntimeTemplateIamPolicyArgs{ +// Project: pulumi.Any(runtime_template.Project), +// Location: pulumi.Any(runtime_template.Location), +// RuntimeTemplate: pulumi.Any(runtime_template.Name), +// PolicyData: pulumi.String(admin.PolicyData), +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## colab.RuntimeTemplateIamBinding +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/colab" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := colab.NewRuntimeTemplateIamBinding(ctx, "binding", &colab.RuntimeTemplateIamBindingArgs{ +// Project: pulumi.Any(runtime_template.Project), +// Location: pulumi.Any(runtime_template.Location), +// RuntimeTemplate: pulumi.Any(runtime_template.Name), +// Role: pulumi.String("roles/viewer"), +// Members: pulumi.StringArray{ +// pulumi.String("user:jane@example.com"), +// }, +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## colab.RuntimeTemplateIamMember +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/colab" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := colab.NewRuntimeTemplateIamMember(ctx, "member", &colab.RuntimeTemplateIamMemberArgs{ +// Project: pulumi.Any(runtime_template.Project), +// Location: pulumi.Any(runtime_template.Location), +// RuntimeTemplate: pulumi.Any(runtime_template.Name), +// Role: pulumi.String("roles/viewer"), +// Member: pulumi.String("user:jane@example.com"), +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## Import +// +// For all import syntaxes, the "resource in question" can take any of the following forms: +// +// * projects/{{project}}/locations/{{location}}/notebookRuntimeTemplates/{{runtime_template}} +// +// * {{project}}/{{location}}/{{runtime_template}} +// +// * {{location}}/{{runtime_template}} +// +// * {{runtime_template}} +// +// Any variables not passed in the import command will be taken from the provider configuration. +// +// Colab Enterprise runtimetemplate IAM resources can be imported using the resource identifiers, role, and member. +// +// IAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g. +// +// ```sh +// $ pulumi import gcp:colab/runtimeTemplateIamBinding:RuntimeTemplateIamBinding editor "projects/{{project}}/locations/{{location}}/notebookRuntimeTemplates/{{runtime_template}} roles/viewer user:jane@example.com" +// ``` +// +// IAM binding imports use space-delimited identifiers: the resource in question and the role, e.g. +// +// ```sh +// $ pulumi import gcp:colab/runtimeTemplateIamBinding:RuntimeTemplateIamBinding editor "projects/{{project}}/locations/{{location}}/notebookRuntimeTemplates/{{runtime_template}} roles/viewer" +// ``` +// +// IAM policy imports use the identifier of the resource in question, e.g. +// +// ```sh +// $ pulumi import gcp:colab/runtimeTemplateIamBinding:RuntimeTemplateIamBinding editor projects/{{project}}/locations/{{location}}/notebookRuntimeTemplates/{{runtime_template}} +// ``` +// +// -> **Custom Roles** If you're importing a IAM resource with a custom role, make sure to use the +// +// full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`. +type RuntimeTemplateIamBinding struct { + pulumi.CustomResourceState + + Condition RuntimeTemplateIamBindingConditionPtrOutput `pulumi:"condition"` + // (Computed) The etag of the IAM policy. + Etag pulumi.StringOutput `pulumi:"etag"` + // The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + // the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + // location is specified, it is taken from the provider configuration. + Location pulumi.StringOutput `pulumi:"location"` + // Identities that will be granted the privilege in `role`. + // Each entry can have one of the following values: + // * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + // * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + // * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + // * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + // * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + // * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + // * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + // * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + // * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + Members pulumi.StringArrayOutput `pulumi:"members"` + // The ID of the project in which the resource belongs. + // If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + Project pulumi.StringOutput `pulumi:"project"` + // The role that should be applied. Only one + // `colab.RuntimeTemplateIamBinding` can be used per role. Note that custom roles must be of the format + // `[projects|organizations]/{parent-name}/roles/{role-name}`. + Role pulumi.StringOutput `pulumi:"role"` + // Used to find the parent resource to bind the IAM policy to + RuntimeTemplate pulumi.StringOutput `pulumi:"runtimeTemplate"` +} + +// NewRuntimeTemplateIamBinding registers a new resource with the given unique name, arguments, and options. +func NewRuntimeTemplateIamBinding(ctx *pulumi.Context, + name string, args *RuntimeTemplateIamBindingArgs, opts ...pulumi.ResourceOption) (*RuntimeTemplateIamBinding, error) { + if args == nil { + return nil, errors.New("missing one or more required arguments") + } + + if args.Members == nil { + return nil, errors.New("invalid value for required argument 'Members'") + } + if args.Role == nil { + return nil, errors.New("invalid value for required argument 'Role'") + } + if args.RuntimeTemplate == nil { + return nil, errors.New("invalid value for required argument 'RuntimeTemplate'") + } + opts = internal.PkgResourceDefaultOpts(opts) + var resource RuntimeTemplateIamBinding + err := ctx.RegisterResource("gcp:colab/runtimeTemplateIamBinding:RuntimeTemplateIamBinding", name, args, &resource, opts...) + if err != nil { + return nil, err + } + return &resource, nil +} + +// GetRuntimeTemplateIamBinding gets an existing RuntimeTemplateIamBinding resource's state with the given name, ID, and optional +// state properties that are used to uniquely qualify the lookup (nil if not required). +func GetRuntimeTemplateIamBinding(ctx *pulumi.Context, + name string, id pulumi.IDInput, state *RuntimeTemplateIamBindingState, opts ...pulumi.ResourceOption) (*RuntimeTemplateIamBinding, error) { + var resource RuntimeTemplateIamBinding + err := ctx.ReadResource("gcp:colab/runtimeTemplateIamBinding:RuntimeTemplateIamBinding", name, id, state, &resource, opts...) + if err != nil { + return nil, err + } + return &resource, nil +} + +// Input properties used for looking up and filtering RuntimeTemplateIamBinding resources. +type runtimeTemplateIamBindingState struct { + Condition *RuntimeTemplateIamBindingCondition `pulumi:"condition"` + // (Computed) The etag of the IAM policy. + Etag *string `pulumi:"etag"` + // The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + // the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + // location is specified, it is taken from the provider configuration. + Location *string `pulumi:"location"` + // Identities that will be granted the privilege in `role`. + // Each entry can have one of the following values: + // * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + // * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + // * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + // * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + // * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + // * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + // * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + // * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + // * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + Members []string `pulumi:"members"` + // The ID of the project in which the resource belongs. + // If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + Project *string `pulumi:"project"` + // The role that should be applied. Only one + // `colab.RuntimeTemplateIamBinding` can be used per role. Note that custom roles must be of the format + // `[projects|organizations]/{parent-name}/roles/{role-name}`. + Role *string `pulumi:"role"` + // Used to find the parent resource to bind the IAM policy to + RuntimeTemplate *string `pulumi:"runtimeTemplate"` +} + +type RuntimeTemplateIamBindingState struct { + Condition RuntimeTemplateIamBindingConditionPtrInput + // (Computed) The etag of the IAM policy. + Etag pulumi.StringPtrInput + // The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + // the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + // location is specified, it is taken from the provider configuration. + Location pulumi.StringPtrInput + // Identities that will be granted the privilege in `role`. + // Each entry can have one of the following values: + // * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + // * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + // * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + // * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + // * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + // * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + // * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + // * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + // * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + Members pulumi.StringArrayInput + // The ID of the project in which the resource belongs. + // If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + Project pulumi.StringPtrInput + // The role that should be applied. Only one + // `colab.RuntimeTemplateIamBinding` can be used per role. Note that custom roles must be of the format + // `[projects|organizations]/{parent-name}/roles/{role-name}`. + Role pulumi.StringPtrInput + // Used to find the parent resource to bind the IAM policy to + RuntimeTemplate pulumi.StringPtrInput +} + +func (RuntimeTemplateIamBindingState) ElementType() reflect.Type { + return reflect.TypeOf((*runtimeTemplateIamBindingState)(nil)).Elem() +} + +type runtimeTemplateIamBindingArgs struct { + Condition *RuntimeTemplateIamBindingCondition `pulumi:"condition"` + // The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + // the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + // location is specified, it is taken from the provider configuration. + Location *string `pulumi:"location"` + // Identities that will be granted the privilege in `role`. + // Each entry can have one of the following values: + // * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + // * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + // * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + // * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + // * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + // * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + // * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + // * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + // * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + Members []string `pulumi:"members"` + // The ID of the project in which the resource belongs. + // If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + Project *string `pulumi:"project"` + // The role that should be applied. Only one + // `colab.RuntimeTemplateIamBinding` can be used per role. Note that custom roles must be of the format + // `[projects|organizations]/{parent-name}/roles/{role-name}`. + Role string `pulumi:"role"` + // Used to find the parent resource to bind the IAM policy to + RuntimeTemplate string `pulumi:"runtimeTemplate"` +} + +// The set of arguments for constructing a RuntimeTemplateIamBinding resource. +type RuntimeTemplateIamBindingArgs struct { + Condition RuntimeTemplateIamBindingConditionPtrInput + // The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + // the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + // location is specified, it is taken from the provider configuration. + Location pulumi.StringPtrInput + // Identities that will be granted the privilege in `role`. + // Each entry can have one of the following values: + // * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + // * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + // * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + // * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + // * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + // * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + // * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + // * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + // * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + Members pulumi.StringArrayInput + // The ID of the project in which the resource belongs. + // If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + Project pulumi.StringPtrInput + // The role that should be applied. Only one + // `colab.RuntimeTemplateIamBinding` can be used per role. Note that custom roles must be of the format + // `[projects|organizations]/{parent-name}/roles/{role-name}`. + Role pulumi.StringInput + // Used to find the parent resource to bind the IAM policy to + RuntimeTemplate pulumi.StringInput +} + +func (RuntimeTemplateIamBindingArgs) ElementType() reflect.Type { + return reflect.TypeOf((*runtimeTemplateIamBindingArgs)(nil)).Elem() +} + +type RuntimeTemplateIamBindingInput interface { + pulumi.Input + + ToRuntimeTemplateIamBindingOutput() RuntimeTemplateIamBindingOutput + ToRuntimeTemplateIamBindingOutputWithContext(ctx context.Context) RuntimeTemplateIamBindingOutput +} + +func (*RuntimeTemplateIamBinding) ElementType() reflect.Type { + return reflect.TypeOf((**RuntimeTemplateIamBinding)(nil)).Elem() +} + +func (i *RuntimeTemplateIamBinding) ToRuntimeTemplateIamBindingOutput() RuntimeTemplateIamBindingOutput { + return i.ToRuntimeTemplateIamBindingOutputWithContext(context.Background()) +} + +func (i *RuntimeTemplateIamBinding) ToRuntimeTemplateIamBindingOutputWithContext(ctx context.Context) RuntimeTemplateIamBindingOutput { + return pulumi.ToOutputWithContext(ctx, i).(RuntimeTemplateIamBindingOutput) +} + +// RuntimeTemplateIamBindingArrayInput is an input type that accepts RuntimeTemplateIamBindingArray and RuntimeTemplateIamBindingArrayOutput values. +// You can construct a concrete instance of `RuntimeTemplateIamBindingArrayInput` via: +// +// RuntimeTemplateIamBindingArray{ RuntimeTemplateIamBindingArgs{...} } +type RuntimeTemplateIamBindingArrayInput interface { + pulumi.Input + + ToRuntimeTemplateIamBindingArrayOutput() RuntimeTemplateIamBindingArrayOutput + ToRuntimeTemplateIamBindingArrayOutputWithContext(context.Context) RuntimeTemplateIamBindingArrayOutput +} + +type RuntimeTemplateIamBindingArray []RuntimeTemplateIamBindingInput + +func (RuntimeTemplateIamBindingArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]*RuntimeTemplateIamBinding)(nil)).Elem() +} + +func (i RuntimeTemplateIamBindingArray) ToRuntimeTemplateIamBindingArrayOutput() RuntimeTemplateIamBindingArrayOutput { + return i.ToRuntimeTemplateIamBindingArrayOutputWithContext(context.Background()) +} + +func (i RuntimeTemplateIamBindingArray) ToRuntimeTemplateIamBindingArrayOutputWithContext(ctx context.Context) RuntimeTemplateIamBindingArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(RuntimeTemplateIamBindingArrayOutput) +} + +// RuntimeTemplateIamBindingMapInput is an input type that accepts RuntimeTemplateIamBindingMap and RuntimeTemplateIamBindingMapOutput values. +// You can construct a concrete instance of `RuntimeTemplateIamBindingMapInput` via: +// +// RuntimeTemplateIamBindingMap{ "key": RuntimeTemplateIamBindingArgs{...} } +type RuntimeTemplateIamBindingMapInput interface { + pulumi.Input + + ToRuntimeTemplateIamBindingMapOutput() RuntimeTemplateIamBindingMapOutput + ToRuntimeTemplateIamBindingMapOutputWithContext(context.Context) RuntimeTemplateIamBindingMapOutput +} + +type RuntimeTemplateIamBindingMap map[string]RuntimeTemplateIamBindingInput + +func (RuntimeTemplateIamBindingMap) ElementType() reflect.Type { + return reflect.TypeOf((*map[string]*RuntimeTemplateIamBinding)(nil)).Elem() +} + +func (i RuntimeTemplateIamBindingMap) ToRuntimeTemplateIamBindingMapOutput() RuntimeTemplateIamBindingMapOutput { + return i.ToRuntimeTemplateIamBindingMapOutputWithContext(context.Background()) +} + +func (i RuntimeTemplateIamBindingMap) ToRuntimeTemplateIamBindingMapOutputWithContext(ctx context.Context) RuntimeTemplateIamBindingMapOutput { + return pulumi.ToOutputWithContext(ctx, i).(RuntimeTemplateIamBindingMapOutput) +} + +type RuntimeTemplateIamBindingOutput struct{ *pulumi.OutputState } + +func (RuntimeTemplateIamBindingOutput) ElementType() reflect.Type { + return reflect.TypeOf((**RuntimeTemplateIamBinding)(nil)).Elem() +} + +func (o RuntimeTemplateIamBindingOutput) ToRuntimeTemplateIamBindingOutput() RuntimeTemplateIamBindingOutput { + return o +} + +func (o RuntimeTemplateIamBindingOutput) ToRuntimeTemplateIamBindingOutputWithContext(ctx context.Context) RuntimeTemplateIamBindingOutput { + return o +} + +func (o RuntimeTemplateIamBindingOutput) Condition() RuntimeTemplateIamBindingConditionPtrOutput { + return o.ApplyT(func(v *RuntimeTemplateIamBinding) RuntimeTemplateIamBindingConditionPtrOutput { return v.Condition }).(RuntimeTemplateIamBindingConditionPtrOutput) +} + +// (Computed) The etag of the IAM policy. +func (o RuntimeTemplateIamBindingOutput) Etag() pulumi.StringOutput { + return o.ApplyT(func(v *RuntimeTemplateIamBinding) pulumi.StringOutput { return v.Etag }).(pulumi.StringOutput) +} + +// The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, +// the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no +// location is specified, it is taken from the provider configuration. +func (o RuntimeTemplateIamBindingOutput) Location() pulumi.StringOutput { + return o.ApplyT(func(v *RuntimeTemplateIamBinding) pulumi.StringOutput { return v.Location }).(pulumi.StringOutput) +} + +// Identities that will be granted the privilege in `role`. +// Each entry can have one of the following values: +// * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. +// * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. +// * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. +// * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. +// * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. +// * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. +// * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" +// * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" +// * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" +func (o RuntimeTemplateIamBindingOutput) Members() pulumi.StringArrayOutput { + return o.ApplyT(func(v *RuntimeTemplateIamBinding) pulumi.StringArrayOutput { return v.Members }).(pulumi.StringArrayOutput) +} + +// The ID of the project in which the resource belongs. +// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. +func (o RuntimeTemplateIamBindingOutput) Project() pulumi.StringOutput { + return o.ApplyT(func(v *RuntimeTemplateIamBinding) pulumi.StringOutput { return v.Project }).(pulumi.StringOutput) +} + +// The role that should be applied. Only one +// `colab.RuntimeTemplateIamBinding` can be used per role. Note that custom roles must be of the format +// `[projects|organizations]/{parent-name}/roles/{role-name}`. +func (o RuntimeTemplateIamBindingOutput) Role() pulumi.StringOutput { + return o.ApplyT(func(v *RuntimeTemplateIamBinding) pulumi.StringOutput { return v.Role }).(pulumi.StringOutput) +} + +// Used to find the parent resource to bind the IAM policy to +func (o RuntimeTemplateIamBindingOutput) RuntimeTemplate() pulumi.StringOutput { + return o.ApplyT(func(v *RuntimeTemplateIamBinding) pulumi.StringOutput { return v.RuntimeTemplate }).(pulumi.StringOutput) +} + +type RuntimeTemplateIamBindingArrayOutput struct{ *pulumi.OutputState } + +func (RuntimeTemplateIamBindingArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]*RuntimeTemplateIamBinding)(nil)).Elem() +} + +func (o RuntimeTemplateIamBindingArrayOutput) ToRuntimeTemplateIamBindingArrayOutput() RuntimeTemplateIamBindingArrayOutput { + return o +} + +func (o RuntimeTemplateIamBindingArrayOutput) ToRuntimeTemplateIamBindingArrayOutputWithContext(ctx context.Context) RuntimeTemplateIamBindingArrayOutput { + return o +} + +func (o RuntimeTemplateIamBindingArrayOutput) Index(i pulumi.IntInput) RuntimeTemplateIamBindingOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) *RuntimeTemplateIamBinding { + return vs[0].([]*RuntimeTemplateIamBinding)[vs[1].(int)] + }).(RuntimeTemplateIamBindingOutput) +} + +type RuntimeTemplateIamBindingMapOutput struct{ *pulumi.OutputState } + +func (RuntimeTemplateIamBindingMapOutput) ElementType() reflect.Type { + return reflect.TypeOf((*map[string]*RuntimeTemplateIamBinding)(nil)).Elem() +} + +func (o RuntimeTemplateIamBindingMapOutput) ToRuntimeTemplateIamBindingMapOutput() RuntimeTemplateIamBindingMapOutput { + return o +} + +func (o RuntimeTemplateIamBindingMapOutput) ToRuntimeTemplateIamBindingMapOutputWithContext(ctx context.Context) RuntimeTemplateIamBindingMapOutput { + return o +} + +func (o RuntimeTemplateIamBindingMapOutput) MapIndex(k pulumi.StringInput) RuntimeTemplateIamBindingOutput { + return pulumi.All(o, k).ApplyT(func(vs []interface{}) *RuntimeTemplateIamBinding { + return vs[0].(map[string]*RuntimeTemplateIamBinding)[vs[1].(string)] + }).(RuntimeTemplateIamBindingOutput) +} + +func init() { + pulumi.RegisterInputType(reflect.TypeOf((*RuntimeTemplateIamBindingInput)(nil)).Elem(), &RuntimeTemplateIamBinding{}) + pulumi.RegisterInputType(reflect.TypeOf((*RuntimeTemplateIamBindingArrayInput)(nil)).Elem(), RuntimeTemplateIamBindingArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*RuntimeTemplateIamBindingMapInput)(nil)).Elem(), RuntimeTemplateIamBindingMap{}) + pulumi.RegisterOutputType(RuntimeTemplateIamBindingOutput{}) + pulumi.RegisterOutputType(RuntimeTemplateIamBindingArrayOutput{}) + pulumi.RegisterOutputType(RuntimeTemplateIamBindingMapOutput{}) +} diff --git a/sdk/go/gcp/colab/runtimeTemplateIamMember.go b/sdk/go/gcp/colab/runtimeTemplateIamMember.go new file mode 100644 index 0000000000..5e5f328d7d --- /dev/null +++ b/sdk/go/gcp/colab/runtimeTemplateIamMember.go @@ -0,0 +1,674 @@ +// Code generated by the Pulumi Terraform Bridge (tfgen) Tool DO NOT EDIT. +// *** WARNING: Do not edit by hand unless you're certain you know what you are doing! *** + +package colab + +import ( + "context" + "reflect" + + "errors" + "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/internal" + "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +) + +// Three different resources help you manage your IAM policy for Colab Enterprise RuntimeTemplate. Each of these resources serves a different use case: +// +// * `colab.RuntimeTemplateIamPolicy`: Authoritative. Sets the IAM policy for the runtimetemplate and replaces any existing policy already attached. +// * `colab.RuntimeTemplateIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the runtimetemplate are preserved. +// * `colab.RuntimeTemplateIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the runtimetemplate are preserved. +// +// # A data source can be used to retrieve policy data in advent you do not need creation +// +// * `colab.RuntimeTemplateIamPolicy`: Retrieves the IAM policy for the runtimetemplate +// +// > **Note:** `colab.RuntimeTemplateIamPolicy` **cannot** be used in conjunction with `colab.RuntimeTemplateIamBinding` and `colab.RuntimeTemplateIamMember` or they will fight over what your policy should be. +// +// > **Note:** `colab.RuntimeTemplateIamBinding` resources **can be** used in conjunction with `colab.RuntimeTemplateIamMember` resources **only if** they do not grant privilege to the same role. +// +// ## colab.RuntimeTemplateIamPolicy +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/colab" +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{ +// Bindings: []organizations.GetIAMPolicyBinding{ +// { +// Role: "roles/viewer", +// Members: []string{ +// "user:jane@example.com", +// }, +// }, +// }, +// }, nil) +// if err != nil { +// return err +// } +// _, err = colab.NewRuntimeTemplateIamPolicy(ctx, "policy", &colab.RuntimeTemplateIamPolicyArgs{ +// Project: pulumi.Any(runtime_template.Project), +// Location: pulumi.Any(runtime_template.Location), +// RuntimeTemplate: pulumi.Any(runtime_template.Name), +// PolicyData: pulumi.String(admin.PolicyData), +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## colab.RuntimeTemplateIamBinding +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/colab" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := colab.NewRuntimeTemplateIamBinding(ctx, "binding", &colab.RuntimeTemplateIamBindingArgs{ +// Project: pulumi.Any(runtime_template.Project), +// Location: pulumi.Any(runtime_template.Location), +// RuntimeTemplate: pulumi.Any(runtime_template.Name), +// Role: pulumi.String("roles/viewer"), +// Members: pulumi.StringArray{ +// pulumi.String("user:jane@example.com"), +// }, +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## colab.RuntimeTemplateIamMember +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/colab" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := colab.NewRuntimeTemplateIamMember(ctx, "member", &colab.RuntimeTemplateIamMemberArgs{ +// Project: pulumi.Any(runtime_template.Project), +// Location: pulumi.Any(runtime_template.Location), +// RuntimeTemplate: pulumi.Any(runtime_template.Name), +// Role: pulumi.String("roles/viewer"), +// Member: pulumi.String("user:jane@example.com"), +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## This resource supports User Project Overrides. +// +// - +// +// # IAM policy for Colab Enterprise RuntimeTemplate +// Three different resources help you manage your IAM policy for Colab Enterprise RuntimeTemplate. Each of these resources serves a different use case: +// +// * `colab.RuntimeTemplateIamPolicy`: Authoritative. Sets the IAM policy for the runtimetemplate and replaces any existing policy already attached. +// * `colab.RuntimeTemplateIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the runtimetemplate are preserved. +// * `colab.RuntimeTemplateIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the runtimetemplate are preserved. +// +// # A data source can be used to retrieve policy data in advent you do not need creation +// +// * `colab.RuntimeTemplateIamPolicy`: Retrieves the IAM policy for the runtimetemplate +// +// > **Note:** `colab.RuntimeTemplateIamPolicy` **cannot** be used in conjunction with `colab.RuntimeTemplateIamBinding` and `colab.RuntimeTemplateIamMember` or they will fight over what your policy should be. +// +// > **Note:** `colab.RuntimeTemplateIamBinding` resources **can be** used in conjunction with `colab.RuntimeTemplateIamMember` resources **only if** they do not grant privilege to the same role. +// +// ## colab.RuntimeTemplateIamPolicy +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/colab" +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{ +// Bindings: []organizations.GetIAMPolicyBinding{ +// { +// Role: "roles/viewer", +// Members: []string{ +// "user:jane@example.com", +// }, +// }, +// }, +// }, nil) +// if err != nil { +// return err +// } +// _, err = colab.NewRuntimeTemplateIamPolicy(ctx, "policy", &colab.RuntimeTemplateIamPolicyArgs{ +// Project: pulumi.Any(runtime_template.Project), +// Location: pulumi.Any(runtime_template.Location), +// RuntimeTemplate: pulumi.Any(runtime_template.Name), +// PolicyData: pulumi.String(admin.PolicyData), +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## colab.RuntimeTemplateIamBinding +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/colab" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := colab.NewRuntimeTemplateIamBinding(ctx, "binding", &colab.RuntimeTemplateIamBindingArgs{ +// Project: pulumi.Any(runtime_template.Project), +// Location: pulumi.Any(runtime_template.Location), +// RuntimeTemplate: pulumi.Any(runtime_template.Name), +// Role: pulumi.String("roles/viewer"), +// Members: pulumi.StringArray{ +// pulumi.String("user:jane@example.com"), +// }, +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## colab.RuntimeTemplateIamMember +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/colab" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := colab.NewRuntimeTemplateIamMember(ctx, "member", &colab.RuntimeTemplateIamMemberArgs{ +// Project: pulumi.Any(runtime_template.Project), +// Location: pulumi.Any(runtime_template.Location), +// RuntimeTemplate: pulumi.Any(runtime_template.Name), +// Role: pulumi.String("roles/viewer"), +// Member: pulumi.String("user:jane@example.com"), +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## Import +// +// For all import syntaxes, the "resource in question" can take any of the following forms: +// +// * projects/{{project}}/locations/{{location}}/notebookRuntimeTemplates/{{runtime_template}} +// +// * {{project}}/{{location}}/{{runtime_template}} +// +// * {{location}}/{{runtime_template}} +// +// * {{runtime_template}} +// +// Any variables not passed in the import command will be taken from the provider configuration. +// +// Colab Enterprise runtimetemplate IAM resources can be imported using the resource identifiers, role, and member. +// +// IAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g. +// +// ```sh +// $ pulumi import gcp:colab/runtimeTemplateIamMember:RuntimeTemplateIamMember editor "projects/{{project}}/locations/{{location}}/notebookRuntimeTemplates/{{runtime_template}} roles/viewer user:jane@example.com" +// ``` +// +// IAM binding imports use space-delimited identifiers: the resource in question and the role, e.g. +// +// ```sh +// $ pulumi import gcp:colab/runtimeTemplateIamMember:RuntimeTemplateIamMember editor "projects/{{project}}/locations/{{location}}/notebookRuntimeTemplates/{{runtime_template}} roles/viewer" +// ``` +// +// IAM policy imports use the identifier of the resource in question, e.g. +// +// ```sh +// $ pulumi import gcp:colab/runtimeTemplateIamMember:RuntimeTemplateIamMember editor projects/{{project}}/locations/{{location}}/notebookRuntimeTemplates/{{runtime_template}} +// ``` +// +// -> **Custom Roles** If you're importing a IAM resource with a custom role, make sure to use the +// +// full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`. +type RuntimeTemplateIamMember struct { + pulumi.CustomResourceState + + Condition RuntimeTemplateIamMemberConditionPtrOutput `pulumi:"condition"` + // (Computed) The etag of the IAM policy. + Etag pulumi.StringOutput `pulumi:"etag"` + // The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + // the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + // location is specified, it is taken from the provider configuration. + Location pulumi.StringOutput `pulumi:"location"` + // Identities that will be granted the privilege in `role`. + // Each entry can have one of the following values: + // * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + // * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + // * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + // * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + // * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + // * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + // * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + // * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + // * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + Member pulumi.StringOutput `pulumi:"member"` + // The ID of the project in which the resource belongs. + // If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + Project pulumi.StringOutput `pulumi:"project"` + // The role that should be applied. Only one + // `colab.RuntimeTemplateIamBinding` can be used per role. Note that custom roles must be of the format + // `[projects|organizations]/{parent-name}/roles/{role-name}`. + Role pulumi.StringOutput `pulumi:"role"` + // Used to find the parent resource to bind the IAM policy to + RuntimeTemplate pulumi.StringOutput `pulumi:"runtimeTemplate"` +} + +// NewRuntimeTemplateIamMember registers a new resource with the given unique name, arguments, and options. +func NewRuntimeTemplateIamMember(ctx *pulumi.Context, + name string, args *RuntimeTemplateIamMemberArgs, opts ...pulumi.ResourceOption) (*RuntimeTemplateIamMember, error) { + if args == nil { + return nil, errors.New("missing one or more required arguments") + } + + if args.Member == nil { + return nil, errors.New("invalid value for required argument 'Member'") + } + if args.Role == nil { + return nil, errors.New("invalid value for required argument 'Role'") + } + if args.RuntimeTemplate == nil { + return nil, errors.New("invalid value for required argument 'RuntimeTemplate'") + } + opts = internal.PkgResourceDefaultOpts(opts) + var resource RuntimeTemplateIamMember + err := ctx.RegisterResource("gcp:colab/runtimeTemplateIamMember:RuntimeTemplateIamMember", name, args, &resource, opts...) + if err != nil { + return nil, err + } + return &resource, nil +} + +// GetRuntimeTemplateIamMember gets an existing RuntimeTemplateIamMember resource's state with the given name, ID, and optional +// state properties that are used to uniquely qualify the lookup (nil if not required). +func GetRuntimeTemplateIamMember(ctx *pulumi.Context, + name string, id pulumi.IDInput, state *RuntimeTemplateIamMemberState, opts ...pulumi.ResourceOption) (*RuntimeTemplateIamMember, error) { + var resource RuntimeTemplateIamMember + err := ctx.ReadResource("gcp:colab/runtimeTemplateIamMember:RuntimeTemplateIamMember", name, id, state, &resource, opts...) + if err != nil { + return nil, err + } + return &resource, nil +} + +// Input properties used for looking up and filtering RuntimeTemplateIamMember resources. +type runtimeTemplateIamMemberState struct { + Condition *RuntimeTemplateIamMemberCondition `pulumi:"condition"` + // (Computed) The etag of the IAM policy. + Etag *string `pulumi:"etag"` + // The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + // the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + // location is specified, it is taken from the provider configuration. + Location *string `pulumi:"location"` + // Identities that will be granted the privilege in `role`. + // Each entry can have one of the following values: + // * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + // * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + // * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + // * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + // * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + // * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + // * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + // * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + // * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + Member *string `pulumi:"member"` + // The ID of the project in which the resource belongs. + // If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + Project *string `pulumi:"project"` + // The role that should be applied. Only one + // `colab.RuntimeTemplateIamBinding` can be used per role. Note that custom roles must be of the format + // `[projects|organizations]/{parent-name}/roles/{role-name}`. + Role *string `pulumi:"role"` + // Used to find the parent resource to bind the IAM policy to + RuntimeTemplate *string `pulumi:"runtimeTemplate"` +} + +type RuntimeTemplateIamMemberState struct { + Condition RuntimeTemplateIamMemberConditionPtrInput + // (Computed) The etag of the IAM policy. + Etag pulumi.StringPtrInput + // The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + // the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + // location is specified, it is taken from the provider configuration. + Location pulumi.StringPtrInput + // Identities that will be granted the privilege in `role`. + // Each entry can have one of the following values: + // * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + // * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + // * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + // * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + // * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + // * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + // * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + // * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + // * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + Member pulumi.StringPtrInput + // The ID of the project in which the resource belongs. + // If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + Project pulumi.StringPtrInput + // The role that should be applied. Only one + // `colab.RuntimeTemplateIamBinding` can be used per role. Note that custom roles must be of the format + // `[projects|organizations]/{parent-name}/roles/{role-name}`. + Role pulumi.StringPtrInput + // Used to find the parent resource to bind the IAM policy to + RuntimeTemplate pulumi.StringPtrInput +} + +func (RuntimeTemplateIamMemberState) ElementType() reflect.Type { + return reflect.TypeOf((*runtimeTemplateIamMemberState)(nil)).Elem() +} + +type runtimeTemplateIamMemberArgs struct { + Condition *RuntimeTemplateIamMemberCondition `pulumi:"condition"` + // The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + // the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + // location is specified, it is taken from the provider configuration. + Location *string `pulumi:"location"` + // Identities that will be granted the privilege in `role`. + // Each entry can have one of the following values: + // * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + // * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + // * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + // * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + // * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + // * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + // * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + // * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + // * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + Member string `pulumi:"member"` + // The ID of the project in which the resource belongs. + // If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + Project *string `pulumi:"project"` + // The role that should be applied. Only one + // `colab.RuntimeTemplateIamBinding` can be used per role. Note that custom roles must be of the format + // `[projects|organizations]/{parent-name}/roles/{role-name}`. + Role string `pulumi:"role"` + // Used to find the parent resource to bind the IAM policy to + RuntimeTemplate string `pulumi:"runtimeTemplate"` +} + +// The set of arguments for constructing a RuntimeTemplateIamMember resource. +type RuntimeTemplateIamMemberArgs struct { + Condition RuntimeTemplateIamMemberConditionPtrInput + // The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + // the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + // location is specified, it is taken from the provider configuration. + Location pulumi.StringPtrInput + // Identities that will be granted the privilege in `role`. + // Each entry can have one of the following values: + // * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + // * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + // * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + // * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + // * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + // * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + // * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + // * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + // * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + Member pulumi.StringInput + // The ID of the project in which the resource belongs. + // If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + Project pulumi.StringPtrInput + // The role that should be applied. Only one + // `colab.RuntimeTemplateIamBinding` can be used per role. Note that custom roles must be of the format + // `[projects|organizations]/{parent-name}/roles/{role-name}`. + Role pulumi.StringInput + // Used to find the parent resource to bind the IAM policy to + RuntimeTemplate pulumi.StringInput +} + +func (RuntimeTemplateIamMemberArgs) ElementType() reflect.Type { + return reflect.TypeOf((*runtimeTemplateIamMemberArgs)(nil)).Elem() +} + +type RuntimeTemplateIamMemberInput interface { + pulumi.Input + + ToRuntimeTemplateIamMemberOutput() RuntimeTemplateIamMemberOutput + ToRuntimeTemplateIamMemberOutputWithContext(ctx context.Context) RuntimeTemplateIamMemberOutput +} + +func (*RuntimeTemplateIamMember) ElementType() reflect.Type { + return reflect.TypeOf((**RuntimeTemplateIamMember)(nil)).Elem() +} + +func (i *RuntimeTemplateIamMember) ToRuntimeTemplateIamMemberOutput() RuntimeTemplateIamMemberOutput { + return i.ToRuntimeTemplateIamMemberOutputWithContext(context.Background()) +} + +func (i *RuntimeTemplateIamMember) ToRuntimeTemplateIamMemberOutputWithContext(ctx context.Context) RuntimeTemplateIamMemberOutput { + return pulumi.ToOutputWithContext(ctx, i).(RuntimeTemplateIamMemberOutput) +} + +// RuntimeTemplateIamMemberArrayInput is an input type that accepts RuntimeTemplateIamMemberArray and RuntimeTemplateIamMemberArrayOutput values. +// You can construct a concrete instance of `RuntimeTemplateIamMemberArrayInput` via: +// +// RuntimeTemplateIamMemberArray{ RuntimeTemplateIamMemberArgs{...} } +type RuntimeTemplateIamMemberArrayInput interface { + pulumi.Input + + ToRuntimeTemplateIamMemberArrayOutput() RuntimeTemplateIamMemberArrayOutput + ToRuntimeTemplateIamMemberArrayOutputWithContext(context.Context) RuntimeTemplateIamMemberArrayOutput +} + +type RuntimeTemplateIamMemberArray []RuntimeTemplateIamMemberInput + +func (RuntimeTemplateIamMemberArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]*RuntimeTemplateIamMember)(nil)).Elem() +} + +func (i RuntimeTemplateIamMemberArray) ToRuntimeTemplateIamMemberArrayOutput() RuntimeTemplateIamMemberArrayOutput { + return i.ToRuntimeTemplateIamMemberArrayOutputWithContext(context.Background()) +} + +func (i RuntimeTemplateIamMemberArray) ToRuntimeTemplateIamMemberArrayOutputWithContext(ctx context.Context) RuntimeTemplateIamMemberArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(RuntimeTemplateIamMemberArrayOutput) +} + +// RuntimeTemplateIamMemberMapInput is an input type that accepts RuntimeTemplateIamMemberMap and RuntimeTemplateIamMemberMapOutput values. +// You can construct a concrete instance of `RuntimeTemplateIamMemberMapInput` via: +// +// RuntimeTemplateIamMemberMap{ "key": RuntimeTemplateIamMemberArgs{...} } +type RuntimeTemplateIamMemberMapInput interface { + pulumi.Input + + ToRuntimeTemplateIamMemberMapOutput() RuntimeTemplateIamMemberMapOutput + ToRuntimeTemplateIamMemberMapOutputWithContext(context.Context) RuntimeTemplateIamMemberMapOutput +} + +type RuntimeTemplateIamMemberMap map[string]RuntimeTemplateIamMemberInput + +func (RuntimeTemplateIamMemberMap) ElementType() reflect.Type { + return reflect.TypeOf((*map[string]*RuntimeTemplateIamMember)(nil)).Elem() +} + +func (i RuntimeTemplateIamMemberMap) ToRuntimeTemplateIamMemberMapOutput() RuntimeTemplateIamMemberMapOutput { + return i.ToRuntimeTemplateIamMemberMapOutputWithContext(context.Background()) +} + +func (i RuntimeTemplateIamMemberMap) ToRuntimeTemplateIamMemberMapOutputWithContext(ctx context.Context) RuntimeTemplateIamMemberMapOutput { + return pulumi.ToOutputWithContext(ctx, i).(RuntimeTemplateIamMemberMapOutput) +} + +type RuntimeTemplateIamMemberOutput struct{ *pulumi.OutputState } + +func (RuntimeTemplateIamMemberOutput) ElementType() reflect.Type { + return reflect.TypeOf((**RuntimeTemplateIamMember)(nil)).Elem() +} + +func (o RuntimeTemplateIamMemberOutput) ToRuntimeTemplateIamMemberOutput() RuntimeTemplateIamMemberOutput { + return o +} + +func (o RuntimeTemplateIamMemberOutput) ToRuntimeTemplateIamMemberOutputWithContext(ctx context.Context) RuntimeTemplateIamMemberOutput { + return o +} + +func (o RuntimeTemplateIamMemberOutput) Condition() RuntimeTemplateIamMemberConditionPtrOutput { + return o.ApplyT(func(v *RuntimeTemplateIamMember) RuntimeTemplateIamMemberConditionPtrOutput { return v.Condition }).(RuntimeTemplateIamMemberConditionPtrOutput) +} + +// (Computed) The etag of the IAM policy. +func (o RuntimeTemplateIamMemberOutput) Etag() pulumi.StringOutput { + return o.ApplyT(func(v *RuntimeTemplateIamMember) pulumi.StringOutput { return v.Etag }).(pulumi.StringOutput) +} + +// The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, +// the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no +// location is specified, it is taken from the provider configuration. +func (o RuntimeTemplateIamMemberOutput) Location() pulumi.StringOutput { + return o.ApplyT(func(v *RuntimeTemplateIamMember) pulumi.StringOutput { return v.Location }).(pulumi.StringOutput) +} + +// Identities that will be granted the privilege in `role`. +// Each entry can have one of the following values: +// * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. +// * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. +// * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. +// * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. +// * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. +// * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. +// * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" +// * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" +// * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" +func (o RuntimeTemplateIamMemberOutput) Member() pulumi.StringOutput { + return o.ApplyT(func(v *RuntimeTemplateIamMember) pulumi.StringOutput { return v.Member }).(pulumi.StringOutput) +} + +// The ID of the project in which the resource belongs. +// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. +func (o RuntimeTemplateIamMemberOutput) Project() pulumi.StringOutput { + return o.ApplyT(func(v *RuntimeTemplateIamMember) pulumi.StringOutput { return v.Project }).(pulumi.StringOutput) +} + +// The role that should be applied. Only one +// `colab.RuntimeTemplateIamBinding` can be used per role. Note that custom roles must be of the format +// `[projects|organizations]/{parent-name}/roles/{role-name}`. +func (o RuntimeTemplateIamMemberOutput) Role() pulumi.StringOutput { + return o.ApplyT(func(v *RuntimeTemplateIamMember) pulumi.StringOutput { return v.Role }).(pulumi.StringOutput) +} + +// Used to find the parent resource to bind the IAM policy to +func (o RuntimeTemplateIamMemberOutput) RuntimeTemplate() pulumi.StringOutput { + return o.ApplyT(func(v *RuntimeTemplateIamMember) pulumi.StringOutput { return v.RuntimeTemplate }).(pulumi.StringOutput) +} + +type RuntimeTemplateIamMemberArrayOutput struct{ *pulumi.OutputState } + +func (RuntimeTemplateIamMemberArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]*RuntimeTemplateIamMember)(nil)).Elem() +} + +func (o RuntimeTemplateIamMemberArrayOutput) ToRuntimeTemplateIamMemberArrayOutput() RuntimeTemplateIamMemberArrayOutput { + return o +} + +func (o RuntimeTemplateIamMemberArrayOutput) ToRuntimeTemplateIamMemberArrayOutputWithContext(ctx context.Context) RuntimeTemplateIamMemberArrayOutput { + return o +} + +func (o RuntimeTemplateIamMemberArrayOutput) Index(i pulumi.IntInput) RuntimeTemplateIamMemberOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) *RuntimeTemplateIamMember { + return vs[0].([]*RuntimeTemplateIamMember)[vs[1].(int)] + }).(RuntimeTemplateIamMemberOutput) +} + +type RuntimeTemplateIamMemberMapOutput struct{ *pulumi.OutputState } + +func (RuntimeTemplateIamMemberMapOutput) ElementType() reflect.Type { + return reflect.TypeOf((*map[string]*RuntimeTemplateIamMember)(nil)).Elem() +} + +func (o RuntimeTemplateIamMemberMapOutput) ToRuntimeTemplateIamMemberMapOutput() RuntimeTemplateIamMemberMapOutput { + return o +} + +func (o RuntimeTemplateIamMemberMapOutput) ToRuntimeTemplateIamMemberMapOutputWithContext(ctx context.Context) RuntimeTemplateIamMemberMapOutput { + return o +} + +func (o RuntimeTemplateIamMemberMapOutput) MapIndex(k pulumi.StringInput) RuntimeTemplateIamMemberOutput { + return pulumi.All(o, k).ApplyT(func(vs []interface{}) *RuntimeTemplateIamMember { + return vs[0].(map[string]*RuntimeTemplateIamMember)[vs[1].(string)] + }).(RuntimeTemplateIamMemberOutput) +} + +func init() { + pulumi.RegisterInputType(reflect.TypeOf((*RuntimeTemplateIamMemberInput)(nil)).Elem(), &RuntimeTemplateIamMember{}) + pulumi.RegisterInputType(reflect.TypeOf((*RuntimeTemplateIamMemberArrayInput)(nil)).Elem(), RuntimeTemplateIamMemberArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*RuntimeTemplateIamMemberMapInput)(nil)).Elem(), RuntimeTemplateIamMemberMap{}) + pulumi.RegisterOutputType(RuntimeTemplateIamMemberOutput{}) + pulumi.RegisterOutputType(RuntimeTemplateIamMemberArrayOutput{}) + pulumi.RegisterOutputType(RuntimeTemplateIamMemberMapOutput{}) +} diff --git a/sdk/go/gcp/colab/runtimeTemplateIamPolicy.go b/sdk/go/gcp/colab/runtimeTemplateIamPolicy.go new file mode 100644 index 0000000000..6eb3691032 --- /dev/null +++ b/sdk/go/gcp/colab/runtimeTemplateIamPolicy.go @@ -0,0 +1,581 @@ +// Code generated by the Pulumi Terraform Bridge (tfgen) Tool DO NOT EDIT. +// *** WARNING: Do not edit by hand unless you're certain you know what you are doing! *** + +package colab + +import ( + "context" + "reflect" + + "errors" + "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/internal" + "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +) + +// Three different resources help you manage your IAM policy for Colab Enterprise RuntimeTemplate. Each of these resources serves a different use case: +// +// * `colab.RuntimeTemplateIamPolicy`: Authoritative. Sets the IAM policy for the runtimetemplate and replaces any existing policy already attached. +// * `colab.RuntimeTemplateIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the runtimetemplate are preserved. +// * `colab.RuntimeTemplateIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the runtimetemplate are preserved. +// +// # A data source can be used to retrieve policy data in advent you do not need creation +// +// * `colab.RuntimeTemplateIamPolicy`: Retrieves the IAM policy for the runtimetemplate +// +// > **Note:** `colab.RuntimeTemplateIamPolicy` **cannot** be used in conjunction with `colab.RuntimeTemplateIamBinding` and `colab.RuntimeTemplateIamMember` or they will fight over what your policy should be. +// +// > **Note:** `colab.RuntimeTemplateIamBinding` resources **can be** used in conjunction with `colab.RuntimeTemplateIamMember` resources **only if** they do not grant privilege to the same role. +// +// ## colab.RuntimeTemplateIamPolicy +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/colab" +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{ +// Bindings: []organizations.GetIAMPolicyBinding{ +// { +// Role: "roles/viewer", +// Members: []string{ +// "user:jane@example.com", +// }, +// }, +// }, +// }, nil) +// if err != nil { +// return err +// } +// _, err = colab.NewRuntimeTemplateIamPolicy(ctx, "policy", &colab.RuntimeTemplateIamPolicyArgs{ +// Project: pulumi.Any(runtime_template.Project), +// Location: pulumi.Any(runtime_template.Location), +// RuntimeTemplate: pulumi.Any(runtime_template.Name), +// PolicyData: pulumi.String(admin.PolicyData), +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## colab.RuntimeTemplateIamBinding +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/colab" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := colab.NewRuntimeTemplateIamBinding(ctx, "binding", &colab.RuntimeTemplateIamBindingArgs{ +// Project: pulumi.Any(runtime_template.Project), +// Location: pulumi.Any(runtime_template.Location), +// RuntimeTemplate: pulumi.Any(runtime_template.Name), +// Role: pulumi.String("roles/viewer"), +// Members: pulumi.StringArray{ +// pulumi.String("user:jane@example.com"), +// }, +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## colab.RuntimeTemplateIamMember +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/colab" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := colab.NewRuntimeTemplateIamMember(ctx, "member", &colab.RuntimeTemplateIamMemberArgs{ +// Project: pulumi.Any(runtime_template.Project), +// Location: pulumi.Any(runtime_template.Location), +// RuntimeTemplate: pulumi.Any(runtime_template.Name), +// Role: pulumi.String("roles/viewer"), +// Member: pulumi.String("user:jane@example.com"), +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## This resource supports User Project Overrides. +// +// - +// +// # IAM policy for Colab Enterprise RuntimeTemplate +// Three different resources help you manage your IAM policy for Colab Enterprise RuntimeTemplate. Each of these resources serves a different use case: +// +// * `colab.RuntimeTemplateIamPolicy`: Authoritative. Sets the IAM policy for the runtimetemplate and replaces any existing policy already attached. +// * `colab.RuntimeTemplateIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the runtimetemplate are preserved. +// * `colab.RuntimeTemplateIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the runtimetemplate are preserved. +// +// # A data source can be used to retrieve policy data in advent you do not need creation +// +// * `colab.RuntimeTemplateIamPolicy`: Retrieves the IAM policy for the runtimetemplate +// +// > **Note:** `colab.RuntimeTemplateIamPolicy` **cannot** be used in conjunction with `colab.RuntimeTemplateIamBinding` and `colab.RuntimeTemplateIamMember` or they will fight over what your policy should be. +// +// > **Note:** `colab.RuntimeTemplateIamBinding` resources **can be** used in conjunction with `colab.RuntimeTemplateIamMember` resources **only if** they do not grant privilege to the same role. +// +// ## colab.RuntimeTemplateIamPolicy +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/colab" +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{ +// Bindings: []organizations.GetIAMPolicyBinding{ +// { +// Role: "roles/viewer", +// Members: []string{ +// "user:jane@example.com", +// }, +// }, +// }, +// }, nil) +// if err != nil { +// return err +// } +// _, err = colab.NewRuntimeTemplateIamPolicy(ctx, "policy", &colab.RuntimeTemplateIamPolicyArgs{ +// Project: pulumi.Any(runtime_template.Project), +// Location: pulumi.Any(runtime_template.Location), +// RuntimeTemplate: pulumi.Any(runtime_template.Name), +// PolicyData: pulumi.String(admin.PolicyData), +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## colab.RuntimeTemplateIamBinding +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/colab" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := colab.NewRuntimeTemplateIamBinding(ctx, "binding", &colab.RuntimeTemplateIamBindingArgs{ +// Project: pulumi.Any(runtime_template.Project), +// Location: pulumi.Any(runtime_template.Location), +// RuntimeTemplate: pulumi.Any(runtime_template.Name), +// Role: pulumi.String("roles/viewer"), +// Members: pulumi.StringArray{ +// pulumi.String("user:jane@example.com"), +// }, +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## colab.RuntimeTemplateIamMember +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/colab" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := colab.NewRuntimeTemplateIamMember(ctx, "member", &colab.RuntimeTemplateIamMemberArgs{ +// Project: pulumi.Any(runtime_template.Project), +// Location: pulumi.Any(runtime_template.Location), +// RuntimeTemplate: pulumi.Any(runtime_template.Name), +// Role: pulumi.String("roles/viewer"), +// Member: pulumi.String("user:jane@example.com"), +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## Import +// +// For all import syntaxes, the "resource in question" can take any of the following forms: +// +// * projects/{{project}}/locations/{{location}}/notebookRuntimeTemplates/{{runtime_template}} +// +// * {{project}}/{{location}}/{{runtime_template}} +// +// * {{location}}/{{runtime_template}} +// +// * {{runtime_template}} +// +// Any variables not passed in the import command will be taken from the provider configuration. +// +// Colab Enterprise runtimetemplate IAM resources can be imported using the resource identifiers, role, and member. +// +// IAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g. +// +// ```sh +// $ pulumi import gcp:colab/runtimeTemplateIamPolicy:RuntimeTemplateIamPolicy editor "projects/{{project}}/locations/{{location}}/notebookRuntimeTemplates/{{runtime_template}} roles/viewer user:jane@example.com" +// ``` +// +// IAM binding imports use space-delimited identifiers: the resource in question and the role, e.g. +// +// ```sh +// $ pulumi import gcp:colab/runtimeTemplateIamPolicy:RuntimeTemplateIamPolicy editor "projects/{{project}}/locations/{{location}}/notebookRuntimeTemplates/{{runtime_template}} roles/viewer" +// ``` +// +// IAM policy imports use the identifier of the resource in question, e.g. +// +// ```sh +// $ pulumi import gcp:colab/runtimeTemplateIamPolicy:RuntimeTemplateIamPolicy editor projects/{{project}}/locations/{{location}}/notebookRuntimeTemplates/{{runtime_template}} +// ``` +// +// -> **Custom Roles** If you're importing a IAM resource with a custom role, make sure to use the +// +// full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`. +type RuntimeTemplateIamPolicy struct { + pulumi.CustomResourceState + + // (Computed) The etag of the IAM policy. + Etag pulumi.StringOutput `pulumi:"etag"` + // The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + // the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + // location is specified, it is taken from the provider configuration. + Location pulumi.StringOutput `pulumi:"location"` + // The policy data generated by + // a `organizations.getIAMPolicy` data source. + PolicyData pulumi.StringOutput `pulumi:"policyData"` + // The ID of the project in which the resource belongs. + // If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + Project pulumi.StringOutput `pulumi:"project"` + // Used to find the parent resource to bind the IAM policy to + RuntimeTemplate pulumi.StringOutput `pulumi:"runtimeTemplate"` +} + +// NewRuntimeTemplateIamPolicy registers a new resource with the given unique name, arguments, and options. +func NewRuntimeTemplateIamPolicy(ctx *pulumi.Context, + name string, args *RuntimeTemplateIamPolicyArgs, opts ...pulumi.ResourceOption) (*RuntimeTemplateIamPolicy, error) { + if args == nil { + return nil, errors.New("missing one or more required arguments") + } + + if args.PolicyData == nil { + return nil, errors.New("invalid value for required argument 'PolicyData'") + } + if args.RuntimeTemplate == nil { + return nil, errors.New("invalid value for required argument 'RuntimeTemplate'") + } + opts = internal.PkgResourceDefaultOpts(opts) + var resource RuntimeTemplateIamPolicy + err := ctx.RegisterResource("gcp:colab/runtimeTemplateIamPolicy:RuntimeTemplateIamPolicy", name, args, &resource, opts...) + if err != nil { + return nil, err + } + return &resource, nil +} + +// GetRuntimeTemplateIamPolicy gets an existing RuntimeTemplateIamPolicy resource's state with the given name, ID, and optional +// state properties that are used to uniquely qualify the lookup (nil if not required). +func GetRuntimeTemplateIamPolicy(ctx *pulumi.Context, + name string, id pulumi.IDInput, state *RuntimeTemplateIamPolicyState, opts ...pulumi.ResourceOption) (*RuntimeTemplateIamPolicy, error) { + var resource RuntimeTemplateIamPolicy + err := ctx.ReadResource("gcp:colab/runtimeTemplateIamPolicy:RuntimeTemplateIamPolicy", name, id, state, &resource, opts...) + if err != nil { + return nil, err + } + return &resource, nil +} + +// Input properties used for looking up and filtering RuntimeTemplateIamPolicy resources. +type runtimeTemplateIamPolicyState struct { + // (Computed) The etag of the IAM policy. + Etag *string `pulumi:"etag"` + // The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + // the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + // location is specified, it is taken from the provider configuration. + Location *string `pulumi:"location"` + // The policy data generated by + // a `organizations.getIAMPolicy` data source. + PolicyData *string `pulumi:"policyData"` + // The ID of the project in which the resource belongs. + // If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + Project *string `pulumi:"project"` + // Used to find the parent resource to bind the IAM policy to + RuntimeTemplate *string `pulumi:"runtimeTemplate"` +} + +type RuntimeTemplateIamPolicyState struct { + // (Computed) The etag of the IAM policy. + Etag pulumi.StringPtrInput + // The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + // the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + // location is specified, it is taken from the provider configuration. + Location pulumi.StringPtrInput + // The policy data generated by + // a `organizations.getIAMPolicy` data source. + PolicyData pulumi.StringPtrInput + // The ID of the project in which the resource belongs. + // If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + Project pulumi.StringPtrInput + // Used to find the parent resource to bind the IAM policy to + RuntimeTemplate pulumi.StringPtrInput +} + +func (RuntimeTemplateIamPolicyState) ElementType() reflect.Type { + return reflect.TypeOf((*runtimeTemplateIamPolicyState)(nil)).Elem() +} + +type runtimeTemplateIamPolicyArgs struct { + // The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + // the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + // location is specified, it is taken from the provider configuration. + Location *string `pulumi:"location"` + // The policy data generated by + // a `organizations.getIAMPolicy` data source. + PolicyData string `pulumi:"policyData"` + // The ID of the project in which the resource belongs. + // If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + Project *string `pulumi:"project"` + // Used to find the parent resource to bind the IAM policy to + RuntimeTemplate string `pulumi:"runtimeTemplate"` +} + +// The set of arguments for constructing a RuntimeTemplateIamPolicy resource. +type RuntimeTemplateIamPolicyArgs struct { + // The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + // the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + // location is specified, it is taken from the provider configuration. + Location pulumi.StringPtrInput + // The policy data generated by + // a `organizations.getIAMPolicy` data source. + PolicyData pulumi.StringInput + // The ID of the project in which the resource belongs. + // If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + Project pulumi.StringPtrInput + // Used to find the parent resource to bind the IAM policy to + RuntimeTemplate pulumi.StringInput +} + +func (RuntimeTemplateIamPolicyArgs) ElementType() reflect.Type { + return reflect.TypeOf((*runtimeTemplateIamPolicyArgs)(nil)).Elem() +} + +type RuntimeTemplateIamPolicyInput interface { + pulumi.Input + + ToRuntimeTemplateIamPolicyOutput() RuntimeTemplateIamPolicyOutput + ToRuntimeTemplateIamPolicyOutputWithContext(ctx context.Context) RuntimeTemplateIamPolicyOutput +} + +func (*RuntimeTemplateIamPolicy) ElementType() reflect.Type { + return reflect.TypeOf((**RuntimeTemplateIamPolicy)(nil)).Elem() +} + +func (i *RuntimeTemplateIamPolicy) ToRuntimeTemplateIamPolicyOutput() RuntimeTemplateIamPolicyOutput { + return i.ToRuntimeTemplateIamPolicyOutputWithContext(context.Background()) +} + +func (i *RuntimeTemplateIamPolicy) ToRuntimeTemplateIamPolicyOutputWithContext(ctx context.Context) RuntimeTemplateIamPolicyOutput { + return pulumi.ToOutputWithContext(ctx, i).(RuntimeTemplateIamPolicyOutput) +} + +// RuntimeTemplateIamPolicyArrayInput is an input type that accepts RuntimeTemplateIamPolicyArray and RuntimeTemplateIamPolicyArrayOutput values. +// You can construct a concrete instance of `RuntimeTemplateIamPolicyArrayInput` via: +// +// RuntimeTemplateIamPolicyArray{ RuntimeTemplateIamPolicyArgs{...} } +type RuntimeTemplateIamPolicyArrayInput interface { + pulumi.Input + + ToRuntimeTemplateIamPolicyArrayOutput() RuntimeTemplateIamPolicyArrayOutput + ToRuntimeTemplateIamPolicyArrayOutputWithContext(context.Context) RuntimeTemplateIamPolicyArrayOutput +} + +type RuntimeTemplateIamPolicyArray []RuntimeTemplateIamPolicyInput + +func (RuntimeTemplateIamPolicyArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]*RuntimeTemplateIamPolicy)(nil)).Elem() +} + +func (i RuntimeTemplateIamPolicyArray) ToRuntimeTemplateIamPolicyArrayOutput() RuntimeTemplateIamPolicyArrayOutput { + return i.ToRuntimeTemplateIamPolicyArrayOutputWithContext(context.Background()) +} + +func (i RuntimeTemplateIamPolicyArray) ToRuntimeTemplateIamPolicyArrayOutputWithContext(ctx context.Context) RuntimeTemplateIamPolicyArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(RuntimeTemplateIamPolicyArrayOutput) +} + +// RuntimeTemplateIamPolicyMapInput is an input type that accepts RuntimeTemplateIamPolicyMap and RuntimeTemplateIamPolicyMapOutput values. +// You can construct a concrete instance of `RuntimeTemplateIamPolicyMapInput` via: +// +// RuntimeTemplateIamPolicyMap{ "key": RuntimeTemplateIamPolicyArgs{...} } +type RuntimeTemplateIamPolicyMapInput interface { + pulumi.Input + + ToRuntimeTemplateIamPolicyMapOutput() RuntimeTemplateIamPolicyMapOutput + ToRuntimeTemplateIamPolicyMapOutputWithContext(context.Context) RuntimeTemplateIamPolicyMapOutput +} + +type RuntimeTemplateIamPolicyMap map[string]RuntimeTemplateIamPolicyInput + +func (RuntimeTemplateIamPolicyMap) ElementType() reflect.Type { + return reflect.TypeOf((*map[string]*RuntimeTemplateIamPolicy)(nil)).Elem() +} + +func (i RuntimeTemplateIamPolicyMap) ToRuntimeTemplateIamPolicyMapOutput() RuntimeTemplateIamPolicyMapOutput { + return i.ToRuntimeTemplateIamPolicyMapOutputWithContext(context.Background()) +} + +func (i RuntimeTemplateIamPolicyMap) ToRuntimeTemplateIamPolicyMapOutputWithContext(ctx context.Context) RuntimeTemplateIamPolicyMapOutput { + return pulumi.ToOutputWithContext(ctx, i).(RuntimeTemplateIamPolicyMapOutput) +} + +type RuntimeTemplateIamPolicyOutput struct{ *pulumi.OutputState } + +func (RuntimeTemplateIamPolicyOutput) ElementType() reflect.Type { + return reflect.TypeOf((**RuntimeTemplateIamPolicy)(nil)).Elem() +} + +func (o RuntimeTemplateIamPolicyOutput) ToRuntimeTemplateIamPolicyOutput() RuntimeTemplateIamPolicyOutput { + return o +} + +func (o RuntimeTemplateIamPolicyOutput) ToRuntimeTemplateIamPolicyOutputWithContext(ctx context.Context) RuntimeTemplateIamPolicyOutput { + return o +} + +// (Computed) The etag of the IAM policy. +func (o RuntimeTemplateIamPolicyOutput) Etag() pulumi.StringOutput { + return o.ApplyT(func(v *RuntimeTemplateIamPolicy) pulumi.StringOutput { return v.Etag }).(pulumi.StringOutput) +} + +// The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, +// the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no +// location is specified, it is taken from the provider configuration. +func (o RuntimeTemplateIamPolicyOutput) Location() pulumi.StringOutput { + return o.ApplyT(func(v *RuntimeTemplateIamPolicy) pulumi.StringOutput { return v.Location }).(pulumi.StringOutput) +} + +// The policy data generated by +// a `organizations.getIAMPolicy` data source. +func (o RuntimeTemplateIamPolicyOutput) PolicyData() pulumi.StringOutput { + return o.ApplyT(func(v *RuntimeTemplateIamPolicy) pulumi.StringOutput { return v.PolicyData }).(pulumi.StringOutput) +} + +// The ID of the project in which the resource belongs. +// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. +func (o RuntimeTemplateIamPolicyOutput) Project() pulumi.StringOutput { + return o.ApplyT(func(v *RuntimeTemplateIamPolicy) pulumi.StringOutput { return v.Project }).(pulumi.StringOutput) +} + +// Used to find the parent resource to bind the IAM policy to +func (o RuntimeTemplateIamPolicyOutput) RuntimeTemplate() pulumi.StringOutput { + return o.ApplyT(func(v *RuntimeTemplateIamPolicy) pulumi.StringOutput { return v.RuntimeTemplate }).(pulumi.StringOutput) +} + +type RuntimeTemplateIamPolicyArrayOutput struct{ *pulumi.OutputState } + +func (RuntimeTemplateIamPolicyArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]*RuntimeTemplateIamPolicy)(nil)).Elem() +} + +func (o RuntimeTemplateIamPolicyArrayOutput) ToRuntimeTemplateIamPolicyArrayOutput() RuntimeTemplateIamPolicyArrayOutput { + return o +} + +func (o RuntimeTemplateIamPolicyArrayOutput) ToRuntimeTemplateIamPolicyArrayOutputWithContext(ctx context.Context) RuntimeTemplateIamPolicyArrayOutput { + return o +} + +func (o RuntimeTemplateIamPolicyArrayOutput) Index(i pulumi.IntInput) RuntimeTemplateIamPolicyOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) *RuntimeTemplateIamPolicy { + return vs[0].([]*RuntimeTemplateIamPolicy)[vs[1].(int)] + }).(RuntimeTemplateIamPolicyOutput) +} + +type RuntimeTemplateIamPolicyMapOutput struct{ *pulumi.OutputState } + +func (RuntimeTemplateIamPolicyMapOutput) ElementType() reflect.Type { + return reflect.TypeOf((*map[string]*RuntimeTemplateIamPolicy)(nil)).Elem() +} + +func (o RuntimeTemplateIamPolicyMapOutput) ToRuntimeTemplateIamPolicyMapOutput() RuntimeTemplateIamPolicyMapOutput { + return o +} + +func (o RuntimeTemplateIamPolicyMapOutput) ToRuntimeTemplateIamPolicyMapOutputWithContext(ctx context.Context) RuntimeTemplateIamPolicyMapOutput { + return o +} + +func (o RuntimeTemplateIamPolicyMapOutput) MapIndex(k pulumi.StringInput) RuntimeTemplateIamPolicyOutput { + return pulumi.All(o, k).ApplyT(func(vs []interface{}) *RuntimeTemplateIamPolicy { + return vs[0].(map[string]*RuntimeTemplateIamPolicy)[vs[1].(string)] + }).(RuntimeTemplateIamPolicyOutput) +} + +func init() { + pulumi.RegisterInputType(reflect.TypeOf((*RuntimeTemplateIamPolicyInput)(nil)).Elem(), &RuntimeTemplateIamPolicy{}) + pulumi.RegisterInputType(reflect.TypeOf((*RuntimeTemplateIamPolicyArrayInput)(nil)).Elem(), RuntimeTemplateIamPolicyArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*RuntimeTemplateIamPolicyMapInput)(nil)).Elem(), RuntimeTemplateIamPolicyMap{}) + pulumi.RegisterOutputType(RuntimeTemplateIamPolicyOutput{}) + pulumi.RegisterOutputType(RuntimeTemplateIamPolicyArrayOutput{}) + pulumi.RegisterOutputType(RuntimeTemplateIamPolicyMapOutput{}) +} diff --git a/sdk/go/gcp/compute/firewallPolicyRule.go b/sdk/go/gcp/compute/firewallPolicyRule.go index c7e880ce93..829a9f5bcb 100644 --- a/sdk/go/gcp/compute/firewallPolicyRule.go +++ b/sdk/go/gcp/compute/firewallPolicyRule.go @@ -37,7 +37,7 @@ import ( // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { // basicGlobalNetworksecurityAddressGroup, err := networksecurity.NewAddressGroup(ctx, "basic_global_networksecurity_address_group", &networksecurity.AddressGroupArgs{ -// Name: pulumi.String("address"), +// Name: pulumi.String("address-group"), // Parent: pulumi.String("organizations/123456789"), // Description: pulumi.String("Sample global networksecurity_address_group"), // Location: pulumi.String("global"), @@ -60,13 +60,13 @@ import ( // } // _, err = compute.NewFirewallPolicy(ctx, "default", &compute.FirewallPolicyArgs{ // Parent: folder.ID(), -// ShortName: pulumi.String("policy"), +// ShortName: pulumi.String("fw-policy"), // Description: pulumi.String("Resource created for Terraform acceptance testing"), // }) // if err != nil { // return err // } -// _, err = compute.NewFirewallPolicyRule(ctx, "policy_rule", &compute.FirewallPolicyRuleArgs{ +// _, err = compute.NewFirewallPolicyRule(ctx, "primary", &compute.FirewallPolicyRuleArgs{ // FirewallPolicy: _default.Name, // Description: pulumi.String("Resource created for Terraform acceptance testing"), // Priority: pulumi.Int(9000), @@ -74,7 +74,25 @@ import ( // Action: pulumi.String("allow"), // Direction: pulumi.String("EGRESS"), // Disabled: pulumi.Bool(false), +// TargetServiceAccounts: pulumi.StringArray{ +// pulumi.String("my@service-account.com"), +// }, // Match: &compute.FirewallPolicyRuleMatchArgs{ +// DestIpRanges: pulumi.StringArray{ +// pulumi.String("11.100.0.1/32"), +// }, +// DestFqdns: pulumi.StringArray{}, +// DestRegionCodes: pulumi.StringArray{ +// pulumi.String("US"), +// }, +// DestThreatIntelligences: pulumi.StringArray{ +// pulumi.String("iplist-known-malicious-ips"), +// }, +// SrcAddressGroups: pulumi.StringArray{}, +// DestAddressGroups: pulumi.StringArray{ +// basicGlobalNetworksecurityAddressGroup.ID(), +// }, +// DestNetworkScope: pulumi.String("INTERNET"), // Layer4Configs: compute.FirewallPolicyRuleMatchLayer4ConfigArray{ // &compute.FirewallPolicyRuleMatchLayer4ConfigArgs{ // IpProtocol: pulumi.String("tcp"), @@ -89,24 +107,84 @@ import ( // }, // }, // }, -// DestIpRanges: pulumi.StringArray{ +// }, +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// ### Firewall Policy Rule Network Scope +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute" +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// folder, err := organizations.NewFolder(ctx, "folder", &organizations.FolderArgs{ +// DisplayName: pulumi.String("folder"), +// Parent: pulumi.String("organizations/123456789"), +// DeletionProtection: pulumi.Bool(false), +// }) +// if err != nil { +// return err +// } +// _, err = compute.NewFirewallPolicy(ctx, "default", &compute.FirewallPolicyArgs{ +// Parent: folder.ID(), +// ShortName: pulumi.String("fw-policy"), +// Description: pulumi.String("Firewall policy"), +// }) +// if err != nil { +// return err +// } +// network, err := compute.NewNetwork(ctx, "network", &compute.NetworkArgs{ +// Name: pulumi.String("network"), +// AutoCreateSubnetworks: pulumi.Bool(false), +// }) +// if err != nil { +// return err +// } +// _, err = compute.NewFirewallPolicyRule(ctx, "primary", &compute.FirewallPolicyRuleArgs{ +// FirewallPolicy: _default.Name, +// Description: pulumi.String("Firewall policy rule with network scope"), +// Priority: pulumi.Int(9000), +// Action: pulumi.String("allow"), +// Direction: pulumi.String("INGRESS"), +// Disabled: pulumi.Bool(false), +// Match: &compute.FirewallPolicyRuleMatchArgs{ +// SrcIpRanges: pulumi.StringArray{ // pulumi.String("11.100.0.1/32"), // }, -// DestFqdns: pulumi.StringArray{}, -// DestRegionCodes: pulumi.StringArray{ -// pulumi.String("US"), +// SrcNetworkScope: pulumi.String("VPC_NETWORKS"), +// SrcNetworks: pulumi.StringArray{ +// network.ID(), // }, -// DestThreatIntelligences: pulumi.StringArray{ -// pulumi.String("iplist-known-malicious-ips"), -// }, -// SrcAddressGroups: pulumi.StringArray{}, -// DestAddressGroups: pulumi.StringArray{ -// basicGlobalNetworksecurityAddressGroup.ID(), +// Layer4Configs: compute.FirewallPolicyRuleMatchLayer4ConfigArray{ +// &compute.FirewallPolicyRuleMatchLayer4ConfigArgs{ +// IpProtocol: pulumi.String("tcp"), +// Ports: pulumi.StringArray{ +// pulumi.String("8080"), +// }, +// }, +// &compute.FirewallPolicyRuleMatchLayer4ConfigArgs{ +// IpProtocol: pulumi.String("udp"), +// Ports: pulumi.StringArray{ +// pulumi.String("22"), +// }, +// }, // }, // }, -// TargetServiceAccounts: pulumi.StringArray{ -// pulumi.String("my@service-account.com"), -// }, // }) // if err != nil { // return err diff --git a/sdk/go/gcp/compute/firewallPolicyWithRules.go b/sdk/go/gcp/compute/firewallPolicyWithRules.go index 31e07f96c9..5e92152c1f 100644 --- a/sdk/go/gcp/compute/firewallPolicyWithRules.go +++ b/sdk/go/gcp/compute/firewallPolicyWithRules.go @@ -37,7 +37,7 @@ import ( // return err // } // addressGroup1, err := networksecurity.NewAddressGroup(ctx, "address_group_1", &networksecurity.AddressGroupArgs{ -// Name: pulumi.String("tf-address-group"), +// Name: pulumi.String("address-group"), // Parent: pulumi.String("organizations/123456789"), // Description: pulumi.String("Global address group"), // Location: pulumi.String("global"), @@ -51,7 +51,7 @@ import ( // return err // } // securityProfile1, err := networksecurity.NewSecurityProfile(ctx, "security_profile_1", &networksecurity.SecurityProfileArgs{ -// Name: pulumi.String("tf-security-profile"), +// Name: pulumi.String("sp"), // Type: pulumi.String("THREAT_PREVENTION"), // Parent: pulumi.String("organizations/123456789"), // Location: pulumi.String("global"), @@ -60,7 +60,7 @@ import ( // return err // } // securityProfileGroup1, err := networksecurity.NewSecurityProfileGroup(ctx, "security_profile_group_1", &networksecurity.SecurityProfileGroupArgs{ -// Name: pulumi.String("tf-security-profile-group"), +// Name: pulumi.String("spg"), // Parent: pulumi.String("organizations/123456789"), // Description: pulumi.String("my description"), // ThreatPreventionProfile: securityProfile1.ID(), @@ -68,8 +68,15 @@ import ( // if err != nil { // return err // } -// _, err = compute.NewFirewallPolicyWithRules(ctx, "firewall-policy-with-rules", &compute.FirewallPolicyWithRulesArgs{ -// ShortName: pulumi.String("tf-fw-org-policy-with-rules"), +// network, err := compute.NewNetwork(ctx, "network", &compute.NetworkArgs{ +// Name: pulumi.String("network"), +// AutoCreateSubnetworks: pulumi.Bool(false), +// }) +// if err != nil { +// return err +// } +// _, err = compute.NewFirewallPolicyWithRules(ctx, "primary", &compute.FirewallPolicyWithRulesArgs{ +// ShortName: pulumi.String("fw-policy"), // Description: pulumi.String("Terraform test"), // Parent: pulumi.String("organizations/123456789"), // Rules: compute.FirewallPolicyWithRulesRuleArray{ @@ -79,16 +86,10 @@ import ( // EnableLogging: pulumi.Bool(true), // Action: pulumi.String("allow"), // Direction: pulumi.String("EGRESS"), +// TargetResources: pulumi.StringArray{ +// pulumi.Sprintf("https://www.googleapis.com/compute/beta/projects/%v/global/networks/default", project.Name), +// }, // Match: &compute.FirewallPolicyWithRulesRuleMatchArgs{ -// Layer4Configs: compute.FirewallPolicyWithRulesRuleMatchLayer4ConfigArray{ -// &compute.FirewallPolicyWithRulesRuleMatchLayer4ConfigArgs{ -// IpProtocol: pulumi.String("tcp"), -// Ports: pulumi.StringArray{ -// pulumi.String("8080"), -// pulumi.String("7070"), -// }, -// }, -// }, // DestIpRanges: pulumi.StringArray{ // pulumi.String("11.100.0.1/32"), // }, @@ -107,9 +108,15 @@ import ( // DestAddressGroups: pulumi.StringArray{ // addressGroup1.ID(), // }, -// }, -// TargetResources: pulumi.StringArray{ -// pulumi.Sprintf("https://www.googleapis.com/compute/beta/projects/%v/global/networks/default", project.Name), +// Layer4Configs: compute.FirewallPolicyWithRulesRuleMatchLayer4ConfigArray{ +// &compute.FirewallPolicyWithRulesRuleMatchLayer4ConfigArgs{ +// IpProtocol: pulumi.String("tcp"), +// Ports: pulumi.StringArray{ +// pulumi.String("8080"), +// pulumi.String("7070"), +// }, +// }, +// }, // }, // }, // &compute.FirewallPolicyWithRulesRuleArgs{ @@ -118,12 +125,8 @@ import ( // EnableLogging: pulumi.Bool(false), // Action: pulumi.String("deny"), // Direction: pulumi.String("INGRESS"), +// Disabled: pulumi.Bool(true), // Match: &compute.FirewallPolicyWithRulesRuleMatchArgs{ -// Layer4Configs: compute.FirewallPolicyWithRulesRuleMatchLayer4ConfigArray{ -// &compute.FirewallPolicyWithRulesRuleMatchLayer4ConfigArgs{ -// IpProtocol: pulumi.String("udp"), -// }, -// }, // SrcIpRanges: pulumi.StringArray{ // pulumi.String("0.0.0.0/0"), // }, @@ -142,8 +145,12 @@ import ( // SrcAddressGroups: pulumi.StringArray{ // addressGroup1.ID(), // }, +// Layer4Configs: compute.FirewallPolicyWithRulesRuleMatchLayer4ConfigArray{ +// &compute.FirewallPolicyWithRulesRuleMatchLayer4ConfigArgs{ +// IpProtocol: pulumi.String("udp"), +// }, +// }, // }, -// Disabled: pulumi.Bool(true), // }, // &compute.FirewallPolicyWithRulesRuleArgs{ // Description: pulumi.String("security profile group rule"), @@ -152,23 +159,70 @@ import ( // EnableLogging: pulumi.Bool(false), // Action: pulumi.String("apply_security_profile_group"), // Direction: pulumi.String("INGRESS"), +// TargetServiceAccounts: pulumi.StringArray{ +// pulumi.String("test@google.com"), +// }, +// SecurityProfileGroup: securityProfileGroup1.ID().ApplyT(func(id string) (string, error) { +// return fmt.Sprintf("//networksecurity.googleapis.com/%v", id), nil +// }).(pulumi.StringOutput), +// TlsInspect: pulumi.Bool(true), // Match: &compute.FirewallPolicyWithRulesRuleMatchArgs{ +// SrcIpRanges: pulumi.StringArray{ +// pulumi.String("0.0.0.0/0"), +// }, // Layer4Configs: compute.FirewallPolicyWithRulesRuleMatchLayer4ConfigArray{ // &compute.FirewallPolicyWithRulesRuleMatchLayer4ConfigArgs{ // IpProtocol: pulumi.String("tcp"), // }, // }, +// }, +// }, +// &compute.FirewallPolicyWithRulesRuleArgs{ +// Description: pulumi.String("network scope rule 1"), +// RuleName: pulumi.String("network scope 1"), +// Priority: pulumi.Int(4000), +// EnableLogging: pulumi.Bool(false), +// Action: pulumi.String("allow"), +// Direction: pulumi.String("INGRESS"), +// Match: &compute.FirewallPolicyWithRulesRuleMatchArgs{ // SrcIpRanges: pulumi.StringArray{ -// pulumi.String("0.0.0.0/0"), +// pulumi.String("11.100.0.1/32"), +// }, +// SrcNetworkScope: pulumi.String("VPC_NETWORKS"), +// SrcNetworks: pulumi.StringArray{ +// network.ID(), +// }, +// Layer4Configs: compute.FirewallPolicyWithRulesRuleMatchLayer4ConfigArray{ +// &compute.FirewallPolicyWithRulesRuleMatchLayer4ConfigArgs{ +// IpProtocol: pulumi.String("tcp"), +// Ports: pulumi.StringArray{ +// pulumi.String("8080"), +// }, +// }, // }, // }, -// TargetServiceAccounts: pulumi.StringArray{ -// pulumi.String("test@google.com"), +// }, +// &compute.FirewallPolicyWithRulesRuleArgs{ +// Description: pulumi.String("network scope rule 2"), +// RuleName: pulumi.String("network scope 2"), +// Priority: pulumi.Int(5000), +// EnableLogging: pulumi.Bool(false), +// Action: pulumi.String("allow"), +// Direction: pulumi.String("EGRESS"), +// Match: &compute.FirewallPolicyWithRulesRuleMatchArgs{ +// DestIpRanges: pulumi.StringArray{ +// pulumi.String("0.0.0.0/0"), +// }, +// DestNetworkScope: pulumi.String("INTERNET"), +// Layer4Configs: compute.FirewallPolicyWithRulesRuleMatchLayer4ConfigArray{ +// &compute.FirewallPolicyWithRulesRuleMatchLayer4ConfigArgs{ +// IpProtocol: pulumi.String("tcp"), +// Ports: pulumi.StringArray{ +// pulumi.String("8080"), +// }, +// }, +// }, // }, -// SecurityProfileGroup: securityProfileGroup1.ID().ApplyT(func(id string) (string, error) { -// return fmt.Sprintf("//networksecurity.googleapis.com/%v", id), nil -// }).(pulumi.StringOutput), -// TlsInspect: pulumi.Bool(true), // }, // }, // }) diff --git a/sdk/go/gcp/compute/getInstanceTemplateIamPolicy.go b/sdk/go/gcp/compute/getInstanceTemplateIamPolicy.go new file mode 100644 index 0000000000..b1b5473608 --- /dev/null +++ b/sdk/go/gcp/compute/getInstanceTemplateIamPolicy.go @@ -0,0 +1,137 @@ +// Code generated by the Pulumi Terraform Bridge (tfgen) Tool DO NOT EDIT. +// *** WARNING: Do not edit by hand unless you're certain you know what you are doing! *** + +package compute + +import ( + "context" + "reflect" + + "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/internal" + "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +) + +// Retrieves the current IAM policy data for instancetemplate +// +// ## example +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := compute.LookupInstanceTemplateIamPolicy(ctx, &compute.LookupInstanceTemplateIamPolicyArgs{ +// Project: pulumi.StringRef(_default.Project), +// Name: _default.Name, +// }, nil) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +func LookupInstanceTemplateIamPolicy(ctx *pulumi.Context, args *LookupInstanceTemplateIamPolicyArgs, opts ...pulumi.InvokeOption) (*LookupInstanceTemplateIamPolicyResult, error) { + opts = internal.PkgInvokeDefaultOpts(opts) + var rv LookupInstanceTemplateIamPolicyResult + err := ctx.Invoke("gcp:compute/getInstanceTemplateIamPolicy:getInstanceTemplateIamPolicy", args, &rv, opts...) + if err != nil { + return nil, err + } + return &rv, nil +} + +// A collection of arguments for invoking getInstanceTemplateIamPolicy. +type LookupInstanceTemplateIamPolicyArgs struct { + // Used to find the parent resource to bind the IAM policy to + Name string `pulumi:"name"` + // The ID of the project in which the resource belongs. + // If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + Project *string `pulumi:"project"` +} + +// A collection of values returned by getInstanceTemplateIamPolicy. +type LookupInstanceTemplateIamPolicyResult struct { + // (Computed) The etag of the IAM policy. + Etag string `pulumi:"etag"` + // The provider-assigned unique ID for this managed resource. + Id string `pulumi:"id"` + Name string `pulumi:"name"` + // (Required only by `compute.InstanceTemplateIamPolicy`) The policy data generated by + // a `organizations.getIAMPolicy` data source. + PolicyData string `pulumi:"policyData"` + Project string `pulumi:"project"` +} + +func LookupInstanceTemplateIamPolicyOutput(ctx *pulumi.Context, args LookupInstanceTemplateIamPolicyOutputArgs, opts ...pulumi.InvokeOption) LookupInstanceTemplateIamPolicyResultOutput { + return pulumi.ToOutputWithContext(ctx.Context(), args). + ApplyT(func(v interface{}) (LookupInstanceTemplateIamPolicyResultOutput, error) { + args := v.(LookupInstanceTemplateIamPolicyArgs) + options := pulumi.InvokeOutputOptions{InvokeOptions: internal.PkgInvokeDefaultOpts(opts)} + return ctx.InvokeOutput("gcp:compute/getInstanceTemplateIamPolicy:getInstanceTemplateIamPolicy", args, LookupInstanceTemplateIamPolicyResultOutput{}, options).(LookupInstanceTemplateIamPolicyResultOutput), nil + }).(LookupInstanceTemplateIamPolicyResultOutput) +} + +// A collection of arguments for invoking getInstanceTemplateIamPolicy. +type LookupInstanceTemplateIamPolicyOutputArgs struct { + // Used to find the parent resource to bind the IAM policy to + Name pulumi.StringInput `pulumi:"name"` + // The ID of the project in which the resource belongs. + // If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + Project pulumi.StringPtrInput `pulumi:"project"` +} + +func (LookupInstanceTemplateIamPolicyOutputArgs) ElementType() reflect.Type { + return reflect.TypeOf((*LookupInstanceTemplateIamPolicyArgs)(nil)).Elem() +} + +// A collection of values returned by getInstanceTemplateIamPolicy. +type LookupInstanceTemplateIamPolicyResultOutput struct{ *pulumi.OutputState } + +func (LookupInstanceTemplateIamPolicyResultOutput) ElementType() reflect.Type { + return reflect.TypeOf((*LookupInstanceTemplateIamPolicyResult)(nil)).Elem() +} + +func (o LookupInstanceTemplateIamPolicyResultOutput) ToLookupInstanceTemplateIamPolicyResultOutput() LookupInstanceTemplateIamPolicyResultOutput { + return o +} + +func (o LookupInstanceTemplateIamPolicyResultOutput) ToLookupInstanceTemplateIamPolicyResultOutputWithContext(ctx context.Context) LookupInstanceTemplateIamPolicyResultOutput { + return o +} + +// (Computed) The etag of the IAM policy. +func (o LookupInstanceTemplateIamPolicyResultOutput) Etag() pulumi.StringOutput { + return o.ApplyT(func(v LookupInstanceTemplateIamPolicyResult) string { return v.Etag }).(pulumi.StringOutput) +} + +// The provider-assigned unique ID for this managed resource. +func (o LookupInstanceTemplateIamPolicyResultOutput) Id() pulumi.StringOutput { + return o.ApplyT(func(v LookupInstanceTemplateIamPolicyResult) string { return v.Id }).(pulumi.StringOutput) +} + +func (o LookupInstanceTemplateIamPolicyResultOutput) Name() pulumi.StringOutput { + return o.ApplyT(func(v LookupInstanceTemplateIamPolicyResult) string { return v.Name }).(pulumi.StringOutput) +} + +// (Required only by `compute.InstanceTemplateIamPolicy`) The policy data generated by +// a `organizations.getIAMPolicy` data source. +func (o LookupInstanceTemplateIamPolicyResultOutput) PolicyData() pulumi.StringOutput { + return o.ApplyT(func(v LookupInstanceTemplateIamPolicyResult) string { return v.PolicyData }).(pulumi.StringOutput) +} + +func (o LookupInstanceTemplateIamPolicyResultOutput) Project() pulumi.StringOutput { + return o.ApplyT(func(v LookupInstanceTemplateIamPolicyResult) string { return v.Project }).(pulumi.StringOutput) +} + +func init() { + pulumi.RegisterOutputType(LookupInstanceTemplateIamPolicyResultOutput{}) +} diff --git a/sdk/go/gcp/compute/init.go b/sdk/go/gcp/compute/init.go index e50b3890e3..08199fc180 100644 --- a/sdk/go/gcp/compute/init.go +++ b/sdk/go/gcp/compute/init.go @@ -123,6 +123,12 @@ func (m *module) Construct(ctx *pulumi.Context, name, typ, urn string) (r pulumi r = &InstanceSettings{} case "gcp:compute/instanceTemplate:InstanceTemplate": r = &InstanceTemplate{} + case "gcp:compute/instanceTemplateIamBinding:InstanceTemplateIamBinding": + r = &InstanceTemplateIamBinding{} + case "gcp:compute/instanceTemplateIamMember:InstanceTemplateIamMember": + r = &InstanceTemplateIamMember{} + case "gcp:compute/instanceTemplateIamPolicy:InstanceTemplateIamPolicy": + r = &InstanceTemplateIamPolicy{} case "gcp:compute/interconnect:Interconnect": r = &Interconnect{} case "gcp:compute/interconnectAttachment:InterconnectAttachment": @@ -589,6 +595,21 @@ func init() { "compute/instanceTemplate", &module{version}, ) + pulumi.RegisterResourceModule( + "gcp", + "compute/instanceTemplateIamBinding", + &module{version}, + ) + pulumi.RegisterResourceModule( + "gcp", + "compute/instanceTemplateIamMember", + &module{version}, + ) + pulumi.RegisterResourceModule( + "gcp", + "compute/instanceTemplateIamPolicy", + &module{version}, + ) pulumi.RegisterResourceModule( "gcp", "compute/interconnect", diff --git a/sdk/go/gcp/compute/instanceTemplateIamBinding.go b/sdk/go/gcp/compute/instanceTemplateIamBinding.go new file mode 100644 index 0000000000..74e50320cf --- /dev/null +++ b/sdk/go/gcp/compute/instanceTemplateIamBinding.go @@ -0,0 +1,882 @@ +// Code generated by the Pulumi Terraform Bridge (tfgen) Tool DO NOT EDIT. +// *** WARNING: Do not edit by hand unless you're certain you know what you are doing! *** + +package compute + +import ( + "context" + "reflect" + + "errors" + "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/internal" + "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +) + +// Three different resources help you manage your IAM policy for Compute Engine InstanceTemplate. Each of these resources serves a different use case: +// +// * `compute.InstanceTemplateIamPolicy`: Authoritative. Sets the IAM policy for the instancetemplate and replaces any existing policy already attached. +// * `compute.InstanceTemplateIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the instancetemplate are preserved. +// * `compute.InstanceTemplateIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the instancetemplate are preserved. +// +// # A data source can be used to retrieve policy data in advent you do not need creation +// +// * `compute.InstanceTemplateIamPolicy`: Retrieves the IAM policy for the instancetemplate +// +// > **Note:** `compute.InstanceTemplateIamPolicy` **cannot** be used in conjunction with `compute.InstanceTemplateIamBinding` and `compute.InstanceTemplateIamMember` or they will fight over what your policy should be. +// +// > **Note:** `compute.InstanceTemplateIamBinding` resources **can be** used in conjunction with `compute.InstanceTemplateIamMember` resources **only if** they do not grant privilege to the same role. +// +// > **Note:** This resource supports IAM Conditions but they have some known limitations which can be found [here](https://cloud.google.com/iam/docs/conditions-overview#limitations). Please review this article if you are having issues with IAM Conditions. +// +// ## compute.InstanceTemplateIamPolicy +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute" +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{ +// Bindings: []organizations.GetIAMPolicyBinding{ +// { +// Role: "roles/compute.instanceAdmin", +// Members: []string{ +// "user:jane@example.com", +// }, +// }, +// }, +// }, nil) +// if err != nil { +// return err +// } +// _, err = compute.NewInstanceTemplateIamPolicy(ctx, "policy", &compute.InstanceTemplateIamPolicyArgs{ +// Project: pulumi.Any(_default.Project), +// Name: pulumi.Any(_default.Name), +// PolicyData: pulumi.String(admin.PolicyData), +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// With IAM Conditions: +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute" +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{ +// Bindings: []organizations.GetIAMPolicyBinding{ +// { +// Role: "roles/compute.instanceAdmin", +// Members: []string{ +// "user:jane@example.com", +// }, +// Condition: { +// Title: "expires_after_2019_12_31", +// Description: pulumi.StringRef("Expiring at midnight of 2019-12-31"), +// Expression: "request.time < timestamp(\"2020-01-01T00:00:00Z\")", +// }, +// }, +// }, +// }, nil) +// if err != nil { +// return err +// } +// _, err = compute.NewInstanceTemplateIamPolicy(ctx, "policy", &compute.InstanceTemplateIamPolicyArgs{ +// Project: pulumi.Any(_default.Project), +// Name: pulumi.Any(_default.Name), +// PolicyData: pulumi.String(admin.PolicyData), +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// ## compute.InstanceTemplateIamBinding +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := compute.NewInstanceTemplateIamBinding(ctx, "binding", &compute.InstanceTemplateIamBindingArgs{ +// Project: pulumi.Any(_default.Project), +// Name: pulumi.Any(_default.Name), +// Role: pulumi.String("roles/compute.instanceAdmin"), +// Members: pulumi.StringArray{ +// pulumi.String("user:jane@example.com"), +// }, +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// With IAM Conditions: +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := compute.NewInstanceTemplateIamBinding(ctx, "binding", &compute.InstanceTemplateIamBindingArgs{ +// Project: pulumi.Any(_default.Project), +// Name: pulumi.Any(_default.Name), +// Role: pulumi.String("roles/compute.instanceAdmin"), +// Members: pulumi.StringArray{ +// pulumi.String("user:jane@example.com"), +// }, +// Condition: &compute.InstanceTemplateIamBindingConditionArgs{ +// Title: pulumi.String("expires_after_2019_12_31"), +// Description: pulumi.String("Expiring at midnight of 2019-12-31"), +// Expression: pulumi.String("request.time < timestamp(\"2020-01-01T00:00:00Z\")"), +// }, +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// ## compute.InstanceTemplateIamMember +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := compute.NewInstanceTemplateIamMember(ctx, "member", &compute.InstanceTemplateIamMemberArgs{ +// Project: pulumi.Any(_default.Project), +// Name: pulumi.Any(_default.Name), +// Role: pulumi.String("roles/compute.instanceAdmin"), +// Member: pulumi.String("user:jane@example.com"), +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// With IAM Conditions: +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := compute.NewInstanceTemplateIamMember(ctx, "member", &compute.InstanceTemplateIamMemberArgs{ +// Project: pulumi.Any(_default.Project), +// Name: pulumi.Any(_default.Name), +// Role: pulumi.String("roles/compute.instanceAdmin"), +// Member: pulumi.String("user:jane@example.com"), +// Condition: &compute.InstanceTemplateIamMemberConditionArgs{ +// Title: pulumi.String("expires_after_2019_12_31"), +// Description: pulumi.String("Expiring at midnight of 2019-12-31"), +// Expression: pulumi.String("request.time < timestamp(\"2020-01-01T00:00:00Z\")"), +// }, +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## This resource supports User Project Overrides. +// +// - +// +// # IAM policy for Compute Engine InstanceTemplate +// Three different resources help you manage your IAM policy for Compute Engine InstanceTemplate. Each of these resources serves a different use case: +// +// * `compute.InstanceTemplateIamPolicy`: Authoritative. Sets the IAM policy for the instancetemplate and replaces any existing policy already attached. +// * `compute.InstanceTemplateIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the instancetemplate are preserved. +// * `compute.InstanceTemplateIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the instancetemplate are preserved. +// +// # A data source can be used to retrieve policy data in advent you do not need creation +// +// * `compute.InstanceTemplateIamPolicy`: Retrieves the IAM policy for the instancetemplate +// +// > **Note:** `compute.InstanceTemplateIamPolicy` **cannot** be used in conjunction with `compute.InstanceTemplateIamBinding` and `compute.InstanceTemplateIamMember` or they will fight over what your policy should be. +// +// > **Note:** `compute.InstanceTemplateIamBinding` resources **can be** used in conjunction with `compute.InstanceTemplateIamMember` resources **only if** they do not grant privilege to the same role. +// +// > **Note:** This resource supports IAM Conditions but they have some known limitations which can be found [here](https://cloud.google.com/iam/docs/conditions-overview#limitations). Please review this article if you are having issues with IAM Conditions. +// +// ## compute.InstanceTemplateIamPolicy +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute" +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{ +// Bindings: []organizations.GetIAMPolicyBinding{ +// { +// Role: "roles/compute.instanceAdmin", +// Members: []string{ +// "user:jane@example.com", +// }, +// }, +// }, +// }, nil) +// if err != nil { +// return err +// } +// _, err = compute.NewInstanceTemplateIamPolicy(ctx, "policy", &compute.InstanceTemplateIamPolicyArgs{ +// Project: pulumi.Any(_default.Project), +// Name: pulumi.Any(_default.Name), +// PolicyData: pulumi.String(admin.PolicyData), +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// With IAM Conditions: +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute" +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{ +// Bindings: []organizations.GetIAMPolicyBinding{ +// { +// Role: "roles/compute.instanceAdmin", +// Members: []string{ +// "user:jane@example.com", +// }, +// Condition: { +// Title: "expires_after_2019_12_31", +// Description: pulumi.StringRef("Expiring at midnight of 2019-12-31"), +// Expression: "request.time < timestamp(\"2020-01-01T00:00:00Z\")", +// }, +// }, +// }, +// }, nil) +// if err != nil { +// return err +// } +// _, err = compute.NewInstanceTemplateIamPolicy(ctx, "policy", &compute.InstanceTemplateIamPolicyArgs{ +// Project: pulumi.Any(_default.Project), +// Name: pulumi.Any(_default.Name), +// PolicyData: pulumi.String(admin.PolicyData), +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// ## compute.InstanceTemplateIamBinding +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := compute.NewInstanceTemplateIamBinding(ctx, "binding", &compute.InstanceTemplateIamBindingArgs{ +// Project: pulumi.Any(_default.Project), +// Name: pulumi.Any(_default.Name), +// Role: pulumi.String("roles/compute.instanceAdmin"), +// Members: pulumi.StringArray{ +// pulumi.String("user:jane@example.com"), +// }, +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// With IAM Conditions: +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := compute.NewInstanceTemplateIamBinding(ctx, "binding", &compute.InstanceTemplateIamBindingArgs{ +// Project: pulumi.Any(_default.Project), +// Name: pulumi.Any(_default.Name), +// Role: pulumi.String("roles/compute.instanceAdmin"), +// Members: pulumi.StringArray{ +// pulumi.String("user:jane@example.com"), +// }, +// Condition: &compute.InstanceTemplateIamBindingConditionArgs{ +// Title: pulumi.String("expires_after_2019_12_31"), +// Description: pulumi.String("Expiring at midnight of 2019-12-31"), +// Expression: pulumi.String("request.time < timestamp(\"2020-01-01T00:00:00Z\")"), +// }, +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// ## compute.InstanceTemplateIamMember +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := compute.NewInstanceTemplateIamMember(ctx, "member", &compute.InstanceTemplateIamMemberArgs{ +// Project: pulumi.Any(_default.Project), +// Name: pulumi.Any(_default.Name), +// Role: pulumi.String("roles/compute.instanceAdmin"), +// Member: pulumi.String("user:jane@example.com"), +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// With IAM Conditions: +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := compute.NewInstanceTemplateIamMember(ctx, "member", &compute.InstanceTemplateIamMemberArgs{ +// Project: pulumi.Any(_default.Project), +// Name: pulumi.Any(_default.Name), +// Role: pulumi.String("roles/compute.instanceAdmin"), +// Member: pulumi.String("user:jane@example.com"), +// Condition: &compute.InstanceTemplateIamMemberConditionArgs{ +// Title: pulumi.String("expires_after_2019_12_31"), +// Description: pulumi.String("Expiring at midnight of 2019-12-31"), +// Expression: pulumi.String("request.time < timestamp(\"2020-01-01T00:00:00Z\")"), +// }, +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## Import +// +// For all import syntaxes, the "resource in question" can take any of the following forms: +// +// * projects/{{project}}/global/instanceTemplates/{{name}} +// +// * {{project}}/{{name}} +// +// * {{name}} +// +// Any variables not passed in the import command will be taken from the provider configuration. +// +// Compute Engine instancetemplate IAM resources can be imported using the resource identifiers, role, and member. +// +// IAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g. +// +// ```sh +// $ pulumi import gcp:compute/instanceTemplateIamBinding:InstanceTemplateIamBinding editor "projects/{{project}}/global/instanceTemplates/{{instance_template}} roles/compute.instanceAdmin user:jane@example.com" +// ``` +// +// IAM binding imports use space-delimited identifiers: the resource in question and the role, e.g. +// +// ```sh +// $ pulumi import gcp:compute/instanceTemplateIamBinding:InstanceTemplateIamBinding editor "projects/{{project}}/global/instanceTemplates/{{instance_template}} roles/compute.instanceAdmin" +// ``` +// +// IAM policy imports use the identifier of the resource in question, e.g. +// +// ```sh +// $ pulumi import gcp:compute/instanceTemplateIamBinding:InstanceTemplateIamBinding editor projects/{{project}}/global/instanceTemplates/{{instance_template}} +// ``` +// +// -> **Custom Roles** If you're importing a IAM resource with a custom role, make sure to use the +// +// full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`. +type InstanceTemplateIamBinding struct { + pulumi.CustomResourceState + + // An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding. + // Structure is documented below. + Condition InstanceTemplateIamBindingConditionPtrOutput `pulumi:"condition"` + // (Computed) The etag of the IAM policy. + Etag pulumi.StringOutput `pulumi:"etag"` + // Identities that will be granted the privilege in `role`. + // Each entry can have one of the following values: + // * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + // * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + // * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + // * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + // * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + // * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + // * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + // * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + // * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + Members pulumi.StringArrayOutput `pulumi:"members"` + // Used to find the parent resource to bind the IAM policy to + Name pulumi.StringOutput `pulumi:"name"` + // The ID of the project in which the resource belongs. + // If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + Project pulumi.StringOutput `pulumi:"project"` + // The role that should be applied. Only one + // `compute.InstanceTemplateIamBinding` can be used per role. Note that custom roles must be of the format + // `[projects|organizations]/{parent-name}/roles/{role-name}`. + Role pulumi.StringOutput `pulumi:"role"` +} + +// NewInstanceTemplateIamBinding registers a new resource with the given unique name, arguments, and options. +func NewInstanceTemplateIamBinding(ctx *pulumi.Context, + name string, args *InstanceTemplateIamBindingArgs, opts ...pulumi.ResourceOption) (*InstanceTemplateIamBinding, error) { + if args == nil { + return nil, errors.New("missing one or more required arguments") + } + + if args.Members == nil { + return nil, errors.New("invalid value for required argument 'Members'") + } + if args.Role == nil { + return nil, errors.New("invalid value for required argument 'Role'") + } + opts = internal.PkgResourceDefaultOpts(opts) + var resource InstanceTemplateIamBinding + err := ctx.RegisterResource("gcp:compute/instanceTemplateIamBinding:InstanceTemplateIamBinding", name, args, &resource, opts...) + if err != nil { + return nil, err + } + return &resource, nil +} + +// GetInstanceTemplateIamBinding gets an existing InstanceTemplateIamBinding resource's state with the given name, ID, and optional +// state properties that are used to uniquely qualify the lookup (nil if not required). +func GetInstanceTemplateIamBinding(ctx *pulumi.Context, + name string, id pulumi.IDInput, state *InstanceTemplateIamBindingState, opts ...pulumi.ResourceOption) (*InstanceTemplateIamBinding, error) { + var resource InstanceTemplateIamBinding + err := ctx.ReadResource("gcp:compute/instanceTemplateIamBinding:InstanceTemplateIamBinding", name, id, state, &resource, opts...) + if err != nil { + return nil, err + } + return &resource, nil +} + +// Input properties used for looking up and filtering InstanceTemplateIamBinding resources. +type instanceTemplateIamBindingState struct { + // An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding. + // Structure is documented below. + Condition *InstanceTemplateIamBindingCondition `pulumi:"condition"` + // (Computed) The etag of the IAM policy. + Etag *string `pulumi:"etag"` + // Identities that will be granted the privilege in `role`. + // Each entry can have one of the following values: + // * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + // * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + // * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + // * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + // * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + // * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + // * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + // * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + // * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + Members []string `pulumi:"members"` + // Used to find the parent resource to bind the IAM policy to + Name *string `pulumi:"name"` + // The ID of the project in which the resource belongs. + // If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + Project *string `pulumi:"project"` + // The role that should be applied. Only one + // `compute.InstanceTemplateIamBinding` can be used per role. Note that custom roles must be of the format + // `[projects|organizations]/{parent-name}/roles/{role-name}`. + Role *string `pulumi:"role"` +} + +type InstanceTemplateIamBindingState struct { + // An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding. + // Structure is documented below. + Condition InstanceTemplateIamBindingConditionPtrInput + // (Computed) The etag of the IAM policy. + Etag pulumi.StringPtrInput + // Identities that will be granted the privilege in `role`. + // Each entry can have one of the following values: + // * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + // * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + // * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + // * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + // * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + // * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + // * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + // * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + // * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + Members pulumi.StringArrayInput + // Used to find the parent resource to bind the IAM policy to + Name pulumi.StringPtrInput + // The ID of the project in which the resource belongs. + // If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + Project pulumi.StringPtrInput + // The role that should be applied. Only one + // `compute.InstanceTemplateIamBinding` can be used per role. Note that custom roles must be of the format + // `[projects|organizations]/{parent-name}/roles/{role-name}`. + Role pulumi.StringPtrInput +} + +func (InstanceTemplateIamBindingState) ElementType() reflect.Type { + return reflect.TypeOf((*instanceTemplateIamBindingState)(nil)).Elem() +} + +type instanceTemplateIamBindingArgs struct { + // An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding. + // Structure is documented below. + Condition *InstanceTemplateIamBindingCondition `pulumi:"condition"` + // Identities that will be granted the privilege in `role`. + // Each entry can have one of the following values: + // * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + // * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + // * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + // * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + // * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + // * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + // * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + // * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + // * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + Members []string `pulumi:"members"` + // Used to find the parent resource to bind the IAM policy to + Name *string `pulumi:"name"` + // The ID of the project in which the resource belongs. + // If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + Project *string `pulumi:"project"` + // The role that should be applied. Only one + // `compute.InstanceTemplateIamBinding` can be used per role. Note that custom roles must be of the format + // `[projects|organizations]/{parent-name}/roles/{role-name}`. + Role string `pulumi:"role"` +} + +// The set of arguments for constructing a InstanceTemplateIamBinding resource. +type InstanceTemplateIamBindingArgs struct { + // An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding. + // Structure is documented below. + Condition InstanceTemplateIamBindingConditionPtrInput + // Identities that will be granted the privilege in `role`. + // Each entry can have one of the following values: + // * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + // * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + // * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + // * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + // * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + // * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + // * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + // * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + // * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + Members pulumi.StringArrayInput + // Used to find the parent resource to bind the IAM policy to + Name pulumi.StringPtrInput + // The ID of the project in which the resource belongs. + // If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + Project pulumi.StringPtrInput + // The role that should be applied. Only one + // `compute.InstanceTemplateIamBinding` can be used per role. Note that custom roles must be of the format + // `[projects|organizations]/{parent-name}/roles/{role-name}`. + Role pulumi.StringInput +} + +func (InstanceTemplateIamBindingArgs) ElementType() reflect.Type { + return reflect.TypeOf((*instanceTemplateIamBindingArgs)(nil)).Elem() +} + +type InstanceTemplateIamBindingInput interface { + pulumi.Input + + ToInstanceTemplateIamBindingOutput() InstanceTemplateIamBindingOutput + ToInstanceTemplateIamBindingOutputWithContext(ctx context.Context) InstanceTemplateIamBindingOutput +} + +func (*InstanceTemplateIamBinding) ElementType() reflect.Type { + return reflect.TypeOf((**InstanceTemplateIamBinding)(nil)).Elem() +} + +func (i *InstanceTemplateIamBinding) ToInstanceTemplateIamBindingOutput() InstanceTemplateIamBindingOutput { + return i.ToInstanceTemplateIamBindingOutputWithContext(context.Background()) +} + +func (i *InstanceTemplateIamBinding) ToInstanceTemplateIamBindingOutputWithContext(ctx context.Context) InstanceTemplateIamBindingOutput { + return pulumi.ToOutputWithContext(ctx, i).(InstanceTemplateIamBindingOutput) +} + +// InstanceTemplateIamBindingArrayInput is an input type that accepts InstanceTemplateIamBindingArray and InstanceTemplateIamBindingArrayOutput values. +// You can construct a concrete instance of `InstanceTemplateIamBindingArrayInput` via: +// +// InstanceTemplateIamBindingArray{ InstanceTemplateIamBindingArgs{...} } +type InstanceTemplateIamBindingArrayInput interface { + pulumi.Input + + ToInstanceTemplateIamBindingArrayOutput() InstanceTemplateIamBindingArrayOutput + ToInstanceTemplateIamBindingArrayOutputWithContext(context.Context) InstanceTemplateIamBindingArrayOutput +} + +type InstanceTemplateIamBindingArray []InstanceTemplateIamBindingInput + +func (InstanceTemplateIamBindingArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]*InstanceTemplateIamBinding)(nil)).Elem() +} + +func (i InstanceTemplateIamBindingArray) ToInstanceTemplateIamBindingArrayOutput() InstanceTemplateIamBindingArrayOutput { + return i.ToInstanceTemplateIamBindingArrayOutputWithContext(context.Background()) +} + +func (i InstanceTemplateIamBindingArray) ToInstanceTemplateIamBindingArrayOutputWithContext(ctx context.Context) InstanceTemplateIamBindingArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(InstanceTemplateIamBindingArrayOutput) +} + +// InstanceTemplateIamBindingMapInput is an input type that accepts InstanceTemplateIamBindingMap and InstanceTemplateIamBindingMapOutput values. +// You can construct a concrete instance of `InstanceTemplateIamBindingMapInput` via: +// +// InstanceTemplateIamBindingMap{ "key": InstanceTemplateIamBindingArgs{...} } +type InstanceTemplateIamBindingMapInput interface { + pulumi.Input + + ToInstanceTemplateIamBindingMapOutput() InstanceTemplateIamBindingMapOutput + ToInstanceTemplateIamBindingMapOutputWithContext(context.Context) InstanceTemplateIamBindingMapOutput +} + +type InstanceTemplateIamBindingMap map[string]InstanceTemplateIamBindingInput + +func (InstanceTemplateIamBindingMap) ElementType() reflect.Type { + return reflect.TypeOf((*map[string]*InstanceTemplateIamBinding)(nil)).Elem() +} + +func (i InstanceTemplateIamBindingMap) ToInstanceTemplateIamBindingMapOutput() InstanceTemplateIamBindingMapOutput { + return i.ToInstanceTemplateIamBindingMapOutputWithContext(context.Background()) +} + +func (i InstanceTemplateIamBindingMap) ToInstanceTemplateIamBindingMapOutputWithContext(ctx context.Context) InstanceTemplateIamBindingMapOutput { + return pulumi.ToOutputWithContext(ctx, i).(InstanceTemplateIamBindingMapOutput) +} + +type InstanceTemplateIamBindingOutput struct{ *pulumi.OutputState } + +func (InstanceTemplateIamBindingOutput) ElementType() reflect.Type { + return reflect.TypeOf((**InstanceTemplateIamBinding)(nil)).Elem() +} + +func (o InstanceTemplateIamBindingOutput) ToInstanceTemplateIamBindingOutput() InstanceTemplateIamBindingOutput { + return o +} + +func (o InstanceTemplateIamBindingOutput) ToInstanceTemplateIamBindingOutputWithContext(ctx context.Context) InstanceTemplateIamBindingOutput { + return o +} + +// An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding. +// Structure is documented below. +func (o InstanceTemplateIamBindingOutput) Condition() InstanceTemplateIamBindingConditionPtrOutput { + return o.ApplyT(func(v *InstanceTemplateIamBinding) InstanceTemplateIamBindingConditionPtrOutput { return v.Condition }).(InstanceTemplateIamBindingConditionPtrOutput) +} + +// (Computed) The etag of the IAM policy. +func (o InstanceTemplateIamBindingOutput) Etag() pulumi.StringOutput { + return o.ApplyT(func(v *InstanceTemplateIamBinding) pulumi.StringOutput { return v.Etag }).(pulumi.StringOutput) +} + +// Identities that will be granted the privilege in `role`. +// Each entry can have one of the following values: +// * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. +// * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. +// * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. +// * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. +// * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. +// * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. +// * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" +// * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" +// * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" +func (o InstanceTemplateIamBindingOutput) Members() pulumi.StringArrayOutput { + return o.ApplyT(func(v *InstanceTemplateIamBinding) pulumi.StringArrayOutput { return v.Members }).(pulumi.StringArrayOutput) +} + +// Used to find the parent resource to bind the IAM policy to +func (o InstanceTemplateIamBindingOutput) Name() pulumi.StringOutput { + return o.ApplyT(func(v *InstanceTemplateIamBinding) pulumi.StringOutput { return v.Name }).(pulumi.StringOutput) +} + +// The ID of the project in which the resource belongs. +// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. +func (o InstanceTemplateIamBindingOutput) Project() pulumi.StringOutput { + return o.ApplyT(func(v *InstanceTemplateIamBinding) pulumi.StringOutput { return v.Project }).(pulumi.StringOutput) +} + +// The role that should be applied. Only one +// `compute.InstanceTemplateIamBinding` can be used per role. Note that custom roles must be of the format +// `[projects|organizations]/{parent-name}/roles/{role-name}`. +func (o InstanceTemplateIamBindingOutput) Role() pulumi.StringOutput { + return o.ApplyT(func(v *InstanceTemplateIamBinding) pulumi.StringOutput { return v.Role }).(pulumi.StringOutput) +} + +type InstanceTemplateIamBindingArrayOutput struct{ *pulumi.OutputState } + +func (InstanceTemplateIamBindingArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]*InstanceTemplateIamBinding)(nil)).Elem() +} + +func (o InstanceTemplateIamBindingArrayOutput) ToInstanceTemplateIamBindingArrayOutput() InstanceTemplateIamBindingArrayOutput { + return o +} + +func (o InstanceTemplateIamBindingArrayOutput) ToInstanceTemplateIamBindingArrayOutputWithContext(ctx context.Context) InstanceTemplateIamBindingArrayOutput { + return o +} + +func (o InstanceTemplateIamBindingArrayOutput) Index(i pulumi.IntInput) InstanceTemplateIamBindingOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) *InstanceTemplateIamBinding { + return vs[0].([]*InstanceTemplateIamBinding)[vs[1].(int)] + }).(InstanceTemplateIamBindingOutput) +} + +type InstanceTemplateIamBindingMapOutput struct{ *pulumi.OutputState } + +func (InstanceTemplateIamBindingMapOutput) ElementType() reflect.Type { + return reflect.TypeOf((*map[string]*InstanceTemplateIamBinding)(nil)).Elem() +} + +func (o InstanceTemplateIamBindingMapOutput) ToInstanceTemplateIamBindingMapOutput() InstanceTemplateIamBindingMapOutput { + return o +} + +func (o InstanceTemplateIamBindingMapOutput) ToInstanceTemplateIamBindingMapOutputWithContext(ctx context.Context) InstanceTemplateIamBindingMapOutput { + return o +} + +func (o InstanceTemplateIamBindingMapOutput) MapIndex(k pulumi.StringInput) InstanceTemplateIamBindingOutput { + return pulumi.All(o, k).ApplyT(func(vs []interface{}) *InstanceTemplateIamBinding { + return vs[0].(map[string]*InstanceTemplateIamBinding)[vs[1].(string)] + }).(InstanceTemplateIamBindingOutput) +} + +func init() { + pulumi.RegisterInputType(reflect.TypeOf((*InstanceTemplateIamBindingInput)(nil)).Elem(), &InstanceTemplateIamBinding{}) + pulumi.RegisterInputType(reflect.TypeOf((*InstanceTemplateIamBindingArrayInput)(nil)).Elem(), InstanceTemplateIamBindingArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*InstanceTemplateIamBindingMapInput)(nil)).Elem(), InstanceTemplateIamBindingMap{}) + pulumi.RegisterOutputType(InstanceTemplateIamBindingOutput{}) + pulumi.RegisterOutputType(InstanceTemplateIamBindingArrayOutput{}) + pulumi.RegisterOutputType(InstanceTemplateIamBindingMapOutput{}) +} diff --git a/sdk/go/gcp/compute/instanceTemplateIamMember.go b/sdk/go/gcp/compute/instanceTemplateIamMember.go new file mode 100644 index 0000000000..03f6690e19 --- /dev/null +++ b/sdk/go/gcp/compute/instanceTemplateIamMember.go @@ -0,0 +1,882 @@ +// Code generated by the Pulumi Terraform Bridge (tfgen) Tool DO NOT EDIT. +// *** WARNING: Do not edit by hand unless you're certain you know what you are doing! *** + +package compute + +import ( + "context" + "reflect" + + "errors" + "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/internal" + "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +) + +// Three different resources help you manage your IAM policy for Compute Engine InstanceTemplate. Each of these resources serves a different use case: +// +// * `compute.InstanceTemplateIamPolicy`: Authoritative. Sets the IAM policy for the instancetemplate and replaces any existing policy already attached. +// * `compute.InstanceTemplateIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the instancetemplate are preserved. +// * `compute.InstanceTemplateIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the instancetemplate are preserved. +// +// # A data source can be used to retrieve policy data in advent you do not need creation +// +// * `compute.InstanceTemplateIamPolicy`: Retrieves the IAM policy for the instancetemplate +// +// > **Note:** `compute.InstanceTemplateIamPolicy` **cannot** be used in conjunction with `compute.InstanceTemplateIamBinding` and `compute.InstanceTemplateIamMember` or they will fight over what your policy should be. +// +// > **Note:** `compute.InstanceTemplateIamBinding` resources **can be** used in conjunction with `compute.InstanceTemplateIamMember` resources **only if** they do not grant privilege to the same role. +// +// > **Note:** This resource supports IAM Conditions but they have some known limitations which can be found [here](https://cloud.google.com/iam/docs/conditions-overview#limitations). Please review this article if you are having issues with IAM Conditions. +// +// ## compute.InstanceTemplateIamPolicy +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute" +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{ +// Bindings: []organizations.GetIAMPolicyBinding{ +// { +// Role: "roles/compute.instanceAdmin", +// Members: []string{ +// "user:jane@example.com", +// }, +// }, +// }, +// }, nil) +// if err != nil { +// return err +// } +// _, err = compute.NewInstanceTemplateIamPolicy(ctx, "policy", &compute.InstanceTemplateIamPolicyArgs{ +// Project: pulumi.Any(_default.Project), +// Name: pulumi.Any(_default.Name), +// PolicyData: pulumi.String(admin.PolicyData), +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// With IAM Conditions: +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute" +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{ +// Bindings: []organizations.GetIAMPolicyBinding{ +// { +// Role: "roles/compute.instanceAdmin", +// Members: []string{ +// "user:jane@example.com", +// }, +// Condition: { +// Title: "expires_after_2019_12_31", +// Description: pulumi.StringRef("Expiring at midnight of 2019-12-31"), +// Expression: "request.time < timestamp(\"2020-01-01T00:00:00Z\")", +// }, +// }, +// }, +// }, nil) +// if err != nil { +// return err +// } +// _, err = compute.NewInstanceTemplateIamPolicy(ctx, "policy", &compute.InstanceTemplateIamPolicyArgs{ +// Project: pulumi.Any(_default.Project), +// Name: pulumi.Any(_default.Name), +// PolicyData: pulumi.String(admin.PolicyData), +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// ## compute.InstanceTemplateIamBinding +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := compute.NewInstanceTemplateIamBinding(ctx, "binding", &compute.InstanceTemplateIamBindingArgs{ +// Project: pulumi.Any(_default.Project), +// Name: pulumi.Any(_default.Name), +// Role: pulumi.String("roles/compute.instanceAdmin"), +// Members: pulumi.StringArray{ +// pulumi.String("user:jane@example.com"), +// }, +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// With IAM Conditions: +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := compute.NewInstanceTemplateIamBinding(ctx, "binding", &compute.InstanceTemplateIamBindingArgs{ +// Project: pulumi.Any(_default.Project), +// Name: pulumi.Any(_default.Name), +// Role: pulumi.String("roles/compute.instanceAdmin"), +// Members: pulumi.StringArray{ +// pulumi.String("user:jane@example.com"), +// }, +// Condition: &compute.InstanceTemplateIamBindingConditionArgs{ +// Title: pulumi.String("expires_after_2019_12_31"), +// Description: pulumi.String("Expiring at midnight of 2019-12-31"), +// Expression: pulumi.String("request.time < timestamp(\"2020-01-01T00:00:00Z\")"), +// }, +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// ## compute.InstanceTemplateIamMember +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := compute.NewInstanceTemplateIamMember(ctx, "member", &compute.InstanceTemplateIamMemberArgs{ +// Project: pulumi.Any(_default.Project), +// Name: pulumi.Any(_default.Name), +// Role: pulumi.String("roles/compute.instanceAdmin"), +// Member: pulumi.String("user:jane@example.com"), +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// With IAM Conditions: +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := compute.NewInstanceTemplateIamMember(ctx, "member", &compute.InstanceTemplateIamMemberArgs{ +// Project: pulumi.Any(_default.Project), +// Name: pulumi.Any(_default.Name), +// Role: pulumi.String("roles/compute.instanceAdmin"), +// Member: pulumi.String("user:jane@example.com"), +// Condition: &compute.InstanceTemplateIamMemberConditionArgs{ +// Title: pulumi.String("expires_after_2019_12_31"), +// Description: pulumi.String("Expiring at midnight of 2019-12-31"), +// Expression: pulumi.String("request.time < timestamp(\"2020-01-01T00:00:00Z\")"), +// }, +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## This resource supports User Project Overrides. +// +// - +// +// # IAM policy for Compute Engine InstanceTemplate +// Three different resources help you manage your IAM policy for Compute Engine InstanceTemplate. Each of these resources serves a different use case: +// +// * `compute.InstanceTemplateIamPolicy`: Authoritative. Sets the IAM policy for the instancetemplate and replaces any existing policy already attached. +// * `compute.InstanceTemplateIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the instancetemplate are preserved. +// * `compute.InstanceTemplateIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the instancetemplate are preserved. +// +// # A data source can be used to retrieve policy data in advent you do not need creation +// +// * `compute.InstanceTemplateIamPolicy`: Retrieves the IAM policy for the instancetemplate +// +// > **Note:** `compute.InstanceTemplateIamPolicy` **cannot** be used in conjunction with `compute.InstanceTemplateIamBinding` and `compute.InstanceTemplateIamMember` or they will fight over what your policy should be. +// +// > **Note:** `compute.InstanceTemplateIamBinding` resources **can be** used in conjunction with `compute.InstanceTemplateIamMember` resources **only if** they do not grant privilege to the same role. +// +// > **Note:** This resource supports IAM Conditions but they have some known limitations which can be found [here](https://cloud.google.com/iam/docs/conditions-overview#limitations). Please review this article if you are having issues with IAM Conditions. +// +// ## compute.InstanceTemplateIamPolicy +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute" +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{ +// Bindings: []organizations.GetIAMPolicyBinding{ +// { +// Role: "roles/compute.instanceAdmin", +// Members: []string{ +// "user:jane@example.com", +// }, +// }, +// }, +// }, nil) +// if err != nil { +// return err +// } +// _, err = compute.NewInstanceTemplateIamPolicy(ctx, "policy", &compute.InstanceTemplateIamPolicyArgs{ +// Project: pulumi.Any(_default.Project), +// Name: pulumi.Any(_default.Name), +// PolicyData: pulumi.String(admin.PolicyData), +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// With IAM Conditions: +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute" +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{ +// Bindings: []organizations.GetIAMPolicyBinding{ +// { +// Role: "roles/compute.instanceAdmin", +// Members: []string{ +// "user:jane@example.com", +// }, +// Condition: { +// Title: "expires_after_2019_12_31", +// Description: pulumi.StringRef("Expiring at midnight of 2019-12-31"), +// Expression: "request.time < timestamp(\"2020-01-01T00:00:00Z\")", +// }, +// }, +// }, +// }, nil) +// if err != nil { +// return err +// } +// _, err = compute.NewInstanceTemplateIamPolicy(ctx, "policy", &compute.InstanceTemplateIamPolicyArgs{ +// Project: pulumi.Any(_default.Project), +// Name: pulumi.Any(_default.Name), +// PolicyData: pulumi.String(admin.PolicyData), +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// ## compute.InstanceTemplateIamBinding +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := compute.NewInstanceTemplateIamBinding(ctx, "binding", &compute.InstanceTemplateIamBindingArgs{ +// Project: pulumi.Any(_default.Project), +// Name: pulumi.Any(_default.Name), +// Role: pulumi.String("roles/compute.instanceAdmin"), +// Members: pulumi.StringArray{ +// pulumi.String("user:jane@example.com"), +// }, +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// With IAM Conditions: +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := compute.NewInstanceTemplateIamBinding(ctx, "binding", &compute.InstanceTemplateIamBindingArgs{ +// Project: pulumi.Any(_default.Project), +// Name: pulumi.Any(_default.Name), +// Role: pulumi.String("roles/compute.instanceAdmin"), +// Members: pulumi.StringArray{ +// pulumi.String("user:jane@example.com"), +// }, +// Condition: &compute.InstanceTemplateIamBindingConditionArgs{ +// Title: pulumi.String("expires_after_2019_12_31"), +// Description: pulumi.String("Expiring at midnight of 2019-12-31"), +// Expression: pulumi.String("request.time < timestamp(\"2020-01-01T00:00:00Z\")"), +// }, +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// ## compute.InstanceTemplateIamMember +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := compute.NewInstanceTemplateIamMember(ctx, "member", &compute.InstanceTemplateIamMemberArgs{ +// Project: pulumi.Any(_default.Project), +// Name: pulumi.Any(_default.Name), +// Role: pulumi.String("roles/compute.instanceAdmin"), +// Member: pulumi.String("user:jane@example.com"), +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// With IAM Conditions: +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := compute.NewInstanceTemplateIamMember(ctx, "member", &compute.InstanceTemplateIamMemberArgs{ +// Project: pulumi.Any(_default.Project), +// Name: pulumi.Any(_default.Name), +// Role: pulumi.String("roles/compute.instanceAdmin"), +// Member: pulumi.String("user:jane@example.com"), +// Condition: &compute.InstanceTemplateIamMemberConditionArgs{ +// Title: pulumi.String("expires_after_2019_12_31"), +// Description: pulumi.String("Expiring at midnight of 2019-12-31"), +// Expression: pulumi.String("request.time < timestamp(\"2020-01-01T00:00:00Z\")"), +// }, +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## Import +// +// For all import syntaxes, the "resource in question" can take any of the following forms: +// +// * projects/{{project}}/global/instanceTemplates/{{name}} +// +// * {{project}}/{{name}} +// +// * {{name}} +// +// Any variables not passed in the import command will be taken from the provider configuration. +// +// Compute Engine instancetemplate IAM resources can be imported using the resource identifiers, role, and member. +// +// IAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g. +// +// ```sh +// $ pulumi import gcp:compute/instanceTemplateIamMember:InstanceTemplateIamMember editor "projects/{{project}}/global/instanceTemplates/{{instance_template}} roles/compute.instanceAdmin user:jane@example.com" +// ``` +// +// IAM binding imports use space-delimited identifiers: the resource in question and the role, e.g. +// +// ```sh +// $ pulumi import gcp:compute/instanceTemplateIamMember:InstanceTemplateIamMember editor "projects/{{project}}/global/instanceTemplates/{{instance_template}} roles/compute.instanceAdmin" +// ``` +// +// IAM policy imports use the identifier of the resource in question, e.g. +// +// ```sh +// $ pulumi import gcp:compute/instanceTemplateIamMember:InstanceTemplateIamMember editor projects/{{project}}/global/instanceTemplates/{{instance_template}} +// ``` +// +// -> **Custom Roles** If you're importing a IAM resource with a custom role, make sure to use the +// +// full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`. +type InstanceTemplateIamMember struct { + pulumi.CustomResourceState + + // An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding. + // Structure is documented below. + Condition InstanceTemplateIamMemberConditionPtrOutput `pulumi:"condition"` + // (Computed) The etag of the IAM policy. + Etag pulumi.StringOutput `pulumi:"etag"` + // Identities that will be granted the privilege in `role`. + // Each entry can have one of the following values: + // * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + // * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + // * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + // * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + // * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + // * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + // * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + // * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + // * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + Member pulumi.StringOutput `pulumi:"member"` + // Used to find the parent resource to bind the IAM policy to + Name pulumi.StringOutput `pulumi:"name"` + // The ID of the project in which the resource belongs. + // If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + Project pulumi.StringOutput `pulumi:"project"` + // The role that should be applied. Only one + // `compute.InstanceTemplateIamBinding` can be used per role. Note that custom roles must be of the format + // `[projects|organizations]/{parent-name}/roles/{role-name}`. + Role pulumi.StringOutput `pulumi:"role"` +} + +// NewInstanceTemplateIamMember registers a new resource with the given unique name, arguments, and options. +func NewInstanceTemplateIamMember(ctx *pulumi.Context, + name string, args *InstanceTemplateIamMemberArgs, opts ...pulumi.ResourceOption) (*InstanceTemplateIamMember, error) { + if args == nil { + return nil, errors.New("missing one or more required arguments") + } + + if args.Member == nil { + return nil, errors.New("invalid value for required argument 'Member'") + } + if args.Role == nil { + return nil, errors.New("invalid value for required argument 'Role'") + } + opts = internal.PkgResourceDefaultOpts(opts) + var resource InstanceTemplateIamMember + err := ctx.RegisterResource("gcp:compute/instanceTemplateIamMember:InstanceTemplateIamMember", name, args, &resource, opts...) + if err != nil { + return nil, err + } + return &resource, nil +} + +// GetInstanceTemplateIamMember gets an existing InstanceTemplateIamMember resource's state with the given name, ID, and optional +// state properties that are used to uniquely qualify the lookup (nil if not required). +func GetInstanceTemplateIamMember(ctx *pulumi.Context, + name string, id pulumi.IDInput, state *InstanceTemplateIamMemberState, opts ...pulumi.ResourceOption) (*InstanceTemplateIamMember, error) { + var resource InstanceTemplateIamMember + err := ctx.ReadResource("gcp:compute/instanceTemplateIamMember:InstanceTemplateIamMember", name, id, state, &resource, opts...) + if err != nil { + return nil, err + } + return &resource, nil +} + +// Input properties used for looking up and filtering InstanceTemplateIamMember resources. +type instanceTemplateIamMemberState struct { + // An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding. + // Structure is documented below. + Condition *InstanceTemplateIamMemberCondition `pulumi:"condition"` + // (Computed) The etag of the IAM policy. + Etag *string `pulumi:"etag"` + // Identities that will be granted the privilege in `role`. + // Each entry can have one of the following values: + // * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + // * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + // * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + // * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + // * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + // * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + // * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + // * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + // * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + Member *string `pulumi:"member"` + // Used to find the parent resource to bind the IAM policy to + Name *string `pulumi:"name"` + // The ID of the project in which the resource belongs. + // If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + Project *string `pulumi:"project"` + // The role that should be applied. Only one + // `compute.InstanceTemplateIamBinding` can be used per role. Note that custom roles must be of the format + // `[projects|organizations]/{parent-name}/roles/{role-name}`. + Role *string `pulumi:"role"` +} + +type InstanceTemplateIamMemberState struct { + // An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding. + // Structure is documented below. + Condition InstanceTemplateIamMemberConditionPtrInput + // (Computed) The etag of the IAM policy. + Etag pulumi.StringPtrInput + // Identities that will be granted the privilege in `role`. + // Each entry can have one of the following values: + // * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + // * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + // * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + // * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + // * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + // * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + // * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + // * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + // * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + Member pulumi.StringPtrInput + // Used to find the parent resource to bind the IAM policy to + Name pulumi.StringPtrInput + // The ID of the project in which the resource belongs. + // If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + Project pulumi.StringPtrInput + // The role that should be applied. Only one + // `compute.InstanceTemplateIamBinding` can be used per role. Note that custom roles must be of the format + // `[projects|organizations]/{parent-name}/roles/{role-name}`. + Role pulumi.StringPtrInput +} + +func (InstanceTemplateIamMemberState) ElementType() reflect.Type { + return reflect.TypeOf((*instanceTemplateIamMemberState)(nil)).Elem() +} + +type instanceTemplateIamMemberArgs struct { + // An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding. + // Structure is documented below. + Condition *InstanceTemplateIamMemberCondition `pulumi:"condition"` + // Identities that will be granted the privilege in `role`. + // Each entry can have one of the following values: + // * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + // * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + // * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + // * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + // * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + // * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + // * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + // * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + // * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + Member string `pulumi:"member"` + // Used to find the parent resource to bind the IAM policy to + Name *string `pulumi:"name"` + // The ID of the project in which the resource belongs. + // If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + Project *string `pulumi:"project"` + // The role that should be applied. Only one + // `compute.InstanceTemplateIamBinding` can be used per role. Note that custom roles must be of the format + // `[projects|organizations]/{parent-name}/roles/{role-name}`. + Role string `pulumi:"role"` +} + +// The set of arguments for constructing a InstanceTemplateIamMember resource. +type InstanceTemplateIamMemberArgs struct { + // An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding. + // Structure is documented below. + Condition InstanceTemplateIamMemberConditionPtrInput + // Identities that will be granted the privilege in `role`. + // Each entry can have one of the following values: + // * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + // * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + // * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + // * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + // * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + // * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + // * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + // * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + // * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + Member pulumi.StringInput + // Used to find the parent resource to bind the IAM policy to + Name pulumi.StringPtrInput + // The ID of the project in which the resource belongs. + // If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + Project pulumi.StringPtrInput + // The role that should be applied. Only one + // `compute.InstanceTemplateIamBinding` can be used per role. Note that custom roles must be of the format + // `[projects|organizations]/{parent-name}/roles/{role-name}`. + Role pulumi.StringInput +} + +func (InstanceTemplateIamMemberArgs) ElementType() reflect.Type { + return reflect.TypeOf((*instanceTemplateIamMemberArgs)(nil)).Elem() +} + +type InstanceTemplateIamMemberInput interface { + pulumi.Input + + ToInstanceTemplateIamMemberOutput() InstanceTemplateIamMemberOutput + ToInstanceTemplateIamMemberOutputWithContext(ctx context.Context) InstanceTemplateIamMemberOutput +} + +func (*InstanceTemplateIamMember) ElementType() reflect.Type { + return reflect.TypeOf((**InstanceTemplateIamMember)(nil)).Elem() +} + +func (i *InstanceTemplateIamMember) ToInstanceTemplateIamMemberOutput() InstanceTemplateIamMemberOutput { + return i.ToInstanceTemplateIamMemberOutputWithContext(context.Background()) +} + +func (i *InstanceTemplateIamMember) ToInstanceTemplateIamMemberOutputWithContext(ctx context.Context) InstanceTemplateIamMemberOutput { + return pulumi.ToOutputWithContext(ctx, i).(InstanceTemplateIamMemberOutput) +} + +// InstanceTemplateIamMemberArrayInput is an input type that accepts InstanceTemplateIamMemberArray and InstanceTemplateIamMemberArrayOutput values. +// You can construct a concrete instance of `InstanceTemplateIamMemberArrayInput` via: +// +// InstanceTemplateIamMemberArray{ InstanceTemplateIamMemberArgs{...} } +type InstanceTemplateIamMemberArrayInput interface { + pulumi.Input + + ToInstanceTemplateIamMemberArrayOutput() InstanceTemplateIamMemberArrayOutput + ToInstanceTemplateIamMemberArrayOutputWithContext(context.Context) InstanceTemplateIamMemberArrayOutput +} + +type InstanceTemplateIamMemberArray []InstanceTemplateIamMemberInput + +func (InstanceTemplateIamMemberArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]*InstanceTemplateIamMember)(nil)).Elem() +} + +func (i InstanceTemplateIamMemberArray) ToInstanceTemplateIamMemberArrayOutput() InstanceTemplateIamMemberArrayOutput { + return i.ToInstanceTemplateIamMemberArrayOutputWithContext(context.Background()) +} + +func (i InstanceTemplateIamMemberArray) ToInstanceTemplateIamMemberArrayOutputWithContext(ctx context.Context) InstanceTemplateIamMemberArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(InstanceTemplateIamMemberArrayOutput) +} + +// InstanceTemplateIamMemberMapInput is an input type that accepts InstanceTemplateIamMemberMap and InstanceTemplateIamMemberMapOutput values. +// You can construct a concrete instance of `InstanceTemplateIamMemberMapInput` via: +// +// InstanceTemplateIamMemberMap{ "key": InstanceTemplateIamMemberArgs{...} } +type InstanceTemplateIamMemberMapInput interface { + pulumi.Input + + ToInstanceTemplateIamMemberMapOutput() InstanceTemplateIamMemberMapOutput + ToInstanceTemplateIamMemberMapOutputWithContext(context.Context) InstanceTemplateIamMemberMapOutput +} + +type InstanceTemplateIamMemberMap map[string]InstanceTemplateIamMemberInput + +func (InstanceTemplateIamMemberMap) ElementType() reflect.Type { + return reflect.TypeOf((*map[string]*InstanceTemplateIamMember)(nil)).Elem() +} + +func (i InstanceTemplateIamMemberMap) ToInstanceTemplateIamMemberMapOutput() InstanceTemplateIamMemberMapOutput { + return i.ToInstanceTemplateIamMemberMapOutputWithContext(context.Background()) +} + +func (i InstanceTemplateIamMemberMap) ToInstanceTemplateIamMemberMapOutputWithContext(ctx context.Context) InstanceTemplateIamMemberMapOutput { + return pulumi.ToOutputWithContext(ctx, i).(InstanceTemplateIamMemberMapOutput) +} + +type InstanceTemplateIamMemberOutput struct{ *pulumi.OutputState } + +func (InstanceTemplateIamMemberOutput) ElementType() reflect.Type { + return reflect.TypeOf((**InstanceTemplateIamMember)(nil)).Elem() +} + +func (o InstanceTemplateIamMemberOutput) ToInstanceTemplateIamMemberOutput() InstanceTemplateIamMemberOutput { + return o +} + +func (o InstanceTemplateIamMemberOutput) ToInstanceTemplateIamMemberOutputWithContext(ctx context.Context) InstanceTemplateIamMemberOutput { + return o +} + +// An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding. +// Structure is documented below. +func (o InstanceTemplateIamMemberOutput) Condition() InstanceTemplateIamMemberConditionPtrOutput { + return o.ApplyT(func(v *InstanceTemplateIamMember) InstanceTemplateIamMemberConditionPtrOutput { return v.Condition }).(InstanceTemplateIamMemberConditionPtrOutput) +} + +// (Computed) The etag of the IAM policy. +func (o InstanceTemplateIamMemberOutput) Etag() pulumi.StringOutput { + return o.ApplyT(func(v *InstanceTemplateIamMember) pulumi.StringOutput { return v.Etag }).(pulumi.StringOutput) +} + +// Identities that will be granted the privilege in `role`. +// Each entry can have one of the following values: +// * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. +// * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. +// * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. +// * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. +// * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. +// * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. +// * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" +// * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" +// * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" +func (o InstanceTemplateIamMemberOutput) Member() pulumi.StringOutput { + return o.ApplyT(func(v *InstanceTemplateIamMember) pulumi.StringOutput { return v.Member }).(pulumi.StringOutput) +} + +// Used to find the parent resource to bind the IAM policy to +func (o InstanceTemplateIamMemberOutput) Name() pulumi.StringOutput { + return o.ApplyT(func(v *InstanceTemplateIamMember) pulumi.StringOutput { return v.Name }).(pulumi.StringOutput) +} + +// The ID of the project in which the resource belongs. +// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. +func (o InstanceTemplateIamMemberOutput) Project() pulumi.StringOutput { + return o.ApplyT(func(v *InstanceTemplateIamMember) pulumi.StringOutput { return v.Project }).(pulumi.StringOutput) +} + +// The role that should be applied. Only one +// `compute.InstanceTemplateIamBinding` can be used per role. Note that custom roles must be of the format +// `[projects|organizations]/{parent-name}/roles/{role-name}`. +func (o InstanceTemplateIamMemberOutput) Role() pulumi.StringOutput { + return o.ApplyT(func(v *InstanceTemplateIamMember) pulumi.StringOutput { return v.Role }).(pulumi.StringOutput) +} + +type InstanceTemplateIamMemberArrayOutput struct{ *pulumi.OutputState } + +func (InstanceTemplateIamMemberArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]*InstanceTemplateIamMember)(nil)).Elem() +} + +func (o InstanceTemplateIamMemberArrayOutput) ToInstanceTemplateIamMemberArrayOutput() InstanceTemplateIamMemberArrayOutput { + return o +} + +func (o InstanceTemplateIamMemberArrayOutput) ToInstanceTemplateIamMemberArrayOutputWithContext(ctx context.Context) InstanceTemplateIamMemberArrayOutput { + return o +} + +func (o InstanceTemplateIamMemberArrayOutput) Index(i pulumi.IntInput) InstanceTemplateIamMemberOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) *InstanceTemplateIamMember { + return vs[0].([]*InstanceTemplateIamMember)[vs[1].(int)] + }).(InstanceTemplateIamMemberOutput) +} + +type InstanceTemplateIamMemberMapOutput struct{ *pulumi.OutputState } + +func (InstanceTemplateIamMemberMapOutput) ElementType() reflect.Type { + return reflect.TypeOf((*map[string]*InstanceTemplateIamMember)(nil)).Elem() +} + +func (o InstanceTemplateIamMemberMapOutput) ToInstanceTemplateIamMemberMapOutput() InstanceTemplateIamMemberMapOutput { + return o +} + +func (o InstanceTemplateIamMemberMapOutput) ToInstanceTemplateIamMemberMapOutputWithContext(ctx context.Context) InstanceTemplateIamMemberMapOutput { + return o +} + +func (o InstanceTemplateIamMemberMapOutput) MapIndex(k pulumi.StringInput) InstanceTemplateIamMemberOutput { + return pulumi.All(o, k).ApplyT(func(vs []interface{}) *InstanceTemplateIamMember { + return vs[0].(map[string]*InstanceTemplateIamMember)[vs[1].(string)] + }).(InstanceTemplateIamMemberOutput) +} + +func init() { + pulumi.RegisterInputType(reflect.TypeOf((*InstanceTemplateIamMemberInput)(nil)).Elem(), &InstanceTemplateIamMember{}) + pulumi.RegisterInputType(reflect.TypeOf((*InstanceTemplateIamMemberArrayInput)(nil)).Elem(), InstanceTemplateIamMemberArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*InstanceTemplateIamMemberMapInput)(nil)).Elem(), InstanceTemplateIamMemberMap{}) + pulumi.RegisterOutputType(InstanceTemplateIamMemberOutput{}) + pulumi.RegisterOutputType(InstanceTemplateIamMemberArrayOutput{}) + pulumi.RegisterOutputType(InstanceTemplateIamMemberMapOutput{}) +} diff --git a/sdk/go/gcp/compute/instanceTemplateIamPolicy.go b/sdk/go/gcp/compute/instanceTemplateIamPolicy.go new file mode 100644 index 0000000000..4c3ea1ba66 --- /dev/null +++ b/sdk/go/gcp/compute/instanceTemplateIamPolicy.go @@ -0,0 +1,777 @@ +// Code generated by the Pulumi Terraform Bridge (tfgen) Tool DO NOT EDIT. +// *** WARNING: Do not edit by hand unless you're certain you know what you are doing! *** + +package compute + +import ( + "context" + "reflect" + + "errors" + "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/internal" + "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +) + +// Three different resources help you manage your IAM policy for Compute Engine InstanceTemplate. Each of these resources serves a different use case: +// +// * `compute.InstanceTemplateIamPolicy`: Authoritative. Sets the IAM policy for the instancetemplate and replaces any existing policy already attached. +// * `compute.InstanceTemplateIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the instancetemplate are preserved. +// * `compute.InstanceTemplateIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the instancetemplate are preserved. +// +// # A data source can be used to retrieve policy data in advent you do not need creation +// +// * `compute.InstanceTemplateIamPolicy`: Retrieves the IAM policy for the instancetemplate +// +// > **Note:** `compute.InstanceTemplateIamPolicy` **cannot** be used in conjunction with `compute.InstanceTemplateIamBinding` and `compute.InstanceTemplateIamMember` or they will fight over what your policy should be. +// +// > **Note:** `compute.InstanceTemplateIamBinding` resources **can be** used in conjunction with `compute.InstanceTemplateIamMember` resources **only if** they do not grant privilege to the same role. +// +// > **Note:** This resource supports IAM Conditions but they have some known limitations which can be found [here](https://cloud.google.com/iam/docs/conditions-overview#limitations). Please review this article if you are having issues with IAM Conditions. +// +// ## compute.InstanceTemplateIamPolicy +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute" +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{ +// Bindings: []organizations.GetIAMPolicyBinding{ +// { +// Role: "roles/compute.instanceAdmin", +// Members: []string{ +// "user:jane@example.com", +// }, +// }, +// }, +// }, nil) +// if err != nil { +// return err +// } +// _, err = compute.NewInstanceTemplateIamPolicy(ctx, "policy", &compute.InstanceTemplateIamPolicyArgs{ +// Project: pulumi.Any(_default.Project), +// Name: pulumi.Any(_default.Name), +// PolicyData: pulumi.String(admin.PolicyData), +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// With IAM Conditions: +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute" +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{ +// Bindings: []organizations.GetIAMPolicyBinding{ +// { +// Role: "roles/compute.instanceAdmin", +// Members: []string{ +// "user:jane@example.com", +// }, +// Condition: { +// Title: "expires_after_2019_12_31", +// Description: pulumi.StringRef("Expiring at midnight of 2019-12-31"), +// Expression: "request.time < timestamp(\"2020-01-01T00:00:00Z\")", +// }, +// }, +// }, +// }, nil) +// if err != nil { +// return err +// } +// _, err = compute.NewInstanceTemplateIamPolicy(ctx, "policy", &compute.InstanceTemplateIamPolicyArgs{ +// Project: pulumi.Any(_default.Project), +// Name: pulumi.Any(_default.Name), +// PolicyData: pulumi.String(admin.PolicyData), +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// ## compute.InstanceTemplateIamBinding +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := compute.NewInstanceTemplateIamBinding(ctx, "binding", &compute.InstanceTemplateIamBindingArgs{ +// Project: pulumi.Any(_default.Project), +// Name: pulumi.Any(_default.Name), +// Role: pulumi.String("roles/compute.instanceAdmin"), +// Members: pulumi.StringArray{ +// pulumi.String("user:jane@example.com"), +// }, +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// With IAM Conditions: +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := compute.NewInstanceTemplateIamBinding(ctx, "binding", &compute.InstanceTemplateIamBindingArgs{ +// Project: pulumi.Any(_default.Project), +// Name: pulumi.Any(_default.Name), +// Role: pulumi.String("roles/compute.instanceAdmin"), +// Members: pulumi.StringArray{ +// pulumi.String("user:jane@example.com"), +// }, +// Condition: &compute.InstanceTemplateIamBindingConditionArgs{ +// Title: pulumi.String("expires_after_2019_12_31"), +// Description: pulumi.String("Expiring at midnight of 2019-12-31"), +// Expression: pulumi.String("request.time < timestamp(\"2020-01-01T00:00:00Z\")"), +// }, +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// ## compute.InstanceTemplateIamMember +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := compute.NewInstanceTemplateIamMember(ctx, "member", &compute.InstanceTemplateIamMemberArgs{ +// Project: pulumi.Any(_default.Project), +// Name: pulumi.Any(_default.Name), +// Role: pulumi.String("roles/compute.instanceAdmin"), +// Member: pulumi.String("user:jane@example.com"), +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// With IAM Conditions: +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := compute.NewInstanceTemplateIamMember(ctx, "member", &compute.InstanceTemplateIamMemberArgs{ +// Project: pulumi.Any(_default.Project), +// Name: pulumi.Any(_default.Name), +// Role: pulumi.String("roles/compute.instanceAdmin"), +// Member: pulumi.String("user:jane@example.com"), +// Condition: &compute.InstanceTemplateIamMemberConditionArgs{ +// Title: pulumi.String("expires_after_2019_12_31"), +// Description: pulumi.String("Expiring at midnight of 2019-12-31"), +// Expression: pulumi.String("request.time < timestamp(\"2020-01-01T00:00:00Z\")"), +// }, +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## This resource supports User Project Overrides. +// +// - +// +// # IAM policy for Compute Engine InstanceTemplate +// Three different resources help you manage your IAM policy for Compute Engine InstanceTemplate. Each of these resources serves a different use case: +// +// * `compute.InstanceTemplateIamPolicy`: Authoritative. Sets the IAM policy for the instancetemplate and replaces any existing policy already attached. +// * `compute.InstanceTemplateIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the instancetemplate are preserved. +// * `compute.InstanceTemplateIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the instancetemplate are preserved. +// +// # A data source can be used to retrieve policy data in advent you do not need creation +// +// * `compute.InstanceTemplateIamPolicy`: Retrieves the IAM policy for the instancetemplate +// +// > **Note:** `compute.InstanceTemplateIamPolicy` **cannot** be used in conjunction with `compute.InstanceTemplateIamBinding` and `compute.InstanceTemplateIamMember` or they will fight over what your policy should be. +// +// > **Note:** `compute.InstanceTemplateIamBinding` resources **can be** used in conjunction with `compute.InstanceTemplateIamMember` resources **only if** they do not grant privilege to the same role. +// +// > **Note:** This resource supports IAM Conditions but they have some known limitations which can be found [here](https://cloud.google.com/iam/docs/conditions-overview#limitations). Please review this article if you are having issues with IAM Conditions. +// +// ## compute.InstanceTemplateIamPolicy +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute" +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{ +// Bindings: []organizations.GetIAMPolicyBinding{ +// { +// Role: "roles/compute.instanceAdmin", +// Members: []string{ +// "user:jane@example.com", +// }, +// }, +// }, +// }, nil) +// if err != nil { +// return err +// } +// _, err = compute.NewInstanceTemplateIamPolicy(ctx, "policy", &compute.InstanceTemplateIamPolicyArgs{ +// Project: pulumi.Any(_default.Project), +// Name: pulumi.Any(_default.Name), +// PolicyData: pulumi.String(admin.PolicyData), +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// With IAM Conditions: +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute" +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{ +// Bindings: []organizations.GetIAMPolicyBinding{ +// { +// Role: "roles/compute.instanceAdmin", +// Members: []string{ +// "user:jane@example.com", +// }, +// Condition: { +// Title: "expires_after_2019_12_31", +// Description: pulumi.StringRef("Expiring at midnight of 2019-12-31"), +// Expression: "request.time < timestamp(\"2020-01-01T00:00:00Z\")", +// }, +// }, +// }, +// }, nil) +// if err != nil { +// return err +// } +// _, err = compute.NewInstanceTemplateIamPolicy(ctx, "policy", &compute.InstanceTemplateIamPolicyArgs{ +// Project: pulumi.Any(_default.Project), +// Name: pulumi.Any(_default.Name), +// PolicyData: pulumi.String(admin.PolicyData), +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// ## compute.InstanceTemplateIamBinding +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := compute.NewInstanceTemplateIamBinding(ctx, "binding", &compute.InstanceTemplateIamBindingArgs{ +// Project: pulumi.Any(_default.Project), +// Name: pulumi.Any(_default.Name), +// Role: pulumi.String("roles/compute.instanceAdmin"), +// Members: pulumi.StringArray{ +// pulumi.String("user:jane@example.com"), +// }, +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// With IAM Conditions: +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := compute.NewInstanceTemplateIamBinding(ctx, "binding", &compute.InstanceTemplateIamBindingArgs{ +// Project: pulumi.Any(_default.Project), +// Name: pulumi.Any(_default.Name), +// Role: pulumi.String("roles/compute.instanceAdmin"), +// Members: pulumi.StringArray{ +// pulumi.String("user:jane@example.com"), +// }, +// Condition: &compute.InstanceTemplateIamBindingConditionArgs{ +// Title: pulumi.String("expires_after_2019_12_31"), +// Description: pulumi.String("Expiring at midnight of 2019-12-31"), +// Expression: pulumi.String("request.time < timestamp(\"2020-01-01T00:00:00Z\")"), +// }, +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// ## compute.InstanceTemplateIamMember +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := compute.NewInstanceTemplateIamMember(ctx, "member", &compute.InstanceTemplateIamMemberArgs{ +// Project: pulumi.Any(_default.Project), +// Name: pulumi.Any(_default.Name), +// Role: pulumi.String("roles/compute.instanceAdmin"), +// Member: pulumi.String("user:jane@example.com"), +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// With IAM Conditions: +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := compute.NewInstanceTemplateIamMember(ctx, "member", &compute.InstanceTemplateIamMemberArgs{ +// Project: pulumi.Any(_default.Project), +// Name: pulumi.Any(_default.Name), +// Role: pulumi.String("roles/compute.instanceAdmin"), +// Member: pulumi.String("user:jane@example.com"), +// Condition: &compute.InstanceTemplateIamMemberConditionArgs{ +// Title: pulumi.String("expires_after_2019_12_31"), +// Description: pulumi.String("Expiring at midnight of 2019-12-31"), +// Expression: pulumi.String("request.time < timestamp(\"2020-01-01T00:00:00Z\")"), +// }, +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## Import +// +// For all import syntaxes, the "resource in question" can take any of the following forms: +// +// * projects/{{project}}/global/instanceTemplates/{{name}} +// +// * {{project}}/{{name}} +// +// * {{name}} +// +// Any variables not passed in the import command will be taken from the provider configuration. +// +// Compute Engine instancetemplate IAM resources can be imported using the resource identifiers, role, and member. +// +// IAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g. +// +// ```sh +// $ pulumi import gcp:compute/instanceTemplateIamPolicy:InstanceTemplateIamPolicy editor "projects/{{project}}/global/instanceTemplates/{{instance_template}} roles/compute.instanceAdmin user:jane@example.com" +// ``` +// +// IAM binding imports use space-delimited identifiers: the resource in question and the role, e.g. +// +// ```sh +// $ pulumi import gcp:compute/instanceTemplateIamPolicy:InstanceTemplateIamPolicy editor "projects/{{project}}/global/instanceTemplates/{{instance_template}} roles/compute.instanceAdmin" +// ``` +// +// IAM policy imports use the identifier of the resource in question, e.g. +// +// ```sh +// $ pulumi import gcp:compute/instanceTemplateIamPolicy:InstanceTemplateIamPolicy editor projects/{{project}}/global/instanceTemplates/{{instance_template}} +// ``` +// +// -> **Custom Roles** If you're importing a IAM resource with a custom role, make sure to use the +// +// full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`. +type InstanceTemplateIamPolicy struct { + pulumi.CustomResourceState + + // (Computed) The etag of the IAM policy. + Etag pulumi.StringOutput `pulumi:"etag"` + // Used to find the parent resource to bind the IAM policy to + Name pulumi.StringOutput `pulumi:"name"` + // The policy data generated by + // a `organizations.getIAMPolicy` data source. + PolicyData pulumi.StringOutput `pulumi:"policyData"` + // The ID of the project in which the resource belongs. + // If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + Project pulumi.StringOutput `pulumi:"project"` +} + +// NewInstanceTemplateIamPolicy registers a new resource with the given unique name, arguments, and options. +func NewInstanceTemplateIamPolicy(ctx *pulumi.Context, + name string, args *InstanceTemplateIamPolicyArgs, opts ...pulumi.ResourceOption) (*InstanceTemplateIamPolicy, error) { + if args == nil { + return nil, errors.New("missing one or more required arguments") + } + + if args.PolicyData == nil { + return nil, errors.New("invalid value for required argument 'PolicyData'") + } + opts = internal.PkgResourceDefaultOpts(opts) + var resource InstanceTemplateIamPolicy + err := ctx.RegisterResource("gcp:compute/instanceTemplateIamPolicy:InstanceTemplateIamPolicy", name, args, &resource, opts...) + if err != nil { + return nil, err + } + return &resource, nil +} + +// GetInstanceTemplateIamPolicy gets an existing InstanceTemplateIamPolicy resource's state with the given name, ID, and optional +// state properties that are used to uniquely qualify the lookup (nil if not required). +func GetInstanceTemplateIamPolicy(ctx *pulumi.Context, + name string, id pulumi.IDInput, state *InstanceTemplateIamPolicyState, opts ...pulumi.ResourceOption) (*InstanceTemplateIamPolicy, error) { + var resource InstanceTemplateIamPolicy + err := ctx.ReadResource("gcp:compute/instanceTemplateIamPolicy:InstanceTemplateIamPolicy", name, id, state, &resource, opts...) + if err != nil { + return nil, err + } + return &resource, nil +} + +// Input properties used for looking up and filtering InstanceTemplateIamPolicy resources. +type instanceTemplateIamPolicyState struct { + // (Computed) The etag of the IAM policy. + Etag *string `pulumi:"etag"` + // Used to find the parent resource to bind the IAM policy to + Name *string `pulumi:"name"` + // The policy data generated by + // a `organizations.getIAMPolicy` data source. + PolicyData *string `pulumi:"policyData"` + // The ID of the project in which the resource belongs. + // If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + Project *string `pulumi:"project"` +} + +type InstanceTemplateIamPolicyState struct { + // (Computed) The etag of the IAM policy. + Etag pulumi.StringPtrInput + // Used to find the parent resource to bind the IAM policy to + Name pulumi.StringPtrInput + // The policy data generated by + // a `organizations.getIAMPolicy` data source. + PolicyData pulumi.StringPtrInput + // The ID of the project in which the resource belongs. + // If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + Project pulumi.StringPtrInput +} + +func (InstanceTemplateIamPolicyState) ElementType() reflect.Type { + return reflect.TypeOf((*instanceTemplateIamPolicyState)(nil)).Elem() +} + +type instanceTemplateIamPolicyArgs struct { + // Used to find the parent resource to bind the IAM policy to + Name *string `pulumi:"name"` + // The policy data generated by + // a `organizations.getIAMPolicy` data source. + PolicyData string `pulumi:"policyData"` + // The ID of the project in which the resource belongs. + // If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + Project *string `pulumi:"project"` +} + +// The set of arguments for constructing a InstanceTemplateIamPolicy resource. +type InstanceTemplateIamPolicyArgs struct { + // Used to find the parent resource to bind the IAM policy to + Name pulumi.StringPtrInput + // The policy data generated by + // a `organizations.getIAMPolicy` data source. + PolicyData pulumi.StringInput + // The ID of the project in which the resource belongs. + // If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + Project pulumi.StringPtrInput +} + +func (InstanceTemplateIamPolicyArgs) ElementType() reflect.Type { + return reflect.TypeOf((*instanceTemplateIamPolicyArgs)(nil)).Elem() +} + +type InstanceTemplateIamPolicyInput interface { + pulumi.Input + + ToInstanceTemplateIamPolicyOutput() InstanceTemplateIamPolicyOutput + ToInstanceTemplateIamPolicyOutputWithContext(ctx context.Context) InstanceTemplateIamPolicyOutput +} + +func (*InstanceTemplateIamPolicy) ElementType() reflect.Type { + return reflect.TypeOf((**InstanceTemplateIamPolicy)(nil)).Elem() +} + +func (i *InstanceTemplateIamPolicy) ToInstanceTemplateIamPolicyOutput() InstanceTemplateIamPolicyOutput { + return i.ToInstanceTemplateIamPolicyOutputWithContext(context.Background()) +} + +func (i *InstanceTemplateIamPolicy) ToInstanceTemplateIamPolicyOutputWithContext(ctx context.Context) InstanceTemplateIamPolicyOutput { + return pulumi.ToOutputWithContext(ctx, i).(InstanceTemplateIamPolicyOutput) +} + +// InstanceTemplateIamPolicyArrayInput is an input type that accepts InstanceTemplateIamPolicyArray and InstanceTemplateIamPolicyArrayOutput values. +// You can construct a concrete instance of `InstanceTemplateIamPolicyArrayInput` via: +// +// InstanceTemplateIamPolicyArray{ InstanceTemplateIamPolicyArgs{...} } +type InstanceTemplateIamPolicyArrayInput interface { + pulumi.Input + + ToInstanceTemplateIamPolicyArrayOutput() InstanceTemplateIamPolicyArrayOutput + ToInstanceTemplateIamPolicyArrayOutputWithContext(context.Context) InstanceTemplateIamPolicyArrayOutput +} + +type InstanceTemplateIamPolicyArray []InstanceTemplateIamPolicyInput + +func (InstanceTemplateIamPolicyArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]*InstanceTemplateIamPolicy)(nil)).Elem() +} + +func (i InstanceTemplateIamPolicyArray) ToInstanceTemplateIamPolicyArrayOutput() InstanceTemplateIamPolicyArrayOutput { + return i.ToInstanceTemplateIamPolicyArrayOutputWithContext(context.Background()) +} + +func (i InstanceTemplateIamPolicyArray) ToInstanceTemplateIamPolicyArrayOutputWithContext(ctx context.Context) InstanceTemplateIamPolicyArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(InstanceTemplateIamPolicyArrayOutput) +} + +// InstanceTemplateIamPolicyMapInput is an input type that accepts InstanceTemplateIamPolicyMap and InstanceTemplateIamPolicyMapOutput values. +// You can construct a concrete instance of `InstanceTemplateIamPolicyMapInput` via: +// +// InstanceTemplateIamPolicyMap{ "key": InstanceTemplateIamPolicyArgs{...} } +type InstanceTemplateIamPolicyMapInput interface { + pulumi.Input + + ToInstanceTemplateIamPolicyMapOutput() InstanceTemplateIamPolicyMapOutput + ToInstanceTemplateIamPolicyMapOutputWithContext(context.Context) InstanceTemplateIamPolicyMapOutput +} + +type InstanceTemplateIamPolicyMap map[string]InstanceTemplateIamPolicyInput + +func (InstanceTemplateIamPolicyMap) ElementType() reflect.Type { + return reflect.TypeOf((*map[string]*InstanceTemplateIamPolicy)(nil)).Elem() +} + +func (i InstanceTemplateIamPolicyMap) ToInstanceTemplateIamPolicyMapOutput() InstanceTemplateIamPolicyMapOutput { + return i.ToInstanceTemplateIamPolicyMapOutputWithContext(context.Background()) +} + +func (i InstanceTemplateIamPolicyMap) ToInstanceTemplateIamPolicyMapOutputWithContext(ctx context.Context) InstanceTemplateIamPolicyMapOutput { + return pulumi.ToOutputWithContext(ctx, i).(InstanceTemplateIamPolicyMapOutput) +} + +type InstanceTemplateIamPolicyOutput struct{ *pulumi.OutputState } + +func (InstanceTemplateIamPolicyOutput) ElementType() reflect.Type { + return reflect.TypeOf((**InstanceTemplateIamPolicy)(nil)).Elem() +} + +func (o InstanceTemplateIamPolicyOutput) ToInstanceTemplateIamPolicyOutput() InstanceTemplateIamPolicyOutput { + return o +} + +func (o InstanceTemplateIamPolicyOutput) ToInstanceTemplateIamPolicyOutputWithContext(ctx context.Context) InstanceTemplateIamPolicyOutput { + return o +} + +// (Computed) The etag of the IAM policy. +func (o InstanceTemplateIamPolicyOutput) Etag() pulumi.StringOutput { + return o.ApplyT(func(v *InstanceTemplateIamPolicy) pulumi.StringOutput { return v.Etag }).(pulumi.StringOutput) +} + +// Used to find the parent resource to bind the IAM policy to +func (o InstanceTemplateIamPolicyOutput) Name() pulumi.StringOutput { + return o.ApplyT(func(v *InstanceTemplateIamPolicy) pulumi.StringOutput { return v.Name }).(pulumi.StringOutput) +} + +// The policy data generated by +// a `organizations.getIAMPolicy` data source. +func (o InstanceTemplateIamPolicyOutput) PolicyData() pulumi.StringOutput { + return o.ApplyT(func(v *InstanceTemplateIamPolicy) pulumi.StringOutput { return v.PolicyData }).(pulumi.StringOutput) +} + +// The ID of the project in which the resource belongs. +// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. +func (o InstanceTemplateIamPolicyOutput) Project() pulumi.StringOutput { + return o.ApplyT(func(v *InstanceTemplateIamPolicy) pulumi.StringOutput { return v.Project }).(pulumi.StringOutput) +} + +type InstanceTemplateIamPolicyArrayOutput struct{ *pulumi.OutputState } + +func (InstanceTemplateIamPolicyArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]*InstanceTemplateIamPolicy)(nil)).Elem() +} + +func (o InstanceTemplateIamPolicyArrayOutput) ToInstanceTemplateIamPolicyArrayOutput() InstanceTemplateIamPolicyArrayOutput { + return o +} + +func (o InstanceTemplateIamPolicyArrayOutput) ToInstanceTemplateIamPolicyArrayOutputWithContext(ctx context.Context) InstanceTemplateIamPolicyArrayOutput { + return o +} + +func (o InstanceTemplateIamPolicyArrayOutput) Index(i pulumi.IntInput) InstanceTemplateIamPolicyOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) *InstanceTemplateIamPolicy { + return vs[0].([]*InstanceTemplateIamPolicy)[vs[1].(int)] + }).(InstanceTemplateIamPolicyOutput) +} + +type InstanceTemplateIamPolicyMapOutput struct{ *pulumi.OutputState } + +func (InstanceTemplateIamPolicyMapOutput) ElementType() reflect.Type { + return reflect.TypeOf((*map[string]*InstanceTemplateIamPolicy)(nil)).Elem() +} + +func (o InstanceTemplateIamPolicyMapOutput) ToInstanceTemplateIamPolicyMapOutput() InstanceTemplateIamPolicyMapOutput { + return o +} + +func (o InstanceTemplateIamPolicyMapOutput) ToInstanceTemplateIamPolicyMapOutputWithContext(ctx context.Context) InstanceTemplateIamPolicyMapOutput { + return o +} + +func (o InstanceTemplateIamPolicyMapOutput) MapIndex(k pulumi.StringInput) InstanceTemplateIamPolicyOutput { + return pulumi.All(o, k).ApplyT(func(vs []interface{}) *InstanceTemplateIamPolicy { + return vs[0].(map[string]*InstanceTemplateIamPolicy)[vs[1].(string)] + }).(InstanceTemplateIamPolicyOutput) +} + +func init() { + pulumi.RegisterInputType(reflect.TypeOf((*InstanceTemplateIamPolicyInput)(nil)).Elem(), &InstanceTemplateIamPolicy{}) + pulumi.RegisterInputType(reflect.TypeOf((*InstanceTemplateIamPolicyArrayInput)(nil)).Elem(), InstanceTemplateIamPolicyArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*InstanceTemplateIamPolicyMapInput)(nil)).Elem(), InstanceTemplateIamPolicyMap{}) + pulumi.RegisterOutputType(InstanceTemplateIamPolicyOutput{}) + pulumi.RegisterOutputType(InstanceTemplateIamPolicyArrayOutput{}) + pulumi.RegisterOutputType(InstanceTemplateIamPolicyMapOutput{}) +} diff --git a/sdk/go/gcp/compute/interconnectAttachment.go b/sdk/go/gcp/compute/interconnectAttachment.go index 0a252a43e2..1e3adc21bf 100644 --- a/sdk/go/gcp/compute/interconnectAttachment.go +++ b/sdk/go/gcp/compute/interconnectAttachment.go @@ -54,6 +54,9 @@ import ( // Type: pulumi.String("PARTNER"), // Router: foobar.ID(), // Mtu: pulumi.String("1500"), +// Labels: pulumi.StringMap{ +// "mykey": pulumi.String("myvalue"), +// }, // }) // if err != nil { // return err @@ -198,6 +201,8 @@ type InterconnectAttachment struct { // pairing key so that the provisioned circuit will lie in the specified // domain. If not specified, the value will default to AVAILABILITY_DOMAIN_ANY. EdgeAvailabilityDomain pulumi.StringOutput `pulumi:"edgeAvailabilityDomain"` + // All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. + EffectiveLabels pulumi.StringMapOutput `pulumi:"effectiveLabels"` // Indicates the user-supplied encryption option of this interconnect // attachment. Can only be specified at attachment creation for PARTNER or // DEDICATED attachments. @@ -235,6 +240,18 @@ type InterconnectAttachment struct { // interconnect attachment, the HA VPN gateway's IP address will be // allocated from regional external IP address pool. IpsecInternalAddresses pulumi.StringArrayOutput `pulumi:"ipsecInternalAddresses"` + // A fingerprint for the labels being applied to this Interconnect, which is essentially a hash + // of the labels set used for optimistic locking. The fingerprint is initially generated by + // Compute Engine and changes after every request to modify or update labels. + // You must always provide an up-to-date fingerprint hash in order to update or change labels, + // otherwise the request will fail with error 412 conditionNotMet. + LabelFingerprint pulumi.StringOutput `pulumi:"labelFingerprint"` + // Labels for this resource. These can only be added or modified by the setLabels + // method. Each label key/value pair must comply with RFC1035. Label values may be empty. + // + // **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. + // Please refer to the field `effectiveLabels` for all of the labels present on the resource. + Labels pulumi.StringMapOutput `pulumi:"labels"` // Maximum Transmission Unit (MTU), in bytes, of packets passing through // this interconnect attachment. Currently, only 1440 and 1500 are allowed. If not specified, the value will default to 1440. Mtu pulumi.StringOutput `pulumi:"mtu"` @@ -262,6 +279,9 @@ type InterconnectAttachment struct { // The ID of the project in which the resource belongs. // If it is not provided, the provider project is used. Project pulumi.StringOutput `pulumi:"project"` + // The combination of labels configured directly on the resource + // and default labels configured on the provider. + PulumiLabels pulumi.StringMapOutput `pulumi:"pulumiLabels"` // Region where the regional interconnect attachment resides. Region pulumi.StringOutput `pulumi:"region"` // URL of the cloud router to be used for dynamic routing. This router must be in @@ -305,6 +325,11 @@ func NewInterconnectAttachment(ctx *pulumi.Context, if args.Router == nil { return nil, errors.New("invalid value for required argument 'Router'") } + secrets := pulumi.AdditionalSecretOutputs([]string{ + "effectiveLabels", + "pulumiLabels", + }) + opts = append(opts, secrets) opts = internal.PkgResourceDefaultOpts(opts) var resource InterconnectAttachment err := ctx.RegisterResource("gcp:compute/interconnectAttachment:InterconnectAttachment", name, args, &resource, opts...) @@ -369,6 +394,8 @@ type interconnectAttachmentState struct { // pairing key so that the provisioned circuit will lie in the specified // domain. If not specified, the value will default to AVAILABILITY_DOMAIN_ANY. EdgeAvailabilityDomain *string `pulumi:"edgeAvailabilityDomain"` + // All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. + EffectiveLabels map[string]string `pulumi:"effectiveLabels"` // Indicates the user-supplied encryption option of this interconnect // attachment. Can only be specified at attachment creation for PARTNER or // DEDICATED attachments. @@ -406,6 +433,18 @@ type interconnectAttachmentState struct { // interconnect attachment, the HA VPN gateway's IP address will be // allocated from regional external IP address pool. IpsecInternalAddresses []string `pulumi:"ipsecInternalAddresses"` + // A fingerprint for the labels being applied to this Interconnect, which is essentially a hash + // of the labels set used for optimistic locking. The fingerprint is initially generated by + // Compute Engine and changes after every request to modify or update labels. + // You must always provide an up-to-date fingerprint hash in order to update or change labels, + // otherwise the request will fail with error 412 conditionNotMet. + LabelFingerprint *string `pulumi:"labelFingerprint"` + // Labels for this resource. These can only be added or modified by the setLabels + // method. Each label key/value pair must comply with RFC1035. Label values may be empty. + // + // **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. + // Please refer to the field `effectiveLabels` for all of the labels present on the resource. + Labels map[string]string `pulumi:"labels"` // Maximum Transmission Unit (MTU), in bytes, of packets passing through // this interconnect attachment. Currently, only 1440 and 1500 are allowed. If not specified, the value will default to 1440. Mtu *string `pulumi:"mtu"` @@ -433,6 +472,9 @@ type interconnectAttachmentState struct { // The ID of the project in which the resource belongs. // If it is not provided, the provider project is used. Project *string `pulumi:"project"` + // The combination of labels configured directly on the resource + // and default labels configured on the provider. + PulumiLabels map[string]string `pulumi:"pulumiLabels"` // Region where the regional interconnect attachment resides. Region *string `pulumi:"region"` // URL of the cloud router to be used for dynamic routing. This router must be in @@ -508,6 +550,8 @@ type InterconnectAttachmentState struct { // pairing key so that the provisioned circuit will lie in the specified // domain. If not specified, the value will default to AVAILABILITY_DOMAIN_ANY. EdgeAvailabilityDomain pulumi.StringPtrInput + // All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. + EffectiveLabels pulumi.StringMapInput // Indicates the user-supplied encryption option of this interconnect // attachment. Can only be specified at attachment creation for PARTNER or // DEDICATED attachments. @@ -545,6 +589,18 @@ type InterconnectAttachmentState struct { // interconnect attachment, the HA VPN gateway's IP address will be // allocated from regional external IP address pool. IpsecInternalAddresses pulumi.StringArrayInput + // A fingerprint for the labels being applied to this Interconnect, which is essentially a hash + // of the labels set used for optimistic locking. The fingerprint is initially generated by + // Compute Engine and changes after every request to modify or update labels. + // You must always provide an up-to-date fingerprint hash in order to update or change labels, + // otherwise the request will fail with error 412 conditionNotMet. + LabelFingerprint pulumi.StringPtrInput + // Labels for this resource. These can only be added or modified by the setLabels + // method. Each label key/value pair must comply with RFC1035. Label values may be empty. + // + // **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. + // Please refer to the field `effectiveLabels` for all of the labels present on the resource. + Labels pulumi.StringMapInput // Maximum Transmission Unit (MTU), in bytes, of packets passing through // this interconnect attachment. Currently, only 1440 and 1500 are allowed. If not specified, the value will default to 1440. Mtu pulumi.StringPtrInput @@ -572,6 +628,9 @@ type InterconnectAttachmentState struct { // The ID of the project in which the resource belongs. // If it is not provided, the provider project is used. Project pulumi.StringPtrInput + // The combination of labels configured directly on the resource + // and default labels configured on the provider. + PulumiLabels pulumi.StringMapInput // Region where the regional interconnect attachment resides. Region pulumi.StringPtrInput // URL of the cloud router to be used for dynamic routing. This router must be in @@ -671,6 +730,12 @@ type interconnectAttachmentArgs struct { // interconnect attachment, the HA VPN gateway's IP address will be // allocated from regional external IP address pool. IpsecInternalAddresses []string `pulumi:"ipsecInternalAddresses"` + // Labels for this resource. These can only be added or modified by the setLabels + // method. Each label key/value pair must comply with RFC1035. Label values may be empty. + // + // **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. + // Please refer to the field `effectiveLabels` for all of the labels present on the resource. + Labels map[string]string `pulumi:"labels"` // Maximum Transmission Unit (MTU), in bytes, of packets passing through // this interconnect attachment. Currently, only 1440 and 1500 are allowed. If not specified, the value will default to 1440. Mtu *string `pulumi:"mtu"` @@ -778,6 +843,12 @@ type InterconnectAttachmentArgs struct { // interconnect attachment, the HA VPN gateway's IP address will be // allocated from regional external IP address pool. IpsecInternalAddresses pulumi.StringArrayInput + // Labels for this resource. These can only be added or modified by the setLabels + // method. Each label key/value pair must comply with RFC1035. Label values may be empty. + // + // **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. + // Please refer to the field `effectiveLabels` for all of the labels present on the resource. + Labels pulumi.StringMapInput // Maximum Transmission Unit (MTU), in bytes, of packets passing through // this interconnect attachment. Currently, only 1440 and 1500 are allowed. If not specified, the value will default to 1440. Mtu pulumi.StringPtrInput @@ -980,6 +1051,11 @@ func (o InterconnectAttachmentOutput) EdgeAvailabilityDomain() pulumi.StringOutp return o.ApplyT(func(v *InterconnectAttachment) pulumi.StringOutput { return v.EdgeAvailabilityDomain }).(pulumi.StringOutput) } +// All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. +func (o InterconnectAttachmentOutput) EffectiveLabels() pulumi.StringMapOutput { + return o.ApplyT(func(v *InterconnectAttachment) pulumi.StringMapOutput { return v.EffectiveLabels }).(pulumi.StringMapOutput) +} + // Indicates the user-supplied encryption option of this interconnect // attachment. Can only be specified at attachment creation for PARTNER or // DEDICATED attachments. @@ -1029,6 +1105,24 @@ func (o InterconnectAttachmentOutput) IpsecInternalAddresses() pulumi.StringArra return o.ApplyT(func(v *InterconnectAttachment) pulumi.StringArrayOutput { return v.IpsecInternalAddresses }).(pulumi.StringArrayOutput) } +// A fingerprint for the labels being applied to this Interconnect, which is essentially a hash +// of the labels set used for optimistic locking. The fingerprint is initially generated by +// Compute Engine and changes after every request to modify or update labels. +// You must always provide an up-to-date fingerprint hash in order to update or change labels, +// otherwise the request will fail with error 412 conditionNotMet. +func (o InterconnectAttachmentOutput) LabelFingerprint() pulumi.StringOutput { + return o.ApplyT(func(v *InterconnectAttachment) pulumi.StringOutput { return v.LabelFingerprint }).(pulumi.StringOutput) +} + +// Labels for this resource. These can only be added or modified by the setLabels +// method. Each label key/value pair must comply with RFC1035. Label values may be empty. +// +// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. +// Please refer to the field `effectiveLabels` for all of the labels present on the resource. +func (o InterconnectAttachmentOutput) Labels() pulumi.StringMapOutput { + return o.ApplyT(func(v *InterconnectAttachment) pulumi.StringMapOutput { return v.Labels }).(pulumi.StringMapOutput) +} + // Maximum Transmission Unit (MTU), in bytes, of packets passing through // this interconnect attachment. Currently, only 1440 and 1500 are allowed. If not specified, the value will default to 1440. func (o InterconnectAttachmentOutput) Mtu() pulumi.StringOutput { @@ -1076,6 +1170,12 @@ func (o InterconnectAttachmentOutput) Project() pulumi.StringOutput { return o.ApplyT(func(v *InterconnectAttachment) pulumi.StringOutput { return v.Project }).(pulumi.StringOutput) } +// The combination of labels configured directly on the resource +// and default labels configured on the provider. +func (o InterconnectAttachmentOutput) PulumiLabels() pulumi.StringMapOutput { + return o.ApplyT(func(v *InterconnectAttachment) pulumi.StringMapOutput { return v.PulumiLabels }).(pulumi.StringMapOutput) +} + // Region where the regional interconnect attachment resides. func (o InterconnectAttachmentOutput) Region() pulumi.StringOutput { return o.ApplyT(func(v *InterconnectAttachment) pulumi.StringOutput { return v.Region }).(pulumi.StringOutput) diff --git a/sdk/go/gcp/compute/networkFirewallPolicyRule.go b/sdk/go/gcp/compute/networkFirewallPolicyRule.go index dac96d3d96..e2eb66e6d9 100644 --- a/sdk/go/gcp/compute/networkFirewallPolicyRule.go +++ b/sdk/go/gcp/compute/networkFirewallPolicyRule.go @@ -39,7 +39,7 @@ import ( // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { // basicGlobalNetworksecurityAddressGroup, err := networksecurity.NewAddressGroup(ctx, "basic_global_networksecurity_address_group", &networksecurity.AddressGroupArgs{ -// Name: pulumi.String("address"), +// Name: pulumi.String("address-group"), // Parent: pulumi.String("projects/my-project-name"), // Description: pulumi.String("Sample global networksecurity_address_group"), // Location: pulumi.String("global"), @@ -53,7 +53,7 @@ import ( // return err // } // basicNetworkFirewallPolicy, err := compute.NewNetworkFirewallPolicy(ctx, "basic_network_firewall_policy", &compute.NetworkFirewallPolicyArgs{ -// Name: pulumi.String("policy"), +// Name: pulumi.String("fw-policy"), // Description: pulumi.String("Sample global network firewall policy"), // Project: pulumi.String("my-project-name"), // }) @@ -70,7 +70,7 @@ import ( // Description: pulumi.String("For keyname resources."), // Parent: pulumi.String("organizations/123456789"), // Purpose: pulumi.String("GCE_FIREWALL"), -// ShortName: pulumi.String("tagkey"), +// ShortName: pulumi.String("tag-key"), // PurposeData: pulumi.StringMap{ // "network": basicNetwork.Name.ApplyT(func(name string) (string, error) { // return fmt.Sprintf("my-project-name/%v", name), nil @@ -83,7 +83,7 @@ import ( // basicValue, err := tags.NewTagValue(ctx, "basic_value", &tags.TagValueArgs{ // Description: pulumi.String("For valuename resources."), // Parent: basicKey.ID(), -// ShortName: pulumi.String("tagvalue"), +// ShortName: pulumi.String("tag-value"), // }) // if err != nil { // return err @@ -101,6 +101,9 @@ import ( // pulumi.String("my@service-account.com"), // }, // Match: &compute.NetworkFirewallPolicyRuleMatchArgs{ +// SrcAddressGroups: pulumi.StringArray{ +// basicGlobalNetworksecurityAddressGroup.ID(), +// }, // SrcIpRanges: pulumi.StringArray{ // pulumi.String("10.100.0.1/32"), // }, @@ -123,8 +126,116 @@ import ( // IpProtocol: pulumi.String("all"), // }, // }, -// SrcAddressGroups: pulumi.StringArray{ -// basicGlobalNetworksecurityAddressGroup.ID(), +// }, +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// ### Network Firewall Policy Rule Network Scope Egress +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// basicNetworkFirewallPolicy, err := compute.NewNetworkFirewallPolicy(ctx, "basic_network_firewall_policy", &compute.NetworkFirewallPolicyArgs{ +// Name: pulumi.String("fw-policy"), +// Description: pulumi.String("Sample global network firewall policy"), +// Project: pulumi.String("my-project-name"), +// }) +// if err != nil { +// return err +// } +// _, err = compute.NewNetworkFirewallPolicyRule(ctx, "primary", &compute.NetworkFirewallPolicyRuleArgs{ +// Action: pulumi.String("allow"), +// Description: pulumi.String("This is a simple rule description"), +// Direction: pulumi.String("EGRESS"), +// Disabled: pulumi.Bool(false), +// EnableLogging: pulumi.Bool(true), +// FirewallPolicy: basicNetworkFirewallPolicy.Name, +// Priority: pulumi.Int(1000), +// RuleName: pulumi.String("test-rule"), +// Match: &compute.NetworkFirewallPolicyRuleMatchArgs{ +// DestIpRanges: pulumi.StringArray{ +// pulumi.String("10.100.0.1/32"), +// }, +// DestNetworkScope: pulumi.String("INTERNET"), +// Layer4Configs: compute.NetworkFirewallPolicyRuleMatchLayer4ConfigArray{ +// &compute.NetworkFirewallPolicyRuleMatchLayer4ConfigArgs{ +// IpProtocol: pulumi.String("all"), +// }, +// }, +// }, +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// ### Network Firewall Policy Rule Network Scope Ingress +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// basicNetworkFirewallPolicy, err := compute.NewNetworkFirewallPolicy(ctx, "basic_network_firewall_policy", &compute.NetworkFirewallPolicyArgs{ +// Name: pulumi.String("fw-policy"), +// Description: pulumi.String("Sample global network firewall policy"), +// Project: pulumi.String("my-project-name"), +// }) +// if err != nil { +// return err +// } +// network, err := compute.NewNetwork(ctx, "network", &compute.NetworkArgs{ +// Name: pulumi.String("network"), +// }) +// if err != nil { +// return err +// } +// _, err = compute.NewNetworkFirewallPolicyRule(ctx, "primary", &compute.NetworkFirewallPolicyRuleArgs{ +// Action: pulumi.String("allow"), +// Description: pulumi.String("This is a simple rule description"), +// Direction: pulumi.String("INGRESS"), +// Disabled: pulumi.Bool(false), +// EnableLogging: pulumi.Bool(true), +// FirewallPolicy: basicNetworkFirewallPolicy.Name, +// Priority: pulumi.Int(1000), +// RuleName: pulumi.String("test-rule"), +// Match: &compute.NetworkFirewallPolicyRuleMatchArgs{ +// SrcIpRanges: pulumi.StringArray{ +// pulumi.String("11.100.0.1/32"), +// }, +// SrcNetworkScope: pulumi.String("VPC_NETWORKS"), +// SrcNetworks: pulumi.StringArray{ +// network.ID(), +// }, +// Layer4Configs: compute.NetworkFirewallPolicyRuleMatchLayer4ConfigArray{ +// &compute.NetworkFirewallPolicyRuleMatchLayer4ConfigArgs{ +// IpProtocol: pulumi.String("all"), +// }, // }, // }, // }) diff --git a/sdk/go/gcp/compute/networkFirewallPolicyWithRules.go b/sdk/go/gcp/compute/networkFirewallPolicyWithRules.go index 7e9b8fb824..234457bbfc 100644 --- a/sdk/go/gcp/compute/networkFirewallPolicyWithRules.go +++ b/sdk/go/gcp/compute/networkFirewallPolicyWithRules.go @@ -38,7 +38,7 @@ import ( // return err // } // addressGroup1, err := networksecurity.NewAddressGroup(ctx, "address_group_1", &networksecurity.AddressGroupArgs{ -// Name: pulumi.String("tf-address-group"), +// Name: pulumi.String("address-group"), // Parent: pulumi.String(project.Id), // Description: pulumi.String("Global address group"), // Location: pulumi.String("global"), @@ -55,7 +55,7 @@ import ( // Description: pulumi.String("Tag key"), // Parent: pulumi.String(project.Id), // Purpose: pulumi.String("GCE_FIREWALL"), -// ShortName: pulumi.String("tf-tag-key"), +// ShortName: pulumi.String("tag-key"), // PurposeData: pulumi.StringMap{ // "network": pulumi.Sprintf("%v/default", project.Name), // }, @@ -66,13 +66,13 @@ import ( // secureTagValue1, err := tags.NewTagValue(ctx, "secure_tag_value_1", &tags.TagValueArgs{ // Description: pulumi.String("Tag value"), // Parent: secureTagKey1.ID(), -// ShortName: pulumi.String("tf-tag-value"), +// ShortName: pulumi.String("tag-value"), // }) // if err != nil { // return err // } // securityProfile1, err := networksecurity.NewSecurityProfile(ctx, "security_profile_1", &networksecurity.SecurityProfileArgs{ -// Name: pulumi.String("tf-security-profile"), +// Name: pulumi.String("sp"), // Type: pulumi.String("THREAT_PREVENTION"), // Parent: pulumi.String("organizations/123456789"), // Location: pulumi.String("global"), @@ -81,7 +81,7 @@ import ( // return err // } // securityProfileGroup1, err := networksecurity.NewSecurityProfileGroup(ctx, "security_profile_group_1", &networksecurity.SecurityProfileGroupArgs{ -// Name: pulumi.String("tf-security-profile-group"), +// Name: pulumi.String("spg"), // Parent: pulumi.String("organizations/123456789"), // Description: pulumi.String("my description"), // ThreatPreventionProfile: securityProfile1.ID(), @@ -89,8 +89,15 @@ import ( // if err != nil { // return err // } -// _, err = compute.NewNetworkFirewallPolicyWithRules(ctx, "network-firewall-policy-with-rules", &compute.NetworkFirewallPolicyWithRulesArgs{ -// Name: pulumi.String("tf-fw-policy-with-rules"), +// network, err := compute.NewNetwork(ctx, "network", &compute.NetworkArgs{ +// Name: pulumi.String("network"), +// AutoCreateSubnetworks: pulumi.Bool(false), +// }) +// if err != nil { +// return err +// } +// _, err = compute.NewNetworkFirewallPolicyWithRules(ctx, "primary", &compute.NetworkFirewallPolicyWithRulesArgs{ +// Name: pulumi.String("fw-policy"), // Description: pulumi.String("Terraform test"), // Rules: compute.NetworkFirewallPolicyWithRulesRuleArray{ // &compute.NetworkFirewallPolicyWithRulesRuleArgs{ @@ -100,15 +107,6 @@ import ( // Action: pulumi.String("allow"), // Direction: pulumi.String("EGRESS"), // Match: &compute.NetworkFirewallPolicyWithRulesRuleMatchArgs{ -// Layer4Configs: compute.NetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArray{ -// &compute.NetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArgs{ -// IpProtocol: pulumi.String("tcp"), -// Ports: pulumi.StringArray{ -// pulumi.String("8080"), -// pulumi.String("7070"), -// }, -// }, -// }, // DestIpRanges: pulumi.StringArray{ // pulumi.String("11.100.0.1/32"), // }, @@ -127,6 +125,15 @@ import ( // DestAddressGroups: pulumi.StringArray{ // addressGroup1.ID(), // }, +// Layer4Configs: compute.NetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArray{ +// &compute.NetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArgs{ +// IpProtocol: pulumi.String("tcp"), +// Ports: pulumi.StringArray{ +// pulumi.String("8080"), +// pulumi.String("7070"), +// }, +// }, +// }, // }, // TargetSecureTags: compute.NetworkFirewallPolicyWithRulesRuleTargetSecureTagArray{ // &compute.NetworkFirewallPolicyWithRulesRuleTargetSecureTagArgs{ @@ -140,12 +147,8 @@ import ( // EnableLogging: pulumi.Bool(false), // Action: pulumi.String("deny"), // Direction: pulumi.String("INGRESS"), +// Disabled: pulumi.Bool(true), // Match: &compute.NetworkFirewallPolicyWithRulesRuleMatchArgs{ -// Layer4Configs: compute.NetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArray{ -// &compute.NetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArgs{ -// IpProtocol: pulumi.String("udp"), -// }, -// }, // SrcIpRanges: pulumi.StringArray{ // pulumi.String("0.0.0.0/0"), // }, @@ -169,8 +172,12 @@ import ( // Name: secureTagValue1.ID(), // }, // }, +// Layer4Configs: compute.NetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArray{ +// &compute.NetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArgs{ +// IpProtocol: pulumi.String("udp"), +// }, +// }, // }, -// Disabled: pulumi.Bool(true), // }, // &compute.NetworkFirewallPolicyWithRulesRuleArgs{ // Description: pulumi.String("security profile group rule"), @@ -179,23 +186,70 @@ import ( // EnableLogging: pulumi.Bool(false), // Action: pulumi.String("apply_security_profile_group"), // Direction: pulumi.String("INGRESS"), +// TargetServiceAccounts: pulumi.StringArray{ +// pulumi.String("test@google.com"), +// }, +// SecurityProfileGroup: securityProfileGroup1.ID().ApplyT(func(id string) (string, error) { +// return fmt.Sprintf("//networksecurity.googleapis.com/%v", id), nil +// }).(pulumi.StringOutput), +// TlsInspect: pulumi.Bool(true), // Match: &compute.NetworkFirewallPolicyWithRulesRuleMatchArgs{ +// SrcIpRanges: pulumi.StringArray{ +// pulumi.String("0.0.0.0/0"), +// }, // Layer4Configs: compute.NetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArray{ // &compute.NetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArgs{ // IpProtocol: pulumi.String("tcp"), // }, // }, +// }, +// }, +// &compute.NetworkFirewallPolicyWithRulesRuleArgs{ +// Description: pulumi.String("network scope rule 1"), +// RuleName: pulumi.String("network scope 1"), +// Priority: pulumi.Int(4000), +// EnableLogging: pulumi.Bool(false), +// Action: pulumi.String("allow"), +// Direction: pulumi.String("INGRESS"), +// Match: &compute.NetworkFirewallPolicyWithRulesRuleMatchArgs{ // SrcIpRanges: pulumi.StringArray{ -// pulumi.String("0.0.0.0/0"), +// pulumi.String("11.100.0.1/32"), +// }, +// SrcNetworkScope: pulumi.String("VPC_NETWORKS"), +// SrcNetworks: pulumi.StringArray{ +// network.ID(), +// }, +// Layer4Configs: compute.NetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArray{ +// &compute.NetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArgs{ +// IpProtocol: pulumi.String("tcp"), +// Ports: pulumi.StringArray{ +// pulumi.String("8080"), +// }, +// }, // }, // }, -// TargetServiceAccounts: pulumi.StringArray{ -// pulumi.String("test@google.com"), +// }, +// &compute.NetworkFirewallPolicyWithRulesRuleArgs{ +// Description: pulumi.String("network scope rule 2"), +// RuleName: pulumi.String("network scope 2"), +// Priority: pulumi.Int(5000), +// EnableLogging: pulumi.Bool(false), +// Action: pulumi.String("allow"), +// Direction: pulumi.String("EGRESS"), +// Match: &compute.NetworkFirewallPolicyWithRulesRuleMatchArgs{ +// DestIpRanges: pulumi.StringArray{ +// pulumi.String("0.0.0.0/0"), +// }, +// DestNetworkScope: pulumi.String("INTERNET"), +// Layer4Configs: compute.NetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArray{ +// &compute.NetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArgs{ +// IpProtocol: pulumi.String("tcp"), +// Ports: pulumi.StringArray{ +// pulumi.String("8080"), +// }, +// }, +// }, // }, -// SecurityProfileGroup: securityProfileGroup1.ID().ApplyT(func(id string) (string, error) { -// return fmt.Sprintf("//networksecurity.googleapis.com/%v", id), nil -// }).(pulumi.StringOutput), -// TlsInspect: pulumi.Bool(true), // }, // }, // }) diff --git a/sdk/go/gcp/compute/projectMetadataItem.go b/sdk/go/gcp/compute/projectMetadataItem.go index b6625b7c1d..19cb9af120 100644 --- a/sdk/go/gcp/compute/projectMetadataItem.go +++ b/sdk/go/gcp/compute/projectMetadataItem.go @@ -50,11 +50,17 @@ import ( // // * `{{key}}` // +// * `projects/{{project}}/meta-data/{{key}}` +// // When using the `pulumi import` command, project metadata items can be imported using one of the formats above. For example: // // ```sh // $ pulumi import gcp:compute/projectMetadataItem:ProjectMetadataItem default {{key}} // ``` +// +// ```sh +// $ pulumi import gcp:compute/projectMetadataItem:ProjectMetadataItem default projects/{{project}}/meta-data/{{key}} +// ``` type ProjectMetadataItem struct { pulumi.CustomResourceState diff --git a/sdk/go/gcp/compute/publicAdvertisedPrefix.go b/sdk/go/gcp/compute/publicAdvertisedPrefix.go index 635dcc08e8..74ab94726b 100644 --- a/sdk/go/gcp/compute/publicAdvertisedPrefix.go +++ b/sdk/go/gcp/compute/publicAdvertisedPrefix.go @@ -50,6 +50,35 @@ import ( // } // // ``` +// ### Public Advertised Prefixes Pdp Scope +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := compute.NewPublicAdvertisedPrefix(ctx, "prefixes", &compute.PublicAdvertisedPrefixArgs{ +// Name: pulumi.String("my-pap"), +// Description: pulumi.String("description"), +// DnsVerificationIp: pulumi.String("127.127.0.0"), +// IpCidrRange: pulumi.String("127.127.0.0/16"), +// PdpScope: pulumi.String("REGIONAL"), +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` // // ## Import // @@ -92,6 +121,10 @@ type PublicAdvertisedPrefix struct { // following characters must be a dash, lowercase letter, or digit, // except the last character, which cannot be a dash. Name pulumi.StringOutput `pulumi:"name"` + // Specifies how child public delegated prefix will be scoped. pdpScope + // must be one of: GLOBAL, REGIONAL + // Possible values are: `GLOBAL`, `REGIONAL`. + PdpScope pulumi.StringPtrOutput `pulumi:"pdpScope"` // The ID of the project in which the resource belongs. // If it is not provided, the provider project is used. Project pulumi.StringOutput `pulumi:"project"` @@ -152,6 +185,10 @@ type publicAdvertisedPrefixState struct { // following characters must be a dash, lowercase letter, or digit, // except the last character, which cannot be a dash. Name *string `pulumi:"name"` + // Specifies how child public delegated prefix will be scoped. pdpScope + // must be one of: GLOBAL, REGIONAL + // Possible values are: `GLOBAL`, `REGIONAL`. + PdpScope *string `pulumi:"pdpScope"` // The ID of the project in which the resource belongs. // If it is not provided, the provider project is used. Project *string `pulumi:"project"` @@ -177,6 +214,10 @@ type PublicAdvertisedPrefixState struct { // following characters must be a dash, lowercase letter, or digit, // except the last character, which cannot be a dash. Name pulumi.StringPtrInput + // Specifies how child public delegated prefix will be scoped. pdpScope + // must be one of: GLOBAL, REGIONAL + // Possible values are: `GLOBAL`, `REGIONAL`. + PdpScope pulumi.StringPtrInput // The ID of the project in which the resource belongs. // If it is not provided, the provider project is used. Project pulumi.StringPtrInput @@ -206,6 +247,10 @@ type publicAdvertisedPrefixArgs struct { // following characters must be a dash, lowercase letter, or digit, // except the last character, which cannot be a dash. Name *string `pulumi:"name"` + // Specifies how child public delegated prefix will be scoped. pdpScope + // must be one of: GLOBAL, REGIONAL + // Possible values are: `GLOBAL`, `REGIONAL`. + PdpScope *string `pulumi:"pdpScope"` // The ID of the project in which the resource belongs. // If it is not provided, the provider project is used. Project *string `pulumi:"project"` @@ -228,6 +273,10 @@ type PublicAdvertisedPrefixArgs struct { // following characters must be a dash, lowercase letter, or digit, // except the last character, which cannot be a dash. Name pulumi.StringPtrInput + // Specifies how child public delegated prefix will be scoped. pdpScope + // must be one of: GLOBAL, REGIONAL + // Possible values are: `GLOBAL`, `REGIONAL`. + PdpScope pulumi.StringPtrInput // The ID of the project in which the resource belongs. // If it is not provided, the provider project is used. Project pulumi.StringPtrInput @@ -347,6 +396,13 @@ func (o PublicAdvertisedPrefixOutput) Name() pulumi.StringOutput { return o.ApplyT(func(v *PublicAdvertisedPrefix) pulumi.StringOutput { return v.Name }).(pulumi.StringOutput) } +// Specifies how child public delegated prefix will be scoped. pdpScope +// must be one of: GLOBAL, REGIONAL +// Possible values are: `GLOBAL`, `REGIONAL`. +func (o PublicAdvertisedPrefixOutput) PdpScope() pulumi.StringPtrOutput { + return o.ApplyT(func(v *PublicAdvertisedPrefix) pulumi.StringPtrOutput { return v.PdpScope }).(pulumi.StringPtrOutput) +} + // The ID of the project in which the resource belongs. // If it is not provided, the provider project is used. func (o PublicAdvertisedPrefixOutput) Project() pulumi.StringOutput { diff --git a/sdk/go/gcp/compute/pulumiTypes.go b/sdk/go/gcp/compute/pulumiTypes.go index 6d1584b850..c9315c57d3 100644 --- a/sdk/go/gcp/compute/pulumiTypes.go +++ b/sdk/go/gcp/compute/pulumiTypes.go @@ -9993,6 +9993,9 @@ type FirewallPolicyRuleMatch struct { DestFqdns []string `pulumi:"destFqdns"` // CIDR IP address range. Maximum number of destination CIDR IP ranges allowed is 5000. DestIpRanges []string `pulumi:"destIpRanges"` + // Network scope of the traffic destination. + // Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + DestNetworkScope *string `pulumi:"destNetworkScope"` // Region codes whose IP addresses will be used to match for destination of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of dest region codes allowed is 5000. DestRegionCodes []string `pulumi:"destRegionCodes"` // Names of Network Threat Intelligence lists. The IPs in these lists will be matched against traffic destination. @@ -10006,6 +10009,11 @@ type FirewallPolicyRuleMatch struct { SrcFqdns []string `pulumi:"srcFqdns"` // CIDR IP address range. Maximum number of source CIDR IP ranges allowed is 5000. SrcIpRanges []string `pulumi:"srcIpRanges"` + // Network scope of the traffic source. + // Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + SrcNetworkScope *string `pulumi:"srcNetworkScope"` + // Networks of the traffic source. It can be either a full or partial url. + SrcNetworks []string `pulumi:"srcNetworks"` // Region codes whose IP addresses will be used to match for source of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of source region codes allowed is 5000. SrcRegionCodes []string `pulumi:"srcRegionCodes"` // Names of Network Threat Intelligence lists. The IPs in these lists will be matched against traffic source. @@ -10032,6 +10040,9 @@ type FirewallPolicyRuleMatchArgs struct { DestFqdns pulumi.StringArrayInput `pulumi:"destFqdns"` // CIDR IP address range. Maximum number of destination CIDR IP ranges allowed is 5000. DestIpRanges pulumi.StringArrayInput `pulumi:"destIpRanges"` + // Network scope of the traffic destination. + // Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + DestNetworkScope pulumi.StringPtrInput `pulumi:"destNetworkScope"` // Region codes whose IP addresses will be used to match for destination of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of dest region codes allowed is 5000. DestRegionCodes pulumi.StringArrayInput `pulumi:"destRegionCodes"` // Names of Network Threat Intelligence lists. The IPs in these lists will be matched against traffic destination. @@ -10045,6 +10056,11 @@ type FirewallPolicyRuleMatchArgs struct { SrcFqdns pulumi.StringArrayInput `pulumi:"srcFqdns"` // CIDR IP address range. Maximum number of source CIDR IP ranges allowed is 5000. SrcIpRanges pulumi.StringArrayInput `pulumi:"srcIpRanges"` + // Network scope of the traffic source. + // Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + SrcNetworkScope pulumi.StringPtrInput `pulumi:"srcNetworkScope"` + // Networks of the traffic source. It can be either a full or partial url. + SrcNetworks pulumi.StringArrayInput `pulumi:"srcNetworks"` // Region codes whose IP addresses will be used to match for source of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of source region codes allowed is 5000. SrcRegionCodes pulumi.StringArrayInput `pulumi:"srcRegionCodes"` // Names of Network Threat Intelligence lists. The IPs in these lists will be matched against traffic source. @@ -10145,6 +10161,12 @@ func (o FirewallPolicyRuleMatchOutput) DestIpRanges() pulumi.StringArrayOutput { return o.ApplyT(func(v FirewallPolicyRuleMatch) []string { return v.DestIpRanges }).(pulumi.StringArrayOutput) } +// Network scope of the traffic destination. +// Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. +func (o FirewallPolicyRuleMatchOutput) DestNetworkScope() pulumi.StringPtrOutput { + return o.ApplyT(func(v FirewallPolicyRuleMatch) *string { return v.DestNetworkScope }).(pulumi.StringPtrOutput) +} + // Region codes whose IP addresses will be used to match for destination of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of dest region codes allowed is 5000. func (o FirewallPolicyRuleMatchOutput) DestRegionCodes() pulumi.StringArrayOutput { return o.ApplyT(func(v FirewallPolicyRuleMatch) []string { return v.DestRegionCodes }).(pulumi.StringArrayOutput) @@ -10176,6 +10198,17 @@ func (o FirewallPolicyRuleMatchOutput) SrcIpRanges() pulumi.StringArrayOutput { return o.ApplyT(func(v FirewallPolicyRuleMatch) []string { return v.SrcIpRanges }).(pulumi.StringArrayOutput) } +// Network scope of the traffic source. +// Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. +func (o FirewallPolicyRuleMatchOutput) SrcNetworkScope() pulumi.StringPtrOutput { + return o.ApplyT(func(v FirewallPolicyRuleMatch) *string { return v.SrcNetworkScope }).(pulumi.StringPtrOutput) +} + +// Networks of the traffic source. It can be either a full or partial url. +func (o FirewallPolicyRuleMatchOutput) SrcNetworks() pulumi.StringArrayOutput { + return o.ApplyT(func(v FirewallPolicyRuleMatch) []string { return v.SrcNetworks }).(pulumi.StringArrayOutput) +} + // Region codes whose IP addresses will be used to match for source of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of source region codes allowed is 5000. func (o FirewallPolicyRuleMatchOutput) SrcRegionCodes() pulumi.StringArrayOutput { return o.ApplyT(func(v FirewallPolicyRuleMatch) []string { return v.SrcRegionCodes }).(pulumi.StringArrayOutput) @@ -10242,6 +10275,17 @@ func (o FirewallPolicyRuleMatchPtrOutput) DestIpRanges() pulumi.StringArrayOutpu }).(pulumi.StringArrayOutput) } +// Network scope of the traffic destination. +// Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. +func (o FirewallPolicyRuleMatchPtrOutput) DestNetworkScope() pulumi.StringPtrOutput { + return o.ApplyT(func(v *FirewallPolicyRuleMatch) *string { + if v == nil { + return nil + } + return v.DestNetworkScope + }).(pulumi.StringPtrOutput) +} + // Region codes whose IP addresses will be used to match for destination of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of dest region codes allowed is 5000. func (o FirewallPolicyRuleMatchPtrOutput) DestRegionCodes() pulumi.StringArrayOutput { return o.ApplyT(func(v *FirewallPolicyRuleMatch) []string { @@ -10303,6 +10347,27 @@ func (o FirewallPolicyRuleMatchPtrOutput) SrcIpRanges() pulumi.StringArrayOutput }).(pulumi.StringArrayOutput) } +// Network scope of the traffic source. +// Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. +func (o FirewallPolicyRuleMatchPtrOutput) SrcNetworkScope() pulumi.StringPtrOutput { + return o.ApplyT(func(v *FirewallPolicyRuleMatch) *string { + if v == nil { + return nil + } + return v.SrcNetworkScope + }).(pulumi.StringPtrOutput) +} + +// Networks of the traffic source. It can be either a full or partial url. +func (o FirewallPolicyRuleMatchPtrOutput) SrcNetworks() pulumi.StringArrayOutput { + return o.ApplyT(func(v *FirewallPolicyRuleMatch) []string { + if v == nil { + return nil + } + return v.SrcNetworks + }).(pulumi.StringArrayOutput) +} + // Region codes whose IP addresses will be used to match for source of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of source region codes allowed is 5000. func (o FirewallPolicyRuleMatchPtrOutput) SrcRegionCodes() pulumi.StringArrayOutput { return o.ApplyT(func(v *FirewallPolicyRuleMatch) []string { @@ -11367,6 +11432,9 @@ type FirewallPolicyWithRulesRuleMatch struct { // Destination IP address range in CIDR format. Required for // EGRESS rules. DestIpRanges []string `pulumi:"destIpRanges"` + // Network scope of the traffic destination. + // Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + DestNetworkScope *string `pulumi:"destNetworkScope"` // Region codes whose IP addresses will be used to match for destination // of traffic. Should be specified as 2 letter country code defined as per // ISO 3166 alpha-2 country codes. ex."US" @@ -11389,6 +11457,11 @@ type FirewallPolicyWithRulesRuleMatch struct { // Source IP address range in CIDR format. Required for // INGRESS rules. SrcIpRanges []string `pulumi:"srcIpRanges"` + // Network scope of the traffic source. + // Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + SrcNetworkScope *string `pulumi:"srcNetworkScope"` + // Networks of the traffic source. It can be either a full or partial url. + SrcNetworks []string `pulumi:"srcNetworks"` // Region codes whose IP addresses will be used to match for source // of traffic. Should be specified as 2 letter country code defined as per // ISO 3166 alpha-2 country codes. ex."US" @@ -11420,6 +11493,9 @@ type FirewallPolicyWithRulesRuleMatchArgs struct { // Destination IP address range in CIDR format. Required for // EGRESS rules. DestIpRanges pulumi.StringArrayInput `pulumi:"destIpRanges"` + // Network scope of the traffic destination. + // Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + DestNetworkScope pulumi.StringPtrInput `pulumi:"destNetworkScope"` // Region codes whose IP addresses will be used to match for destination // of traffic. Should be specified as 2 letter country code defined as per // ISO 3166 alpha-2 country codes. ex."US" @@ -11442,6 +11518,11 @@ type FirewallPolicyWithRulesRuleMatchArgs struct { // Source IP address range in CIDR format. Required for // INGRESS rules. SrcIpRanges pulumi.StringArrayInput `pulumi:"srcIpRanges"` + // Network scope of the traffic source. + // Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + SrcNetworkScope pulumi.StringPtrInput `pulumi:"srcNetworkScope"` + // Networks of the traffic source. It can be either a full or partial url. + SrcNetworks pulumi.StringArrayInput `pulumi:"srcNetworks"` // Region codes whose IP addresses will be used to match for source // of traffic. Should be specified as 2 letter country code defined as per // ISO 3166 alpha-2 country codes. ex."US" @@ -11496,6 +11577,12 @@ func (o FirewallPolicyWithRulesRuleMatchOutput) DestIpRanges() pulumi.StringArra return o.ApplyT(func(v FirewallPolicyWithRulesRuleMatch) []string { return v.DestIpRanges }).(pulumi.StringArrayOutput) } +// Network scope of the traffic destination. +// Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. +func (o FirewallPolicyWithRulesRuleMatchOutput) DestNetworkScope() pulumi.StringPtrOutput { + return o.ApplyT(func(v FirewallPolicyWithRulesRuleMatch) *string { return v.DestNetworkScope }).(pulumi.StringPtrOutput) +} + // Region codes whose IP addresses will be used to match for destination // of traffic. Should be specified as 2 letter country code defined as per // ISO 3166 alpha-2 country codes. ex."US" @@ -11538,6 +11625,17 @@ func (o FirewallPolicyWithRulesRuleMatchOutput) SrcIpRanges() pulumi.StringArray return o.ApplyT(func(v FirewallPolicyWithRulesRuleMatch) []string { return v.SrcIpRanges }).(pulumi.StringArrayOutput) } +// Network scope of the traffic source. +// Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. +func (o FirewallPolicyWithRulesRuleMatchOutput) SrcNetworkScope() pulumi.StringPtrOutput { + return o.ApplyT(func(v FirewallPolicyWithRulesRuleMatch) *string { return v.SrcNetworkScope }).(pulumi.StringPtrOutput) +} + +// Networks of the traffic source. It can be either a full or partial url. +func (o FirewallPolicyWithRulesRuleMatchOutput) SrcNetworks() pulumi.StringArrayOutput { + return o.ApplyT(func(v FirewallPolicyWithRulesRuleMatch) []string { return v.SrcNetworks }).(pulumi.StringArrayOutput) +} + // Region codes whose IP addresses will be used to match for source // of traffic. Should be specified as 2 letter country code defined as per // ISO 3166 alpha-2 country codes. ex."US" @@ -31453,6 +31551,348 @@ func (o InstanceTemplateGuestAcceleratorArrayOutput) Index(i pulumi.IntInput) In }).(InstanceTemplateGuestAcceleratorOutput) } +type InstanceTemplateIamBindingCondition struct { + Description *string `pulumi:"description"` + // Textual representation of an expression in Common Expression Language syntax. + Expression string `pulumi:"expression"` + // A title for the expression, i.e. a short string describing its purpose. + Title string `pulumi:"title"` +} + +// InstanceTemplateIamBindingConditionInput is an input type that accepts InstanceTemplateIamBindingConditionArgs and InstanceTemplateIamBindingConditionOutput values. +// You can construct a concrete instance of `InstanceTemplateIamBindingConditionInput` via: +// +// InstanceTemplateIamBindingConditionArgs{...} +type InstanceTemplateIamBindingConditionInput interface { + pulumi.Input + + ToInstanceTemplateIamBindingConditionOutput() InstanceTemplateIamBindingConditionOutput + ToInstanceTemplateIamBindingConditionOutputWithContext(context.Context) InstanceTemplateIamBindingConditionOutput +} + +type InstanceTemplateIamBindingConditionArgs struct { + Description pulumi.StringPtrInput `pulumi:"description"` + // Textual representation of an expression in Common Expression Language syntax. + Expression pulumi.StringInput `pulumi:"expression"` + // A title for the expression, i.e. a short string describing its purpose. + Title pulumi.StringInput `pulumi:"title"` +} + +func (InstanceTemplateIamBindingConditionArgs) ElementType() reflect.Type { + return reflect.TypeOf((*InstanceTemplateIamBindingCondition)(nil)).Elem() +} + +func (i InstanceTemplateIamBindingConditionArgs) ToInstanceTemplateIamBindingConditionOutput() InstanceTemplateIamBindingConditionOutput { + return i.ToInstanceTemplateIamBindingConditionOutputWithContext(context.Background()) +} + +func (i InstanceTemplateIamBindingConditionArgs) ToInstanceTemplateIamBindingConditionOutputWithContext(ctx context.Context) InstanceTemplateIamBindingConditionOutput { + return pulumi.ToOutputWithContext(ctx, i).(InstanceTemplateIamBindingConditionOutput) +} + +func (i InstanceTemplateIamBindingConditionArgs) ToInstanceTemplateIamBindingConditionPtrOutput() InstanceTemplateIamBindingConditionPtrOutput { + return i.ToInstanceTemplateIamBindingConditionPtrOutputWithContext(context.Background()) +} + +func (i InstanceTemplateIamBindingConditionArgs) ToInstanceTemplateIamBindingConditionPtrOutputWithContext(ctx context.Context) InstanceTemplateIamBindingConditionPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(InstanceTemplateIamBindingConditionOutput).ToInstanceTemplateIamBindingConditionPtrOutputWithContext(ctx) +} + +// InstanceTemplateIamBindingConditionPtrInput is an input type that accepts InstanceTemplateIamBindingConditionArgs, InstanceTemplateIamBindingConditionPtr and InstanceTemplateIamBindingConditionPtrOutput values. +// You can construct a concrete instance of `InstanceTemplateIamBindingConditionPtrInput` via: +// +// InstanceTemplateIamBindingConditionArgs{...} +// +// or: +// +// nil +type InstanceTemplateIamBindingConditionPtrInput interface { + pulumi.Input + + ToInstanceTemplateIamBindingConditionPtrOutput() InstanceTemplateIamBindingConditionPtrOutput + ToInstanceTemplateIamBindingConditionPtrOutputWithContext(context.Context) InstanceTemplateIamBindingConditionPtrOutput +} + +type instanceTemplateIamBindingConditionPtrType InstanceTemplateIamBindingConditionArgs + +func InstanceTemplateIamBindingConditionPtr(v *InstanceTemplateIamBindingConditionArgs) InstanceTemplateIamBindingConditionPtrInput { + return (*instanceTemplateIamBindingConditionPtrType)(v) +} + +func (*instanceTemplateIamBindingConditionPtrType) ElementType() reflect.Type { + return reflect.TypeOf((**InstanceTemplateIamBindingCondition)(nil)).Elem() +} + +func (i *instanceTemplateIamBindingConditionPtrType) ToInstanceTemplateIamBindingConditionPtrOutput() InstanceTemplateIamBindingConditionPtrOutput { + return i.ToInstanceTemplateIamBindingConditionPtrOutputWithContext(context.Background()) +} + +func (i *instanceTemplateIamBindingConditionPtrType) ToInstanceTemplateIamBindingConditionPtrOutputWithContext(ctx context.Context) InstanceTemplateIamBindingConditionPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(InstanceTemplateIamBindingConditionPtrOutput) +} + +type InstanceTemplateIamBindingConditionOutput struct{ *pulumi.OutputState } + +func (InstanceTemplateIamBindingConditionOutput) ElementType() reflect.Type { + return reflect.TypeOf((*InstanceTemplateIamBindingCondition)(nil)).Elem() +} + +func (o InstanceTemplateIamBindingConditionOutput) ToInstanceTemplateIamBindingConditionOutput() InstanceTemplateIamBindingConditionOutput { + return o +} + +func (o InstanceTemplateIamBindingConditionOutput) ToInstanceTemplateIamBindingConditionOutputWithContext(ctx context.Context) InstanceTemplateIamBindingConditionOutput { + return o +} + +func (o InstanceTemplateIamBindingConditionOutput) ToInstanceTemplateIamBindingConditionPtrOutput() InstanceTemplateIamBindingConditionPtrOutput { + return o.ToInstanceTemplateIamBindingConditionPtrOutputWithContext(context.Background()) +} + +func (o InstanceTemplateIamBindingConditionOutput) ToInstanceTemplateIamBindingConditionPtrOutputWithContext(ctx context.Context) InstanceTemplateIamBindingConditionPtrOutput { + return o.ApplyTWithContext(ctx, func(_ context.Context, v InstanceTemplateIamBindingCondition) *InstanceTemplateIamBindingCondition { + return &v + }).(InstanceTemplateIamBindingConditionPtrOutput) +} + +func (o InstanceTemplateIamBindingConditionOutput) Description() pulumi.StringPtrOutput { + return o.ApplyT(func(v InstanceTemplateIamBindingCondition) *string { return v.Description }).(pulumi.StringPtrOutput) +} + +// Textual representation of an expression in Common Expression Language syntax. +func (o InstanceTemplateIamBindingConditionOutput) Expression() pulumi.StringOutput { + return o.ApplyT(func(v InstanceTemplateIamBindingCondition) string { return v.Expression }).(pulumi.StringOutput) +} + +// A title for the expression, i.e. a short string describing its purpose. +func (o InstanceTemplateIamBindingConditionOutput) Title() pulumi.StringOutput { + return o.ApplyT(func(v InstanceTemplateIamBindingCondition) string { return v.Title }).(pulumi.StringOutput) +} + +type InstanceTemplateIamBindingConditionPtrOutput struct{ *pulumi.OutputState } + +func (InstanceTemplateIamBindingConditionPtrOutput) ElementType() reflect.Type { + return reflect.TypeOf((**InstanceTemplateIamBindingCondition)(nil)).Elem() +} + +func (o InstanceTemplateIamBindingConditionPtrOutput) ToInstanceTemplateIamBindingConditionPtrOutput() InstanceTemplateIamBindingConditionPtrOutput { + return o +} + +func (o InstanceTemplateIamBindingConditionPtrOutput) ToInstanceTemplateIamBindingConditionPtrOutputWithContext(ctx context.Context) InstanceTemplateIamBindingConditionPtrOutput { + return o +} + +func (o InstanceTemplateIamBindingConditionPtrOutput) Elem() InstanceTemplateIamBindingConditionOutput { + return o.ApplyT(func(v *InstanceTemplateIamBindingCondition) InstanceTemplateIamBindingCondition { + if v != nil { + return *v + } + var ret InstanceTemplateIamBindingCondition + return ret + }).(InstanceTemplateIamBindingConditionOutput) +} + +func (o InstanceTemplateIamBindingConditionPtrOutput) Description() pulumi.StringPtrOutput { + return o.ApplyT(func(v *InstanceTemplateIamBindingCondition) *string { + if v == nil { + return nil + } + return v.Description + }).(pulumi.StringPtrOutput) +} + +// Textual representation of an expression in Common Expression Language syntax. +func (o InstanceTemplateIamBindingConditionPtrOutput) Expression() pulumi.StringPtrOutput { + return o.ApplyT(func(v *InstanceTemplateIamBindingCondition) *string { + if v == nil { + return nil + } + return &v.Expression + }).(pulumi.StringPtrOutput) +} + +// A title for the expression, i.e. a short string describing its purpose. +func (o InstanceTemplateIamBindingConditionPtrOutput) Title() pulumi.StringPtrOutput { + return o.ApplyT(func(v *InstanceTemplateIamBindingCondition) *string { + if v == nil { + return nil + } + return &v.Title + }).(pulumi.StringPtrOutput) +} + +type InstanceTemplateIamMemberCondition struct { + Description *string `pulumi:"description"` + // Textual representation of an expression in Common Expression Language syntax. + Expression string `pulumi:"expression"` + // A title for the expression, i.e. a short string describing its purpose. + Title string `pulumi:"title"` +} + +// InstanceTemplateIamMemberConditionInput is an input type that accepts InstanceTemplateIamMemberConditionArgs and InstanceTemplateIamMemberConditionOutput values. +// You can construct a concrete instance of `InstanceTemplateIamMemberConditionInput` via: +// +// InstanceTemplateIamMemberConditionArgs{...} +type InstanceTemplateIamMemberConditionInput interface { + pulumi.Input + + ToInstanceTemplateIamMemberConditionOutput() InstanceTemplateIamMemberConditionOutput + ToInstanceTemplateIamMemberConditionOutputWithContext(context.Context) InstanceTemplateIamMemberConditionOutput +} + +type InstanceTemplateIamMemberConditionArgs struct { + Description pulumi.StringPtrInput `pulumi:"description"` + // Textual representation of an expression in Common Expression Language syntax. + Expression pulumi.StringInput `pulumi:"expression"` + // A title for the expression, i.e. a short string describing its purpose. + Title pulumi.StringInput `pulumi:"title"` +} + +func (InstanceTemplateIamMemberConditionArgs) ElementType() reflect.Type { + return reflect.TypeOf((*InstanceTemplateIamMemberCondition)(nil)).Elem() +} + +func (i InstanceTemplateIamMemberConditionArgs) ToInstanceTemplateIamMemberConditionOutput() InstanceTemplateIamMemberConditionOutput { + return i.ToInstanceTemplateIamMemberConditionOutputWithContext(context.Background()) +} + +func (i InstanceTemplateIamMemberConditionArgs) ToInstanceTemplateIamMemberConditionOutputWithContext(ctx context.Context) InstanceTemplateIamMemberConditionOutput { + return pulumi.ToOutputWithContext(ctx, i).(InstanceTemplateIamMemberConditionOutput) +} + +func (i InstanceTemplateIamMemberConditionArgs) ToInstanceTemplateIamMemberConditionPtrOutput() InstanceTemplateIamMemberConditionPtrOutput { + return i.ToInstanceTemplateIamMemberConditionPtrOutputWithContext(context.Background()) +} + +func (i InstanceTemplateIamMemberConditionArgs) ToInstanceTemplateIamMemberConditionPtrOutputWithContext(ctx context.Context) InstanceTemplateIamMemberConditionPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(InstanceTemplateIamMemberConditionOutput).ToInstanceTemplateIamMemberConditionPtrOutputWithContext(ctx) +} + +// InstanceTemplateIamMemberConditionPtrInput is an input type that accepts InstanceTemplateIamMemberConditionArgs, InstanceTemplateIamMemberConditionPtr and InstanceTemplateIamMemberConditionPtrOutput values. +// You can construct a concrete instance of `InstanceTemplateIamMemberConditionPtrInput` via: +// +// InstanceTemplateIamMemberConditionArgs{...} +// +// or: +// +// nil +type InstanceTemplateIamMemberConditionPtrInput interface { + pulumi.Input + + ToInstanceTemplateIamMemberConditionPtrOutput() InstanceTemplateIamMemberConditionPtrOutput + ToInstanceTemplateIamMemberConditionPtrOutputWithContext(context.Context) InstanceTemplateIamMemberConditionPtrOutput +} + +type instanceTemplateIamMemberConditionPtrType InstanceTemplateIamMemberConditionArgs + +func InstanceTemplateIamMemberConditionPtr(v *InstanceTemplateIamMemberConditionArgs) InstanceTemplateIamMemberConditionPtrInput { + return (*instanceTemplateIamMemberConditionPtrType)(v) +} + +func (*instanceTemplateIamMemberConditionPtrType) ElementType() reflect.Type { + return reflect.TypeOf((**InstanceTemplateIamMemberCondition)(nil)).Elem() +} + +func (i *instanceTemplateIamMemberConditionPtrType) ToInstanceTemplateIamMemberConditionPtrOutput() InstanceTemplateIamMemberConditionPtrOutput { + return i.ToInstanceTemplateIamMemberConditionPtrOutputWithContext(context.Background()) +} + +func (i *instanceTemplateIamMemberConditionPtrType) ToInstanceTemplateIamMemberConditionPtrOutputWithContext(ctx context.Context) InstanceTemplateIamMemberConditionPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(InstanceTemplateIamMemberConditionPtrOutput) +} + +type InstanceTemplateIamMemberConditionOutput struct{ *pulumi.OutputState } + +func (InstanceTemplateIamMemberConditionOutput) ElementType() reflect.Type { + return reflect.TypeOf((*InstanceTemplateIamMemberCondition)(nil)).Elem() +} + +func (o InstanceTemplateIamMemberConditionOutput) ToInstanceTemplateIamMemberConditionOutput() InstanceTemplateIamMemberConditionOutput { + return o +} + +func (o InstanceTemplateIamMemberConditionOutput) ToInstanceTemplateIamMemberConditionOutputWithContext(ctx context.Context) InstanceTemplateIamMemberConditionOutput { + return o +} + +func (o InstanceTemplateIamMemberConditionOutput) ToInstanceTemplateIamMemberConditionPtrOutput() InstanceTemplateIamMemberConditionPtrOutput { + return o.ToInstanceTemplateIamMemberConditionPtrOutputWithContext(context.Background()) +} + +func (o InstanceTemplateIamMemberConditionOutput) ToInstanceTemplateIamMemberConditionPtrOutputWithContext(ctx context.Context) InstanceTemplateIamMemberConditionPtrOutput { + return o.ApplyTWithContext(ctx, func(_ context.Context, v InstanceTemplateIamMemberCondition) *InstanceTemplateIamMemberCondition { + return &v + }).(InstanceTemplateIamMemberConditionPtrOutput) +} + +func (o InstanceTemplateIamMemberConditionOutput) Description() pulumi.StringPtrOutput { + return o.ApplyT(func(v InstanceTemplateIamMemberCondition) *string { return v.Description }).(pulumi.StringPtrOutput) +} + +// Textual representation of an expression in Common Expression Language syntax. +func (o InstanceTemplateIamMemberConditionOutput) Expression() pulumi.StringOutput { + return o.ApplyT(func(v InstanceTemplateIamMemberCondition) string { return v.Expression }).(pulumi.StringOutput) +} + +// A title for the expression, i.e. a short string describing its purpose. +func (o InstanceTemplateIamMemberConditionOutput) Title() pulumi.StringOutput { + return o.ApplyT(func(v InstanceTemplateIamMemberCondition) string { return v.Title }).(pulumi.StringOutput) +} + +type InstanceTemplateIamMemberConditionPtrOutput struct{ *pulumi.OutputState } + +func (InstanceTemplateIamMemberConditionPtrOutput) ElementType() reflect.Type { + return reflect.TypeOf((**InstanceTemplateIamMemberCondition)(nil)).Elem() +} + +func (o InstanceTemplateIamMemberConditionPtrOutput) ToInstanceTemplateIamMemberConditionPtrOutput() InstanceTemplateIamMemberConditionPtrOutput { + return o +} + +func (o InstanceTemplateIamMemberConditionPtrOutput) ToInstanceTemplateIamMemberConditionPtrOutputWithContext(ctx context.Context) InstanceTemplateIamMemberConditionPtrOutput { + return o +} + +func (o InstanceTemplateIamMemberConditionPtrOutput) Elem() InstanceTemplateIamMemberConditionOutput { + return o.ApplyT(func(v *InstanceTemplateIamMemberCondition) InstanceTemplateIamMemberCondition { + if v != nil { + return *v + } + var ret InstanceTemplateIamMemberCondition + return ret + }).(InstanceTemplateIamMemberConditionOutput) +} + +func (o InstanceTemplateIamMemberConditionPtrOutput) Description() pulumi.StringPtrOutput { + return o.ApplyT(func(v *InstanceTemplateIamMemberCondition) *string { + if v == nil { + return nil + } + return v.Description + }).(pulumi.StringPtrOutput) +} + +// Textual representation of an expression in Common Expression Language syntax. +func (o InstanceTemplateIamMemberConditionPtrOutput) Expression() pulumi.StringPtrOutput { + return o.ApplyT(func(v *InstanceTemplateIamMemberCondition) *string { + if v == nil { + return nil + } + return &v.Expression + }).(pulumi.StringPtrOutput) +} + +// A title for the expression, i.e. a short string describing its purpose. +func (o InstanceTemplateIamMemberConditionPtrOutput) Title() pulumi.StringPtrOutput { + return o.ApplyT(func(v *InstanceTemplateIamMemberCondition) *string { + if v == nil { + return nil + } + return &v.Title + }).(pulumi.StringPtrOutput) +} + type InstanceTemplateNetworkInterface struct { // Access configurations, i.e. IPs via which this // instance can be accessed via the Internet. Omit to ensure that the instance @@ -35866,6 +36306,9 @@ type NetworkFirewallPolicyRuleMatch struct { DestFqdns []string `pulumi:"destFqdns"` // CIDR IP address range. Maximum number of destination CIDR IP ranges allowed is 5000. DestIpRanges []string `pulumi:"destIpRanges"` + // Network scope of the traffic destination. + // Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + DestNetworkScope *string `pulumi:"destNetworkScope"` // Region codes whose IP addresses will be used to match for destination of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of dest region codes allowed is 5000. DestRegionCodes []string `pulumi:"destRegionCodes"` // Names of Network Threat Intelligence lists. The IPs in these lists will be matched against traffic destination. @@ -35879,6 +36322,11 @@ type NetworkFirewallPolicyRuleMatch struct { SrcFqdns []string `pulumi:"srcFqdns"` // CIDR IP address range. Maximum number of source CIDR IP ranges allowed is 5000. SrcIpRanges []string `pulumi:"srcIpRanges"` + // Network scope of the traffic source. + // Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + SrcNetworkScope *string `pulumi:"srcNetworkScope"` + // Networks of the traffic source. It can be either a full or partial url. + SrcNetworks []string `pulumi:"srcNetworks"` // Region codes whose IP addresses will be used to match for source of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of source region codes allowed is 5000. SrcRegionCodes []string `pulumi:"srcRegionCodes"` // List of secure tag values, which should be matched at the source of the traffic. For INGRESS rule, if all the srcSecureTag are INEFFECTIVE, and there is no srcIpRange, this rule will be ignored. Maximum number of source tag values allowed is 256. @@ -35908,6 +36356,9 @@ type NetworkFirewallPolicyRuleMatchArgs struct { DestFqdns pulumi.StringArrayInput `pulumi:"destFqdns"` // CIDR IP address range. Maximum number of destination CIDR IP ranges allowed is 5000. DestIpRanges pulumi.StringArrayInput `pulumi:"destIpRanges"` + // Network scope of the traffic destination. + // Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + DestNetworkScope pulumi.StringPtrInput `pulumi:"destNetworkScope"` // Region codes whose IP addresses will be used to match for destination of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of dest region codes allowed is 5000. DestRegionCodes pulumi.StringArrayInput `pulumi:"destRegionCodes"` // Names of Network Threat Intelligence lists. The IPs in these lists will be matched against traffic destination. @@ -35921,6 +36372,11 @@ type NetworkFirewallPolicyRuleMatchArgs struct { SrcFqdns pulumi.StringArrayInput `pulumi:"srcFqdns"` // CIDR IP address range. Maximum number of source CIDR IP ranges allowed is 5000. SrcIpRanges pulumi.StringArrayInput `pulumi:"srcIpRanges"` + // Network scope of the traffic source. + // Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + SrcNetworkScope pulumi.StringPtrInput `pulumi:"srcNetworkScope"` + // Networks of the traffic source. It can be either a full or partial url. + SrcNetworks pulumi.StringArrayInput `pulumi:"srcNetworks"` // Region codes whose IP addresses will be used to match for source of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of source region codes allowed is 5000. SrcRegionCodes pulumi.StringArrayInput `pulumi:"srcRegionCodes"` // List of secure tag values, which should be matched at the source of the traffic. For INGRESS rule, if all the srcSecureTag are INEFFECTIVE, and there is no srcIpRange, this rule will be ignored. Maximum number of source tag values allowed is 256. @@ -36024,6 +36480,12 @@ func (o NetworkFirewallPolicyRuleMatchOutput) DestIpRanges() pulumi.StringArrayO return o.ApplyT(func(v NetworkFirewallPolicyRuleMatch) []string { return v.DestIpRanges }).(pulumi.StringArrayOutput) } +// Network scope of the traffic destination. +// Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. +func (o NetworkFirewallPolicyRuleMatchOutput) DestNetworkScope() pulumi.StringPtrOutput { + return o.ApplyT(func(v NetworkFirewallPolicyRuleMatch) *string { return v.DestNetworkScope }).(pulumi.StringPtrOutput) +} + // Region codes whose IP addresses will be used to match for destination of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of dest region codes allowed is 5000. func (o NetworkFirewallPolicyRuleMatchOutput) DestRegionCodes() pulumi.StringArrayOutput { return o.ApplyT(func(v NetworkFirewallPolicyRuleMatch) []string { return v.DestRegionCodes }).(pulumi.StringArrayOutput) @@ -36057,6 +36519,17 @@ func (o NetworkFirewallPolicyRuleMatchOutput) SrcIpRanges() pulumi.StringArrayOu return o.ApplyT(func(v NetworkFirewallPolicyRuleMatch) []string { return v.SrcIpRanges }).(pulumi.StringArrayOutput) } +// Network scope of the traffic source. +// Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. +func (o NetworkFirewallPolicyRuleMatchOutput) SrcNetworkScope() pulumi.StringPtrOutput { + return o.ApplyT(func(v NetworkFirewallPolicyRuleMatch) *string { return v.SrcNetworkScope }).(pulumi.StringPtrOutput) +} + +// Networks of the traffic source. It can be either a full or partial url. +func (o NetworkFirewallPolicyRuleMatchOutput) SrcNetworks() pulumi.StringArrayOutput { + return o.ApplyT(func(v NetworkFirewallPolicyRuleMatch) []string { return v.SrcNetworks }).(pulumi.StringArrayOutput) +} + // Region codes whose IP addresses will be used to match for source of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of source region codes allowed is 5000. func (o NetworkFirewallPolicyRuleMatchOutput) SrcRegionCodes() pulumi.StringArrayOutput { return o.ApplyT(func(v NetworkFirewallPolicyRuleMatch) []string { return v.SrcRegionCodes }).(pulumi.StringArrayOutput) @@ -36131,6 +36604,17 @@ func (o NetworkFirewallPolicyRuleMatchPtrOutput) DestIpRanges() pulumi.StringArr }).(pulumi.StringArrayOutput) } +// Network scope of the traffic destination. +// Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. +func (o NetworkFirewallPolicyRuleMatchPtrOutput) DestNetworkScope() pulumi.StringPtrOutput { + return o.ApplyT(func(v *NetworkFirewallPolicyRuleMatch) *string { + if v == nil { + return nil + } + return v.DestNetworkScope + }).(pulumi.StringPtrOutput) +} + // Region codes whose IP addresses will be used to match for destination of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of dest region codes allowed is 5000. func (o NetworkFirewallPolicyRuleMatchPtrOutput) DestRegionCodes() pulumi.StringArrayOutput { return o.ApplyT(func(v *NetworkFirewallPolicyRuleMatch) []string { @@ -36192,6 +36676,27 @@ func (o NetworkFirewallPolicyRuleMatchPtrOutput) SrcIpRanges() pulumi.StringArra }).(pulumi.StringArrayOutput) } +// Network scope of the traffic source. +// Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. +func (o NetworkFirewallPolicyRuleMatchPtrOutput) SrcNetworkScope() pulumi.StringPtrOutput { + return o.ApplyT(func(v *NetworkFirewallPolicyRuleMatch) *string { + if v == nil { + return nil + } + return v.SrcNetworkScope + }).(pulumi.StringPtrOutput) +} + +// Networks of the traffic source. It can be either a full or partial url. +func (o NetworkFirewallPolicyRuleMatchPtrOutput) SrcNetworks() pulumi.StringArrayOutput { + return o.ApplyT(func(v *NetworkFirewallPolicyRuleMatch) []string { + if v == nil { + return nil + } + return v.SrcNetworks + }).(pulumi.StringArrayOutput) +} + // Region codes whose IP addresses will be used to match for source of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of source region codes allowed is 5000. func (o NetworkFirewallPolicyRuleMatchPtrOutput) SrcRegionCodes() pulumi.StringArrayOutput { return o.ApplyT(func(v *NetworkFirewallPolicyRuleMatch) []string { @@ -37811,6 +38316,9 @@ type NetworkFirewallPolicyWithRulesRuleMatch struct { // Destination IP address range in CIDR format. Required for // EGRESS rules. DestIpRanges []string `pulumi:"destIpRanges"` + // Network scope of the traffic destination. + // Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + DestNetworkScope *string `pulumi:"destNetworkScope"` // Region codes whose IP addresses will be used to match for destination // of traffic. Should be specified as 2 letter country code defined as per // ISO 3166 alpha-2 country codes. ex."US" @@ -37831,6 +38339,11 @@ type NetworkFirewallPolicyWithRulesRuleMatch struct { // Source IP address range in CIDR format. Required for // INGRESS rules. SrcIpRanges []string `pulumi:"srcIpRanges"` + // Network scope of the traffic source. + // Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + SrcNetworkScope *string `pulumi:"srcNetworkScope"` + // Networks of the traffic source. It can be either a full or partial url. + SrcNetworks []string `pulumi:"srcNetworks"` // Region codes whose IP addresses will be used to match for source // of traffic. Should be specified as 2 letter country code defined as per // ISO 3166 alpha-2 country codes. ex."US" @@ -37871,6 +38384,9 @@ type NetworkFirewallPolicyWithRulesRuleMatchArgs struct { // Destination IP address range in CIDR format. Required for // EGRESS rules. DestIpRanges pulumi.StringArrayInput `pulumi:"destIpRanges"` + // Network scope of the traffic destination. + // Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + DestNetworkScope pulumi.StringPtrInput `pulumi:"destNetworkScope"` // Region codes whose IP addresses will be used to match for destination // of traffic. Should be specified as 2 letter country code defined as per // ISO 3166 alpha-2 country codes. ex."US" @@ -37891,6 +38407,11 @@ type NetworkFirewallPolicyWithRulesRuleMatchArgs struct { // Source IP address range in CIDR format. Required for // INGRESS rules. SrcIpRanges pulumi.StringArrayInput `pulumi:"srcIpRanges"` + // Network scope of the traffic source. + // Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + SrcNetworkScope pulumi.StringPtrInput `pulumi:"srcNetworkScope"` + // Networks of the traffic source. It can be either a full or partial url. + SrcNetworks pulumi.StringArrayInput `pulumi:"srcNetworks"` // Region codes whose IP addresses will be used to match for source // of traffic. Should be specified as 2 letter country code defined as per // ISO 3166 alpha-2 country codes. ex."US" @@ -37954,6 +38475,12 @@ func (o NetworkFirewallPolicyWithRulesRuleMatchOutput) DestIpRanges() pulumi.Str return o.ApplyT(func(v NetworkFirewallPolicyWithRulesRuleMatch) []string { return v.DestIpRanges }).(pulumi.StringArrayOutput) } +// Network scope of the traffic destination. +// Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. +func (o NetworkFirewallPolicyWithRulesRuleMatchOutput) DestNetworkScope() pulumi.StringPtrOutput { + return o.ApplyT(func(v NetworkFirewallPolicyWithRulesRuleMatch) *string { return v.DestNetworkScope }).(pulumi.StringPtrOutput) +} + // Region codes whose IP addresses will be used to match for destination // of traffic. Should be specified as 2 letter country code defined as per // ISO 3166 alpha-2 country codes. ex."US" @@ -37994,6 +38521,17 @@ func (o NetworkFirewallPolicyWithRulesRuleMatchOutput) SrcIpRanges() pulumi.Stri return o.ApplyT(func(v NetworkFirewallPolicyWithRulesRuleMatch) []string { return v.SrcIpRanges }).(pulumi.StringArrayOutput) } +// Network scope of the traffic source. +// Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. +func (o NetworkFirewallPolicyWithRulesRuleMatchOutput) SrcNetworkScope() pulumi.StringPtrOutput { + return o.ApplyT(func(v NetworkFirewallPolicyWithRulesRuleMatch) *string { return v.SrcNetworkScope }).(pulumi.StringPtrOutput) +} + +// Networks of the traffic source. It can be either a full or partial url. +func (o NetworkFirewallPolicyWithRulesRuleMatchOutput) SrcNetworks() pulumi.StringArrayOutput { + return o.ApplyT(func(v NetworkFirewallPolicyWithRulesRuleMatch) []string { return v.SrcNetworks }).(pulumi.StringArrayOutput) +} + // Region codes whose IP addresses will be used to match for source // of traffic. Should be specified as 2 letter country code defined as per // ISO 3166 alpha-2 country codes. ex."US" @@ -59058,6 +59596,9 @@ type RegionNetworkFirewallPolicyRuleMatch struct { DestFqdns []string `pulumi:"destFqdns"` // CIDR IP address range. Maximum number of destination CIDR IP ranges allowed is 5000. DestIpRanges []string `pulumi:"destIpRanges"` + // Network scope of the traffic destination. + // Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + DestNetworkScope *string `pulumi:"destNetworkScope"` // Region codes whose IP addresses will be used to match for destination of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of dest region codes allowed is 5000. DestRegionCodes []string `pulumi:"destRegionCodes"` // Names of Network Threat Intelligence lists. The IPs in these lists will be matched against traffic destination. @@ -59071,6 +59612,11 @@ type RegionNetworkFirewallPolicyRuleMatch struct { SrcFqdns []string `pulumi:"srcFqdns"` // CIDR IP address range. Maximum number of source CIDR IP ranges allowed is 5000. SrcIpRanges []string `pulumi:"srcIpRanges"` + // Network scope of the traffic source. + // Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + SrcNetworkScope *string `pulumi:"srcNetworkScope"` + // Networks of the traffic source. It can be either a full or partial url. + SrcNetworks []string `pulumi:"srcNetworks"` // Region codes whose IP addresses will be used to match for source of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of source region codes allowed is 5000. SrcRegionCodes []string `pulumi:"srcRegionCodes"` // List of secure tag values, which should be matched at the source of the traffic. For INGRESS rule, if all the srcSecureTag are INEFFECTIVE, and there is no srcIpRange, this rule will be ignored. Maximum number of source tag values allowed is 256. @@ -59100,6 +59646,9 @@ type RegionNetworkFirewallPolicyRuleMatchArgs struct { DestFqdns pulumi.StringArrayInput `pulumi:"destFqdns"` // CIDR IP address range. Maximum number of destination CIDR IP ranges allowed is 5000. DestIpRanges pulumi.StringArrayInput `pulumi:"destIpRanges"` + // Network scope of the traffic destination. + // Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + DestNetworkScope pulumi.StringPtrInput `pulumi:"destNetworkScope"` // Region codes whose IP addresses will be used to match for destination of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of dest region codes allowed is 5000. DestRegionCodes pulumi.StringArrayInput `pulumi:"destRegionCodes"` // Names of Network Threat Intelligence lists. The IPs in these lists will be matched against traffic destination. @@ -59113,6 +59662,11 @@ type RegionNetworkFirewallPolicyRuleMatchArgs struct { SrcFqdns pulumi.StringArrayInput `pulumi:"srcFqdns"` // CIDR IP address range. Maximum number of source CIDR IP ranges allowed is 5000. SrcIpRanges pulumi.StringArrayInput `pulumi:"srcIpRanges"` + // Network scope of the traffic source. + // Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + SrcNetworkScope pulumi.StringPtrInput `pulumi:"srcNetworkScope"` + // Networks of the traffic source. It can be either a full or partial url. + SrcNetworks pulumi.StringArrayInput `pulumi:"srcNetworks"` // Region codes whose IP addresses will be used to match for source of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of source region codes allowed is 5000. SrcRegionCodes pulumi.StringArrayInput `pulumi:"srcRegionCodes"` // List of secure tag values, which should be matched at the source of the traffic. For INGRESS rule, if all the srcSecureTag are INEFFECTIVE, and there is no srcIpRange, this rule will be ignored. Maximum number of source tag values allowed is 256. @@ -59216,6 +59770,12 @@ func (o RegionNetworkFirewallPolicyRuleMatchOutput) DestIpRanges() pulumi.String return o.ApplyT(func(v RegionNetworkFirewallPolicyRuleMatch) []string { return v.DestIpRanges }).(pulumi.StringArrayOutput) } +// Network scope of the traffic destination. +// Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. +func (o RegionNetworkFirewallPolicyRuleMatchOutput) DestNetworkScope() pulumi.StringPtrOutput { + return o.ApplyT(func(v RegionNetworkFirewallPolicyRuleMatch) *string { return v.DestNetworkScope }).(pulumi.StringPtrOutput) +} + // Region codes whose IP addresses will be used to match for destination of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of dest region codes allowed is 5000. func (o RegionNetworkFirewallPolicyRuleMatchOutput) DestRegionCodes() pulumi.StringArrayOutput { return o.ApplyT(func(v RegionNetworkFirewallPolicyRuleMatch) []string { return v.DestRegionCodes }).(pulumi.StringArrayOutput) @@ -59249,6 +59809,17 @@ func (o RegionNetworkFirewallPolicyRuleMatchOutput) SrcIpRanges() pulumi.StringA return o.ApplyT(func(v RegionNetworkFirewallPolicyRuleMatch) []string { return v.SrcIpRanges }).(pulumi.StringArrayOutput) } +// Network scope of the traffic source. +// Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. +func (o RegionNetworkFirewallPolicyRuleMatchOutput) SrcNetworkScope() pulumi.StringPtrOutput { + return o.ApplyT(func(v RegionNetworkFirewallPolicyRuleMatch) *string { return v.SrcNetworkScope }).(pulumi.StringPtrOutput) +} + +// Networks of the traffic source. It can be either a full or partial url. +func (o RegionNetworkFirewallPolicyRuleMatchOutput) SrcNetworks() pulumi.StringArrayOutput { + return o.ApplyT(func(v RegionNetworkFirewallPolicyRuleMatch) []string { return v.SrcNetworks }).(pulumi.StringArrayOutput) +} + // Region codes whose IP addresses will be used to match for source of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of source region codes allowed is 5000. func (o RegionNetworkFirewallPolicyRuleMatchOutput) SrcRegionCodes() pulumi.StringArrayOutput { return o.ApplyT(func(v RegionNetworkFirewallPolicyRuleMatch) []string { return v.SrcRegionCodes }).(pulumi.StringArrayOutput) @@ -59323,6 +59894,17 @@ func (o RegionNetworkFirewallPolicyRuleMatchPtrOutput) DestIpRanges() pulumi.Str }).(pulumi.StringArrayOutput) } +// Network scope of the traffic destination. +// Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. +func (o RegionNetworkFirewallPolicyRuleMatchPtrOutput) DestNetworkScope() pulumi.StringPtrOutput { + return o.ApplyT(func(v *RegionNetworkFirewallPolicyRuleMatch) *string { + if v == nil { + return nil + } + return v.DestNetworkScope + }).(pulumi.StringPtrOutput) +} + // Region codes whose IP addresses will be used to match for destination of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of dest region codes allowed is 5000. func (o RegionNetworkFirewallPolicyRuleMatchPtrOutput) DestRegionCodes() pulumi.StringArrayOutput { return o.ApplyT(func(v *RegionNetworkFirewallPolicyRuleMatch) []string { @@ -59384,6 +59966,27 @@ func (o RegionNetworkFirewallPolicyRuleMatchPtrOutput) SrcIpRanges() pulumi.Stri }).(pulumi.StringArrayOutput) } +// Network scope of the traffic source. +// Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. +func (o RegionNetworkFirewallPolicyRuleMatchPtrOutput) SrcNetworkScope() pulumi.StringPtrOutput { + return o.ApplyT(func(v *RegionNetworkFirewallPolicyRuleMatch) *string { + if v == nil { + return nil + } + return v.SrcNetworkScope + }).(pulumi.StringPtrOutput) +} + +// Networks of the traffic source. It can be either a full or partial url. +func (o RegionNetworkFirewallPolicyRuleMatchPtrOutput) SrcNetworks() pulumi.StringArrayOutput { + return o.ApplyT(func(v *RegionNetworkFirewallPolicyRuleMatch) []string { + if v == nil { + return nil + } + return v.SrcNetworks + }).(pulumi.StringArrayOutput) +} + // Region codes whose IP addresses will be used to match for source of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of source region codes allowed is 5000. func (o RegionNetworkFirewallPolicyRuleMatchPtrOutput) SrcRegionCodes() pulumi.StringArrayOutput { return o.ApplyT(func(v *RegionNetworkFirewallPolicyRuleMatch) []string { @@ -61011,6 +61614,9 @@ type RegionNetworkFirewallPolicyWithRulesRuleMatch struct { // Destination IP address range in CIDR format. Required for // EGRESS rules. DestIpRanges []string `pulumi:"destIpRanges"` + // Network scope of the traffic destination. + // Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + DestNetworkScope *string `pulumi:"destNetworkScope"` // Region codes whose IP addresses will be used to match for destination // of traffic. Should be specified as 2 letter country code defined as per // ISO 3166 alpha-2 country codes. ex."US" @@ -61031,6 +61637,11 @@ type RegionNetworkFirewallPolicyWithRulesRuleMatch struct { // Source IP address range in CIDR format. Required for // INGRESS rules. SrcIpRanges []string `pulumi:"srcIpRanges"` + // Network scope of the traffic source. + // Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + SrcNetworkScope *string `pulumi:"srcNetworkScope"` + // Networks of the traffic source. It can be either a full or partial url. + SrcNetworks []string `pulumi:"srcNetworks"` // Region codes whose IP addresses will be used to match for source // of traffic. Should be specified as 2 letter country code defined as per // ISO 3166 alpha-2 country codes. ex."US" @@ -61071,6 +61682,9 @@ type RegionNetworkFirewallPolicyWithRulesRuleMatchArgs struct { // Destination IP address range in CIDR format. Required for // EGRESS rules. DestIpRanges pulumi.StringArrayInput `pulumi:"destIpRanges"` + // Network scope of the traffic destination. + // Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + DestNetworkScope pulumi.StringPtrInput `pulumi:"destNetworkScope"` // Region codes whose IP addresses will be used to match for destination // of traffic. Should be specified as 2 letter country code defined as per // ISO 3166 alpha-2 country codes. ex."US" @@ -61091,6 +61705,11 @@ type RegionNetworkFirewallPolicyWithRulesRuleMatchArgs struct { // Source IP address range in CIDR format. Required for // INGRESS rules. SrcIpRanges pulumi.StringArrayInput `pulumi:"srcIpRanges"` + // Network scope of the traffic source. + // Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + SrcNetworkScope pulumi.StringPtrInput `pulumi:"srcNetworkScope"` + // Networks of the traffic source. It can be either a full or partial url. + SrcNetworks pulumi.StringArrayInput `pulumi:"srcNetworks"` // Region codes whose IP addresses will be used to match for source // of traffic. Should be specified as 2 letter country code defined as per // ISO 3166 alpha-2 country codes. ex."US" @@ -61154,6 +61773,12 @@ func (o RegionNetworkFirewallPolicyWithRulesRuleMatchOutput) DestIpRanges() pulu return o.ApplyT(func(v RegionNetworkFirewallPolicyWithRulesRuleMatch) []string { return v.DestIpRanges }).(pulumi.StringArrayOutput) } +// Network scope of the traffic destination. +// Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. +func (o RegionNetworkFirewallPolicyWithRulesRuleMatchOutput) DestNetworkScope() pulumi.StringPtrOutput { + return o.ApplyT(func(v RegionNetworkFirewallPolicyWithRulesRuleMatch) *string { return v.DestNetworkScope }).(pulumi.StringPtrOutput) +} + // Region codes whose IP addresses will be used to match for destination // of traffic. Should be specified as 2 letter country code defined as per // ISO 3166 alpha-2 country codes. ex."US" @@ -61194,6 +61819,17 @@ func (o RegionNetworkFirewallPolicyWithRulesRuleMatchOutput) SrcIpRanges() pulum return o.ApplyT(func(v RegionNetworkFirewallPolicyWithRulesRuleMatch) []string { return v.SrcIpRanges }).(pulumi.StringArrayOutput) } +// Network scope of the traffic source. +// Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. +func (o RegionNetworkFirewallPolicyWithRulesRuleMatchOutput) SrcNetworkScope() pulumi.StringPtrOutput { + return o.ApplyT(func(v RegionNetworkFirewallPolicyWithRulesRuleMatch) *string { return v.SrcNetworkScope }).(pulumi.StringPtrOutput) +} + +// Networks of the traffic source. It can be either a full or partial url. +func (o RegionNetworkFirewallPolicyWithRulesRuleMatchOutput) SrcNetworks() pulumi.StringArrayOutput { + return o.ApplyT(func(v RegionNetworkFirewallPolicyWithRulesRuleMatch) []string { return v.SrcNetworks }).(pulumi.StringArrayOutput) +} + // Region codes whose IP addresses will be used to match for source // of traffic. Should be specified as 2 letter country code defined as per // ISO 3166 alpha-2 country codes. ex."US" @@ -88839,370 +89475,6 @@ func (o SecurityPolicyAdaptiveProtectionConfigAutoDeployConfigPtrOutput) LoadThr }).(pulumi.Float64PtrOutput) } -type SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfig struct { - // If set to true, enables CAAP for L7 DDoS detection. - Enable *bool `pulumi:"enable"` - // Rule visibility. Supported values include: "STANDARD", "PREMIUM". - RuleVisibility *string `pulumi:"ruleVisibility"` - // Configuration options for layer7 adaptive protection for various customizable thresholds. - ThresholdConfigs []SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfig `pulumi:"thresholdConfigs"` -} - -// SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigInput is an input type that accepts SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigArgs and SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigOutput values. -// You can construct a concrete instance of `SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigInput` via: -// -// SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigArgs{...} -type SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigInput interface { - pulumi.Input - - ToSecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigOutput() SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigOutput - ToSecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigOutputWithContext(context.Context) SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigOutput -} - -type SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigArgs struct { - // If set to true, enables CAAP for L7 DDoS detection. - Enable pulumi.BoolPtrInput `pulumi:"enable"` - // Rule visibility. Supported values include: "STANDARD", "PREMIUM". - RuleVisibility pulumi.StringPtrInput `pulumi:"ruleVisibility"` - // Configuration options for layer7 adaptive protection for various customizable thresholds. - ThresholdConfigs SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigArrayInput `pulumi:"thresholdConfigs"` -} - -func (SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigArgs) ElementType() reflect.Type { - return reflect.TypeOf((*SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfig)(nil)).Elem() -} - -func (i SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigArgs) ToSecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigOutput() SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigOutput { - return i.ToSecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigOutputWithContext(context.Background()) -} - -func (i SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigArgs) ToSecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigOutputWithContext(ctx context.Context) SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigOutput { - return pulumi.ToOutputWithContext(ctx, i).(SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigOutput) -} - -func (i SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigArgs) ToSecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtrOutput() SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtrOutput { - return i.ToSecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtrOutputWithContext(context.Background()) -} - -func (i SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigArgs) ToSecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtrOutputWithContext(ctx context.Context) SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtrOutput { - return pulumi.ToOutputWithContext(ctx, i).(SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigOutput).ToSecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtrOutputWithContext(ctx) -} - -// SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtrInput is an input type that accepts SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigArgs, SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtr and SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtrOutput values. -// You can construct a concrete instance of `SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtrInput` via: -// -// SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigArgs{...} -// -// or: -// -// nil -type SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtrInput interface { - pulumi.Input - - ToSecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtrOutput() SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtrOutput - ToSecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtrOutputWithContext(context.Context) SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtrOutput -} - -type securityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtrType SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigArgs - -func SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtr(v *SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigArgs) SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtrInput { - return (*securityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtrType)(v) -} - -func (*securityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtrType) ElementType() reflect.Type { - return reflect.TypeOf((**SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfig)(nil)).Elem() -} - -func (i *securityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtrType) ToSecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtrOutput() SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtrOutput { - return i.ToSecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtrOutputWithContext(context.Background()) -} - -func (i *securityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtrType) ToSecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtrOutputWithContext(ctx context.Context) SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtrOutput { - return pulumi.ToOutputWithContext(ctx, i).(SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtrOutput) -} - -type SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigOutput struct{ *pulumi.OutputState } - -func (SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigOutput) ElementType() reflect.Type { - return reflect.TypeOf((*SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfig)(nil)).Elem() -} - -func (o SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigOutput) ToSecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigOutput() SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigOutput { - return o -} - -func (o SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigOutput) ToSecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigOutputWithContext(ctx context.Context) SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigOutput { - return o -} - -func (o SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigOutput) ToSecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtrOutput() SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtrOutput { - return o.ToSecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtrOutputWithContext(context.Background()) -} - -func (o SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigOutput) ToSecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtrOutputWithContext(ctx context.Context) SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtrOutput { - return o.ApplyTWithContext(ctx, func(_ context.Context, v SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfig) *SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfig { - return &v - }).(SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtrOutput) -} - -// If set to true, enables CAAP for L7 DDoS detection. -func (o SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigOutput) Enable() pulumi.BoolPtrOutput { - return o.ApplyT(func(v SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfig) *bool { return v.Enable }).(pulumi.BoolPtrOutput) -} - -// Rule visibility. Supported values include: "STANDARD", "PREMIUM". -func (o SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigOutput) RuleVisibility() pulumi.StringPtrOutput { - return o.ApplyT(func(v SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfig) *string { return v.RuleVisibility }).(pulumi.StringPtrOutput) -} - -// Configuration options for layer7 adaptive protection for various customizable thresholds. -func (o SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigOutput) ThresholdConfigs() SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigArrayOutput { - return o.ApplyT(func(v SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfig) []SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfig { - return v.ThresholdConfigs - }).(SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigArrayOutput) -} - -type SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtrOutput struct{ *pulumi.OutputState } - -func (SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtrOutput) ElementType() reflect.Type { - return reflect.TypeOf((**SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfig)(nil)).Elem() -} - -func (o SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtrOutput) ToSecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtrOutput() SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtrOutput { - return o -} - -func (o SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtrOutput) ToSecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtrOutputWithContext(ctx context.Context) SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtrOutput { - return o -} - -func (o SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtrOutput) Elem() SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigOutput { - return o.ApplyT(func(v *SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfig) SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfig { - if v != nil { - return *v - } - var ret SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfig - return ret - }).(SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigOutput) -} - -// If set to true, enables CAAP for L7 DDoS detection. -func (o SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtrOutput) Enable() pulumi.BoolPtrOutput { - return o.ApplyT(func(v *SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfig) *bool { - if v == nil { - return nil - } - return v.Enable - }).(pulumi.BoolPtrOutput) -} - -// Rule visibility. Supported values include: "STANDARD", "PREMIUM". -func (o SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtrOutput) RuleVisibility() pulumi.StringPtrOutput { - return o.ApplyT(func(v *SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfig) *string { - if v == nil { - return nil - } - return v.RuleVisibility - }).(pulumi.StringPtrOutput) -} - -// Configuration options for layer7 adaptive protection for various customizable thresholds. -func (o SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtrOutput) ThresholdConfigs() SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigArrayOutput { - return o.ApplyT(func(v *SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfig) []SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfig { - if v == nil { - return nil - } - return v.ThresholdConfigs - }).(SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigArrayOutput) -} - -type SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfig struct { - // Confidence threshold above which Adaptive Protection's auto-deploy takes actions. - AutoDeployConfidenceThreshold *float64 `pulumi:"autoDeployConfidenceThreshold"` - // Duration over which Adaptive Protection's auto-deployed actions last. - AutoDeployExpirationSec *int `pulumi:"autoDeployExpirationSec"` - // Impacted baseline threshold below which Adaptive Protection's auto-deploy takes actions. - AutoDeployImpactedBaselineThreshold *float64 `pulumi:"autoDeployImpactedBaselineThreshold"` - // Load threshold above which Adaptive Protection automatically deploy threshold based on the backend load threshold and detect a new rule during an alerted attack. - AutoDeployLoadThreshold *float64 `pulumi:"autoDeployLoadThreshold"` - // Detection threshold based on absolute QPS. - DetectionAbsoluteQps *float64 `pulumi:"detectionAbsoluteQps"` - // Detection threshold based on the backend service's load. - DetectionLoadThreshold *float64 `pulumi:"detectionLoadThreshold"` - // Detection threshold based on QPS relative to the average of baseline traffic. - DetectionRelativeToBaselineQps *float64 `pulumi:"detectionRelativeToBaselineQps"` - // The name of config. The name must be 1-63 characters long, and comply with RFC1035. The name must be unique within the security policy. - Name string `pulumi:"name"` - // Configuration options for enabling Adaptive Protection to work on the specified service granularity. Structure is documented below. - TrafficGranularityConfigs []SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigTrafficGranularityConfig `pulumi:"trafficGranularityConfigs"` -} - -// SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigInput is an input type that accepts SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigArgs and SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigOutput values. -// You can construct a concrete instance of `SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigInput` via: -// -// SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigArgs{...} -type SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigInput interface { - pulumi.Input - - ToSecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigOutput() SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigOutput - ToSecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigOutputWithContext(context.Context) SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigOutput -} - -type SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigArgs struct { - // Confidence threshold above which Adaptive Protection's auto-deploy takes actions. - AutoDeployConfidenceThreshold pulumi.Float64PtrInput `pulumi:"autoDeployConfidenceThreshold"` - // Duration over which Adaptive Protection's auto-deployed actions last. - AutoDeployExpirationSec pulumi.IntPtrInput `pulumi:"autoDeployExpirationSec"` - // Impacted baseline threshold below which Adaptive Protection's auto-deploy takes actions. - AutoDeployImpactedBaselineThreshold pulumi.Float64PtrInput `pulumi:"autoDeployImpactedBaselineThreshold"` - // Load threshold above which Adaptive Protection automatically deploy threshold based on the backend load threshold and detect a new rule during an alerted attack. - AutoDeployLoadThreshold pulumi.Float64PtrInput `pulumi:"autoDeployLoadThreshold"` - // Detection threshold based on absolute QPS. - DetectionAbsoluteQps pulumi.Float64PtrInput `pulumi:"detectionAbsoluteQps"` - // Detection threshold based on the backend service's load. - DetectionLoadThreshold pulumi.Float64PtrInput `pulumi:"detectionLoadThreshold"` - // Detection threshold based on QPS relative to the average of baseline traffic. - DetectionRelativeToBaselineQps pulumi.Float64PtrInput `pulumi:"detectionRelativeToBaselineQps"` - // The name of config. The name must be 1-63 characters long, and comply with RFC1035. The name must be unique within the security policy. - Name pulumi.StringInput `pulumi:"name"` - // Configuration options for enabling Adaptive Protection to work on the specified service granularity. Structure is documented below. - TrafficGranularityConfigs SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigTrafficGranularityConfigArrayInput `pulumi:"trafficGranularityConfigs"` -} - -func (SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigArgs) ElementType() reflect.Type { - return reflect.TypeOf((*SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfig)(nil)).Elem() -} - -func (i SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigArgs) ToSecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigOutput() SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigOutput { - return i.ToSecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigOutputWithContext(context.Background()) -} - -func (i SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigArgs) ToSecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigOutputWithContext(ctx context.Context) SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigOutput { - return pulumi.ToOutputWithContext(ctx, i).(SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigOutput) -} - -// SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigArrayInput is an input type that accepts SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigArray and SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigArrayOutput values. -// You can construct a concrete instance of `SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigArrayInput` via: -// -// SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigArray{ SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigArgs{...} } -type SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigArrayInput interface { - pulumi.Input - - ToSecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigArrayOutput() SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigArrayOutput - ToSecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigArrayOutputWithContext(context.Context) SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigArrayOutput -} - -type SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigArray []SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigInput - -func (SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigArray) ElementType() reflect.Type { - return reflect.TypeOf((*[]SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfig)(nil)).Elem() -} - -func (i SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigArray) ToSecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigArrayOutput() SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigArrayOutput { - return i.ToSecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigArrayOutputWithContext(context.Background()) -} - -func (i SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigArray) ToSecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigArrayOutputWithContext(ctx context.Context) SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigArrayOutput { - return pulumi.ToOutputWithContext(ctx, i).(SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigArrayOutput) -} - -type SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigOutput struct{ *pulumi.OutputState } - -func (SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigOutput) ElementType() reflect.Type { - return reflect.TypeOf((*SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfig)(nil)).Elem() -} - -func (o SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigOutput) ToSecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigOutput() SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigOutput { - return o -} - -func (o SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigOutput) ToSecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigOutputWithContext(ctx context.Context) SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigOutput { - return o -} - -// Confidence threshold above which Adaptive Protection's auto-deploy takes actions. -func (o SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigOutput) AutoDeployConfidenceThreshold() pulumi.Float64PtrOutput { - return o.ApplyT(func(v SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfig) *float64 { - return v.AutoDeployConfidenceThreshold - }).(pulumi.Float64PtrOutput) -} - -// Duration over which Adaptive Protection's auto-deployed actions last. -func (o SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigOutput) AutoDeployExpirationSec() pulumi.IntPtrOutput { - return o.ApplyT(func(v SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfig) *int { - return v.AutoDeployExpirationSec - }).(pulumi.IntPtrOutput) -} - -// Impacted baseline threshold below which Adaptive Protection's auto-deploy takes actions. -func (o SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigOutput) AutoDeployImpactedBaselineThreshold() pulumi.Float64PtrOutput { - return o.ApplyT(func(v SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfig) *float64 { - return v.AutoDeployImpactedBaselineThreshold - }).(pulumi.Float64PtrOutput) -} - -// Load threshold above which Adaptive Protection automatically deploy threshold based on the backend load threshold and detect a new rule during an alerted attack. -func (o SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigOutput) AutoDeployLoadThreshold() pulumi.Float64PtrOutput { - return o.ApplyT(func(v SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfig) *float64 { - return v.AutoDeployLoadThreshold - }).(pulumi.Float64PtrOutput) -} - -// Detection threshold based on absolute QPS. -func (o SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigOutput) DetectionAbsoluteQps() pulumi.Float64PtrOutput { - return o.ApplyT(func(v SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfig) *float64 { - return v.DetectionAbsoluteQps - }).(pulumi.Float64PtrOutput) -} - -// Detection threshold based on the backend service's load. -func (o SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigOutput) DetectionLoadThreshold() pulumi.Float64PtrOutput { - return o.ApplyT(func(v SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfig) *float64 { - return v.DetectionLoadThreshold - }).(pulumi.Float64PtrOutput) -} - -// Detection threshold based on QPS relative to the average of baseline traffic. -func (o SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigOutput) DetectionRelativeToBaselineQps() pulumi.Float64PtrOutput { - return o.ApplyT(func(v SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfig) *float64 { - return v.DetectionRelativeToBaselineQps - }).(pulumi.Float64PtrOutput) -} - -// The name of config. The name must be 1-63 characters long, and comply with RFC1035. The name must be unique within the security policy. -func (o SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigOutput) Name() pulumi.StringOutput { - return o.ApplyT(func(v SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfig) string { - return v.Name - }).(pulumi.StringOutput) -} - -// Configuration options for enabling Adaptive Protection to work on the specified service granularity. Structure is documented below. -func (o SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigOutput) TrafficGranularityConfigs() SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigTrafficGranularityConfigArrayOutput { - return o.ApplyT(func(v SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfig) []SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigTrafficGranularityConfig { - return v.TrafficGranularityConfigs - }).(SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigTrafficGranularityConfigArrayOutput) -} - -type SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigArrayOutput struct{ *pulumi.OutputState } - -func (SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigArrayOutput) ElementType() reflect.Type { - return reflect.TypeOf((*[]SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfig)(nil)).Elem() -} - -func (o SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigArrayOutput) ToSecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigArrayOutput() SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigArrayOutput { - return o -} - -func (o SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigArrayOutput) ToSecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigArrayOutputWithContext(ctx context.Context) SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigArrayOutput { - return o -} - -func (o SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigArrayOutput) Index(i pulumi.IntInput) SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigOutput { - return pulumi.All(o, i).ApplyT(func(vs []interface{}) SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfig { - return vs[0].([]SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfig)[vs[1].(int)] - }).(SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigOutput) -} - func init() { pulumi.RegisterInputType(reflect.TypeOf((*AutoscalerAutoscalingPolicyInput)(nil)).Elem(), AutoscalerAutoscalingPolicyArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*AutoscalerAutoscalingPolicyPtrInput)(nil)).Elem(), AutoscalerAutoscalingPolicyArgs{}) @@ -89543,6 +89815,10 @@ func init() { pulumi.RegisterInputType(reflect.TypeOf((*InstanceTemplateDiskSourceSnapshotEncryptionKeyPtrInput)(nil)).Elem(), InstanceTemplateDiskSourceSnapshotEncryptionKeyArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*InstanceTemplateGuestAcceleratorInput)(nil)).Elem(), InstanceTemplateGuestAcceleratorArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*InstanceTemplateGuestAcceleratorArrayInput)(nil)).Elem(), InstanceTemplateGuestAcceleratorArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*InstanceTemplateIamBindingConditionInput)(nil)).Elem(), InstanceTemplateIamBindingConditionArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*InstanceTemplateIamBindingConditionPtrInput)(nil)).Elem(), InstanceTemplateIamBindingConditionArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*InstanceTemplateIamMemberConditionInput)(nil)).Elem(), InstanceTemplateIamMemberConditionArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*InstanceTemplateIamMemberConditionPtrInput)(nil)).Elem(), InstanceTemplateIamMemberConditionArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*InstanceTemplateNetworkInterfaceInput)(nil)).Elem(), InstanceTemplateNetworkInterfaceArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*InstanceTemplateNetworkInterfaceArrayInput)(nil)).Elem(), InstanceTemplateNetworkInterfaceArray{}) pulumi.RegisterInputType(reflect.TypeOf((*InstanceTemplateNetworkInterfaceAccessConfigInput)(nil)).Elem(), InstanceTemplateNetworkInterfaceAccessConfigArgs{}) @@ -90197,10 +90473,6 @@ func init() { pulumi.RegisterInputType(reflect.TypeOf((*SecurityPolicyAdaptiveProtectionConfigPtrInput)(nil)).Elem(), SecurityPolicyAdaptiveProtectionConfigArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*SecurityPolicyAdaptiveProtectionConfigAutoDeployConfigInput)(nil)).Elem(), SecurityPolicyAdaptiveProtectionConfigAutoDeployConfigArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*SecurityPolicyAdaptiveProtectionConfigAutoDeployConfigPtrInput)(nil)).Elem(), SecurityPolicyAdaptiveProtectionConfigAutoDeployConfigArgs{}) - pulumi.RegisterInputType(reflect.TypeOf((*SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigInput)(nil)).Elem(), SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigArgs{}) - pulumi.RegisterInputType(reflect.TypeOf((*SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtrInput)(nil)).Elem(), SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigArgs{}) - pulumi.RegisterInputType(reflect.TypeOf((*SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigInput)(nil)).Elem(), SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigArgs{}) - pulumi.RegisterInputType(reflect.TypeOf((*SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigArrayInput)(nil)).Elem(), SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigArray{}) pulumi.RegisterOutputType(AutoscalerAutoscalingPolicyOutput{}) pulumi.RegisterOutputType(AutoscalerAutoscalingPolicyPtrOutput{}) pulumi.RegisterOutputType(AutoscalerAutoscalingPolicyCpuUtilizationOutput{}) @@ -90540,6 +90812,10 @@ func init() { pulumi.RegisterOutputType(InstanceTemplateDiskSourceSnapshotEncryptionKeyPtrOutput{}) pulumi.RegisterOutputType(InstanceTemplateGuestAcceleratorOutput{}) pulumi.RegisterOutputType(InstanceTemplateGuestAcceleratorArrayOutput{}) + pulumi.RegisterOutputType(InstanceTemplateIamBindingConditionOutput{}) + pulumi.RegisterOutputType(InstanceTemplateIamBindingConditionPtrOutput{}) + pulumi.RegisterOutputType(InstanceTemplateIamMemberConditionOutput{}) + pulumi.RegisterOutputType(InstanceTemplateIamMemberConditionPtrOutput{}) pulumi.RegisterOutputType(InstanceTemplateNetworkInterfaceOutput{}) pulumi.RegisterOutputType(InstanceTemplateNetworkInterfaceArrayOutput{}) pulumi.RegisterOutputType(InstanceTemplateNetworkInterfaceAccessConfigOutput{}) @@ -91194,8 +91470,4 @@ func init() { pulumi.RegisterOutputType(SecurityPolicyAdaptiveProtectionConfigPtrOutput{}) pulumi.RegisterOutputType(SecurityPolicyAdaptiveProtectionConfigAutoDeployConfigOutput{}) pulumi.RegisterOutputType(SecurityPolicyAdaptiveProtectionConfigAutoDeployConfigPtrOutput{}) - pulumi.RegisterOutputType(SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigOutput{}) - pulumi.RegisterOutputType(SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtrOutput{}) - pulumi.RegisterOutputType(SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigOutput{}) - pulumi.RegisterOutputType(SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigArrayOutput{}) } diff --git a/sdk/go/gcp/compute/pulumiTypes1.go b/sdk/go/gcp/compute/pulumiTypes1.go index 9df7991f94..8a89af65ad 100644 --- a/sdk/go/gcp/compute/pulumiTypes1.go +++ b/sdk/go/gcp/compute/pulumiTypes1.go @@ -13,6 +13,370 @@ import ( var _ = internal.GetEnvOrDefault +type SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfig struct { + // If set to true, enables CAAP for L7 DDoS detection. + Enable *bool `pulumi:"enable"` + // Rule visibility. Supported values include: "STANDARD", "PREMIUM". + RuleVisibility *string `pulumi:"ruleVisibility"` + // Configuration options for layer7 adaptive protection for various customizable thresholds. + ThresholdConfigs []SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfig `pulumi:"thresholdConfigs"` +} + +// SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigInput is an input type that accepts SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigArgs and SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigOutput values. +// You can construct a concrete instance of `SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigInput` via: +// +// SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigArgs{...} +type SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigInput interface { + pulumi.Input + + ToSecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigOutput() SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigOutput + ToSecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigOutputWithContext(context.Context) SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigOutput +} + +type SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigArgs struct { + // If set to true, enables CAAP for L7 DDoS detection. + Enable pulumi.BoolPtrInput `pulumi:"enable"` + // Rule visibility. Supported values include: "STANDARD", "PREMIUM". + RuleVisibility pulumi.StringPtrInput `pulumi:"ruleVisibility"` + // Configuration options for layer7 adaptive protection for various customizable thresholds. + ThresholdConfigs SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigArrayInput `pulumi:"thresholdConfigs"` +} + +func (SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigArgs) ElementType() reflect.Type { + return reflect.TypeOf((*SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfig)(nil)).Elem() +} + +func (i SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigArgs) ToSecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigOutput() SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigOutput { + return i.ToSecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigOutputWithContext(context.Background()) +} + +func (i SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigArgs) ToSecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigOutputWithContext(ctx context.Context) SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigOutput { + return pulumi.ToOutputWithContext(ctx, i).(SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigOutput) +} + +func (i SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigArgs) ToSecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtrOutput() SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtrOutput { + return i.ToSecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtrOutputWithContext(context.Background()) +} + +func (i SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigArgs) ToSecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtrOutputWithContext(ctx context.Context) SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigOutput).ToSecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtrOutputWithContext(ctx) +} + +// SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtrInput is an input type that accepts SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigArgs, SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtr and SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtrOutput values. +// You can construct a concrete instance of `SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtrInput` via: +// +// SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigArgs{...} +// +// or: +// +// nil +type SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtrInput interface { + pulumi.Input + + ToSecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtrOutput() SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtrOutput + ToSecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtrOutputWithContext(context.Context) SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtrOutput +} + +type securityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtrType SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigArgs + +func SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtr(v *SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigArgs) SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtrInput { + return (*securityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtrType)(v) +} + +func (*securityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtrType) ElementType() reflect.Type { + return reflect.TypeOf((**SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfig)(nil)).Elem() +} + +func (i *securityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtrType) ToSecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtrOutput() SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtrOutput { + return i.ToSecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtrOutputWithContext(context.Background()) +} + +func (i *securityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtrType) ToSecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtrOutputWithContext(ctx context.Context) SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtrOutput) +} + +type SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigOutput struct{ *pulumi.OutputState } + +func (SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigOutput) ElementType() reflect.Type { + return reflect.TypeOf((*SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfig)(nil)).Elem() +} + +func (o SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigOutput) ToSecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigOutput() SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigOutput { + return o +} + +func (o SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigOutput) ToSecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigOutputWithContext(ctx context.Context) SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigOutput { + return o +} + +func (o SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigOutput) ToSecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtrOutput() SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtrOutput { + return o.ToSecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtrOutputWithContext(context.Background()) +} + +func (o SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigOutput) ToSecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtrOutputWithContext(ctx context.Context) SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtrOutput { + return o.ApplyTWithContext(ctx, func(_ context.Context, v SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfig) *SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfig { + return &v + }).(SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtrOutput) +} + +// If set to true, enables CAAP for L7 DDoS detection. +func (o SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigOutput) Enable() pulumi.BoolPtrOutput { + return o.ApplyT(func(v SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfig) *bool { return v.Enable }).(pulumi.BoolPtrOutput) +} + +// Rule visibility. Supported values include: "STANDARD", "PREMIUM". +func (o SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigOutput) RuleVisibility() pulumi.StringPtrOutput { + return o.ApplyT(func(v SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfig) *string { return v.RuleVisibility }).(pulumi.StringPtrOutput) +} + +// Configuration options for layer7 adaptive protection for various customizable thresholds. +func (o SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigOutput) ThresholdConfigs() SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigArrayOutput { + return o.ApplyT(func(v SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfig) []SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfig { + return v.ThresholdConfigs + }).(SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigArrayOutput) +} + +type SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtrOutput struct{ *pulumi.OutputState } + +func (SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtrOutput) ElementType() reflect.Type { + return reflect.TypeOf((**SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfig)(nil)).Elem() +} + +func (o SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtrOutput) ToSecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtrOutput() SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtrOutput { + return o +} + +func (o SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtrOutput) ToSecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtrOutputWithContext(ctx context.Context) SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtrOutput { + return o +} + +func (o SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtrOutput) Elem() SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigOutput { + return o.ApplyT(func(v *SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfig) SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfig { + if v != nil { + return *v + } + var ret SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfig + return ret + }).(SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigOutput) +} + +// If set to true, enables CAAP for L7 DDoS detection. +func (o SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtrOutput) Enable() pulumi.BoolPtrOutput { + return o.ApplyT(func(v *SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfig) *bool { + if v == nil { + return nil + } + return v.Enable + }).(pulumi.BoolPtrOutput) +} + +// Rule visibility. Supported values include: "STANDARD", "PREMIUM". +func (o SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtrOutput) RuleVisibility() pulumi.StringPtrOutput { + return o.ApplyT(func(v *SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfig) *string { + if v == nil { + return nil + } + return v.RuleVisibility + }).(pulumi.StringPtrOutput) +} + +// Configuration options for layer7 adaptive protection for various customizable thresholds. +func (o SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtrOutput) ThresholdConfigs() SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigArrayOutput { + return o.ApplyT(func(v *SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfig) []SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfig { + if v == nil { + return nil + } + return v.ThresholdConfigs + }).(SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigArrayOutput) +} + +type SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfig struct { + // Confidence threshold above which Adaptive Protection's auto-deploy takes actions. + AutoDeployConfidenceThreshold *float64 `pulumi:"autoDeployConfidenceThreshold"` + // Duration over which Adaptive Protection's auto-deployed actions last. + AutoDeployExpirationSec *int `pulumi:"autoDeployExpirationSec"` + // Impacted baseline threshold below which Adaptive Protection's auto-deploy takes actions. + AutoDeployImpactedBaselineThreshold *float64 `pulumi:"autoDeployImpactedBaselineThreshold"` + // Load threshold above which Adaptive Protection automatically deploy threshold based on the backend load threshold and detect a new rule during an alerted attack. + AutoDeployLoadThreshold *float64 `pulumi:"autoDeployLoadThreshold"` + // Detection threshold based on absolute QPS. + DetectionAbsoluteQps *float64 `pulumi:"detectionAbsoluteQps"` + // Detection threshold based on the backend service's load. + DetectionLoadThreshold *float64 `pulumi:"detectionLoadThreshold"` + // Detection threshold based on QPS relative to the average of baseline traffic. + DetectionRelativeToBaselineQps *float64 `pulumi:"detectionRelativeToBaselineQps"` + // The name of config. The name must be 1-63 characters long, and comply with RFC1035. The name must be unique within the security policy. + Name string `pulumi:"name"` + // Configuration options for enabling Adaptive Protection to work on the specified service granularity. Structure is documented below. + TrafficGranularityConfigs []SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigTrafficGranularityConfig `pulumi:"trafficGranularityConfigs"` +} + +// SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigInput is an input type that accepts SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigArgs and SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigOutput values. +// You can construct a concrete instance of `SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigInput` via: +// +// SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigArgs{...} +type SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigInput interface { + pulumi.Input + + ToSecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigOutput() SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigOutput + ToSecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigOutputWithContext(context.Context) SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigOutput +} + +type SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigArgs struct { + // Confidence threshold above which Adaptive Protection's auto-deploy takes actions. + AutoDeployConfidenceThreshold pulumi.Float64PtrInput `pulumi:"autoDeployConfidenceThreshold"` + // Duration over which Adaptive Protection's auto-deployed actions last. + AutoDeployExpirationSec pulumi.IntPtrInput `pulumi:"autoDeployExpirationSec"` + // Impacted baseline threshold below which Adaptive Protection's auto-deploy takes actions. + AutoDeployImpactedBaselineThreshold pulumi.Float64PtrInput `pulumi:"autoDeployImpactedBaselineThreshold"` + // Load threshold above which Adaptive Protection automatically deploy threshold based on the backend load threshold and detect a new rule during an alerted attack. + AutoDeployLoadThreshold pulumi.Float64PtrInput `pulumi:"autoDeployLoadThreshold"` + // Detection threshold based on absolute QPS. + DetectionAbsoluteQps pulumi.Float64PtrInput `pulumi:"detectionAbsoluteQps"` + // Detection threshold based on the backend service's load. + DetectionLoadThreshold pulumi.Float64PtrInput `pulumi:"detectionLoadThreshold"` + // Detection threshold based on QPS relative to the average of baseline traffic. + DetectionRelativeToBaselineQps pulumi.Float64PtrInput `pulumi:"detectionRelativeToBaselineQps"` + // The name of config. The name must be 1-63 characters long, and comply with RFC1035. The name must be unique within the security policy. + Name pulumi.StringInput `pulumi:"name"` + // Configuration options for enabling Adaptive Protection to work on the specified service granularity. Structure is documented below. + TrafficGranularityConfigs SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigTrafficGranularityConfigArrayInput `pulumi:"trafficGranularityConfigs"` +} + +func (SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigArgs) ElementType() reflect.Type { + return reflect.TypeOf((*SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfig)(nil)).Elem() +} + +func (i SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigArgs) ToSecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigOutput() SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigOutput { + return i.ToSecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigOutputWithContext(context.Background()) +} + +func (i SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigArgs) ToSecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigOutputWithContext(ctx context.Context) SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigOutput { + return pulumi.ToOutputWithContext(ctx, i).(SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigOutput) +} + +// SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigArrayInput is an input type that accepts SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigArray and SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigArrayOutput values. +// You can construct a concrete instance of `SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigArrayInput` via: +// +// SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigArray{ SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigArgs{...} } +type SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigArrayInput interface { + pulumi.Input + + ToSecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigArrayOutput() SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigArrayOutput + ToSecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigArrayOutputWithContext(context.Context) SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigArrayOutput +} + +type SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigArray []SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigInput + +func (SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfig)(nil)).Elem() +} + +func (i SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigArray) ToSecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigArrayOutput() SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigArrayOutput { + return i.ToSecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigArrayOutputWithContext(context.Background()) +} + +func (i SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigArray) ToSecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigArrayOutputWithContext(ctx context.Context) SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigArrayOutput) +} + +type SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigOutput struct{ *pulumi.OutputState } + +func (SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigOutput) ElementType() reflect.Type { + return reflect.TypeOf((*SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfig)(nil)).Elem() +} + +func (o SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigOutput) ToSecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigOutput() SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigOutput { + return o +} + +func (o SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigOutput) ToSecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigOutputWithContext(ctx context.Context) SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigOutput { + return o +} + +// Confidence threshold above which Adaptive Protection's auto-deploy takes actions. +func (o SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigOutput) AutoDeployConfidenceThreshold() pulumi.Float64PtrOutput { + return o.ApplyT(func(v SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfig) *float64 { + return v.AutoDeployConfidenceThreshold + }).(pulumi.Float64PtrOutput) +} + +// Duration over which Adaptive Protection's auto-deployed actions last. +func (o SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigOutput) AutoDeployExpirationSec() pulumi.IntPtrOutput { + return o.ApplyT(func(v SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfig) *int { + return v.AutoDeployExpirationSec + }).(pulumi.IntPtrOutput) +} + +// Impacted baseline threshold below which Adaptive Protection's auto-deploy takes actions. +func (o SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigOutput) AutoDeployImpactedBaselineThreshold() pulumi.Float64PtrOutput { + return o.ApplyT(func(v SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfig) *float64 { + return v.AutoDeployImpactedBaselineThreshold + }).(pulumi.Float64PtrOutput) +} + +// Load threshold above which Adaptive Protection automatically deploy threshold based on the backend load threshold and detect a new rule during an alerted attack. +func (o SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigOutput) AutoDeployLoadThreshold() pulumi.Float64PtrOutput { + return o.ApplyT(func(v SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfig) *float64 { + return v.AutoDeployLoadThreshold + }).(pulumi.Float64PtrOutput) +} + +// Detection threshold based on absolute QPS. +func (o SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigOutput) DetectionAbsoluteQps() pulumi.Float64PtrOutput { + return o.ApplyT(func(v SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfig) *float64 { + return v.DetectionAbsoluteQps + }).(pulumi.Float64PtrOutput) +} + +// Detection threshold based on the backend service's load. +func (o SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigOutput) DetectionLoadThreshold() pulumi.Float64PtrOutput { + return o.ApplyT(func(v SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfig) *float64 { + return v.DetectionLoadThreshold + }).(pulumi.Float64PtrOutput) +} + +// Detection threshold based on QPS relative to the average of baseline traffic. +func (o SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigOutput) DetectionRelativeToBaselineQps() pulumi.Float64PtrOutput { + return o.ApplyT(func(v SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfig) *float64 { + return v.DetectionRelativeToBaselineQps + }).(pulumi.Float64PtrOutput) +} + +// The name of config. The name must be 1-63 characters long, and comply with RFC1035. The name must be unique within the security policy. +func (o SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigOutput) Name() pulumi.StringOutput { + return o.ApplyT(func(v SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfig) string { + return v.Name + }).(pulumi.StringOutput) +} + +// Configuration options for enabling Adaptive Protection to work on the specified service granularity. Structure is documented below. +func (o SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigOutput) TrafficGranularityConfigs() SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigTrafficGranularityConfigArrayOutput { + return o.ApplyT(func(v SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfig) []SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigTrafficGranularityConfig { + return v.TrafficGranularityConfigs + }).(SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigTrafficGranularityConfigArrayOutput) +} + +type SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigArrayOutput struct{ *pulumi.OutputState } + +func (SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfig)(nil)).Elem() +} + +func (o SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigArrayOutput) ToSecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigArrayOutput() SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigArrayOutput { + return o +} + +func (o SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigArrayOutput) ToSecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigArrayOutputWithContext(ctx context.Context) SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigArrayOutput { + return o +} + +func (o SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigArrayOutput) Index(i pulumi.IntInput) SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfig { + return vs[0].([]SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfig)[vs[1].(int)] + }).(SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigOutput) +} + type SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigTrafficGranularityConfig struct { // If enabled, traffic matching each unique value for the specified type constitutes a separate traffic unit. It can only be set to true if value is empty. EnableEachUniqueValue *bool `pulumi:"enableEachUniqueValue"` @@ -53178,6 +53542,10 @@ func (o GetSubnetworksSubnetworkArrayOutput) Index(i pulumi.IntInput) GetSubnetw } func init() { + pulumi.RegisterInputType(reflect.TypeOf((*SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigInput)(nil)).Elem(), SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtrInput)(nil)).Elem(), SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigInput)(nil)).Elem(), SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigArrayInput)(nil)).Elem(), SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigArray{}) pulumi.RegisterInputType(reflect.TypeOf((*SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigTrafficGranularityConfigInput)(nil)).Elem(), SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigTrafficGranularityConfigArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigTrafficGranularityConfigArrayInput)(nil)).Elem(), SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigTrafficGranularityConfigArray{}) pulumi.RegisterInputType(reflect.TypeOf((*SecurityPolicyAdvancedOptionsConfigInput)(nil)).Elem(), SecurityPolicyAdvancedOptionsConfigArgs{}) @@ -53878,6 +54246,10 @@ func init() { pulumi.RegisterInputType(reflect.TypeOf((*GetSubnetworkSecondaryIpRangeArrayInput)(nil)).Elem(), GetSubnetworkSecondaryIpRangeArray{}) pulumi.RegisterInputType(reflect.TypeOf((*GetSubnetworksSubnetworkInput)(nil)).Elem(), GetSubnetworksSubnetworkArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*GetSubnetworksSubnetworkArrayInput)(nil)).Elem(), GetSubnetworksSubnetworkArray{}) + pulumi.RegisterOutputType(SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigOutput{}) + pulumi.RegisterOutputType(SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigPtrOutput{}) + pulumi.RegisterOutputType(SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigOutput{}) + pulumi.RegisterOutputType(SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigArrayOutput{}) pulumi.RegisterOutputType(SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigTrafficGranularityConfigOutput{}) pulumi.RegisterOutputType(SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigTrafficGranularityConfigArrayOutput{}) pulumi.RegisterOutputType(SecurityPolicyAdvancedOptionsConfigOutput{}) diff --git a/sdk/go/gcp/compute/regionNetworkFirewallPolicyRule.go b/sdk/go/gcp/compute/regionNetworkFirewallPolicyRule.go index d2a0f0695f..950dbc3923 100644 --- a/sdk/go/gcp/compute/regionNetworkFirewallPolicyRule.go +++ b/sdk/go/gcp/compute/regionNetworkFirewallPolicyRule.go @@ -39,7 +39,7 @@ import ( // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { // basicRegionalNetworksecurityAddressGroup, err := networksecurity.NewAddressGroup(ctx, "basic_regional_networksecurity_address_group", &networksecurity.AddressGroupArgs{ -// Name: pulumi.String("address"), +// Name: pulumi.String("address-group"), // Parent: pulumi.String("projects/my-project-name"), // Description: pulumi.String("Sample regional networksecurity_address_group"), // Location: pulumi.String("us-west1"), @@ -53,7 +53,7 @@ import ( // return err // } // basicRegionalNetworkFirewallPolicy, err := compute.NewRegionNetworkFirewallPolicy(ctx, "basic_regional_network_firewall_policy", &compute.RegionNetworkFirewallPolicyArgs{ -// Name: pulumi.String("policy"), +// Name: pulumi.String("fw-policy"), // Description: pulumi.String("Sample regional network firewall policy"), // Project: pulumi.String("my-project-name"), // Region: pulumi.String("us-west1"), @@ -71,7 +71,7 @@ import ( // Description: pulumi.String("For keyname resources."), // Parent: pulumi.String("organizations/123456789"), // Purpose: pulumi.String("GCE_FIREWALL"), -// ShortName: pulumi.String("tagkey"), +// ShortName: pulumi.String("tag-key"), // PurposeData: pulumi.StringMap{ // "network": basicNetwork.Name.ApplyT(func(name string) (string, error) { // return fmt.Sprintf("my-project-name/%v", name), nil @@ -84,7 +84,7 @@ import ( // basicValue, err := tags.NewTagValue(ctx, "basic_value", &tags.TagValueArgs{ // Description: pulumi.String("For valuename resources."), // Parent: basicKey.ID(), -// ShortName: pulumi.String("tagvalue"), +// ShortName: pulumi.String("tag-value"), // }) // if err != nil { // return err @@ -103,6 +103,9 @@ import ( // pulumi.String("my@service-account.com"), // }, // Match: &compute.RegionNetworkFirewallPolicyRuleMatchArgs{ +// SrcAddressGroups: pulumi.StringArray{ +// basicRegionalNetworksecurityAddressGroup.ID(), +// }, // SrcIpRanges: pulumi.StringArray{ // pulumi.String("10.100.0.1/32"), // }, @@ -125,8 +128,120 @@ import ( // Name: basicValue.ID(), // }, // }, -// SrcAddressGroups: pulumi.StringArray{ -// basicRegionalNetworksecurityAddressGroup.ID(), +// }, +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// ### Region Network Firewall Policy Rule Network Scope Egress +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// basicRegionalNetworkFirewallPolicy, err := compute.NewRegionNetworkFirewallPolicy(ctx, "basic_regional_network_firewall_policy", &compute.RegionNetworkFirewallPolicyArgs{ +// Name: pulumi.String("fw-policy"), +// Description: pulumi.String("Sample regional network firewall policy"), +// Project: pulumi.String("my-project-name"), +// Region: pulumi.String("us-west1"), +// }) +// if err != nil { +// return err +// } +// _, err = compute.NewRegionNetworkFirewallPolicyRule(ctx, "primary", &compute.RegionNetworkFirewallPolicyRuleArgs{ +// Action: pulumi.String("allow"), +// Description: pulumi.String("This is a simple rule description"), +// Direction: pulumi.String("EGRESS"), +// Disabled: pulumi.Bool(false), +// EnableLogging: pulumi.Bool(true), +// FirewallPolicy: basicRegionalNetworkFirewallPolicy.Name, +// Priority: pulumi.Int(1000), +// Region: pulumi.String("us-west1"), +// RuleName: pulumi.String("test-rule"), +// Match: &compute.RegionNetworkFirewallPolicyRuleMatchArgs{ +// DestIpRanges: pulumi.StringArray{ +// pulumi.String("10.100.0.1/32"), +// }, +// DestNetworkScope: pulumi.String("INTERNET"), +// Layer4Configs: compute.RegionNetworkFirewallPolicyRuleMatchLayer4ConfigArray{ +// &compute.RegionNetworkFirewallPolicyRuleMatchLayer4ConfigArgs{ +// IpProtocol: pulumi.String("all"), +// }, +// }, +// }, +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// ### Region Network Firewall Policy Rule Network Scope Ingress +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// basicRegionalNetworkFirewallPolicy, err := compute.NewRegionNetworkFirewallPolicy(ctx, "basic_regional_network_firewall_policy", &compute.RegionNetworkFirewallPolicyArgs{ +// Name: pulumi.String("fw-policy"), +// Description: pulumi.String("Sample regional network firewall policy"), +// Project: pulumi.String("my-project-name"), +// Region: pulumi.String("us-west1"), +// }) +// if err != nil { +// return err +// } +// network, err := compute.NewNetwork(ctx, "network", &compute.NetworkArgs{ +// Name: pulumi.String("network"), +// }) +// if err != nil { +// return err +// } +// _, err = compute.NewRegionNetworkFirewallPolicyRule(ctx, "primary", &compute.RegionNetworkFirewallPolicyRuleArgs{ +// Action: pulumi.String("allow"), +// Description: pulumi.String("This is a simple rule description"), +// Direction: pulumi.String("INGRESS"), +// Disabled: pulumi.Bool(false), +// EnableLogging: pulumi.Bool(true), +// FirewallPolicy: basicRegionalNetworkFirewallPolicy.Name, +// Priority: pulumi.Int(1000), +// Region: pulumi.String("us-west1"), +// RuleName: pulumi.String("test-rule"), +// Match: &compute.RegionNetworkFirewallPolicyRuleMatchArgs{ +// SrcIpRanges: pulumi.StringArray{ +// pulumi.String("10.100.0.1/32"), +// }, +// SrcNetworkScope: pulumi.String("VPC_NETWORKS"), +// SrcNetworks: pulumi.StringArray{ +// network.ID(), +// }, +// Layer4Configs: compute.RegionNetworkFirewallPolicyRuleMatchLayer4ConfigArray{ +// &compute.RegionNetworkFirewallPolicyRuleMatchLayer4ConfigArgs{ +// IpProtocol: pulumi.String("all"), +// }, // }, // }, // }) diff --git a/sdk/go/gcp/compute/regionNetworkFirewallPolicyWithRules.go b/sdk/go/gcp/compute/regionNetworkFirewallPolicyWithRules.go index 2bb5faee2f..a78d34a3bf 100644 --- a/sdk/go/gcp/compute/regionNetworkFirewallPolicyWithRules.go +++ b/sdk/go/gcp/compute/regionNetworkFirewallPolicyWithRules.go @@ -38,7 +38,7 @@ import ( // return err // } // addressGroup1, err := networksecurity.NewAddressGroup(ctx, "address_group_1", &networksecurity.AddressGroupArgs{ -// Name: pulumi.String("tf-address-group"), +// Name: pulumi.String("address-group"), // Parent: pulumi.String(project.Id), // Description: pulumi.String("Regional address group"), // Location: pulumi.String("us-west2"), @@ -55,7 +55,7 @@ import ( // Description: pulumi.String("Tag key"), // Parent: pulumi.String(project.Id), // Purpose: pulumi.String("GCE_FIREWALL"), -// ShortName: pulumi.String("tf-tag-key"), +// ShortName: pulumi.String("tag-key"), // PurposeData: pulumi.StringMap{ // "network": pulumi.Sprintf("%v/default", project.Name), // }, @@ -66,13 +66,20 @@ import ( // secureTagValue1, err := tags.NewTagValue(ctx, "secure_tag_value_1", &tags.TagValueArgs{ // Description: pulumi.String("Tag value"), // Parent: secureTagKey1.ID(), -// ShortName: pulumi.String("tf-tag-value"), +// ShortName: pulumi.String("tag-value"), // }) // if err != nil { // return err // } -// _, err = compute.NewRegionNetworkFirewallPolicyWithRules(ctx, "region-network-firewall-policy-with-rules", &compute.RegionNetworkFirewallPolicyWithRulesArgs{ -// Name: pulumi.String("tf-region-fw-policy-with-rules"), +// network, err := compute.NewNetwork(ctx, "network", &compute.NetworkArgs{ +// Name: pulumi.String("network"), +// AutoCreateSubnetworks: pulumi.Bool(false), +// }) +// if err != nil { +// return err +// } +// _, err = compute.NewRegionNetworkFirewallPolicyWithRules(ctx, "primary", &compute.RegionNetworkFirewallPolicyWithRulesArgs{ +// Name: pulumi.String("fw-policy"), // Region: pulumi.String("us-west2"), // Description: pulumi.String("Terraform test"), // Rules: compute.RegionNetworkFirewallPolicyWithRulesRuleArray{ @@ -83,15 +90,6 @@ import ( // Action: pulumi.String("allow"), // Direction: pulumi.String("EGRESS"), // Match: &compute.RegionNetworkFirewallPolicyWithRulesRuleMatchArgs{ -// Layer4Configs: compute.RegionNetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArray{ -// &compute.RegionNetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArgs{ -// IpProtocol: pulumi.String("tcp"), -// Ports: pulumi.StringArray{ -// pulumi.String("8080"), -// pulumi.String("7070"), -// }, -// }, -// }, // DestIpRanges: pulumi.StringArray{ // pulumi.String("11.100.0.1/32"), // }, @@ -110,6 +108,15 @@ import ( // DestAddressGroups: pulumi.StringArray{ // addressGroup1.ID(), // }, +// Layer4Configs: compute.RegionNetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArray{ +// &compute.RegionNetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArgs{ +// IpProtocol: pulumi.String("tcp"), +// Ports: pulumi.StringArray{ +// pulumi.String("8080"), +// pulumi.String("7070"), +// }, +// }, +// }, // }, // TargetSecureTags: compute.RegionNetworkFirewallPolicyWithRulesRuleTargetSecureTagArray{ // &compute.RegionNetworkFirewallPolicyWithRulesRuleTargetSecureTagArgs{ @@ -124,12 +131,8 @@ import ( // EnableLogging: pulumi.Bool(false), // Action: pulumi.String("deny"), // Direction: pulumi.String("INGRESS"), +// Disabled: pulumi.Bool(true), // Match: &compute.RegionNetworkFirewallPolicyWithRulesRuleMatchArgs{ -// Layer4Configs: compute.RegionNetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArray{ -// &compute.RegionNetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArgs{ -// IpProtocol: pulumi.String("udp"), -// }, -// }, // SrcIpRanges: pulumi.StringArray{ // pulumi.String("0.0.0.0/0"), // }, @@ -153,8 +156,59 @@ import ( // Name: secureTagValue1.ID(), // }, // }, +// Layer4Configs: compute.RegionNetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArray{ +// &compute.RegionNetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArgs{ +// IpProtocol: pulumi.String("udp"), +// }, +// }, +// }, +// }, +// &compute.RegionNetworkFirewallPolicyWithRulesRuleArgs{ +// Description: pulumi.String("network scope rule 1"), +// RuleName: pulumi.String("network scope 1"), +// Priority: pulumi.Int(4000), +// EnableLogging: pulumi.Bool(false), +// Action: pulumi.String("allow"), +// Direction: pulumi.String("INGRESS"), +// Match: &compute.RegionNetworkFirewallPolicyWithRulesRuleMatchArgs{ +// SrcIpRanges: pulumi.StringArray{ +// pulumi.String("11.100.0.1/32"), +// }, +// SrcNetworkScope: pulumi.String("VPC_NETWORKS"), +// SrcNetworks: pulumi.StringArray{ +// network.ID(), +// }, +// Layer4Configs: compute.RegionNetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArray{ +// &compute.RegionNetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArgs{ +// IpProtocol: pulumi.String("tcp"), +// Ports: pulumi.StringArray{ +// pulumi.String("8080"), +// }, +// }, +// }, +// }, +// }, +// &compute.RegionNetworkFirewallPolicyWithRulesRuleArgs{ +// Description: pulumi.String("network scope rule 2"), +// RuleName: pulumi.String("network scope 2"), +// Priority: pulumi.Int(5000), +// EnableLogging: pulumi.Bool(false), +// Action: pulumi.String("allow"), +// Direction: pulumi.String("EGRESS"), +// Match: &compute.RegionNetworkFirewallPolicyWithRulesRuleMatchArgs{ +// DestIpRanges: pulumi.StringArray{ +// pulumi.String("0.0.0.0/0"), +// }, +// DestNetworkScope: pulumi.String("NON_INTERNET"), +// Layer4Configs: compute.RegionNetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArray{ +// &compute.RegionNetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArgs{ +// IpProtocol: pulumi.String("tcp"), +// Ports: pulumi.StringArray{ +// pulumi.String("8080"), +// }, +// }, +// }, // }, -// Disabled: pulumi.Bool(true), // }, // }, // }) diff --git a/sdk/go/gcp/compute/routerPeer.go b/sdk/go/gcp/compute/routerPeer.go index a6ce22a656..22336e5f26 100644 --- a/sdk/go/gcp/compute/routerPeer.go +++ b/sdk/go/gcp/compute/routerPeer.go @@ -124,6 +124,37 @@ import ( // } // // ``` +// ### Router Zero Custom Learend Route Priority +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := compute.NewRouterPeer(ctx, "peer", &compute.RouterPeerArgs{ +// Name: pulumi.String("my-router-peer"), +// Router: pulumi.String("my-router"), +// Region: pulumi.String("us-central1"), +// Interface: pulumi.String("interface-1"), +// PeerAsn: pulumi.Int(65513), +// CustomLearnedRoutePriority: pulumi.Int(0), +// ZeroCustomLearnedRoutePriority: pulumi.Bool(true), +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` // ### Router Peer Router Appliance // // ```go @@ -584,6 +615,8 @@ type RouterPeer struct { // If you do not specify the next hop addresses, Google Cloud automatically // assigns unused addresses from the 2600:2d00:0:2::/64 or 2600:2d00:0:3::/64 range for you. Ipv6NexthopAddress pulumi.StringOutput `pulumi:"ipv6NexthopAddress"` + // An internal boolean field for provider use. + IsCustomLearnedPrioritySet pulumi.BoolOutput `pulumi:"isCustomLearnedPrioritySet"` // The resource that configures and manages this BGP peer. // * `MANAGED_BY_USER` is the default value and can be managed by // you or other users @@ -632,6 +665,9 @@ type RouterPeer struct { // The VM instance must be located in zones contained in the same region as // this Cloud Router. The VM instance is the peer side of the BGP session. RouterApplianceInstance pulumi.StringPtrOutput `pulumi:"routerApplianceInstance"` + // The user-defined zero-custom-learned-route-priority for a custom-learned-route-priority in BGP session. + // This value has to be set true to force the customLearnedRoutePriority to be 0. + ZeroCustomLearnedRoutePriority pulumi.BoolPtrOutput `pulumi:"zeroCustomLearnedRoutePriority"` } // NewRouterPeer registers a new resource with the given unique name, arguments, and options. @@ -740,6 +776,8 @@ type routerPeerState struct { // If you do not specify the next hop addresses, Google Cloud automatically // assigns unused addresses from the 2600:2d00:0:2::/64 or 2600:2d00:0:3::/64 range for you. Ipv6NexthopAddress *string `pulumi:"ipv6NexthopAddress"` + // An internal boolean field for provider use. + IsCustomLearnedPrioritySet *bool `pulumi:"isCustomLearnedPrioritySet"` // The resource that configures and manages this BGP peer. // * `MANAGED_BY_USER` is the default value and can be managed by // you or other users @@ -788,6 +826,9 @@ type routerPeerState struct { // The VM instance must be located in zones contained in the same region as // this Cloud Router. The VM instance is the peer side of the BGP session. RouterApplianceInstance *string `pulumi:"routerApplianceInstance"` + // The user-defined zero-custom-learned-route-priority for a custom-learned-route-priority in BGP session. + // This value has to be set true to force the customLearnedRoutePriority to be 0. + ZeroCustomLearnedRoutePriority *bool `pulumi:"zeroCustomLearnedRoutePriority"` } type RouterPeerState struct { @@ -858,6 +899,8 @@ type RouterPeerState struct { // If you do not specify the next hop addresses, Google Cloud automatically // assigns unused addresses from the 2600:2d00:0:2::/64 or 2600:2d00:0:3::/64 range for you. Ipv6NexthopAddress pulumi.StringPtrInput + // An internal boolean field for provider use. + IsCustomLearnedPrioritySet pulumi.BoolPtrInput // The resource that configures and manages this BGP peer. // * `MANAGED_BY_USER` is the default value and can be managed by // you or other users @@ -906,6 +949,9 @@ type RouterPeerState struct { // The VM instance must be located in zones contained in the same region as // this Cloud Router. The VM instance is the peer side of the BGP session. RouterApplianceInstance pulumi.StringPtrInput + // The user-defined zero-custom-learned-route-priority for a custom-learned-route-priority in BGP session. + // This value has to be set true to force the customLearnedRoutePriority to be 0. + ZeroCustomLearnedRoutePriority pulumi.BoolPtrInput } func (RouterPeerState) ElementType() reflect.Type { @@ -1018,6 +1064,9 @@ type routerPeerArgs struct { // The VM instance must be located in zones contained in the same region as // this Cloud Router. The VM instance is the peer side of the BGP session. RouterApplianceInstance *string `pulumi:"routerApplianceInstance"` + // The user-defined zero-custom-learned-route-priority for a custom-learned-route-priority in BGP session. + // This value has to be set true to force the customLearnedRoutePriority to be 0. + ZeroCustomLearnedRoutePriority *bool `pulumi:"zeroCustomLearnedRoutePriority"` } // The set of arguments for constructing a RouterPeer resource. @@ -1127,6 +1176,9 @@ type RouterPeerArgs struct { // The VM instance must be located in zones contained in the same region as // this Cloud Router. The VM instance is the peer side of the BGP session. RouterApplianceInstance pulumi.StringPtrInput + // The user-defined zero-custom-learned-route-priority for a custom-learned-route-priority in BGP session. + // This value has to be set true to force the customLearnedRoutePriority to be 0. + ZeroCustomLearnedRoutePriority pulumi.BoolPtrInput } func (RouterPeerArgs) ElementType() reflect.Type { @@ -1331,6 +1383,11 @@ func (o RouterPeerOutput) Ipv6NexthopAddress() pulumi.StringOutput { return o.ApplyT(func(v *RouterPeer) pulumi.StringOutput { return v.Ipv6NexthopAddress }).(pulumi.StringOutput) } +// An internal boolean field for provider use. +func (o RouterPeerOutput) IsCustomLearnedPrioritySet() pulumi.BoolOutput { + return o.ApplyT(func(v *RouterPeer) pulumi.BoolOutput { return v.IsCustomLearnedPrioritySet }).(pulumi.BoolOutput) +} + // The resource that configures and manages this BGP peer. // - `MANAGED_BY_USER` is the default value and can be managed by // you or other users @@ -1412,6 +1469,12 @@ func (o RouterPeerOutput) RouterApplianceInstance() pulumi.StringPtrOutput { return o.ApplyT(func(v *RouterPeer) pulumi.StringPtrOutput { return v.RouterApplianceInstance }).(pulumi.StringPtrOutput) } +// The user-defined zero-custom-learned-route-priority for a custom-learned-route-priority in BGP session. +// This value has to be set true to force the customLearnedRoutePriority to be 0. +func (o RouterPeerOutput) ZeroCustomLearnedRoutePriority() pulumi.BoolPtrOutput { + return o.ApplyT(func(v *RouterPeer) pulumi.BoolPtrOutput { return v.ZeroCustomLearnedRoutePriority }).(pulumi.BoolPtrOutput) +} + type RouterPeerArrayOutput struct{ *pulumi.OutputState } func (RouterPeerArrayOutput) ElementType() reflect.Type { diff --git a/sdk/go/gcp/config/config.go b/sdk/go/gcp/config/config.go index ef64f855cd..cf34f41571 100644 --- a/sdk/go/gcp/config/config.go +++ b/sdk/go/gcp/config/config.go @@ -35,6 +35,9 @@ func GetApiGatewayCustomEndpoint(ctx *pulumi.Context) string { func GetApigeeCustomEndpoint(ctx *pulumi.Context) string { return config.Get(ctx, "gcp:apigeeCustomEndpoint") } +func GetApihubCustomEndpoint(ctx *pulumi.Context) string { + return config.Get(ctx, "gcp:apihubCustomEndpoint") +} func GetApikeysCustomEndpoint(ctx *pulumi.Context) string { return config.Get(ctx, "gcp:apikeysCustomEndpoint") } diff --git a/sdk/go/gcp/filestore/getInstance.go b/sdk/go/gcp/filestore/getInstance.go index 713225ce5b..61a35d4522 100644 --- a/sdk/go/gcp/filestore/getInstance.go +++ b/sdk/go/gcp/filestore/getInstance.go @@ -86,6 +86,7 @@ type LookupInstanceResult struct { Project *string `pulumi:"project"` Protocol string `pulumi:"protocol"` PulumiLabels map[string]string `pulumi:"pulumiLabels"` + Tags map[string]string `pulumi:"tags"` Tier string `pulumi:"tier"` Zone string `pulumi:"zone"` } @@ -202,6 +203,10 @@ func (o LookupInstanceResultOutput) PulumiLabels() pulumi.StringMapOutput { return o.ApplyT(func(v LookupInstanceResult) map[string]string { return v.PulumiLabels }).(pulumi.StringMapOutput) } +func (o LookupInstanceResultOutput) Tags() pulumi.StringMapOutput { + return o.ApplyT(func(v LookupInstanceResult) map[string]string { return v.Tags }).(pulumi.StringMapOutput) +} + func (o LookupInstanceResultOutput) Tier() pulumi.StringOutput { return o.ApplyT(func(v LookupInstanceResult) string { return v.Tier }).(pulumi.StringOutput) } diff --git a/sdk/go/gcp/filestore/instance.go b/sdk/go/gcp/filestore/instance.go index 6ce4946d80..b8fa5b267c 100644 --- a/sdk/go/gcp/filestore/instance.go +++ b/sdk/go/gcp/filestore/instance.go @@ -284,6 +284,12 @@ type Instance struct { // The combination of labels configured directly on the resource // and default labels configured on the provider. PulumiLabels pulumi.StringMapOutput `pulumi:"pulumiLabels"` + // A map of resource manager tags. Resource manager tag keys and values have the same definition as resource manager tags. + // Keys must be in the format tagKeys/{tag_key_id}, and values are in the format tagValues/456. The field is ignored when + // empty. The field is immutable and causes resource replacement when mutated. This field is only set at create time and + // modifying this field after creation will trigger recreation. To apply tags to an existing resource, see the + // 'google_tags_tag_value' resource. + Tags pulumi.StringMapOutput `pulumi:"tags"` // The service tier of the instance. // Possible values include: STANDARD, PREMIUM, BASIC_HDD, BASIC_SSD, HIGH_SCALE_SSD, ZONAL, REGIONAL and ENTERPRISE Tier pulumi.StringOutput `pulumi:"tier"` @@ -378,6 +384,12 @@ type instanceState struct { // The combination of labels configured directly on the resource // and default labels configured on the provider. PulumiLabels map[string]string `pulumi:"pulumiLabels"` + // A map of resource manager tags. Resource manager tag keys and values have the same definition as resource manager tags. + // Keys must be in the format tagKeys/{tag_key_id}, and values are in the format tagValues/456. The field is ignored when + // empty. The field is immutable and causes resource replacement when mutated. This field is only set at create time and + // modifying this field after creation will trigger recreation. To apply tags to an existing resource, see the + // 'google_tags_tag_value' resource. + Tags map[string]string `pulumi:"tags"` // The service tier of the instance. // Possible values include: STANDARD, PREMIUM, BASIC_HDD, BASIC_SSD, HIGH_SCALE_SSD, ZONAL, REGIONAL and ENTERPRISE Tier *string `pulumi:"tier"` @@ -429,6 +441,12 @@ type InstanceState struct { // The combination of labels configured directly on the resource // and default labels configured on the provider. PulumiLabels pulumi.StringMapInput + // A map of resource manager tags. Resource manager tag keys and values have the same definition as resource manager tags. + // Keys must be in the format tagKeys/{tag_key_id}, and values are in the format tagValues/456. The field is ignored when + // empty. The field is immutable and causes resource replacement when mutated. This field is only set at create time and + // modifying this field after creation will trigger recreation. To apply tags to an existing resource, see the + // 'google_tags_tag_value' resource. + Tags pulumi.StringMapInput // The service tier of the instance. // Possible values include: STANDARD, PREMIUM, BASIC_HDD, BASIC_SSD, HIGH_SCALE_SSD, ZONAL, REGIONAL and ENTERPRISE Tier pulumi.StringPtrInput @@ -474,6 +492,12 @@ type instanceArgs struct { // protocol. NFSv4.1 can be used with HIGH_SCALE_SSD, ZONAL, REGIONAL and ENTERPRISE. The default is NFSv3. Default value: // "NFS_V3" Possible values: ["NFS_V3", "NFS_V4_1"] Protocol *string `pulumi:"protocol"` + // A map of resource manager tags. Resource manager tag keys and values have the same definition as resource manager tags. + // Keys must be in the format tagKeys/{tag_key_id}, and values are in the format tagValues/456. The field is ignored when + // empty. The field is immutable and causes resource replacement when mutated. This field is only set at create time and + // modifying this field after creation will trigger recreation. To apply tags to an existing resource, see the + // 'google_tags_tag_value' resource. + Tags map[string]string `pulumi:"tags"` // The service tier of the instance. // Possible values include: STANDARD, PREMIUM, BASIC_HDD, BASIC_SSD, HIGH_SCALE_SSD, ZONAL, REGIONAL and ENTERPRISE Tier string `pulumi:"tier"` @@ -516,6 +540,12 @@ type InstanceArgs struct { // protocol. NFSv4.1 can be used with HIGH_SCALE_SSD, ZONAL, REGIONAL and ENTERPRISE. The default is NFSv3. Default value: // "NFS_V3" Possible values: ["NFS_V3", "NFS_V4_1"] Protocol pulumi.StringPtrInput + // A map of resource manager tags. Resource manager tag keys and values have the same definition as resource manager tags. + // Keys must be in the format tagKeys/{tag_key_id}, and values are in the format tagValues/456. The field is ignored when + // empty. The field is immutable and causes resource replacement when mutated. This field is only set at create time and + // modifying this field after creation will trigger recreation. To apply tags to an existing resource, see the + // 'google_tags_tag_value' resource. + Tags pulumi.StringMapInput // The service tier of the instance. // Possible values include: STANDARD, PREMIUM, BASIC_HDD, BASIC_SSD, HIGH_SCALE_SSD, ZONAL, REGIONAL and ENTERPRISE Tier pulumi.StringInput @@ -701,6 +731,15 @@ func (o InstanceOutput) PulumiLabels() pulumi.StringMapOutput { return o.ApplyT(func(v *Instance) pulumi.StringMapOutput { return v.PulumiLabels }).(pulumi.StringMapOutput) } +// A map of resource manager tags. Resource manager tag keys and values have the same definition as resource manager tags. +// Keys must be in the format tagKeys/{tag_key_id}, and values are in the format tagValues/456. The field is ignored when +// empty. The field is immutable and causes resource replacement when mutated. This field is only set at create time and +// modifying this field after creation will trigger recreation. To apply tags to an existing resource, see the +// 'google_tags_tag_value' resource. +func (o InstanceOutput) Tags() pulumi.StringMapOutput { + return o.ApplyT(func(v *Instance) pulumi.StringMapOutput { return v.Tags }).(pulumi.StringMapOutput) +} + // The service tier of the instance. // Possible values include: STANDARD, PREMIUM, BASIC_HDD, BASIC_SSD, HIGH_SCALE_SSD, ZONAL, REGIONAL and ENTERPRISE func (o InstanceOutput) Tier() pulumi.StringOutput { diff --git a/sdk/go/gcp/gemini/codeRepositoryIndex.go b/sdk/go/gcp/gemini/codeRepositoryIndex.go index 2e30fb7b5d..5270f04201 100644 --- a/sdk/go/gcp/gemini/codeRepositoryIndex.go +++ b/sdk/go/gcp/gemini/codeRepositoryIndex.go @@ -12,6 +12,14 @@ import ( "github.com/pulumi/pulumi/sdk/v3/go/pulumi" ) +// The resource for managing Code Repository Index for Gemini Code Assist. +// +// To get more information about CodeRepositoryIndex, see: +// +// * [API documentation](https://cloud.google.com/gemini/docs/api/reference/rest/v1/projects.locations.codeRepositoryIndexes) +// * How-to Guides +// - [Gemini Code Assist overview](https://cloud.google.com/gemini/docs/codeassist/overview) +// // ## Example Usage // // ### Gemini Code Repository Index Basic @@ -30,7 +38,7 @@ import ( // pulumi.Run(func(ctx *pulumi.Context) error { // _, err := gemini.NewCodeRepositoryIndex(ctx, "example", &gemini.CodeRepositoryIndexArgs{ // Location: pulumi.String("us-central1"), -// CodeRepositoryIndexId: pulumi.String(""), +// CodeRepositoryIndexId: pulumi.String("code-repository-index-example"), // KmsKey: pulumi.String("projects/projectExample/locations/locationExample/keyRings/keyRingExample/cryptoKeys/cryptoKeyExample"), // }) // if err != nil { @@ -79,7 +87,7 @@ type CodeRepositoryIndex struct { // If set to true, will allow deletion of the CodeRepositoryIndex even if there are existing RepositoryGroups for the resource. These RepositoryGroups will also be deleted. ForceDestroy pulumi.BoolPtrOutput `pulumi:"forceDestroy"` // Optional. Immutable. Customer-managed encryption key name, in the format - // projects/*/locations/*/keyRings/*/cryptoKeys/*. + // `projects/*/locations/*/keyRings/*/cryptoKeys/*`. KmsKey pulumi.StringPtrOutput `pulumi:"kmsKey"` // Optional. Labels as key value pairs. // **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. @@ -96,12 +104,7 @@ type CodeRepositoryIndex struct { // and default labels configured on the provider. PulumiLabels pulumi.StringMapOutput `pulumi:"pulumiLabels"` // Output only. Code Repository Index instance State. - // Possible values: - // STATE_UNSPECIFIED - // CREATING - // ACTIVE - // DELETING - // SUSPENDED + // Possible values are: `STATE_UNSPECIFIED`, `CREATING`, `ACTIVE`, `DELETING`, `SUSPENDED`. State pulumi.StringOutput `pulumi:"state"` // Output only. Update time stamp. UpdateTime pulumi.StringOutput `pulumi:"updateTime"` @@ -159,7 +162,7 @@ type codeRepositoryIndexState struct { // If set to true, will allow deletion of the CodeRepositoryIndex even if there are existing RepositoryGroups for the resource. These RepositoryGroups will also be deleted. ForceDestroy *bool `pulumi:"forceDestroy"` // Optional. Immutable. Customer-managed encryption key name, in the format - // projects/*/locations/*/keyRings/*/cryptoKeys/*. + // `projects/*/locations/*/keyRings/*/cryptoKeys/*`. KmsKey *string `pulumi:"kmsKey"` // Optional. Labels as key value pairs. // **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. @@ -176,12 +179,7 @@ type codeRepositoryIndexState struct { // and default labels configured on the provider. PulumiLabels map[string]string `pulumi:"pulumiLabels"` // Output only. Code Repository Index instance State. - // Possible values: - // STATE_UNSPECIFIED - // CREATING - // ACTIVE - // DELETING - // SUSPENDED + // Possible values are: `STATE_UNSPECIFIED`, `CREATING`, `ACTIVE`, `DELETING`, `SUSPENDED`. State *string `pulumi:"state"` // Output only. Update time stamp. UpdateTime *string `pulumi:"updateTime"` @@ -199,7 +197,7 @@ type CodeRepositoryIndexState struct { // If set to true, will allow deletion of the CodeRepositoryIndex even if there are existing RepositoryGroups for the resource. These RepositoryGroups will also be deleted. ForceDestroy pulumi.BoolPtrInput // Optional. Immutable. Customer-managed encryption key name, in the format - // projects/*/locations/*/keyRings/*/cryptoKeys/*. + // `projects/*/locations/*/keyRings/*/cryptoKeys/*`. KmsKey pulumi.StringPtrInput // Optional. Labels as key value pairs. // **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. @@ -216,12 +214,7 @@ type CodeRepositoryIndexState struct { // and default labels configured on the provider. PulumiLabels pulumi.StringMapInput // Output only. Code Repository Index instance State. - // Possible values: - // STATE_UNSPECIFIED - // CREATING - // ACTIVE - // DELETING - // SUSPENDED + // Possible values are: `STATE_UNSPECIFIED`, `CREATING`, `ACTIVE`, `DELETING`, `SUSPENDED`. State pulumi.StringPtrInput // Output only. Update time stamp. UpdateTime pulumi.StringPtrInput @@ -239,7 +232,7 @@ type codeRepositoryIndexArgs struct { // If set to true, will allow deletion of the CodeRepositoryIndex even if there are existing RepositoryGroups for the resource. These RepositoryGroups will also be deleted. ForceDestroy *bool `pulumi:"forceDestroy"` // Optional. Immutable. Customer-managed encryption key name, in the format - // projects/*/locations/*/keyRings/*/cryptoKeys/*. + // `projects/*/locations/*/keyRings/*/cryptoKeys/*`. KmsKey *string `pulumi:"kmsKey"` // Optional. Labels as key value pairs. // **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. @@ -261,7 +254,7 @@ type CodeRepositoryIndexArgs struct { // If set to true, will allow deletion of the CodeRepositoryIndex even if there are existing RepositoryGroups for the resource. These RepositoryGroups will also be deleted. ForceDestroy pulumi.BoolPtrInput // Optional. Immutable. Customer-managed encryption key name, in the format - // projects/*/locations/*/keyRings/*/cryptoKeys/*. + // `projects/*/locations/*/keyRings/*/cryptoKeys/*`. KmsKey pulumi.StringPtrInput // Optional. Labels as key value pairs. // **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. @@ -384,7 +377,7 @@ func (o CodeRepositoryIndexOutput) ForceDestroy() pulumi.BoolPtrOutput { } // Optional. Immutable. Customer-managed encryption key name, in the format -// projects/*/locations/*/keyRings/*/cryptoKeys/*. +// `projects/*/locations/*/keyRings/*/cryptoKeys/*`. func (o CodeRepositoryIndexOutput) KmsKey() pulumi.StringPtrOutput { return o.ApplyT(func(v *CodeRepositoryIndex) pulumi.StringPtrOutput { return v.KmsKey }).(pulumi.StringPtrOutput) } @@ -419,12 +412,7 @@ func (o CodeRepositoryIndexOutput) PulumiLabels() pulumi.StringMapOutput { } // Output only. Code Repository Index instance State. -// Possible values: -// STATE_UNSPECIFIED -// CREATING -// ACTIVE -// DELETING -// SUSPENDED +// Possible values are: `STATE_UNSPECIFIED`, `CREATING`, `ACTIVE`, `DELETING`, `SUSPENDED`. func (o CodeRepositoryIndexOutput) State() pulumi.StringOutput { return o.ApplyT(func(v *CodeRepositoryIndex) pulumi.StringOutput { return v.State }).(pulumi.StringOutput) } diff --git a/sdk/go/gcp/gemini/getRepositoryGroupIamPolicy.go b/sdk/go/gcp/gemini/getRepositoryGroupIamPolicy.go index 9e8c692bac..250c4a50d6 100644 --- a/sdk/go/gcp/gemini/getRepositoryGroupIamPolicy.go +++ b/sdk/go/gcp/gemini/getRepositoryGroupIamPolicy.go @@ -11,6 +11,36 @@ import ( "github.com/pulumi/pulumi/sdk/v3/go/pulumi" ) +// Retrieves the current IAM policy data for repositorygroup +// +// ## example +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/gemini" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := gemini.LookupRepositoryGroupIamPolicy(ctx, &gemini.LookupRepositoryGroupIamPolicyArgs{ +// Project: pulumi.StringRef(example.Project), +// Location: pulumi.StringRef(example.Location), +// CodeRepositoryIndex: example.CodeRepositoryIndex, +// RepositoryGroupId: example.RepositoryGroupId, +// }, nil) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` func LookupRepositoryGroupIamPolicy(ctx *pulumi.Context, args *LookupRepositoryGroupIamPolicyArgs, opts ...pulumi.InvokeOption) (*LookupRepositoryGroupIamPolicyResult, error) { opts = internal.PkgInvokeDefaultOpts(opts) var rv LookupRepositoryGroupIamPolicyResult diff --git a/sdk/go/gcp/gemini/repositoryGroup.go b/sdk/go/gcp/gemini/repositoryGroup.go index 63cfe10cbf..34fa892aff 100644 --- a/sdk/go/gcp/gemini/repositoryGroup.go +++ b/sdk/go/gcp/gemini/repositoryGroup.go @@ -12,8 +12,51 @@ import ( "github.com/pulumi/pulumi/sdk/v3/go/pulumi" ) +// The resource for managing Repository Group for Gemini Code Assist. +// +// To get more information about RepositoryGroup, see: +// +// * [API documentation](https://cloud.google.com/gemini/docs/api/reference/rest/v1/projects.locations.codeRepositoryIndexes.repositoryGroups) +// // ## Example Usage // +// ### Gemini Repository Group Basic +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/gemini" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := gemini.NewRepositoryGroup(ctx, "example", &gemini.RepositoryGroupArgs{ +// Location: pulumi.String("us-central1"), +// CodeRepositoryIndex: pulumi.String("example-cri"), +// RepositoryGroupId: pulumi.String("example-repository-group"), +// Repositories: gemini.RepositoryGroupRepositoryArray{ +// &gemini.RepositoryGroupRepositoryArgs{ +// Resource: pulumi.String("projects/example-project/locations/us-central1/connections/example-connection/gitRepositoryLinks/example-repo"), +// BranchPattern: pulumi.String("main"), +// }, +// }, +// Labels: pulumi.StringMap{ +// "label1": pulumi.String("value1"), +// }, +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// // ## Import // // RepositoryGroup can be imported using any of these accepted formats: @@ -42,27 +85,27 @@ type RepositoryGroup struct { // Required. Id of the Code Repository Index. CodeRepositoryIndex pulumi.StringOutput `pulumi:"codeRepositoryIndex"` - // Output only. Create time stamp + // Output only. Create time stamp. CreateTime pulumi.StringOutput `pulumi:"createTime"` // All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. EffectiveLabels pulumi.StringMapOutput `pulumi:"effectiveLabels"` - // Optional. Labels as key value pairs **Note**: This field is non-authoritative, and will only manage the labels present + // Optional. Labels as key value pairs. **Note**: This field is non-authoritative, and will only manage the labels present // in your configuration. Please refer to the field 'effective_labels' for all of the labels present on the resource. Labels pulumi.StringMapOutput `pulumi:"labels"` // The location of the Code Repository Index, for example `us-central1`. Location pulumi.StringOutput `pulumi:"location"` - // Immutable. Identifier. name of resource + // Immutable. Identifier. Name of Repository Group. Name pulumi.StringOutput `pulumi:"name"` Project pulumi.StringOutput `pulumi:"project"` // The combination of labels configured directly on the resource // and default labels configured on the provider. PulumiLabels pulumi.StringMapOutput `pulumi:"pulumiLabels"` - // Required. List of repositories to group + // Required. List of repositories to group. // Structure is documented below. Repositories RepositoryGroupRepositoryArrayOutput `pulumi:"repositories"` // Required. Id of the Repository Group. RepositoryGroupId pulumi.StringOutput `pulumi:"repositoryGroupId"` - // Output only. Update time stamp + // Output only. Update time stamp. UpdateTime pulumi.StringOutput `pulumi:"updateTime"` } @@ -115,54 +158,54 @@ func GetRepositoryGroup(ctx *pulumi.Context, type repositoryGroupState struct { // Required. Id of the Code Repository Index. CodeRepositoryIndex *string `pulumi:"codeRepositoryIndex"` - // Output only. Create time stamp + // Output only. Create time stamp. CreateTime *string `pulumi:"createTime"` // All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. EffectiveLabels map[string]string `pulumi:"effectiveLabels"` - // Optional. Labels as key value pairs **Note**: This field is non-authoritative, and will only manage the labels present + // Optional. Labels as key value pairs. **Note**: This field is non-authoritative, and will only manage the labels present // in your configuration. Please refer to the field 'effective_labels' for all of the labels present on the resource. Labels map[string]string `pulumi:"labels"` // The location of the Code Repository Index, for example `us-central1`. Location *string `pulumi:"location"` - // Immutable. Identifier. name of resource + // Immutable. Identifier. Name of Repository Group. Name *string `pulumi:"name"` Project *string `pulumi:"project"` // The combination of labels configured directly on the resource // and default labels configured on the provider. PulumiLabels map[string]string `pulumi:"pulumiLabels"` - // Required. List of repositories to group + // Required. List of repositories to group. // Structure is documented below. Repositories []RepositoryGroupRepository `pulumi:"repositories"` // Required. Id of the Repository Group. RepositoryGroupId *string `pulumi:"repositoryGroupId"` - // Output only. Update time stamp + // Output only. Update time stamp. UpdateTime *string `pulumi:"updateTime"` } type RepositoryGroupState struct { // Required. Id of the Code Repository Index. CodeRepositoryIndex pulumi.StringPtrInput - // Output only. Create time stamp + // Output only. Create time stamp. CreateTime pulumi.StringPtrInput // All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. EffectiveLabels pulumi.StringMapInput - // Optional. Labels as key value pairs **Note**: This field is non-authoritative, and will only manage the labels present + // Optional. Labels as key value pairs. **Note**: This field is non-authoritative, and will only manage the labels present // in your configuration. Please refer to the field 'effective_labels' for all of the labels present on the resource. Labels pulumi.StringMapInput // The location of the Code Repository Index, for example `us-central1`. Location pulumi.StringPtrInput - // Immutable. Identifier. name of resource + // Immutable. Identifier. Name of Repository Group. Name pulumi.StringPtrInput Project pulumi.StringPtrInput // The combination of labels configured directly on the resource // and default labels configured on the provider. PulumiLabels pulumi.StringMapInput - // Required. List of repositories to group + // Required. List of repositories to group. // Structure is documented below. Repositories RepositoryGroupRepositoryArrayInput // Required. Id of the Repository Group. RepositoryGroupId pulumi.StringPtrInput - // Output only. Update time stamp + // Output only. Update time stamp. UpdateTime pulumi.StringPtrInput } @@ -173,13 +216,13 @@ func (RepositoryGroupState) ElementType() reflect.Type { type repositoryGroupArgs struct { // Required. Id of the Code Repository Index. CodeRepositoryIndex string `pulumi:"codeRepositoryIndex"` - // Optional. Labels as key value pairs **Note**: This field is non-authoritative, and will only manage the labels present + // Optional. Labels as key value pairs. **Note**: This field is non-authoritative, and will only manage the labels present // in your configuration. Please refer to the field 'effective_labels' for all of the labels present on the resource. Labels map[string]string `pulumi:"labels"` // The location of the Code Repository Index, for example `us-central1`. Location string `pulumi:"location"` Project *string `pulumi:"project"` - // Required. List of repositories to group + // Required. List of repositories to group. // Structure is documented below. Repositories []RepositoryGroupRepository `pulumi:"repositories"` // Required. Id of the Repository Group. @@ -190,13 +233,13 @@ type repositoryGroupArgs struct { type RepositoryGroupArgs struct { // Required. Id of the Code Repository Index. CodeRepositoryIndex pulumi.StringInput - // Optional. Labels as key value pairs **Note**: This field is non-authoritative, and will only manage the labels present + // Optional. Labels as key value pairs. **Note**: This field is non-authoritative, and will only manage the labels present // in your configuration. Please refer to the field 'effective_labels' for all of the labels present on the resource. Labels pulumi.StringMapInput // The location of the Code Repository Index, for example `us-central1`. Location pulumi.StringInput Project pulumi.StringPtrInput - // Required. List of repositories to group + // Required. List of repositories to group. // Structure is documented below. Repositories RepositoryGroupRepositoryArrayInput // Required. Id of the Repository Group. @@ -295,7 +338,7 @@ func (o RepositoryGroupOutput) CodeRepositoryIndex() pulumi.StringOutput { return o.ApplyT(func(v *RepositoryGroup) pulumi.StringOutput { return v.CodeRepositoryIndex }).(pulumi.StringOutput) } -// Output only. Create time stamp +// Output only. Create time stamp. func (o RepositoryGroupOutput) CreateTime() pulumi.StringOutput { return o.ApplyT(func(v *RepositoryGroup) pulumi.StringOutput { return v.CreateTime }).(pulumi.StringOutput) } @@ -305,7 +348,7 @@ func (o RepositoryGroupOutput) EffectiveLabels() pulumi.StringMapOutput { return o.ApplyT(func(v *RepositoryGroup) pulumi.StringMapOutput { return v.EffectiveLabels }).(pulumi.StringMapOutput) } -// Optional. Labels as key value pairs **Note**: This field is non-authoritative, and will only manage the labels present +// Optional. Labels as key value pairs. **Note**: This field is non-authoritative, and will only manage the labels present // in your configuration. Please refer to the field 'effective_labels' for all of the labels present on the resource. func (o RepositoryGroupOutput) Labels() pulumi.StringMapOutput { return o.ApplyT(func(v *RepositoryGroup) pulumi.StringMapOutput { return v.Labels }).(pulumi.StringMapOutput) @@ -316,7 +359,7 @@ func (o RepositoryGroupOutput) Location() pulumi.StringOutput { return o.ApplyT(func(v *RepositoryGroup) pulumi.StringOutput { return v.Location }).(pulumi.StringOutput) } -// Immutable. Identifier. name of resource +// Immutable. Identifier. Name of Repository Group. func (o RepositoryGroupOutput) Name() pulumi.StringOutput { return o.ApplyT(func(v *RepositoryGroup) pulumi.StringOutput { return v.Name }).(pulumi.StringOutput) } @@ -331,7 +374,7 @@ func (o RepositoryGroupOutput) PulumiLabels() pulumi.StringMapOutput { return o.ApplyT(func(v *RepositoryGroup) pulumi.StringMapOutput { return v.PulumiLabels }).(pulumi.StringMapOutput) } -// Required. List of repositories to group +// Required. List of repositories to group. // Structure is documented below. func (o RepositoryGroupOutput) Repositories() RepositoryGroupRepositoryArrayOutput { return o.ApplyT(func(v *RepositoryGroup) RepositoryGroupRepositoryArrayOutput { return v.Repositories }).(RepositoryGroupRepositoryArrayOutput) @@ -342,7 +385,7 @@ func (o RepositoryGroupOutput) RepositoryGroupId() pulumi.StringOutput { return o.ApplyT(func(v *RepositoryGroup) pulumi.StringOutput { return v.RepositoryGroupId }).(pulumi.StringOutput) } -// Output only. Update time stamp +// Output only. Update time stamp. func (o RepositoryGroupOutput) UpdateTime() pulumi.StringOutput { return o.ApplyT(func(v *RepositoryGroup) pulumi.StringOutput { return v.UpdateTime }).(pulumi.StringOutput) } diff --git a/sdk/go/gcp/gemini/repositoryGroupIamBinding.go b/sdk/go/gcp/gemini/repositoryGroupIamBinding.go index ae3040cbdc..b5b9bfb9fb 100644 --- a/sdk/go/gcp/gemini/repositoryGroupIamBinding.go +++ b/sdk/go/gcp/gemini/repositoryGroupIamBinding.go @@ -12,6 +12,255 @@ import ( "github.com/pulumi/pulumi/sdk/v3/go/pulumi" ) +// Three different resources help you manage your IAM policy for Gemini for Google Cloud RepositoryGroup. Each of these resources serves a different use case: +// +// * `gemini.RepositoryGroupIamPolicy`: Authoritative. Sets the IAM policy for the repositorygroup and replaces any existing policy already attached. +// * `gemini.RepositoryGroupIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the repositorygroup are preserved. +// * `gemini.RepositoryGroupIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the repositorygroup are preserved. +// +// # A data source can be used to retrieve policy data in advent you do not need creation +// +// * `gemini.RepositoryGroupIamPolicy`: Retrieves the IAM policy for the repositorygroup +// +// > **Note:** `gemini.RepositoryGroupIamPolicy` **cannot** be used in conjunction with `gemini.RepositoryGroupIamBinding` and `gemini.RepositoryGroupIamMember` or they will fight over what your policy should be. +// +// > **Note:** `gemini.RepositoryGroupIamBinding` resources **can be** used in conjunction with `gemini.RepositoryGroupIamMember` resources **only if** they do not grant privilege to the same role. +// +// ## gemini.RepositoryGroupIamPolicy +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/gemini" +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{ +// Bindings: []organizations.GetIAMPolicyBinding{ +// { +// Role: "roles/cloudaicompanion.repositoryGroupsUser", +// Members: []string{ +// "user:jane@example.com", +// }, +// }, +// }, +// }, nil) +// if err != nil { +// return err +// } +// _, err = gemini.NewRepositoryGroupIamPolicy(ctx, "policy", &gemini.RepositoryGroupIamPolicyArgs{ +// Project: pulumi.Any(example.Project), +// Location: pulumi.Any(example.Location), +// CodeRepositoryIndex: pulumi.Any(example.CodeRepositoryIndex), +// RepositoryGroupId: pulumi.Any(example.RepositoryGroupId), +// PolicyData: pulumi.String(admin.PolicyData), +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## gemini.RepositoryGroupIamBinding +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/gemini" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := gemini.NewRepositoryGroupIamBinding(ctx, "binding", &gemini.RepositoryGroupIamBindingArgs{ +// Project: pulumi.Any(example.Project), +// Location: pulumi.Any(example.Location), +// CodeRepositoryIndex: pulumi.Any(example.CodeRepositoryIndex), +// RepositoryGroupId: pulumi.Any(example.RepositoryGroupId), +// Role: pulumi.String("roles/cloudaicompanion.repositoryGroupsUser"), +// Members: pulumi.StringArray{ +// pulumi.String("user:jane@example.com"), +// }, +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## gemini.RepositoryGroupIamMember +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/gemini" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := gemini.NewRepositoryGroupIamMember(ctx, "member", &gemini.RepositoryGroupIamMemberArgs{ +// Project: pulumi.Any(example.Project), +// Location: pulumi.Any(example.Location), +// CodeRepositoryIndex: pulumi.Any(example.CodeRepositoryIndex), +// RepositoryGroupId: pulumi.Any(example.RepositoryGroupId), +// Role: pulumi.String("roles/cloudaicompanion.repositoryGroupsUser"), +// Member: pulumi.String("user:jane@example.com"), +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## This resource supports User Project Overrides. +// +// - +// +// # IAM policy for Gemini for Google Cloud RepositoryGroup +// Three different resources help you manage your IAM policy for Gemini for Google Cloud RepositoryGroup. Each of these resources serves a different use case: +// +// * `gemini.RepositoryGroupIamPolicy`: Authoritative. Sets the IAM policy for the repositorygroup and replaces any existing policy already attached. +// * `gemini.RepositoryGroupIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the repositorygroup are preserved. +// * `gemini.RepositoryGroupIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the repositorygroup are preserved. +// +// # A data source can be used to retrieve policy data in advent you do not need creation +// +// * `gemini.RepositoryGroupIamPolicy`: Retrieves the IAM policy for the repositorygroup +// +// > **Note:** `gemini.RepositoryGroupIamPolicy` **cannot** be used in conjunction with `gemini.RepositoryGroupIamBinding` and `gemini.RepositoryGroupIamMember` or they will fight over what your policy should be. +// +// > **Note:** `gemini.RepositoryGroupIamBinding` resources **can be** used in conjunction with `gemini.RepositoryGroupIamMember` resources **only if** they do not grant privilege to the same role. +// +// ## gemini.RepositoryGroupIamPolicy +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/gemini" +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{ +// Bindings: []organizations.GetIAMPolicyBinding{ +// { +// Role: "roles/cloudaicompanion.repositoryGroupsUser", +// Members: []string{ +// "user:jane@example.com", +// }, +// }, +// }, +// }, nil) +// if err != nil { +// return err +// } +// _, err = gemini.NewRepositoryGroupIamPolicy(ctx, "policy", &gemini.RepositoryGroupIamPolicyArgs{ +// Project: pulumi.Any(example.Project), +// Location: pulumi.Any(example.Location), +// CodeRepositoryIndex: pulumi.Any(example.CodeRepositoryIndex), +// RepositoryGroupId: pulumi.Any(example.RepositoryGroupId), +// PolicyData: pulumi.String(admin.PolicyData), +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## gemini.RepositoryGroupIamBinding +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/gemini" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := gemini.NewRepositoryGroupIamBinding(ctx, "binding", &gemini.RepositoryGroupIamBindingArgs{ +// Project: pulumi.Any(example.Project), +// Location: pulumi.Any(example.Location), +// CodeRepositoryIndex: pulumi.Any(example.CodeRepositoryIndex), +// RepositoryGroupId: pulumi.Any(example.RepositoryGroupId), +// Role: pulumi.String("roles/cloudaicompanion.repositoryGroupsUser"), +// Members: pulumi.StringArray{ +// pulumi.String("user:jane@example.com"), +// }, +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## gemini.RepositoryGroupIamMember +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/gemini" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := gemini.NewRepositoryGroupIamMember(ctx, "member", &gemini.RepositoryGroupIamMemberArgs{ +// Project: pulumi.Any(example.Project), +// Location: pulumi.Any(example.Location), +// CodeRepositoryIndex: pulumi.Any(example.CodeRepositoryIndex), +// RepositoryGroupId: pulumi.Any(example.RepositoryGroupId), +// Role: pulumi.String("roles/cloudaicompanion.repositoryGroupsUser"), +// Member: pulumi.String("user:jane@example.com"), +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// // ## Import // // For all import syntaxes, the "resource in question" can take any of the following forms: diff --git a/sdk/go/gcp/gemini/repositoryGroupIamMember.go b/sdk/go/gcp/gemini/repositoryGroupIamMember.go index f4f1291aab..67a9b99e3b 100644 --- a/sdk/go/gcp/gemini/repositoryGroupIamMember.go +++ b/sdk/go/gcp/gemini/repositoryGroupIamMember.go @@ -12,6 +12,255 @@ import ( "github.com/pulumi/pulumi/sdk/v3/go/pulumi" ) +// Three different resources help you manage your IAM policy for Gemini for Google Cloud RepositoryGroup. Each of these resources serves a different use case: +// +// * `gemini.RepositoryGroupIamPolicy`: Authoritative. Sets the IAM policy for the repositorygroup and replaces any existing policy already attached. +// * `gemini.RepositoryGroupIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the repositorygroup are preserved. +// * `gemini.RepositoryGroupIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the repositorygroup are preserved. +// +// # A data source can be used to retrieve policy data in advent you do not need creation +// +// * `gemini.RepositoryGroupIamPolicy`: Retrieves the IAM policy for the repositorygroup +// +// > **Note:** `gemini.RepositoryGroupIamPolicy` **cannot** be used in conjunction with `gemini.RepositoryGroupIamBinding` and `gemini.RepositoryGroupIamMember` or they will fight over what your policy should be. +// +// > **Note:** `gemini.RepositoryGroupIamBinding` resources **can be** used in conjunction with `gemini.RepositoryGroupIamMember` resources **only if** they do not grant privilege to the same role. +// +// ## gemini.RepositoryGroupIamPolicy +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/gemini" +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{ +// Bindings: []organizations.GetIAMPolicyBinding{ +// { +// Role: "roles/cloudaicompanion.repositoryGroupsUser", +// Members: []string{ +// "user:jane@example.com", +// }, +// }, +// }, +// }, nil) +// if err != nil { +// return err +// } +// _, err = gemini.NewRepositoryGroupIamPolicy(ctx, "policy", &gemini.RepositoryGroupIamPolicyArgs{ +// Project: pulumi.Any(example.Project), +// Location: pulumi.Any(example.Location), +// CodeRepositoryIndex: pulumi.Any(example.CodeRepositoryIndex), +// RepositoryGroupId: pulumi.Any(example.RepositoryGroupId), +// PolicyData: pulumi.String(admin.PolicyData), +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## gemini.RepositoryGroupIamBinding +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/gemini" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := gemini.NewRepositoryGroupIamBinding(ctx, "binding", &gemini.RepositoryGroupIamBindingArgs{ +// Project: pulumi.Any(example.Project), +// Location: pulumi.Any(example.Location), +// CodeRepositoryIndex: pulumi.Any(example.CodeRepositoryIndex), +// RepositoryGroupId: pulumi.Any(example.RepositoryGroupId), +// Role: pulumi.String("roles/cloudaicompanion.repositoryGroupsUser"), +// Members: pulumi.StringArray{ +// pulumi.String("user:jane@example.com"), +// }, +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## gemini.RepositoryGroupIamMember +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/gemini" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := gemini.NewRepositoryGroupIamMember(ctx, "member", &gemini.RepositoryGroupIamMemberArgs{ +// Project: pulumi.Any(example.Project), +// Location: pulumi.Any(example.Location), +// CodeRepositoryIndex: pulumi.Any(example.CodeRepositoryIndex), +// RepositoryGroupId: pulumi.Any(example.RepositoryGroupId), +// Role: pulumi.String("roles/cloudaicompanion.repositoryGroupsUser"), +// Member: pulumi.String("user:jane@example.com"), +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## This resource supports User Project Overrides. +// +// - +// +// # IAM policy for Gemini for Google Cloud RepositoryGroup +// Three different resources help you manage your IAM policy for Gemini for Google Cloud RepositoryGroup. Each of these resources serves a different use case: +// +// * `gemini.RepositoryGroupIamPolicy`: Authoritative. Sets the IAM policy for the repositorygroup and replaces any existing policy already attached. +// * `gemini.RepositoryGroupIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the repositorygroup are preserved. +// * `gemini.RepositoryGroupIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the repositorygroup are preserved. +// +// # A data source can be used to retrieve policy data in advent you do not need creation +// +// * `gemini.RepositoryGroupIamPolicy`: Retrieves the IAM policy for the repositorygroup +// +// > **Note:** `gemini.RepositoryGroupIamPolicy` **cannot** be used in conjunction with `gemini.RepositoryGroupIamBinding` and `gemini.RepositoryGroupIamMember` or they will fight over what your policy should be. +// +// > **Note:** `gemini.RepositoryGroupIamBinding` resources **can be** used in conjunction with `gemini.RepositoryGroupIamMember` resources **only if** they do not grant privilege to the same role. +// +// ## gemini.RepositoryGroupIamPolicy +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/gemini" +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{ +// Bindings: []organizations.GetIAMPolicyBinding{ +// { +// Role: "roles/cloudaicompanion.repositoryGroupsUser", +// Members: []string{ +// "user:jane@example.com", +// }, +// }, +// }, +// }, nil) +// if err != nil { +// return err +// } +// _, err = gemini.NewRepositoryGroupIamPolicy(ctx, "policy", &gemini.RepositoryGroupIamPolicyArgs{ +// Project: pulumi.Any(example.Project), +// Location: pulumi.Any(example.Location), +// CodeRepositoryIndex: pulumi.Any(example.CodeRepositoryIndex), +// RepositoryGroupId: pulumi.Any(example.RepositoryGroupId), +// PolicyData: pulumi.String(admin.PolicyData), +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## gemini.RepositoryGroupIamBinding +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/gemini" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := gemini.NewRepositoryGroupIamBinding(ctx, "binding", &gemini.RepositoryGroupIamBindingArgs{ +// Project: pulumi.Any(example.Project), +// Location: pulumi.Any(example.Location), +// CodeRepositoryIndex: pulumi.Any(example.CodeRepositoryIndex), +// RepositoryGroupId: pulumi.Any(example.RepositoryGroupId), +// Role: pulumi.String("roles/cloudaicompanion.repositoryGroupsUser"), +// Members: pulumi.StringArray{ +// pulumi.String("user:jane@example.com"), +// }, +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## gemini.RepositoryGroupIamMember +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/gemini" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := gemini.NewRepositoryGroupIamMember(ctx, "member", &gemini.RepositoryGroupIamMemberArgs{ +// Project: pulumi.Any(example.Project), +// Location: pulumi.Any(example.Location), +// CodeRepositoryIndex: pulumi.Any(example.CodeRepositoryIndex), +// RepositoryGroupId: pulumi.Any(example.RepositoryGroupId), +// Role: pulumi.String("roles/cloudaicompanion.repositoryGroupsUser"), +// Member: pulumi.String("user:jane@example.com"), +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// // ## Import // // For all import syntaxes, the "resource in question" can take any of the following forms: diff --git a/sdk/go/gcp/gemini/repositoryGroupIamPolicy.go b/sdk/go/gcp/gemini/repositoryGroupIamPolicy.go index 34252f2e51..f3f6204e76 100644 --- a/sdk/go/gcp/gemini/repositoryGroupIamPolicy.go +++ b/sdk/go/gcp/gemini/repositoryGroupIamPolicy.go @@ -12,6 +12,255 @@ import ( "github.com/pulumi/pulumi/sdk/v3/go/pulumi" ) +// Three different resources help you manage your IAM policy for Gemini for Google Cloud RepositoryGroup. Each of these resources serves a different use case: +// +// * `gemini.RepositoryGroupIamPolicy`: Authoritative. Sets the IAM policy for the repositorygroup and replaces any existing policy already attached. +// * `gemini.RepositoryGroupIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the repositorygroup are preserved. +// * `gemini.RepositoryGroupIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the repositorygroup are preserved. +// +// # A data source can be used to retrieve policy data in advent you do not need creation +// +// * `gemini.RepositoryGroupIamPolicy`: Retrieves the IAM policy for the repositorygroup +// +// > **Note:** `gemini.RepositoryGroupIamPolicy` **cannot** be used in conjunction with `gemini.RepositoryGroupIamBinding` and `gemini.RepositoryGroupIamMember` or they will fight over what your policy should be. +// +// > **Note:** `gemini.RepositoryGroupIamBinding` resources **can be** used in conjunction with `gemini.RepositoryGroupIamMember` resources **only if** they do not grant privilege to the same role. +// +// ## gemini.RepositoryGroupIamPolicy +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/gemini" +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{ +// Bindings: []organizations.GetIAMPolicyBinding{ +// { +// Role: "roles/cloudaicompanion.repositoryGroupsUser", +// Members: []string{ +// "user:jane@example.com", +// }, +// }, +// }, +// }, nil) +// if err != nil { +// return err +// } +// _, err = gemini.NewRepositoryGroupIamPolicy(ctx, "policy", &gemini.RepositoryGroupIamPolicyArgs{ +// Project: pulumi.Any(example.Project), +// Location: pulumi.Any(example.Location), +// CodeRepositoryIndex: pulumi.Any(example.CodeRepositoryIndex), +// RepositoryGroupId: pulumi.Any(example.RepositoryGroupId), +// PolicyData: pulumi.String(admin.PolicyData), +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## gemini.RepositoryGroupIamBinding +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/gemini" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := gemini.NewRepositoryGroupIamBinding(ctx, "binding", &gemini.RepositoryGroupIamBindingArgs{ +// Project: pulumi.Any(example.Project), +// Location: pulumi.Any(example.Location), +// CodeRepositoryIndex: pulumi.Any(example.CodeRepositoryIndex), +// RepositoryGroupId: pulumi.Any(example.RepositoryGroupId), +// Role: pulumi.String("roles/cloudaicompanion.repositoryGroupsUser"), +// Members: pulumi.StringArray{ +// pulumi.String("user:jane@example.com"), +// }, +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## gemini.RepositoryGroupIamMember +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/gemini" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := gemini.NewRepositoryGroupIamMember(ctx, "member", &gemini.RepositoryGroupIamMemberArgs{ +// Project: pulumi.Any(example.Project), +// Location: pulumi.Any(example.Location), +// CodeRepositoryIndex: pulumi.Any(example.CodeRepositoryIndex), +// RepositoryGroupId: pulumi.Any(example.RepositoryGroupId), +// Role: pulumi.String("roles/cloudaicompanion.repositoryGroupsUser"), +// Member: pulumi.String("user:jane@example.com"), +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## This resource supports User Project Overrides. +// +// - +// +// # IAM policy for Gemini for Google Cloud RepositoryGroup +// Three different resources help you manage your IAM policy for Gemini for Google Cloud RepositoryGroup. Each of these resources serves a different use case: +// +// * `gemini.RepositoryGroupIamPolicy`: Authoritative. Sets the IAM policy for the repositorygroup and replaces any existing policy already attached. +// * `gemini.RepositoryGroupIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the repositorygroup are preserved. +// * `gemini.RepositoryGroupIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the repositorygroup are preserved. +// +// # A data source can be used to retrieve policy data in advent you do not need creation +// +// * `gemini.RepositoryGroupIamPolicy`: Retrieves the IAM policy for the repositorygroup +// +// > **Note:** `gemini.RepositoryGroupIamPolicy` **cannot** be used in conjunction with `gemini.RepositoryGroupIamBinding` and `gemini.RepositoryGroupIamMember` or they will fight over what your policy should be. +// +// > **Note:** `gemini.RepositoryGroupIamBinding` resources **can be** used in conjunction with `gemini.RepositoryGroupIamMember` resources **only if** they do not grant privilege to the same role. +// +// ## gemini.RepositoryGroupIamPolicy +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/gemini" +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{ +// Bindings: []organizations.GetIAMPolicyBinding{ +// { +// Role: "roles/cloudaicompanion.repositoryGroupsUser", +// Members: []string{ +// "user:jane@example.com", +// }, +// }, +// }, +// }, nil) +// if err != nil { +// return err +// } +// _, err = gemini.NewRepositoryGroupIamPolicy(ctx, "policy", &gemini.RepositoryGroupIamPolicyArgs{ +// Project: pulumi.Any(example.Project), +// Location: pulumi.Any(example.Location), +// CodeRepositoryIndex: pulumi.Any(example.CodeRepositoryIndex), +// RepositoryGroupId: pulumi.Any(example.RepositoryGroupId), +// PolicyData: pulumi.String(admin.PolicyData), +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## gemini.RepositoryGroupIamBinding +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/gemini" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := gemini.NewRepositoryGroupIamBinding(ctx, "binding", &gemini.RepositoryGroupIamBindingArgs{ +// Project: pulumi.Any(example.Project), +// Location: pulumi.Any(example.Location), +// CodeRepositoryIndex: pulumi.Any(example.CodeRepositoryIndex), +// RepositoryGroupId: pulumi.Any(example.RepositoryGroupId), +// Role: pulumi.String("roles/cloudaicompanion.repositoryGroupsUser"), +// Members: pulumi.StringArray{ +// pulumi.String("user:jane@example.com"), +// }, +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## gemini.RepositoryGroupIamMember +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/gemini" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := gemini.NewRepositoryGroupIamMember(ctx, "member", &gemini.RepositoryGroupIamMemberArgs{ +// Project: pulumi.Any(example.Project), +// Location: pulumi.Any(example.Location), +// CodeRepositoryIndex: pulumi.Any(example.CodeRepositoryIndex), +// RepositoryGroupId: pulumi.Any(example.RepositoryGroupId), +// Role: pulumi.String("roles/cloudaicompanion.repositoryGroupsUser"), +// Member: pulumi.String("user:jane@example.com"), +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// // ## Import // // For all import syntaxes, the "resource in question" can take any of the following forms: diff --git a/sdk/go/gcp/kms/getKeyHandles.go b/sdk/go/gcp/kms/getKeyHandles.go new file mode 100644 index 0000000000..33b77b14a2 --- /dev/null +++ b/sdk/go/gcp/kms/getKeyHandles.go @@ -0,0 +1,146 @@ +// Code generated by the Pulumi Terraform Bridge (tfgen) Tool DO NOT EDIT. +// *** WARNING: Do not edit by hand unless you're certain you know what you are doing! *** + +package kms + +import ( + "context" + "reflect" + + "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/internal" + "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +) + +// ## Example Usage +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/kms" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := kms.GetKeyHandles(ctx, &kms.GetKeyHandlesArgs{ +// Project: pulumi.StringRef("resource-project-id"), +// Location: "us-central1", +// ResourceTypeSelector: "storage.googleapis.com/Bucket", +// }, nil) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +func GetKeyHandles(ctx *pulumi.Context, args *GetKeyHandlesArgs, opts ...pulumi.InvokeOption) (*GetKeyHandlesResult, error) { + opts = internal.PkgInvokeDefaultOpts(opts) + var rv GetKeyHandlesResult + err := ctx.Invoke("gcp:kms/getKeyHandles:getKeyHandles", args, &rv, opts...) + if err != nil { + return nil, err + } + return &rv, nil +} + +// A collection of arguments for invoking getKeyHandles. +type GetKeyHandlesArgs struct { + // The Google Cloud Platform location for the KeyHandle. + // A full list of valid locations can be found by running `gcloud kms locations list`. + Location string `pulumi:"location"` + // The project in which the resource belongs. If it + // is not provided, the provider project is used. + Project *string `pulumi:"project"` + // The resource type by which to filter KeyHandle e.g. {SERVICE}.googleapis.com/{TYPE}. See documentation for supported resource types. + // + // *** + ResourceTypeSelector string `pulumi:"resourceTypeSelector"` +} + +// A collection of values returned by getKeyHandles. +type GetKeyHandlesResult struct { + // The provider-assigned unique ID for this managed resource. + Id string `pulumi:"id"` + KeyHandles []GetKeyHandlesKeyHandle `pulumi:"keyHandles"` + // The location of the KMS Key and KeyHandle. + Location string `pulumi:"location"` + // The identifier of the project where KMS KeyHandle is created. + Project *string `pulumi:"project"` + // Indicates the resource type that the resulting CryptoKey is meant to protect, e.g. {SERVICE}.googleapis.com/{TYPE}. See documentation for supported resource types. + ResourceTypeSelector string `pulumi:"resourceTypeSelector"` +} + +func GetKeyHandlesOutput(ctx *pulumi.Context, args GetKeyHandlesOutputArgs, opts ...pulumi.InvokeOption) GetKeyHandlesResultOutput { + return pulumi.ToOutputWithContext(ctx.Context(), args). + ApplyT(func(v interface{}) (GetKeyHandlesResultOutput, error) { + args := v.(GetKeyHandlesArgs) + options := pulumi.InvokeOutputOptions{InvokeOptions: internal.PkgInvokeDefaultOpts(opts)} + return ctx.InvokeOutput("gcp:kms/getKeyHandles:getKeyHandles", args, GetKeyHandlesResultOutput{}, options).(GetKeyHandlesResultOutput), nil + }).(GetKeyHandlesResultOutput) +} + +// A collection of arguments for invoking getKeyHandles. +type GetKeyHandlesOutputArgs struct { + // The Google Cloud Platform location for the KeyHandle. + // A full list of valid locations can be found by running `gcloud kms locations list`. + Location pulumi.StringInput `pulumi:"location"` + // The project in which the resource belongs. If it + // is not provided, the provider project is used. + Project pulumi.StringPtrInput `pulumi:"project"` + // The resource type by which to filter KeyHandle e.g. {SERVICE}.googleapis.com/{TYPE}. See documentation for supported resource types. + // + // *** + ResourceTypeSelector pulumi.StringInput `pulumi:"resourceTypeSelector"` +} + +func (GetKeyHandlesOutputArgs) ElementType() reflect.Type { + return reflect.TypeOf((*GetKeyHandlesArgs)(nil)).Elem() +} + +// A collection of values returned by getKeyHandles. +type GetKeyHandlesResultOutput struct{ *pulumi.OutputState } + +func (GetKeyHandlesResultOutput) ElementType() reflect.Type { + return reflect.TypeOf((*GetKeyHandlesResult)(nil)).Elem() +} + +func (o GetKeyHandlesResultOutput) ToGetKeyHandlesResultOutput() GetKeyHandlesResultOutput { + return o +} + +func (o GetKeyHandlesResultOutput) ToGetKeyHandlesResultOutputWithContext(ctx context.Context) GetKeyHandlesResultOutput { + return o +} + +// The provider-assigned unique ID for this managed resource. +func (o GetKeyHandlesResultOutput) Id() pulumi.StringOutput { + return o.ApplyT(func(v GetKeyHandlesResult) string { return v.Id }).(pulumi.StringOutput) +} + +func (o GetKeyHandlesResultOutput) KeyHandles() GetKeyHandlesKeyHandleArrayOutput { + return o.ApplyT(func(v GetKeyHandlesResult) []GetKeyHandlesKeyHandle { return v.KeyHandles }).(GetKeyHandlesKeyHandleArrayOutput) +} + +// The location of the KMS Key and KeyHandle. +func (o GetKeyHandlesResultOutput) Location() pulumi.StringOutput { + return o.ApplyT(func(v GetKeyHandlesResult) string { return v.Location }).(pulumi.StringOutput) +} + +// The identifier of the project where KMS KeyHandle is created. +func (o GetKeyHandlesResultOutput) Project() pulumi.StringPtrOutput { + return o.ApplyT(func(v GetKeyHandlesResult) *string { return v.Project }).(pulumi.StringPtrOutput) +} + +// Indicates the resource type that the resulting CryptoKey is meant to protect, e.g. {SERVICE}.googleapis.com/{TYPE}. See documentation for supported resource types. +func (o GetKeyHandlesResultOutput) ResourceTypeSelector() pulumi.StringOutput { + return o.ApplyT(func(v GetKeyHandlesResult) string { return v.ResourceTypeSelector }).(pulumi.StringOutput) +} + +func init() { + pulumi.RegisterOutputType(GetKeyHandlesResultOutput{}) +} diff --git a/sdk/go/gcp/kms/pulumiTypes.go b/sdk/go/gcp/kms/pulumiTypes.go index 9e28d11408..470e43851f 100644 --- a/sdk/go/gcp/kms/pulumiTypes.go +++ b/sdk/go/gcp/kms/pulumiTypes.go @@ -4212,6 +4212,127 @@ func (o GetKMSCryptoKeyVersionTemplateArrayOutput) Index(i pulumi.IntInput) GetK }).(GetKMSCryptoKeyVersionTemplateOutput) } +type GetKeyHandlesKeyHandle struct { + // The identifier of the KMS Key created for the KeyHandle. Its format is `projects/{projectId}/locations/{location}/keyRings/{keyRingName}/cryptoKeys/{cryptoKeyName}`. + KmsKey string `pulumi:"kmsKey"` + // The name of the KeyHandle. Its format is `projects/{projectId}/locations/{location}/keyHandles/{keyHandleName}`. + Name string `pulumi:"name"` + // The resource type by which to filter KeyHandle e.g. {SERVICE}.googleapis.com/{TYPE}. See documentation for supported resource types. + // + // *** + ResourceTypeSelector string `pulumi:"resourceTypeSelector"` +} + +// GetKeyHandlesKeyHandleInput is an input type that accepts GetKeyHandlesKeyHandleArgs and GetKeyHandlesKeyHandleOutput values. +// You can construct a concrete instance of `GetKeyHandlesKeyHandleInput` via: +// +// GetKeyHandlesKeyHandleArgs{...} +type GetKeyHandlesKeyHandleInput interface { + pulumi.Input + + ToGetKeyHandlesKeyHandleOutput() GetKeyHandlesKeyHandleOutput + ToGetKeyHandlesKeyHandleOutputWithContext(context.Context) GetKeyHandlesKeyHandleOutput +} + +type GetKeyHandlesKeyHandleArgs struct { + // The identifier of the KMS Key created for the KeyHandle. Its format is `projects/{projectId}/locations/{location}/keyRings/{keyRingName}/cryptoKeys/{cryptoKeyName}`. + KmsKey pulumi.StringInput `pulumi:"kmsKey"` + // The name of the KeyHandle. Its format is `projects/{projectId}/locations/{location}/keyHandles/{keyHandleName}`. + Name pulumi.StringInput `pulumi:"name"` + // The resource type by which to filter KeyHandle e.g. {SERVICE}.googleapis.com/{TYPE}. See documentation for supported resource types. + // + // *** + ResourceTypeSelector pulumi.StringInput `pulumi:"resourceTypeSelector"` +} + +func (GetKeyHandlesKeyHandleArgs) ElementType() reflect.Type { + return reflect.TypeOf((*GetKeyHandlesKeyHandle)(nil)).Elem() +} + +func (i GetKeyHandlesKeyHandleArgs) ToGetKeyHandlesKeyHandleOutput() GetKeyHandlesKeyHandleOutput { + return i.ToGetKeyHandlesKeyHandleOutputWithContext(context.Background()) +} + +func (i GetKeyHandlesKeyHandleArgs) ToGetKeyHandlesKeyHandleOutputWithContext(ctx context.Context) GetKeyHandlesKeyHandleOutput { + return pulumi.ToOutputWithContext(ctx, i).(GetKeyHandlesKeyHandleOutput) +} + +// GetKeyHandlesKeyHandleArrayInput is an input type that accepts GetKeyHandlesKeyHandleArray and GetKeyHandlesKeyHandleArrayOutput values. +// You can construct a concrete instance of `GetKeyHandlesKeyHandleArrayInput` via: +// +// GetKeyHandlesKeyHandleArray{ GetKeyHandlesKeyHandleArgs{...} } +type GetKeyHandlesKeyHandleArrayInput interface { + pulumi.Input + + ToGetKeyHandlesKeyHandleArrayOutput() GetKeyHandlesKeyHandleArrayOutput + ToGetKeyHandlesKeyHandleArrayOutputWithContext(context.Context) GetKeyHandlesKeyHandleArrayOutput +} + +type GetKeyHandlesKeyHandleArray []GetKeyHandlesKeyHandleInput + +func (GetKeyHandlesKeyHandleArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]GetKeyHandlesKeyHandle)(nil)).Elem() +} + +func (i GetKeyHandlesKeyHandleArray) ToGetKeyHandlesKeyHandleArrayOutput() GetKeyHandlesKeyHandleArrayOutput { + return i.ToGetKeyHandlesKeyHandleArrayOutputWithContext(context.Background()) +} + +func (i GetKeyHandlesKeyHandleArray) ToGetKeyHandlesKeyHandleArrayOutputWithContext(ctx context.Context) GetKeyHandlesKeyHandleArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(GetKeyHandlesKeyHandleArrayOutput) +} + +type GetKeyHandlesKeyHandleOutput struct{ *pulumi.OutputState } + +func (GetKeyHandlesKeyHandleOutput) ElementType() reflect.Type { + return reflect.TypeOf((*GetKeyHandlesKeyHandle)(nil)).Elem() +} + +func (o GetKeyHandlesKeyHandleOutput) ToGetKeyHandlesKeyHandleOutput() GetKeyHandlesKeyHandleOutput { + return o +} + +func (o GetKeyHandlesKeyHandleOutput) ToGetKeyHandlesKeyHandleOutputWithContext(ctx context.Context) GetKeyHandlesKeyHandleOutput { + return o +} + +// The identifier of the KMS Key created for the KeyHandle. Its format is `projects/{projectId}/locations/{location}/keyRings/{keyRingName}/cryptoKeys/{cryptoKeyName}`. +func (o GetKeyHandlesKeyHandleOutput) KmsKey() pulumi.StringOutput { + return o.ApplyT(func(v GetKeyHandlesKeyHandle) string { return v.KmsKey }).(pulumi.StringOutput) +} + +// The name of the KeyHandle. Its format is `projects/{projectId}/locations/{location}/keyHandles/{keyHandleName}`. +func (o GetKeyHandlesKeyHandleOutput) Name() pulumi.StringOutput { + return o.ApplyT(func(v GetKeyHandlesKeyHandle) string { return v.Name }).(pulumi.StringOutput) +} + +// The resource type by which to filter KeyHandle e.g. {SERVICE}.googleapis.com/{TYPE}. See documentation for supported resource types. +// +// *** +func (o GetKeyHandlesKeyHandleOutput) ResourceTypeSelector() pulumi.StringOutput { + return o.ApplyT(func(v GetKeyHandlesKeyHandle) string { return v.ResourceTypeSelector }).(pulumi.StringOutput) +} + +type GetKeyHandlesKeyHandleArrayOutput struct{ *pulumi.OutputState } + +func (GetKeyHandlesKeyHandleArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]GetKeyHandlesKeyHandle)(nil)).Elem() +} + +func (o GetKeyHandlesKeyHandleArrayOutput) ToGetKeyHandlesKeyHandleArrayOutput() GetKeyHandlesKeyHandleArrayOutput { + return o +} + +func (o GetKeyHandlesKeyHandleArrayOutput) ToGetKeyHandlesKeyHandleArrayOutputWithContext(ctx context.Context) GetKeyHandlesKeyHandleArrayOutput { + return o +} + +func (o GetKeyHandlesKeyHandleArrayOutput) Index(i pulumi.IntInput) GetKeyHandlesKeyHandleOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) GetKeyHandlesKeyHandle { + return vs[0].([]GetKeyHandlesKeyHandle)[vs[1].(int)] + }).(GetKeyHandlesKeyHandleOutput) +} + type GetKeyRingsKeyRing struct { Id string `pulumi:"id"` Name string `pulumi:"name"` @@ -4371,6 +4492,8 @@ func init() { pulumi.RegisterInputType(reflect.TypeOf((*GetKMSCryptoKeyVersionPublicKeyArrayInput)(nil)).Elem(), GetKMSCryptoKeyVersionPublicKeyArray{}) pulumi.RegisterInputType(reflect.TypeOf((*GetKMSCryptoKeyVersionTemplateInput)(nil)).Elem(), GetKMSCryptoKeyVersionTemplateArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*GetKMSCryptoKeyVersionTemplateArrayInput)(nil)).Elem(), GetKMSCryptoKeyVersionTemplateArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*GetKeyHandlesKeyHandleInput)(nil)).Elem(), GetKeyHandlesKeyHandleArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*GetKeyHandlesKeyHandleArrayInput)(nil)).Elem(), GetKeyHandlesKeyHandleArray{}) pulumi.RegisterInputType(reflect.TypeOf((*GetKeyRingsKeyRingInput)(nil)).Elem(), GetKeyRingsKeyRingArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*GetKeyRingsKeyRingArrayInput)(nil)).Elem(), GetKeyRingsKeyRingArray{}) pulumi.RegisterOutputType(CryptoKeyIAMBindingConditionOutput{}) @@ -4431,6 +4554,8 @@ func init() { pulumi.RegisterOutputType(GetKMSCryptoKeyVersionPublicKeyArrayOutput{}) pulumi.RegisterOutputType(GetKMSCryptoKeyVersionTemplateOutput{}) pulumi.RegisterOutputType(GetKMSCryptoKeyVersionTemplateArrayOutput{}) + pulumi.RegisterOutputType(GetKeyHandlesKeyHandleOutput{}) + pulumi.RegisterOutputType(GetKeyHandlesKeyHandleArrayOutput{}) pulumi.RegisterOutputType(GetKeyRingsKeyRingOutput{}) pulumi.RegisterOutputType(GetKeyRingsKeyRingArrayOutput{}) } diff --git a/sdk/go/gcp/networksecurity/pulumiTypes.go b/sdk/go/gcp/networksecurity/pulumiTypes.go index f73d3b7751..950c47432f 100644 --- a/sdk/go/gcp/networksecurity/pulumiTypes.go +++ b/sdk/go/gcp/networksecurity/pulumiTypes.go @@ -5692,6 +5692,288 @@ func (o MirroringEndpointGroupAssociationLocationsDetailArrayOutput) Index(i pul }).(MirroringEndpointGroupAssociationLocationsDetailOutput) } +type SecurityProfileCustomInterceptProfile struct { + // The Intercept Endpoint Group to which matching traffic should be intercepted. + // Format: projects/{project_id}/locations/global/interceptEndpointGroups/{endpoint_group_id} + InterceptEndpointGroup string `pulumi:"interceptEndpointGroup"` +} + +// SecurityProfileCustomInterceptProfileInput is an input type that accepts SecurityProfileCustomInterceptProfileArgs and SecurityProfileCustomInterceptProfileOutput values. +// You can construct a concrete instance of `SecurityProfileCustomInterceptProfileInput` via: +// +// SecurityProfileCustomInterceptProfileArgs{...} +type SecurityProfileCustomInterceptProfileInput interface { + pulumi.Input + + ToSecurityProfileCustomInterceptProfileOutput() SecurityProfileCustomInterceptProfileOutput + ToSecurityProfileCustomInterceptProfileOutputWithContext(context.Context) SecurityProfileCustomInterceptProfileOutput +} + +type SecurityProfileCustomInterceptProfileArgs struct { + // The Intercept Endpoint Group to which matching traffic should be intercepted. + // Format: projects/{project_id}/locations/global/interceptEndpointGroups/{endpoint_group_id} + InterceptEndpointGroup pulumi.StringInput `pulumi:"interceptEndpointGroup"` +} + +func (SecurityProfileCustomInterceptProfileArgs) ElementType() reflect.Type { + return reflect.TypeOf((*SecurityProfileCustomInterceptProfile)(nil)).Elem() +} + +func (i SecurityProfileCustomInterceptProfileArgs) ToSecurityProfileCustomInterceptProfileOutput() SecurityProfileCustomInterceptProfileOutput { + return i.ToSecurityProfileCustomInterceptProfileOutputWithContext(context.Background()) +} + +func (i SecurityProfileCustomInterceptProfileArgs) ToSecurityProfileCustomInterceptProfileOutputWithContext(ctx context.Context) SecurityProfileCustomInterceptProfileOutput { + return pulumi.ToOutputWithContext(ctx, i).(SecurityProfileCustomInterceptProfileOutput) +} + +func (i SecurityProfileCustomInterceptProfileArgs) ToSecurityProfileCustomInterceptProfilePtrOutput() SecurityProfileCustomInterceptProfilePtrOutput { + return i.ToSecurityProfileCustomInterceptProfilePtrOutputWithContext(context.Background()) +} + +func (i SecurityProfileCustomInterceptProfileArgs) ToSecurityProfileCustomInterceptProfilePtrOutputWithContext(ctx context.Context) SecurityProfileCustomInterceptProfilePtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(SecurityProfileCustomInterceptProfileOutput).ToSecurityProfileCustomInterceptProfilePtrOutputWithContext(ctx) +} + +// SecurityProfileCustomInterceptProfilePtrInput is an input type that accepts SecurityProfileCustomInterceptProfileArgs, SecurityProfileCustomInterceptProfilePtr and SecurityProfileCustomInterceptProfilePtrOutput values. +// You can construct a concrete instance of `SecurityProfileCustomInterceptProfilePtrInput` via: +// +// SecurityProfileCustomInterceptProfileArgs{...} +// +// or: +// +// nil +type SecurityProfileCustomInterceptProfilePtrInput interface { + pulumi.Input + + ToSecurityProfileCustomInterceptProfilePtrOutput() SecurityProfileCustomInterceptProfilePtrOutput + ToSecurityProfileCustomInterceptProfilePtrOutputWithContext(context.Context) SecurityProfileCustomInterceptProfilePtrOutput +} + +type securityProfileCustomInterceptProfilePtrType SecurityProfileCustomInterceptProfileArgs + +func SecurityProfileCustomInterceptProfilePtr(v *SecurityProfileCustomInterceptProfileArgs) SecurityProfileCustomInterceptProfilePtrInput { + return (*securityProfileCustomInterceptProfilePtrType)(v) +} + +func (*securityProfileCustomInterceptProfilePtrType) ElementType() reflect.Type { + return reflect.TypeOf((**SecurityProfileCustomInterceptProfile)(nil)).Elem() +} + +func (i *securityProfileCustomInterceptProfilePtrType) ToSecurityProfileCustomInterceptProfilePtrOutput() SecurityProfileCustomInterceptProfilePtrOutput { + return i.ToSecurityProfileCustomInterceptProfilePtrOutputWithContext(context.Background()) +} + +func (i *securityProfileCustomInterceptProfilePtrType) ToSecurityProfileCustomInterceptProfilePtrOutputWithContext(ctx context.Context) SecurityProfileCustomInterceptProfilePtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(SecurityProfileCustomInterceptProfilePtrOutput) +} + +type SecurityProfileCustomInterceptProfileOutput struct{ *pulumi.OutputState } + +func (SecurityProfileCustomInterceptProfileOutput) ElementType() reflect.Type { + return reflect.TypeOf((*SecurityProfileCustomInterceptProfile)(nil)).Elem() +} + +func (o SecurityProfileCustomInterceptProfileOutput) ToSecurityProfileCustomInterceptProfileOutput() SecurityProfileCustomInterceptProfileOutput { + return o +} + +func (o SecurityProfileCustomInterceptProfileOutput) ToSecurityProfileCustomInterceptProfileOutputWithContext(ctx context.Context) SecurityProfileCustomInterceptProfileOutput { + return o +} + +func (o SecurityProfileCustomInterceptProfileOutput) ToSecurityProfileCustomInterceptProfilePtrOutput() SecurityProfileCustomInterceptProfilePtrOutput { + return o.ToSecurityProfileCustomInterceptProfilePtrOutputWithContext(context.Background()) +} + +func (o SecurityProfileCustomInterceptProfileOutput) ToSecurityProfileCustomInterceptProfilePtrOutputWithContext(ctx context.Context) SecurityProfileCustomInterceptProfilePtrOutput { + return o.ApplyTWithContext(ctx, func(_ context.Context, v SecurityProfileCustomInterceptProfile) *SecurityProfileCustomInterceptProfile { + return &v + }).(SecurityProfileCustomInterceptProfilePtrOutput) +} + +// The Intercept Endpoint Group to which matching traffic should be intercepted. +// Format: projects/{project_id}/locations/global/interceptEndpointGroups/{endpoint_group_id} +func (o SecurityProfileCustomInterceptProfileOutput) InterceptEndpointGroup() pulumi.StringOutput { + return o.ApplyT(func(v SecurityProfileCustomInterceptProfile) string { return v.InterceptEndpointGroup }).(pulumi.StringOutput) +} + +type SecurityProfileCustomInterceptProfilePtrOutput struct{ *pulumi.OutputState } + +func (SecurityProfileCustomInterceptProfilePtrOutput) ElementType() reflect.Type { + return reflect.TypeOf((**SecurityProfileCustomInterceptProfile)(nil)).Elem() +} + +func (o SecurityProfileCustomInterceptProfilePtrOutput) ToSecurityProfileCustomInterceptProfilePtrOutput() SecurityProfileCustomInterceptProfilePtrOutput { + return o +} + +func (o SecurityProfileCustomInterceptProfilePtrOutput) ToSecurityProfileCustomInterceptProfilePtrOutputWithContext(ctx context.Context) SecurityProfileCustomInterceptProfilePtrOutput { + return o +} + +func (o SecurityProfileCustomInterceptProfilePtrOutput) Elem() SecurityProfileCustomInterceptProfileOutput { + return o.ApplyT(func(v *SecurityProfileCustomInterceptProfile) SecurityProfileCustomInterceptProfile { + if v != nil { + return *v + } + var ret SecurityProfileCustomInterceptProfile + return ret + }).(SecurityProfileCustomInterceptProfileOutput) +} + +// The Intercept Endpoint Group to which matching traffic should be intercepted. +// Format: projects/{project_id}/locations/global/interceptEndpointGroups/{endpoint_group_id} +func (o SecurityProfileCustomInterceptProfilePtrOutput) InterceptEndpointGroup() pulumi.StringPtrOutput { + return o.ApplyT(func(v *SecurityProfileCustomInterceptProfile) *string { + if v == nil { + return nil + } + return &v.InterceptEndpointGroup + }).(pulumi.StringPtrOutput) +} + +type SecurityProfileCustomMirroringProfile struct { + // The Mirroring Endpoint Group to which matching traffic should be mirrored. + // Format: projects/{project_id}/locations/global/mirroringEndpointGroups/{endpoint_group_id} + MirroringEndpointGroup string `pulumi:"mirroringEndpointGroup"` +} + +// SecurityProfileCustomMirroringProfileInput is an input type that accepts SecurityProfileCustomMirroringProfileArgs and SecurityProfileCustomMirroringProfileOutput values. +// You can construct a concrete instance of `SecurityProfileCustomMirroringProfileInput` via: +// +// SecurityProfileCustomMirroringProfileArgs{...} +type SecurityProfileCustomMirroringProfileInput interface { + pulumi.Input + + ToSecurityProfileCustomMirroringProfileOutput() SecurityProfileCustomMirroringProfileOutput + ToSecurityProfileCustomMirroringProfileOutputWithContext(context.Context) SecurityProfileCustomMirroringProfileOutput +} + +type SecurityProfileCustomMirroringProfileArgs struct { + // The Mirroring Endpoint Group to which matching traffic should be mirrored. + // Format: projects/{project_id}/locations/global/mirroringEndpointGroups/{endpoint_group_id} + MirroringEndpointGroup pulumi.StringInput `pulumi:"mirroringEndpointGroup"` +} + +func (SecurityProfileCustomMirroringProfileArgs) ElementType() reflect.Type { + return reflect.TypeOf((*SecurityProfileCustomMirroringProfile)(nil)).Elem() +} + +func (i SecurityProfileCustomMirroringProfileArgs) ToSecurityProfileCustomMirroringProfileOutput() SecurityProfileCustomMirroringProfileOutput { + return i.ToSecurityProfileCustomMirroringProfileOutputWithContext(context.Background()) +} + +func (i SecurityProfileCustomMirroringProfileArgs) ToSecurityProfileCustomMirroringProfileOutputWithContext(ctx context.Context) SecurityProfileCustomMirroringProfileOutput { + return pulumi.ToOutputWithContext(ctx, i).(SecurityProfileCustomMirroringProfileOutput) +} + +func (i SecurityProfileCustomMirroringProfileArgs) ToSecurityProfileCustomMirroringProfilePtrOutput() SecurityProfileCustomMirroringProfilePtrOutput { + return i.ToSecurityProfileCustomMirroringProfilePtrOutputWithContext(context.Background()) +} + +func (i SecurityProfileCustomMirroringProfileArgs) ToSecurityProfileCustomMirroringProfilePtrOutputWithContext(ctx context.Context) SecurityProfileCustomMirroringProfilePtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(SecurityProfileCustomMirroringProfileOutput).ToSecurityProfileCustomMirroringProfilePtrOutputWithContext(ctx) +} + +// SecurityProfileCustomMirroringProfilePtrInput is an input type that accepts SecurityProfileCustomMirroringProfileArgs, SecurityProfileCustomMirroringProfilePtr and SecurityProfileCustomMirroringProfilePtrOutput values. +// You can construct a concrete instance of `SecurityProfileCustomMirroringProfilePtrInput` via: +// +// SecurityProfileCustomMirroringProfileArgs{...} +// +// or: +// +// nil +type SecurityProfileCustomMirroringProfilePtrInput interface { + pulumi.Input + + ToSecurityProfileCustomMirroringProfilePtrOutput() SecurityProfileCustomMirroringProfilePtrOutput + ToSecurityProfileCustomMirroringProfilePtrOutputWithContext(context.Context) SecurityProfileCustomMirroringProfilePtrOutput +} + +type securityProfileCustomMirroringProfilePtrType SecurityProfileCustomMirroringProfileArgs + +func SecurityProfileCustomMirroringProfilePtr(v *SecurityProfileCustomMirroringProfileArgs) SecurityProfileCustomMirroringProfilePtrInput { + return (*securityProfileCustomMirroringProfilePtrType)(v) +} + +func (*securityProfileCustomMirroringProfilePtrType) ElementType() reflect.Type { + return reflect.TypeOf((**SecurityProfileCustomMirroringProfile)(nil)).Elem() +} + +func (i *securityProfileCustomMirroringProfilePtrType) ToSecurityProfileCustomMirroringProfilePtrOutput() SecurityProfileCustomMirroringProfilePtrOutput { + return i.ToSecurityProfileCustomMirroringProfilePtrOutputWithContext(context.Background()) +} + +func (i *securityProfileCustomMirroringProfilePtrType) ToSecurityProfileCustomMirroringProfilePtrOutputWithContext(ctx context.Context) SecurityProfileCustomMirroringProfilePtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(SecurityProfileCustomMirroringProfilePtrOutput) +} + +type SecurityProfileCustomMirroringProfileOutput struct{ *pulumi.OutputState } + +func (SecurityProfileCustomMirroringProfileOutput) ElementType() reflect.Type { + return reflect.TypeOf((*SecurityProfileCustomMirroringProfile)(nil)).Elem() +} + +func (o SecurityProfileCustomMirroringProfileOutput) ToSecurityProfileCustomMirroringProfileOutput() SecurityProfileCustomMirroringProfileOutput { + return o +} + +func (o SecurityProfileCustomMirroringProfileOutput) ToSecurityProfileCustomMirroringProfileOutputWithContext(ctx context.Context) SecurityProfileCustomMirroringProfileOutput { + return o +} + +func (o SecurityProfileCustomMirroringProfileOutput) ToSecurityProfileCustomMirroringProfilePtrOutput() SecurityProfileCustomMirroringProfilePtrOutput { + return o.ToSecurityProfileCustomMirroringProfilePtrOutputWithContext(context.Background()) +} + +func (o SecurityProfileCustomMirroringProfileOutput) ToSecurityProfileCustomMirroringProfilePtrOutputWithContext(ctx context.Context) SecurityProfileCustomMirroringProfilePtrOutput { + return o.ApplyTWithContext(ctx, func(_ context.Context, v SecurityProfileCustomMirroringProfile) *SecurityProfileCustomMirroringProfile { + return &v + }).(SecurityProfileCustomMirroringProfilePtrOutput) +} + +// The Mirroring Endpoint Group to which matching traffic should be mirrored. +// Format: projects/{project_id}/locations/global/mirroringEndpointGroups/{endpoint_group_id} +func (o SecurityProfileCustomMirroringProfileOutput) MirroringEndpointGroup() pulumi.StringOutput { + return o.ApplyT(func(v SecurityProfileCustomMirroringProfile) string { return v.MirroringEndpointGroup }).(pulumi.StringOutput) +} + +type SecurityProfileCustomMirroringProfilePtrOutput struct{ *pulumi.OutputState } + +func (SecurityProfileCustomMirroringProfilePtrOutput) ElementType() reflect.Type { + return reflect.TypeOf((**SecurityProfileCustomMirroringProfile)(nil)).Elem() +} + +func (o SecurityProfileCustomMirroringProfilePtrOutput) ToSecurityProfileCustomMirroringProfilePtrOutput() SecurityProfileCustomMirroringProfilePtrOutput { + return o +} + +func (o SecurityProfileCustomMirroringProfilePtrOutput) ToSecurityProfileCustomMirroringProfilePtrOutputWithContext(ctx context.Context) SecurityProfileCustomMirroringProfilePtrOutput { + return o +} + +func (o SecurityProfileCustomMirroringProfilePtrOutput) Elem() SecurityProfileCustomMirroringProfileOutput { + return o.ApplyT(func(v *SecurityProfileCustomMirroringProfile) SecurityProfileCustomMirroringProfile { + if v != nil { + return *v + } + var ret SecurityProfileCustomMirroringProfile + return ret + }).(SecurityProfileCustomMirroringProfileOutput) +} + +// The Mirroring Endpoint Group to which matching traffic should be mirrored. +// Format: projects/{project_id}/locations/global/mirroringEndpointGroups/{endpoint_group_id} +func (o SecurityProfileCustomMirroringProfilePtrOutput) MirroringEndpointGroup() pulumi.StringPtrOutput { + return o.ApplyT(func(v *SecurityProfileCustomMirroringProfile) *string { + if v == nil { + return nil + } + return &v.MirroringEndpointGroup + }).(pulumi.StringPtrOutput) +} + type SecurityProfileThreatPreventionProfile struct { // The configuration for overriding threats actions by severity match. // Structure is documented below. @@ -7222,6 +7504,10 @@ func init() { pulumi.RegisterInputType(reflect.TypeOf((*MirroringDeploymentGroupConnectedEndpointGroupArrayInput)(nil)).Elem(), MirroringDeploymentGroupConnectedEndpointGroupArray{}) pulumi.RegisterInputType(reflect.TypeOf((*MirroringEndpointGroupAssociationLocationsDetailInput)(nil)).Elem(), MirroringEndpointGroupAssociationLocationsDetailArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*MirroringEndpointGroupAssociationLocationsDetailArrayInput)(nil)).Elem(), MirroringEndpointGroupAssociationLocationsDetailArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*SecurityProfileCustomInterceptProfileInput)(nil)).Elem(), SecurityProfileCustomInterceptProfileArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*SecurityProfileCustomInterceptProfilePtrInput)(nil)).Elem(), SecurityProfileCustomInterceptProfileArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*SecurityProfileCustomMirroringProfileInput)(nil)).Elem(), SecurityProfileCustomMirroringProfileArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*SecurityProfileCustomMirroringProfilePtrInput)(nil)).Elem(), SecurityProfileCustomMirroringProfileArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*SecurityProfileThreatPreventionProfileInput)(nil)).Elem(), SecurityProfileThreatPreventionProfileArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*SecurityProfileThreatPreventionProfilePtrInput)(nil)).Elem(), SecurityProfileThreatPreventionProfileArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*SecurityProfileThreatPreventionProfileSeverityOverrideInput)(nil)).Elem(), SecurityProfileThreatPreventionProfileSeverityOverrideArgs{}) @@ -7320,6 +7606,10 @@ func init() { pulumi.RegisterOutputType(MirroringDeploymentGroupConnectedEndpointGroupArrayOutput{}) pulumi.RegisterOutputType(MirroringEndpointGroupAssociationLocationsDetailOutput{}) pulumi.RegisterOutputType(MirroringEndpointGroupAssociationLocationsDetailArrayOutput{}) + pulumi.RegisterOutputType(SecurityProfileCustomInterceptProfileOutput{}) + pulumi.RegisterOutputType(SecurityProfileCustomInterceptProfilePtrOutput{}) + pulumi.RegisterOutputType(SecurityProfileCustomMirroringProfileOutput{}) + pulumi.RegisterOutputType(SecurityProfileCustomMirroringProfilePtrOutput{}) pulumi.RegisterOutputType(SecurityProfileThreatPreventionProfileOutput{}) pulumi.RegisterOutputType(SecurityProfileThreatPreventionProfilePtrOutput{}) pulumi.RegisterOutputType(SecurityProfileThreatPreventionProfileSeverityOverrideOutput{}) diff --git a/sdk/go/gcp/networksecurity/securityProfile.go b/sdk/go/gcp/networksecurity/securityProfile.go index d56e1079c3..c6ccce304e 100644 --- a/sdk/go/gcp/networksecurity/securityProfile.go +++ b/sdk/go/gcp/networksecurity/securityProfile.go @@ -99,6 +99,116 @@ import ( // } // // ``` +// ### Network Security Security Profile Mirroring +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute" +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := compute.NewNetwork(ctx, "default", &compute.NetworkArgs{ +// Name: pulumi.String("my-network"), +// AutoCreateSubnetworks: pulumi.Bool(false), +// }) +// if err != nil { +// return err +// } +// defaultMirroringDeploymentGroup, err := networksecurity.NewMirroringDeploymentGroup(ctx, "default", &networksecurity.MirroringDeploymentGroupArgs{ +// MirroringDeploymentGroupId: pulumi.String("my-dg"), +// Location: pulumi.String("global"), +// Network: _default.ID(), +// }) +// if err != nil { +// return err +// } +// defaultMirroringEndpointGroup, err := networksecurity.NewMirroringEndpointGroup(ctx, "default", &networksecurity.MirroringEndpointGroupArgs{ +// MirroringEndpointGroupId: pulumi.String("my-eg"), +// Location: pulumi.String("global"), +// MirroringDeploymentGroup: defaultMirroringDeploymentGroup.ID(), +// }) +// if err != nil { +// return err +// } +// _, err = networksecurity.NewSecurityProfile(ctx, "default", &networksecurity.SecurityProfileArgs{ +// Name: pulumi.String("my-security-profile"), +// Parent: pulumi.String("organizations/123456789"), +// Description: pulumi.String("my description"), +// Type: pulumi.String("CUSTOM_MIRRORING"), +// CustomMirroringProfile: &networksecurity.SecurityProfileCustomMirroringProfileArgs{ +// MirroringEndpointGroup: defaultMirroringEndpointGroup.ID(), +// }, +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// ### Network Security Security Profile Intercept +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute" +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := compute.NewNetwork(ctx, "default", &compute.NetworkArgs{ +// Name: pulumi.String("my-network"), +// AutoCreateSubnetworks: pulumi.Bool(false), +// }) +// if err != nil { +// return err +// } +// defaultInterceptDeploymentGroup, err := networksecurity.NewInterceptDeploymentGroup(ctx, "default", &networksecurity.InterceptDeploymentGroupArgs{ +// InterceptDeploymentGroupId: pulumi.String("my-dg"), +// Location: pulumi.String("global"), +// Network: _default.ID(), +// }) +// if err != nil { +// return err +// } +// defaultInterceptEndpointGroup, err := networksecurity.NewInterceptEndpointGroup(ctx, "default", &networksecurity.InterceptEndpointGroupArgs{ +// InterceptEndpointGroupId: pulumi.String("my-eg"), +// Location: pulumi.String("global"), +// InterceptDeploymentGroup: defaultInterceptDeploymentGroup.ID(), +// }) +// if err != nil { +// return err +// } +// _, err = networksecurity.NewSecurityProfile(ctx, "default", &networksecurity.SecurityProfileArgs{ +// Name: pulumi.String("my-security-profile"), +// Parent: pulumi.String("organizations/123456789"), +// Description: pulumi.String("my description"), +// Type: pulumi.String("CUSTOM_INTERCEPT"), +// CustomInterceptProfile: &networksecurity.SecurityProfileCustomInterceptProfileArgs{ +// InterceptEndpointGroup: defaultInterceptEndpointGroup.ID(), +// }, +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` // // ## Import // @@ -116,6 +226,14 @@ type SecurityProfile struct { // Time the security profile was created in UTC. CreateTime pulumi.StringOutput `pulumi:"createTime"` + // The configuration for defining the Intercept Endpoint Group used to + // intercept traffic to third-party firewall appliances. + // Structure is documented below. + CustomInterceptProfile SecurityProfileCustomInterceptProfilePtrOutput `pulumi:"customInterceptProfile"` + // The configuration for defining the Mirroring Endpoint Group used to + // mirror traffic to third-party collectors. + // Structure is documented below. + CustomMirroringProfile SecurityProfileCustomMirroringProfilePtrOutput `pulumi:"customMirroringProfile"` // An optional description of the security profile. The Max length is 512 characters. Description pulumi.StringPtrOutput `pulumi:"description"` // All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. @@ -148,7 +266,7 @@ type SecurityProfile struct { // Structure is documented below. ThreatPreventionProfile SecurityProfileThreatPreventionProfilePtrOutput `pulumi:"threatPreventionProfile"` // The type of security profile. - // Possible values are: `THREAT_PREVENTION`. + // Possible values are: `THREAT_PREVENTION`, `CUSTOM_MIRRORING`, `CUSTOM_INTERCEPT`. Type pulumi.StringOutput `pulumi:"type"` // Time the security profile was updated in UTC. UpdateTime pulumi.StringOutput `pulumi:"updateTime"` @@ -194,6 +312,14 @@ func GetSecurityProfile(ctx *pulumi.Context, type securityProfileState struct { // Time the security profile was created in UTC. CreateTime *string `pulumi:"createTime"` + // The configuration for defining the Intercept Endpoint Group used to + // intercept traffic to third-party firewall appliances. + // Structure is documented below. + CustomInterceptProfile *SecurityProfileCustomInterceptProfile `pulumi:"customInterceptProfile"` + // The configuration for defining the Mirroring Endpoint Group used to + // mirror traffic to third-party collectors. + // Structure is documented below. + CustomMirroringProfile *SecurityProfileCustomMirroringProfile `pulumi:"customMirroringProfile"` // An optional description of the security profile. The Max length is 512 characters. Description *string `pulumi:"description"` // All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. @@ -226,7 +352,7 @@ type securityProfileState struct { // Structure is documented below. ThreatPreventionProfile *SecurityProfileThreatPreventionProfile `pulumi:"threatPreventionProfile"` // The type of security profile. - // Possible values are: `THREAT_PREVENTION`. + // Possible values are: `THREAT_PREVENTION`, `CUSTOM_MIRRORING`, `CUSTOM_INTERCEPT`. Type *string `pulumi:"type"` // Time the security profile was updated in UTC. UpdateTime *string `pulumi:"updateTime"` @@ -235,6 +361,14 @@ type securityProfileState struct { type SecurityProfileState struct { // Time the security profile was created in UTC. CreateTime pulumi.StringPtrInput + // The configuration for defining the Intercept Endpoint Group used to + // intercept traffic to third-party firewall appliances. + // Structure is documented below. + CustomInterceptProfile SecurityProfileCustomInterceptProfilePtrInput + // The configuration for defining the Mirroring Endpoint Group used to + // mirror traffic to third-party collectors. + // Structure is documented below. + CustomMirroringProfile SecurityProfileCustomMirroringProfilePtrInput // An optional description of the security profile. The Max length is 512 characters. Description pulumi.StringPtrInput // All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. @@ -267,7 +401,7 @@ type SecurityProfileState struct { // Structure is documented below. ThreatPreventionProfile SecurityProfileThreatPreventionProfilePtrInput // The type of security profile. - // Possible values are: `THREAT_PREVENTION`. + // Possible values are: `THREAT_PREVENTION`, `CUSTOM_MIRRORING`, `CUSTOM_INTERCEPT`. Type pulumi.StringPtrInput // Time the security profile was updated in UTC. UpdateTime pulumi.StringPtrInput @@ -278,6 +412,14 @@ func (SecurityProfileState) ElementType() reflect.Type { } type securityProfileArgs struct { + // The configuration for defining the Intercept Endpoint Group used to + // intercept traffic to third-party firewall appliances. + // Structure is documented below. + CustomInterceptProfile *SecurityProfileCustomInterceptProfile `pulumi:"customInterceptProfile"` + // The configuration for defining the Mirroring Endpoint Group used to + // mirror traffic to third-party collectors. + // Structure is documented below. + CustomMirroringProfile *SecurityProfileCustomMirroringProfile `pulumi:"customMirroringProfile"` // An optional description of the security profile. The Max length is 512 characters. Description *string `pulumi:"description"` // A map of key/value label pairs to assign to the resource. @@ -299,12 +441,20 @@ type securityProfileArgs struct { // Structure is documented below. ThreatPreventionProfile *SecurityProfileThreatPreventionProfile `pulumi:"threatPreventionProfile"` // The type of security profile. - // Possible values are: `THREAT_PREVENTION`. + // Possible values are: `THREAT_PREVENTION`, `CUSTOM_MIRRORING`, `CUSTOM_INTERCEPT`. Type string `pulumi:"type"` } // The set of arguments for constructing a SecurityProfile resource. type SecurityProfileArgs struct { + // The configuration for defining the Intercept Endpoint Group used to + // intercept traffic to third-party firewall appliances. + // Structure is documented below. + CustomInterceptProfile SecurityProfileCustomInterceptProfilePtrInput + // The configuration for defining the Mirroring Endpoint Group used to + // mirror traffic to third-party collectors. + // Structure is documented below. + CustomMirroringProfile SecurityProfileCustomMirroringProfilePtrInput // An optional description of the security profile. The Max length is 512 characters. Description pulumi.StringPtrInput // A map of key/value label pairs to assign to the resource. @@ -326,7 +476,7 @@ type SecurityProfileArgs struct { // Structure is documented below. ThreatPreventionProfile SecurityProfileThreatPreventionProfilePtrInput // The type of security profile. - // Possible values are: `THREAT_PREVENTION`. + // Possible values are: `THREAT_PREVENTION`, `CUSTOM_MIRRORING`, `CUSTOM_INTERCEPT`. Type pulumi.StringInput } @@ -422,6 +572,24 @@ func (o SecurityProfileOutput) CreateTime() pulumi.StringOutput { return o.ApplyT(func(v *SecurityProfile) pulumi.StringOutput { return v.CreateTime }).(pulumi.StringOutput) } +// The configuration for defining the Intercept Endpoint Group used to +// intercept traffic to third-party firewall appliances. +// Structure is documented below. +func (o SecurityProfileOutput) CustomInterceptProfile() SecurityProfileCustomInterceptProfilePtrOutput { + return o.ApplyT(func(v *SecurityProfile) SecurityProfileCustomInterceptProfilePtrOutput { + return v.CustomInterceptProfile + }).(SecurityProfileCustomInterceptProfilePtrOutput) +} + +// The configuration for defining the Mirroring Endpoint Group used to +// mirror traffic to third-party collectors. +// Structure is documented below. +func (o SecurityProfileOutput) CustomMirroringProfile() SecurityProfileCustomMirroringProfilePtrOutput { + return o.ApplyT(func(v *SecurityProfile) SecurityProfileCustomMirroringProfilePtrOutput { + return v.CustomMirroringProfile + }).(SecurityProfileCustomMirroringProfilePtrOutput) +} + // An optional description of the security profile. The Max length is 512 characters. func (o SecurityProfileOutput) Description() pulumi.StringPtrOutput { return o.ApplyT(func(v *SecurityProfile) pulumi.StringPtrOutput { return v.Description }).(pulumi.StringPtrOutput) @@ -486,7 +654,7 @@ func (o SecurityProfileOutput) ThreatPreventionProfile() SecurityProfileThreatPr } // The type of security profile. -// Possible values are: `THREAT_PREVENTION`. +// Possible values are: `THREAT_PREVENTION`, `CUSTOM_MIRRORING`, `CUSTOM_INTERCEPT`. func (o SecurityProfileOutput) Type() pulumi.StringOutput { return o.ApplyT(func(v *SecurityProfile) pulumi.StringOutput { return v.Type }).(pulumi.StringOutput) } diff --git a/sdk/go/gcp/networksecurity/securityProfileGroup.go b/sdk/go/gcp/networksecurity/securityProfileGroup.go index 80ef84e5da..84d7995634 100644 --- a/sdk/go/gcp/networksecurity/securityProfileGroup.go +++ b/sdk/go/gcp/networksecurity/securityProfileGroup.go @@ -62,6 +62,134 @@ import ( // } // // ``` +// ### Network Security Security Profile Group Mirroring +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute" +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := compute.NewNetwork(ctx, "default", &compute.NetworkArgs{ +// Name: pulumi.String("network"), +// AutoCreateSubnetworks: pulumi.Bool(false), +// }) +// if err != nil { +// return err +// } +// defaultMirroringDeploymentGroup, err := networksecurity.NewMirroringDeploymentGroup(ctx, "default", &networksecurity.MirroringDeploymentGroupArgs{ +// MirroringDeploymentGroupId: pulumi.String("deployment-group"), +// Location: pulumi.String("global"), +// Network: _default.ID(), +// }) +// if err != nil { +// return err +// } +// defaultMirroringEndpointGroup, err := networksecurity.NewMirroringEndpointGroup(ctx, "default", &networksecurity.MirroringEndpointGroupArgs{ +// MirroringEndpointGroupId: pulumi.String("endpoint-group"), +// Location: pulumi.String("global"), +// MirroringDeploymentGroup: defaultMirroringDeploymentGroup.ID(), +// }) +// if err != nil { +// return err +// } +// defaultSecurityProfile, err := networksecurity.NewSecurityProfile(ctx, "default", &networksecurity.SecurityProfileArgs{ +// Name: pulumi.String("sec-profile"), +// Parent: pulumi.String("organizations/123456789"), +// Description: pulumi.String("my description"), +// Type: pulumi.String("CUSTOM_MIRRORING"), +// CustomMirroringProfile: &networksecurity.SecurityProfileCustomMirroringProfileArgs{ +// MirroringEndpointGroup: defaultMirroringEndpointGroup.ID(), +// }, +// }) +// if err != nil { +// return err +// } +// _, err = networksecurity.NewSecurityProfileGroup(ctx, "default", &networksecurity.SecurityProfileGroupArgs{ +// Name: pulumi.String("sec-profile-group"), +// Parent: pulumi.String("organizations/123456789"), +// Description: pulumi.String("my description"), +// CustomMirroringProfile: defaultSecurityProfile.ID(), +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// ### Network Security Security Profile Group Intercept +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute" +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := compute.NewNetwork(ctx, "default", &compute.NetworkArgs{ +// Name: pulumi.String("network"), +// AutoCreateSubnetworks: pulumi.Bool(false), +// }) +// if err != nil { +// return err +// } +// defaultInterceptDeploymentGroup, err := networksecurity.NewInterceptDeploymentGroup(ctx, "default", &networksecurity.InterceptDeploymentGroupArgs{ +// InterceptDeploymentGroupId: pulumi.String("deployment-group"), +// Location: pulumi.String("global"), +// Network: _default.ID(), +// }) +// if err != nil { +// return err +// } +// defaultInterceptEndpointGroup, err := networksecurity.NewInterceptEndpointGroup(ctx, "default", &networksecurity.InterceptEndpointGroupArgs{ +// InterceptEndpointGroupId: pulumi.String("endpoint-group"), +// Location: pulumi.String("global"), +// InterceptDeploymentGroup: defaultInterceptDeploymentGroup.ID(), +// }) +// if err != nil { +// return err +// } +// defaultSecurityProfile, err := networksecurity.NewSecurityProfile(ctx, "default", &networksecurity.SecurityProfileArgs{ +// Name: pulumi.String("sec-profile"), +// Parent: pulumi.String("organizations/123456789"), +// Description: pulumi.String("my description"), +// Type: pulumi.String("CUSTOM_INTERCEPT"), +// CustomInterceptProfile: &networksecurity.SecurityProfileCustomInterceptProfileArgs{ +// InterceptEndpointGroup: defaultInterceptEndpointGroup.ID(), +// }, +// }) +// if err != nil { +// return err +// } +// _, err = networksecurity.NewSecurityProfileGroup(ctx, "default", &networksecurity.SecurityProfileGroupArgs{ +// Name: pulumi.String("sec-profile-group"), +// Parent: pulumi.String("organizations/123456789"), +// Description: pulumi.String("my description"), +// CustomInterceptProfile: defaultSecurityProfile.ID(), +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` // // ## Import // @@ -79,6 +207,10 @@ type SecurityProfileGroup struct { // Time the security profile group was created in UTC. CreateTime pulumi.StringOutput `pulumi:"createTime"` + // Reference to a SecurityProfile with the CustomIntercept configuration. + CustomInterceptProfile pulumi.StringPtrOutput `pulumi:"customInterceptProfile"` + // Reference to a SecurityProfile with the custom mirroring configuration for the SecurityProfileGroup. + CustomMirroringProfile pulumi.StringPtrOutput `pulumi:"customMirroringProfile"` // An optional description of the profile. The Max length is 512 characters. Description pulumi.StringPtrOutput `pulumi:"description"` // All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. @@ -148,6 +280,10 @@ func GetSecurityProfileGroup(ctx *pulumi.Context, type securityProfileGroupState struct { // Time the security profile group was created in UTC. CreateTime *string `pulumi:"createTime"` + // Reference to a SecurityProfile with the CustomIntercept configuration. + CustomInterceptProfile *string `pulumi:"customInterceptProfile"` + // Reference to a SecurityProfile with the custom mirroring configuration for the SecurityProfileGroup. + CustomMirroringProfile *string `pulumi:"customMirroringProfile"` // An optional description of the profile. The Max length is 512 characters. Description *string `pulumi:"description"` // All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. @@ -183,6 +319,10 @@ type securityProfileGroupState struct { type SecurityProfileGroupState struct { // Time the security profile group was created in UTC. CreateTime pulumi.StringPtrInput + // Reference to a SecurityProfile with the CustomIntercept configuration. + CustomInterceptProfile pulumi.StringPtrInput + // Reference to a SecurityProfile with the custom mirroring configuration for the SecurityProfileGroup. + CustomMirroringProfile pulumi.StringPtrInput // An optional description of the profile. The Max length is 512 characters. Description pulumi.StringPtrInput // All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. @@ -220,6 +360,10 @@ func (SecurityProfileGroupState) ElementType() reflect.Type { } type securityProfileGroupArgs struct { + // Reference to a SecurityProfile with the CustomIntercept configuration. + CustomInterceptProfile *string `pulumi:"customInterceptProfile"` + // Reference to a SecurityProfile with the custom mirroring configuration for the SecurityProfileGroup. + CustomMirroringProfile *string `pulumi:"customMirroringProfile"` // An optional description of the profile. The Max length is 512 characters. Description *string `pulumi:"description"` // A map of key/value label pairs to assign to the resource. @@ -243,6 +387,10 @@ type securityProfileGroupArgs struct { // The set of arguments for constructing a SecurityProfileGroup resource. type SecurityProfileGroupArgs struct { + // Reference to a SecurityProfile with the CustomIntercept configuration. + CustomInterceptProfile pulumi.StringPtrInput + // Reference to a SecurityProfile with the custom mirroring configuration for the SecurityProfileGroup. + CustomMirroringProfile pulumi.StringPtrInput // An optional description of the profile. The Max length is 512 characters. Description pulumi.StringPtrInput // A map of key/value label pairs to assign to the resource. @@ -356,6 +504,16 @@ func (o SecurityProfileGroupOutput) CreateTime() pulumi.StringOutput { return o.ApplyT(func(v *SecurityProfileGroup) pulumi.StringOutput { return v.CreateTime }).(pulumi.StringOutput) } +// Reference to a SecurityProfile with the CustomIntercept configuration. +func (o SecurityProfileGroupOutput) CustomInterceptProfile() pulumi.StringPtrOutput { + return o.ApplyT(func(v *SecurityProfileGroup) pulumi.StringPtrOutput { return v.CustomInterceptProfile }).(pulumi.StringPtrOutput) +} + +// Reference to a SecurityProfile with the custom mirroring configuration for the SecurityProfileGroup. +func (o SecurityProfileGroupOutput) CustomMirroringProfile() pulumi.StringPtrOutput { + return o.ApplyT(func(v *SecurityProfileGroup) pulumi.StringPtrOutput { return v.CustomMirroringProfile }).(pulumi.StringPtrOutput) +} + // An optional description of the profile. The Max length is 512 characters. func (o SecurityProfileGroupOutput) Description() pulumi.StringPtrOutput { return o.ApplyT(func(v *SecurityProfileGroup) pulumi.StringPtrOutput { return v.Description }).(pulumi.StringPtrOutput) diff --git a/sdk/go/gcp/organizations/getS.go b/sdk/go/gcp/organizations/getS.go new file mode 100644 index 0000000000..fbf6c94a4a --- /dev/null +++ b/sdk/go/gcp/organizations/getS.go @@ -0,0 +1,118 @@ +// Code generated by the Pulumi Terraform Bridge (tfgen) Tool DO NOT EDIT. +// *** WARNING: Do not edit by hand unless you're certain you know what you are doing! *** + +package organizations + +import ( + "context" + "reflect" + + "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/internal" + "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +) + +// Gets a list of all organizations. +// See [the official documentation](https://cloud.google.com/resource-manager/docs/creating-managing-organization) +// and [API](https://cloud.google.com/resource-manager/reference/rest/v1/organizations/search). +// +// ## Example Usage +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := organizations.GetS(ctx, &organizations.GetSArgs{ +// Filter: pulumi.StringRef("domain:example.com"), +// }, nil) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +func GetS(ctx *pulumi.Context, args *GetSArgs, opts ...pulumi.InvokeOption) (*GetSResult, error) { + opts = internal.PkgInvokeDefaultOpts(opts) + var rv GetSResult + err := ctx.Invoke("gcp:organizations/getS:getS", args, &rv, opts...) + if err != nil { + return nil, err + } + return &rv, nil +} + +// A collection of arguments for invoking getS. +type GetSArgs struct { + // An optional query string used to filter the Organizations to return in the response. Filter rules are case-insensitive. Further information can be found in the [REST API](https://cloud.google.com/resource-manager/reference/rest/v1/organizations/search#request-body). + Filter *string `pulumi:"filter"` +} + +// A collection of values returned by getS. +type GetSResult struct { + Filter *string `pulumi:"filter"` + // The provider-assigned unique ID for this managed resource. + Id string `pulumi:"id"` + // A list of all retrieved organizations. Structure is defined below. + Organizations []GetSOrganization `pulumi:"organizations"` +} + +func GetSOutput(ctx *pulumi.Context, args GetSOutputArgs, opts ...pulumi.InvokeOption) GetSResultOutput { + return pulumi.ToOutputWithContext(ctx.Context(), args). + ApplyT(func(v interface{}) (GetSResultOutput, error) { + args := v.(GetSArgs) + options := pulumi.InvokeOutputOptions{InvokeOptions: internal.PkgInvokeDefaultOpts(opts)} + return ctx.InvokeOutput("gcp:organizations/getS:getS", args, GetSResultOutput{}, options).(GetSResultOutput), nil + }).(GetSResultOutput) +} + +// A collection of arguments for invoking getS. +type GetSOutputArgs struct { + // An optional query string used to filter the Organizations to return in the response. Filter rules are case-insensitive. Further information can be found in the [REST API](https://cloud.google.com/resource-manager/reference/rest/v1/organizations/search#request-body). + Filter pulumi.StringPtrInput `pulumi:"filter"` +} + +func (GetSOutputArgs) ElementType() reflect.Type { + return reflect.TypeOf((*GetSArgs)(nil)).Elem() +} + +// A collection of values returned by getS. +type GetSResultOutput struct{ *pulumi.OutputState } + +func (GetSResultOutput) ElementType() reflect.Type { + return reflect.TypeOf((*GetSResult)(nil)).Elem() +} + +func (o GetSResultOutput) ToGetSResultOutput() GetSResultOutput { + return o +} + +func (o GetSResultOutput) ToGetSResultOutputWithContext(ctx context.Context) GetSResultOutput { + return o +} + +func (o GetSResultOutput) Filter() pulumi.StringPtrOutput { + return o.ApplyT(func(v GetSResult) *string { return v.Filter }).(pulumi.StringPtrOutput) +} + +// The provider-assigned unique ID for this managed resource. +func (o GetSResultOutput) Id() pulumi.StringOutput { + return o.ApplyT(func(v GetSResult) string { return v.Id }).(pulumi.StringOutput) +} + +// A list of all retrieved organizations. Structure is defined below. +func (o GetSResultOutput) Organizations() GetSOrganizationArrayOutput { + return o.ApplyT(func(v GetSResult) []GetSOrganization { return v.Organizations }).(GetSOrganizationArrayOutput) +} + +func init() { + pulumi.RegisterOutputType(GetSResultOutput{}) +} diff --git a/sdk/go/gcp/organizations/pulumiTypes.go b/sdk/go/gcp/organizations/pulumiTypes.go index d95a76072b..b4b37cfd5b 100644 --- a/sdk/go/gcp/organizations/pulumiTypes.go +++ b/sdk/go/gcp/organizations/pulumiTypes.go @@ -2117,6 +2117,139 @@ func (o GetIAMPolicyBindingConditionPtrOutput) Title() pulumi.StringPtrOutput { }).(pulumi.StringPtrOutput) } +type GetSOrganization struct { + // The Google for Work customer ID of the Organization. + DirectoryCustomerId string `pulumi:"directoryCustomerId"` + // A human-readable string that refers to the Organization in the Google Cloud console. The string will be set to the primary domain (for example, `"google.com"`) of the G Suite customer that owns the organization. + DisplayName string `pulumi:"displayName"` + // The Organization's current lifecycle state. + LifecycleState string `pulumi:"lifecycleState"` + // The resource name of the Organization in the form `organizations/{organization_id}`. + Name string `pulumi:"name"` + // The Organization ID. + OrgId string `pulumi:"orgId"` +} + +// GetSOrganizationInput is an input type that accepts GetSOrganizationArgs and GetSOrganizationOutput values. +// You can construct a concrete instance of `GetSOrganizationInput` via: +// +// GetSOrganizationArgs{...} +type GetSOrganizationInput interface { + pulumi.Input + + ToGetSOrganizationOutput() GetSOrganizationOutput + ToGetSOrganizationOutputWithContext(context.Context) GetSOrganizationOutput +} + +type GetSOrganizationArgs struct { + // The Google for Work customer ID of the Organization. + DirectoryCustomerId pulumi.StringInput `pulumi:"directoryCustomerId"` + // A human-readable string that refers to the Organization in the Google Cloud console. The string will be set to the primary domain (for example, `"google.com"`) of the G Suite customer that owns the organization. + DisplayName pulumi.StringInput `pulumi:"displayName"` + // The Organization's current lifecycle state. + LifecycleState pulumi.StringInput `pulumi:"lifecycleState"` + // The resource name of the Organization in the form `organizations/{organization_id}`. + Name pulumi.StringInput `pulumi:"name"` + // The Organization ID. + OrgId pulumi.StringInput `pulumi:"orgId"` +} + +func (GetSOrganizationArgs) ElementType() reflect.Type { + return reflect.TypeOf((*GetSOrganization)(nil)).Elem() +} + +func (i GetSOrganizationArgs) ToGetSOrganizationOutput() GetSOrganizationOutput { + return i.ToGetSOrganizationOutputWithContext(context.Background()) +} + +func (i GetSOrganizationArgs) ToGetSOrganizationOutputWithContext(ctx context.Context) GetSOrganizationOutput { + return pulumi.ToOutputWithContext(ctx, i).(GetSOrganizationOutput) +} + +// GetSOrganizationArrayInput is an input type that accepts GetSOrganizationArray and GetSOrganizationArrayOutput values. +// You can construct a concrete instance of `GetSOrganizationArrayInput` via: +// +// GetSOrganizationArray{ GetSOrganizationArgs{...} } +type GetSOrganizationArrayInput interface { + pulumi.Input + + ToGetSOrganizationArrayOutput() GetSOrganizationArrayOutput + ToGetSOrganizationArrayOutputWithContext(context.Context) GetSOrganizationArrayOutput +} + +type GetSOrganizationArray []GetSOrganizationInput + +func (GetSOrganizationArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]GetSOrganization)(nil)).Elem() +} + +func (i GetSOrganizationArray) ToGetSOrganizationArrayOutput() GetSOrganizationArrayOutput { + return i.ToGetSOrganizationArrayOutputWithContext(context.Background()) +} + +func (i GetSOrganizationArray) ToGetSOrganizationArrayOutputWithContext(ctx context.Context) GetSOrganizationArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(GetSOrganizationArrayOutput) +} + +type GetSOrganizationOutput struct{ *pulumi.OutputState } + +func (GetSOrganizationOutput) ElementType() reflect.Type { + return reflect.TypeOf((*GetSOrganization)(nil)).Elem() +} + +func (o GetSOrganizationOutput) ToGetSOrganizationOutput() GetSOrganizationOutput { + return o +} + +func (o GetSOrganizationOutput) ToGetSOrganizationOutputWithContext(ctx context.Context) GetSOrganizationOutput { + return o +} + +// The Google for Work customer ID of the Organization. +func (o GetSOrganizationOutput) DirectoryCustomerId() pulumi.StringOutput { + return o.ApplyT(func(v GetSOrganization) string { return v.DirectoryCustomerId }).(pulumi.StringOutput) +} + +// A human-readable string that refers to the Organization in the Google Cloud console. The string will be set to the primary domain (for example, `"google.com"`) of the G Suite customer that owns the organization. +func (o GetSOrganizationOutput) DisplayName() pulumi.StringOutput { + return o.ApplyT(func(v GetSOrganization) string { return v.DisplayName }).(pulumi.StringOutput) +} + +// The Organization's current lifecycle state. +func (o GetSOrganizationOutput) LifecycleState() pulumi.StringOutput { + return o.ApplyT(func(v GetSOrganization) string { return v.LifecycleState }).(pulumi.StringOutput) +} + +// The resource name of the Organization in the form `organizations/{organization_id}`. +func (o GetSOrganizationOutput) Name() pulumi.StringOutput { + return o.ApplyT(func(v GetSOrganization) string { return v.Name }).(pulumi.StringOutput) +} + +// The Organization ID. +func (o GetSOrganizationOutput) OrgId() pulumi.StringOutput { + return o.ApplyT(func(v GetSOrganization) string { return v.OrgId }).(pulumi.StringOutput) +} + +type GetSOrganizationArrayOutput struct{ *pulumi.OutputState } + +func (GetSOrganizationArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]GetSOrganization)(nil)).Elem() +} + +func (o GetSOrganizationArrayOutput) ToGetSOrganizationArrayOutput() GetSOrganizationArrayOutput { + return o +} + +func (o GetSOrganizationArrayOutput) ToGetSOrganizationArrayOutputWithContext(ctx context.Context) GetSOrganizationArrayOutput { + return o +} + +func (o GetSOrganizationArrayOutput) Index(i pulumi.IntInput) GetSOrganizationOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) GetSOrganization { + return vs[0].([]GetSOrganization)[vs[1].(int)] + }).(GetSOrganizationOutput) +} + func init() { pulumi.RegisterInputType(reflect.TypeOf((*AccessApprovalSettingsEnrolledServiceInput)(nil)).Elem(), AccessApprovalSettingsEnrolledServiceArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*AccessApprovalSettingsEnrolledServiceArrayInput)(nil)).Elem(), AccessApprovalSettingsEnrolledServiceArray{}) @@ -2146,6 +2279,8 @@ func init() { pulumi.RegisterInputType(reflect.TypeOf((*GetIAMPolicyBindingArrayInput)(nil)).Elem(), GetIAMPolicyBindingArray{}) pulumi.RegisterInputType(reflect.TypeOf((*GetIAMPolicyBindingConditionInput)(nil)).Elem(), GetIAMPolicyBindingConditionArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*GetIAMPolicyBindingConditionPtrInput)(nil)).Elem(), GetIAMPolicyBindingConditionArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*GetSOrganizationInput)(nil)).Elem(), GetSOrganizationArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*GetSOrganizationArrayInput)(nil)).Elem(), GetSOrganizationArray{}) pulumi.RegisterOutputType(AccessApprovalSettingsEnrolledServiceOutput{}) pulumi.RegisterOutputType(AccessApprovalSettingsEnrolledServiceArrayOutput{}) pulumi.RegisterOutputType(IAMBindingConditionOutput{}) @@ -2174,4 +2309,6 @@ func init() { pulumi.RegisterOutputType(GetIAMPolicyBindingArrayOutput{}) pulumi.RegisterOutputType(GetIAMPolicyBindingConditionOutput{}) pulumi.RegisterOutputType(GetIAMPolicyBindingConditionPtrOutput{}) + pulumi.RegisterOutputType(GetSOrganizationOutput{}) + pulumi.RegisterOutputType(GetSOrganizationArrayOutput{}) } diff --git a/sdk/go/gcp/parametermanager/getParameter.go b/sdk/go/gcp/parametermanager/getParameter.go new file mode 100644 index 0000000000..31fe82736a --- /dev/null +++ b/sdk/go/gcp/parametermanager/getParameter.go @@ -0,0 +1,156 @@ +// Code generated by the Pulumi Terraform Bridge (tfgen) Tool DO NOT EDIT. +// *** WARNING: Do not edit by hand unless you're certain you know what you are doing! *** + +package parametermanager + +import ( + "context" + "reflect" + + "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/internal" + "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +) + +// ## Example Usage +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/parametermanager" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := parametermanager.LookupParameter(ctx, ¶metermanager.LookupParameterArgs{ +// ParameterId: "foobar", +// }, nil) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +func LookupParameter(ctx *pulumi.Context, args *LookupParameterArgs, opts ...pulumi.InvokeOption) (*LookupParameterResult, error) { + opts = internal.PkgInvokeDefaultOpts(opts) + var rv LookupParameterResult + err := ctx.Invoke("gcp:parametermanager/getParameter:getParameter", args, &rv, opts...) + if err != nil { + return nil, err + } + return &rv, nil +} + +// A collection of arguments for invoking getParameter. +type LookupParameterArgs struct { + // The name of the parameter. + ParameterId string `pulumi:"parameterId"` + // The ID of the project in which the resource belongs. + Project *string `pulumi:"project"` +} + +// A collection of values returned by getParameter. +type LookupParameterResult struct { + CreateTime string `pulumi:"createTime"` + EffectiveLabels map[string]string `pulumi:"effectiveLabels"` + Format string `pulumi:"format"` + // The provider-assigned unique ID for this managed resource. + Id string `pulumi:"id"` + Labels map[string]string `pulumi:"labels"` + Name string `pulumi:"name"` + ParameterId string `pulumi:"parameterId"` + PolicyMembers []GetParameterPolicyMember `pulumi:"policyMembers"` + Project *string `pulumi:"project"` + PulumiLabels map[string]string `pulumi:"pulumiLabels"` + UpdateTime string `pulumi:"updateTime"` +} + +func LookupParameterOutput(ctx *pulumi.Context, args LookupParameterOutputArgs, opts ...pulumi.InvokeOption) LookupParameterResultOutput { + return pulumi.ToOutputWithContext(ctx.Context(), args). + ApplyT(func(v interface{}) (LookupParameterResultOutput, error) { + args := v.(LookupParameterArgs) + options := pulumi.InvokeOutputOptions{InvokeOptions: internal.PkgInvokeDefaultOpts(opts)} + return ctx.InvokeOutput("gcp:parametermanager/getParameter:getParameter", args, LookupParameterResultOutput{}, options).(LookupParameterResultOutput), nil + }).(LookupParameterResultOutput) +} + +// A collection of arguments for invoking getParameter. +type LookupParameterOutputArgs struct { + // The name of the parameter. + ParameterId pulumi.StringInput `pulumi:"parameterId"` + // The ID of the project in which the resource belongs. + Project pulumi.StringPtrInput `pulumi:"project"` +} + +func (LookupParameterOutputArgs) ElementType() reflect.Type { + return reflect.TypeOf((*LookupParameterArgs)(nil)).Elem() +} + +// A collection of values returned by getParameter. +type LookupParameterResultOutput struct{ *pulumi.OutputState } + +func (LookupParameterResultOutput) ElementType() reflect.Type { + return reflect.TypeOf((*LookupParameterResult)(nil)).Elem() +} + +func (o LookupParameterResultOutput) ToLookupParameterResultOutput() LookupParameterResultOutput { + return o +} + +func (o LookupParameterResultOutput) ToLookupParameterResultOutputWithContext(ctx context.Context) LookupParameterResultOutput { + return o +} + +func (o LookupParameterResultOutput) CreateTime() pulumi.StringOutput { + return o.ApplyT(func(v LookupParameterResult) string { return v.CreateTime }).(pulumi.StringOutput) +} + +func (o LookupParameterResultOutput) EffectiveLabels() pulumi.StringMapOutput { + return o.ApplyT(func(v LookupParameterResult) map[string]string { return v.EffectiveLabels }).(pulumi.StringMapOutput) +} + +func (o LookupParameterResultOutput) Format() pulumi.StringOutput { + return o.ApplyT(func(v LookupParameterResult) string { return v.Format }).(pulumi.StringOutput) +} + +// The provider-assigned unique ID for this managed resource. +func (o LookupParameterResultOutput) Id() pulumi.StringOutput { + return o.ApplyT(func(v LookupParameterResult) string { return v.Id }).(pulumi.StringOutput) +} + +func (o LookupParameterResultOutput) Labels() pulumi.StringMapOutput { + return o.ApplyT(func(v LookupParameterResult) map[string]string { return v.Labels }).(pulumi.StringMapOutput) +} + +func (o LookupParameterResultOutput) Name() pulumi.StringOutput { + return o.ApplyT(func(v LookupParameterResult) string { return v.Name }).(pulumi.StringOutput) +} + +func (o LookupParameterResultOutput) ParameterId() pulumi.StringOutput { + return o.ApplyT(func(v LookupParameterResult) string { return v.ParameterId }).(pulumi.StringOutput) +} + +func (o LookupParameterResultOutput) PolicyMembers() GetParameterPolicyMemberArrayOutput { + return o.ApplyT(func(v LookupParameterResult) []GetParameterPolicyMember { return v.PolicyMembers }).(GetParameterPolicyMemberArrayOutput) +} + +func (o LookupParameterResultOutput) Project() pulumi.StringPtrOutput { + return o.ApplyT(func(v LookupParameterResult) *string { return v.Project }).(pulumi.StringPtrOutput) +} + +func (o LookupParameterResultOutput) PulumiLabels() pulumi.StringMapOutput { + return o.ApplyT(func(v LookupParameterResult) map[string]string { return v.PulumiLabels }).(pulumi.StringMapOutput) +} + +func (o LookupParameterResultOutput) UpdateTime() pulumi.StringOutput { + return o.ApplyT(func(v LookupParameterResult) string { return v.UpdateTime }).(pulumi.StringOutput) +} + +func init() { + pulumi.RegisterOutputType(LookupParameterResultOutput{}) +} diff --git a/sdk/go/gcp/parametermanager/getRegionalParameters.go b/sdk/go/gcp/parametermanager/getRegionalParameters.go new file mode 100644 index 0000000000..5a204163e0 --- /dev/null +++ b/sdk/go/gcp/parametermanager/getRegionalParameters.go @@ -0,0 +1,134 @@ +// Code generated by the Pulumi Terraform Bridge (tfgen) Tool DO NOT EDIT. +// *** WARNING: Do not edit by hand unless you're certain you know what you are doing! *** + +package parametermanager + +import ( + "context" + "reflect" + + "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/internal" + "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +) + +// ## Example Usage +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/parametermanager" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := parametermanager.GetRegionalParameters(ctx, ¶metermanager.GetRegionalParametersArgs{ +// Location: "us-central1", +// }, nil) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +func GetRegionalParameters(ctx *pulumi.Context, args *GetRegionalParametersArgs, opts ...pulumi.InvokeOption) (*GetRegionalParametersResult, error) { + opts = internal.PkgInvokeDefaultOpts(opts) + var rv GetRegionalParametersResult + err := ctx.Invoke("gcp:parametermanager/getRegionalParameters:getRegionalParameters", args, &rv, opts...) + if err != nil { + return nil, err + } + return &rv, nil +} + +// A collection of arguments for invoking getRegionalParameters. +type GetRegionalParametersArgs struct { + // Filter string, adhering to the rules in List-operation filtering. List only parameters matching the filter. If filter is empty, all regional parameters are listed. + Filter *string `pulumi:"filter"` + // The location of regional parameter. + Location string `pulumi:"location"` + // The ID of the project. + Project *string `pulumi:"project"` +} + +// A collection of values returned by getRegionalParameters. +type GetRegionalParametersResult struct { + Filter *string `pulumi:"filter"` + // The provider-assigned unique ID for this managed resource. + Id string `pulumi:"id"` + Location string `pulumi:"location"` + // A list of regional parameters matching the filter. Structure is defined below. + Parameters []GetRegionalParametersParameter `pulumi:"parameters"` + // The ID of the project in which the resource belongs. + Project string `pulumi:"project"` +} + +func GetRegionalParametersOutput(ctx *pulumi.Context, args GetRegionalParametersOutputArgs, opts ...pulumi.InvokeOption) GetRegionalParametersResultOutput { + return pulumi.ToOutputWithContext(ctx.Context(), args). + ApplyT(func(v interface{}) (GetRegionalParametersResultOutput, error) { + args := v.(GetRegionalParametersArgs) + options := pulumi.InvokeOutputOptions{InvokeOptions: internal.PkgInvokeDefaultOpts(opts)} + return ctx.InvokeOutput("gcp:parametermanager/getRegionalParameters:getRegionalParameters", args, GetRegionalParametersResultOutput{}, options).(GetRegionalParametersResultOutput), nil + }).(GetRegionalParametersResultOutput) +} + +// A collection of arguments for invoking getRegionalParameters. +type GetRegionalParametersOutputArgs struct { + // Filter string, adhering to the rules in List-operation filtering. List only parameters matching the filter. If filter is empty, all regional parameters are listed. + Filter pulumi.StringPtrInput `pulumi:"filter"` + // The location of regional parameter. + Location pulumi.StringInput `pulumi:"location"` + // The ID of the project. + Project pulumi.StringPtrInput `pulumi:"project"` +} + +func (GetRegionalParametersOutputArgs) ElementType() reflect.Type { + return reflect.TypeOf((*GetRegionalParametersArgs)(nil)).Elem() +} + +// A collection of values returned by getRegionalParameters. +type GetRegionalParametersResultOutput struct{ *pulumi.OutputState } + +func (GetRegionalParametersResultOutput) ElementType() reflect.Type { + return reflect.TypeOf((*GetRegionalParametersResult)(nil)).Elem() +} + +func (o GetRegionalParametersResultOutput) ToGetRegionalParametersResultOutput() GetRegionalParametersResultOutput { + return o +} + +func (o GetRegionalParametersResultOutput) ToGetRegionalParametersResultOutputWithContext(ctx context.Context) GetRegionalParametersResultOutput { + return o +} + +func (o GetRegionalParametersResultOutput) Filter() pulumi.StringPtrOutput { + return o.ApplyT(func(v GetRegionalParametersResult) *string { return v.Filter }).(pulumi.StringPtrOutput) +} + +// The provider-assigned unique ID for this managed resource. +func (o GetRegionalParametersResultOutput) Id() pulumi.StringOutput { + return o.ApplyT(func(v GetRegionalParametersResult) string { return v.Id }).(pulumi.StringOutput) +} + +func (o GetRegionalParametersResultOutput) Location() pulumi.StringOutput { + return o.ApplyT(func(v GetRegionalParametersResult) string { return v.Location }).(pulumi.StringOutput) +} + +// A list of regional parameters matching the filter. Structure is defined below. +func (o GetRegionalParametersResultOutput) Parameters() GetRegionalParametersParameterArrayOutput { + return o.ApplyT(func(v GetRegionalParametersResult) []GetRegionalParametersParameter { return v.Parameters }).(GetRegionalParametersParameterArrayOutput) +} + +// The ID of the project in which the resource belongs. +func (o GetRegionalParametersResultOutput) Project() pulumi.StringOutput { + return o.ApplyT(func(v GetRegionalParametersResult) string { return v.Project }).(pulumi.StringOutput) +} + +func init() { + pulumi.RegisterOutputType(GetRegionalParametersResultOutput{}) +} diff --git a/sdk/go/gcp/parametermanager/init.go b/sdk/go/gcp/parametermanager/init.go index dfe694a243..6b33789910 100644 --- a/sdk/go/gcp/parametermanager/init.go +++ b/sdk/go/gcp/parametermanager/init.go @@ -23,6 +23,8 @@ func (m *module) Construct(ctx *pulumi.Context, name, typ, urn string) (r pulumi switch typ { case "gcp:parametermanager/parameter:Parameter": r = &Parameter{} + case "gcp:parametermanager/parameterVersion:ParameterVersion": + r = &ParameterVersion{} case "gcp:parametermanager/regionalParameter:RegionalParameter": r = &RegionalParameter{} case "gcp:parametermanager/regionalParameterVersion:RegionalParameterVersion": @@ -45,6 +47,11 @@ func init() { "parametermanager/parameter", &module{version}, ) + pulumi.RegisterResourceModule( + "gcp", + "parametermanager/parameterVersion", + &module{version}, + ) pulumi.RegisterResourceModule( "gcp", "parametermanager/regionalParameter", diff --git a/sdk/go/gcp/parametermanager/parameterVersion.go b/sdk/go/gcp/parametermanager/parameterVersion.go new file mode 100644 index 0000000000..f288bf9df8 --- /dev/null +++ b/sdk/go/gcp/parametermanager/parameterVersion.go @@ -0,0 +1,421 @@ +// Code generated by the Pulumi Terraform Bridge (tfgen) Tool DO NOT EDIT. +// *** WARNING: Do not edit by hand unless you're certain you know what you are doing! *** + +package parametermanager + +import ( + "context" + "reflect" + + "errors" + "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/internal" + "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +) + +// ## Example Usage +// +// ### Parameter Version Basic +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/parametermanager" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := parametermanager.NewParameter(ctx, "parameter-basic", ¶metermanager.ParameterArgs{ +// ParameterId: pulumi.String("parameter"), +// }) +// if err != nil { +// return err +// } +// _, err = parametermanager.NewParameterVersion(ctx, "parameter-version-basic", ¶metermanager.ParameterVersionArgs{ +// Parameter: parameter_basic.ID(), +// ParameterVersionId: pulumi.String("parameter_version"), +// ParameterData: pulumi.String("app-parameter-version-data"), +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// ### Parameter Version With Json Format +// +// ```go +// package main +// +// import ( +// +// "encoding/json" +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/parametermanager" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := parametermanager.NewParameter(ctx, "parameter-basic", ¶metermanager.ParameterArgs{ +// ParameterId: pulumi.String("parameter"), +// Format: pulumi.String("JSON"), +// }) +// if err != nil { +// return err +// } +// tmpJSON0, err := json.Marshal(map[string]interface{}{ +// "key1": "val1", +// "key2": "val2", +// }) +// if err != nil { +// return err +// } +// json0 := string(tmpJSON0) +// _, err = parametermanager.NewParameterVersion(ctx, "parameter-version-with-json-format", ¶metermanager.ParameterVersionArgs{ +// Parameter: parameter_basic.ID(), +// ParameterVersionId: pulumi.String("parameter_version"), +// ParameterData: pulumi.String(json0), +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// ## Import +// +// ParameterVersion can be imported using any of these accepted formats: +// +// * `projects/{{project}}/locations/global/parameters/{{parameter_id}}/versions/{{parameter_version_id}}` +// +// When using the `pulumi import` command, ParameterVersion can be imported using one of the formats above. For example: +// +// ```sh +// $ pulumi import gcp:parametermanager/parameterVersion:ParameterVersion default projects/{{project}}/locations/global/parameters/{{parameter_id}}/versions/{{parameter_version_id}} +// ``` +type ParameterVersion struct { + pulumi.CustomResourceState + + // The time at which the Parameter Version was created. + CreateTime pulumi.StringOutput `pulumi:"createTime"` + // The current state of Parameter Version. This field is only applicable for updating Parameter Version. + Disabled pulumi.BoolPtrOutput `pulumi:"disabled"` + // The resource name of the Parameter Version. Format: + // `projects/{{project}}/locations/global/parameters/{{parameter_id}}/versions/{{parameter_version_id}}` + Name pulumi.StringOutput `pulumi:"name"` + // Parameter Manager Parameter resource. + Parameter pulumi.StringOutput `pulumi:"parameter"` + // The Parameter data. + // **Note**: This property is sensitive and will not be displayed in the plan. + ParameterData pulumi.StringOutput `pulumi:"parameterData"` + // Version ID of the Parameter Version Resource. This must be unique within the Parameter. + // + // *** + ParameterVersionId pulumi.StringOutput `pulumi:"parameterVersionId"` + // The time at which the Parameter Version was updated. + UpdateTime pulumi.StringOutput `pulumi:"updateTime"` +} + +// NewParameterVersion registers a new resource with the given unique name, arguments, and options. +func NewParameterVersion(ctx *pulumi.Context, + name string, args *ParameterVersionArgs, opts ...pulumi.ResourceOption) (*ParameterVersion, error) { + if args == nil { + return nil, errors.New("missing one or more required arguments") + } + + if args.Parameter == nil { + return nil, errors.New("invalid value for required argument 'Parameter'") + } + if args.ParameterData == nil { + return nil, errors.New("invalid value for required argument 'ParameterData'") + } + if args.ParameterVersionId == nil { + return nil, errors.New("invalid value for required argument 'ParameterVersionId'") + } + if args.ParameterData != nil { + args.ParameterData = pulumi.ToSecret(args.ParameterData).(pulumi.StringInput) + } + secrets := pulumi.AdditionalSecretOutputs([]string{ + "parameterData", + }) + opts = append(opts, secrets) + opts = internal.PkgResourceDefaultOpts(opts) + var resource ParameterVersion + err := ctx.RegisterResource("gcp:parametermanager/parameterVersion:ParameterVersion", name, args, &resource, opts...) + if err != nil { + return nil, err + } + return &resource, nil +} + +// GetParameterVersion gets an existing ParameterVersion resource's state with the given name, ID, and optional +// state properties that are used to uniquely qualify the lookup (nil if not required). +func GetParameterVersion(ctx *pulumi.Context, + name string, id pulumi.IDInput, state *ParameterVersionState, opts ...pulumi.ResourceOption) (*ParameterVersion, error) { + var resource ParameterVersion + err := ctx.ReadResource("gcp:parametermanager/parameterVersion:ParameterVersion", name, id, state, &resource, opts...) + if err != nil { + return nil, err + } + return &resource, nil +} + +// Input properties used for looking up and filtering ParameterVersion resources. +type parameterVersionState struct { + // The time at which the Parameter Version was created. + CreateTime *string `pulumi:"createTime"` + // The current state of Parameter Version. This field is only applicable for updating Parameter Version. + Disabled *bool `pulumi:"disabled"` + // The resource name of the Parameter Version. Format: + // `projects/{{project}}/locations/global/parameters/{{parameter_id}}/versions/{{parameter_version_id}}` + Name *string `pulumi:"name"` + // Parameter Manager Parameter resource. + Parameter *string `pulumi:"parameter"` + // The Parameter data. + // **Note**: This property is sensitive and will not be displayed in the plan. + ParameterData *string `pulumi:"parameterData"` + // Version ID of the Parameter Version Resource. This must be unique within the Parameter. + // + // *** + ParameterVersionId *string `pulumi:"parameterVersionId"` + // The time at which the Parameter Version was updated. + UpdateTime *string `pulumi:"updateTime"` +} + +type ParameterVersionState struct { + // The time at which the Parameter Version was created. + CreateTime pulumi.StringPtrInput + // The current state of Parameter Version. This field is only applicable for updating Parameter Version. + Disabled pulumi.BoolPtrInput + // The resource name of the Parameter Version. Format: + // `projects/{{project}}/locations/global/parameters/{{parameter_id}}/versions/{{parameter_version_id}}` + Name pulumi.StringPtrInput + // Parameter Manager Parameter resource. + Parameter pulumi.StringPtrInput + // The Parameter data. + // **Note**: This property is sensitive and will not be displayed in the plan. + ParameterData pulumi.StringPtrInput + // Version ID of the Parameter Version Resource. This must be unique within the Parameter. + // + // *** + ParameterVersionId pulumi.StringPtrInput + // The time at which the Parameter Version was updated. + UpdateTime pulumi.StringPtrInput +} + +func (ParameterVersionState) ElementType() reflect.Type { + return reflect.TypeOf((*parameterVersionState)(nil)).Elem() +} + +type parameterVersionArgs struct { + // The current state of Parameter Version. This field is only applicable for updating Parameter Version. + Disabled *bool `pulumi:"disabled"` + // Parameter Manager Parameter resource. + Parameter string `pulumi:"parameter"` + // The Parameter data. + // **Note**: This property is sensitive and will not be displayed in the plan. + ParameterData string `pulumi:"parameterData"` + // Version ID of the Parameter Version Resource. This must be unique within the Parameter. + // + // *** + ParameterVersionId string `pulumi:"parameterVersionId"` +} + +// The set of arguments for constructing a ParameterVersion resource. +type ParameterVersionArgs struct { + // The current state of Parameter Version. This field is only applicable for updating Parameter Version. + Disabled pulumi.BoolPtrInput + // Parameter Manager Parameter resource. + Parameter pulumi.StringInput + // The Parameter data. + // **Note**: This property is sensitive and will not be displayed in the plan. + ParameterData pulumi.StringInput + // Version ID of the Parameter Version Resource. This must be unique within the Parameter. + // + // *** + ParameterVersionId pulumi.StringInput +} + +func (ParameterVersionArgs) ElementType() reflect.Type { + return reflect.TypeOf((*parameterVersionArgs)(nil)).Elem() +} + +type ParameterVersionInput interface { + pulumi.Input + + ToParameterVersionOutput() ParameterVersionOutput + ToParameterVersionOutputWithContext(ctx context.Context) ParameterVersionOutput +} + +func (*ParameterVersion) ElementType() reflect.Type { + return reflect.TypeOf((**ParameterVersion)(nil)).Elem() +} + +func (i *ParameterVersion) ToParameterVersionOutput() ParameterVersionOutput { + return i.ToParameterVersionOutputWithContext(context.Background()) +} + +func (i *ParameterVersion) ToParameterVersionOutputWithContext(ctx context.Context) ParameterVersionOutput { + return pulumi.ToOutputWithContext(ctx, i).(ParameterVersionOutput) +} + +// ParameterVersionArrayInput is an input type that accepts ParameterVersionArray and ParameterVersionArrayOutput values. +// You can construct a concrete instance of `ParameterVersionArrayInput` via: +// +// ParameterVersionArray{ ParameterVersionArgs{...} } +type ParameterVersionArrayInput interface { + pulumi.Input + + ToParameterVersionArrayOutput() ParameterVersionArrayOutput + ToParameterVersionArrayOutputWithContext(context.Context) ParameterVersionArrayOutput +} + +type ParameterVersionArray []ParameterVersionInput + +func (ParameterVersionArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]*ParameterVersion)(nil)).Elem() +} + +func (i ParameterVersionArray) ToParameterVersionArrayOutput() ParameterVersionArrayOutput { + return i.ToParameterVersionArrayOutputWithContext(context.Background()) +} + +func (i ParameterVersionArray) ToParameterVersionArrayOutputWithContext(ctx context.Context) ParameterVersionArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(ParameterVersionArrayOutput) +} + +// ParameterVersionMapInput is an input type that accepts ParameterVersionMap and ParameterVersionMapOutput values. +// You can construct a concrete instance of `ParameterVersionMapInput` via: +// +// ParameterVersionMap{ "key": ParameterVersionArgs{...} } +type ParameterVersionMapInput interface { + pulumi.Input + + ToParameterVersionMapOutput() ParameterVersionMapOutput + ToParameterVersionMapOutputWithContext(context.Context) ParameterVersionMapOutput +} + +type ParameterVersionMap map[string]ParameterVersionInput + +func (ParameterVersionMap) ElementType() reflect.Type { + return reflect.TypeOf((*map[string]*ParameterVersion)(nil)).Elem() +} + +func (i ParameterVersionMap) ToParameterVersionMapOutput() ParameterVersionMapOutput { + return i.ToParameterVersionMapOutputWithContext(context.Background()) +} + +func (i ParameterVersionMap) ToParameterVersionMapOutputWithContext(ctx context.Context) ParameterVersionMapOutput { + return pulumi.ToOutputWithContext(ctx, i).(ParameterVersionMapOutput) +} + +type ParameterVersionOutput struct{ *pulumi.OutputState } + +func (ParameterVersionOutput) ElementType() reflect.Type { + return reflect.TypeOf((**ParameterVersion)(nil)).Elem() +} + +func (o ParameterVersionOutput) ToParameterVersionOutput() ParameterVersionOutput { + return o +} + +func (o ParameterVersionOutput) ToParameterVersionOutputWithContext(ctx context.Context) ParameterVersionOutput { + return o +} + +// The time at which the Parameter Version was created. +func (o ParameterVersionOutput) CreateTime() pulumi.StringOutput { + return o.ApplyT(func(v *ParameterVersion) pulumi.StringOutput { return v.CreateTime }).(pulumi.StringOutput) +} + +// The current state of Parameter Version. This field is only applicable for updating Parameter Version. +func (o ParameterVersionOutput) Disabled() pulumi.BoolPtrOutput { + return o.ApplyT(func(v *ParameterVersion) pulumi.BoolPtrOutput { return v.Disabled }).(pulumi.BoolPtrOutput) +} + +// The resource name of the Parameter Version. Format: +// `projects/{{project}}/locations/global/parameters/{{parameter_id}}/versions/{{parameter_version_id}}` +func (o ParameterVersionOutput) Name() pulumi.StringOutput { + return o.ApplyT(func(v *ParameterVersion) pulumi.StringOutput { return v.Name }).(pulumi.StringOutput) +} + +// Parameter Manager Parameter resource. +func (o ParameterVersionOutput) Parameter() pulumi.StringOutput { + return o.ApplyT(func(v *ParameterVersion) pulumi.StringOutput { return v.Parameter }).(pulumi.StringOutput) +} + +// The Parameter data. +// **Note**: This property is sensitive and will not be displayed in the plan. +func (o ParameterVersionOutput) ParameterData() pulumi.StringOutput { + return o.ApplyT(func(v *ParameterVersion) pulumi.StringOutput { return v.ParameterData }).(pulumi.StringOutput) +} + +// Version ID of the Parameter Version Resource. This must be unique within the Parameter. +// +// *** +func (o ParameterVersionOutput) ParameterVersionId() pulumi.StringOutput { + return o.ApplyT(func(v *ParameterVersion) pulumi.StringOutput { return v.ParameterVersionId }).(pulumi.StringOutput) +} + +// The time at which the Parameter Version was updated. +func (o ParameterVersionOutput) UpdateTime() pulumi.StringOutput { + return o.ApplyT(func(v *ParameterVersion) pulumi.StringOutput { return v.UpdateTime }).(pulumi.StringOutput) +} + +type ParameterVersionArrayOutput struct{ *pulumi.OutputState } + +func (ParameterVersionArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]*ParameterVersion)(nil)).Elem() +} + +func (o ParameterVersionArrayOutput) ToParameterVersionArrayOutput() ParameterVersionArrayOutput { + return o +} + +func (o ParameterVersionArrayOutput) ToParameterVersionArrayOutputWithContext(ctx context.Context) ParameterVersionArrayOutput { + return o +} + +func (o ParameterVersionArrayOutput) Index(i pulumi.IntInput) ParameterVersionOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) *ParameterVersion { + return vs[0].([]*ParameterVersion)[vs[1].(int)] + }).(ParameterVersionOutput) +} + +type ParameterVersionMapOutput struct{ *pulumi.OutputState } + +func (ParameterVersionMapOutput) ElementType() reflect.Type { + return reflect.TypeOf((*map[string]*ParameterVersion)(nil)).Elem() +} + +func (o ParameterVersionMapOutput) ToParameterVersionMapOutput() ParameterVersionMapOutput { + return o +} + +func (o ParameterVersionMapOutput) ToParameterVersionMapOutputWithContext(ctx context.Context) ParameterVersionMapOutput { + return o +} + +func (o ParameterVersionMapOutput) MapIndex(k pulumi.StringInput) ParameterVersionOutput { + return pulumi.All(o, k).ApplyT(func(vs []interface{}) *ParameterVersion { + return vs[0].(map[string]*ParameterVersion)[vs[1].(string)] + }).(ParameterVersionOutput) +} + +func init() { + pulumi.RegisterInputType(reflect.TypeOf((*ParameterVersionInput)(nil)).Elem(), &ParameterVersion{}) + pulumi.RegisterInputType(reflect.TypeOf((*ParameterVersionArrayInput)(nil)).Elem(), ParameterVersionArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*ParameterVersionMapInput)(nil)).Elem(), ParameterVersionMap{}) + pulumi.RegisterOutputType(ParameterVersionOutput{}) + pulumi.RegisterOutputType(ParameterVersionArrayOutput{}) + pulumi.RegisterOutputType(ParameterVersionMapOutput{}) +} diff --git a/sdk/go/gcp/parametermanager/pulumiTypes.go b/sdk/go/gcp/parametermanager/pulumiTypes.go index 1da1e825b2..ffce0558a2 100644 --- a/sdk/go/gcp/parametermanager/pulumiTypes.go +++ b/sdk/go/gcp/parametermanager/pulumiTypes.go @@ -270,6 +270,130 @@ func (o RegionalParameterPolicyMemberArrayOutput) Index(i pulumi.IntInput) Regio }).(RegionalParameterPolicyMemberOutput) } +type GetParameterPolicyMember struct { + // IAM policy binding member referring to a Google Cloud resource by user-assigned name. If a + // resource is deleted and recreated with the same name, the binding will be applicable to the + // new resource. Format: + // 'principal://parametermanager.googleapis.com/projects/{{project}}/name/locations/global/parameters/{{parameter_id}}' + IamPolicyNamePrincipal string `pulumi:"iamPolicyNamePrincipal"` + // IAM policy binding member referring to a Google Cloud resource by system-assigned unique identifier. + // If a resource is deleted and recreated with the same name, the binding will not be applicable to the + // new resource. Format: + // 'principal://parametermanager.googleapis.com/projects/{{project}}/uid/locations/global/parameters/{{uid}}' + IamPolicyUidPrincipal string `pulumi:"iamPolicyUidPrincipal"` +} + +// GetParameterPolicyMemberInput is an input type that accepts GetParameterPolicyMemberArgs and GetParameterPolicyMemberOutput values. +// You can construct a concrete instance of `GetParameterPolicyMemberInput` via: +// +// GetParameterPolicyMemberArgs{...} +type GetParameterPolicyMemberInput interface { + pulumi.Input + + ToGetParameterPolicyMemberOutput() GetParameterPolicyMemberOutput + ToGetParameterPolicyMemberOutputWithContext(context.Context) GetParameterPolicyMemberOutput +} + +type GetParameterPolicyMemberArgs struct { + // IAM policy binding member referring to a Google Cloud resource by user-assigned name. If a + // resource is deleted and recreated with the same name, the binding will be applicable to the + // new resource. Format: + // 'principal://parametermanager.googleapis.com/projects/{{project}}/name/locations/global/parameters/{{parameter_id}}' + IamPolicyNamePrincipal pulumi.StringInput `pulumi:"iamPolicyNamePrincipal"` + // IAM policy binding member referring to a Google Cloud resource by system-assigned unique identifier. + // If a resource is deleted and recreated with the same name, the binding will not be applicable to the + // new resource. Format: + // 'principal://parametermanager.googleapis.com/projects/{{project}}/uid/locations/global/parameters/{{uid}}' + IamPolicyUidPrincipal pulumi.StringInput `pulumi:"iamPolicyUidPrincipal"` +} + +func (GetParameterPolicyMemberArgs) ElementType() reflect.Type { + return reflect.TypeOf((*GetParameterPolicyMember)(nil)).Elem() +} + +func (i GetParameterPolicyMemberArgs) ToGetParameterPolicyMemberOutput() GetParameterPolicyMemberOutput { + return i.ToGetParameterPolicyMemberOutputWithContext(context.Background()) +} + +func (i GetParameterPolicyMemberArgs) ToGetParameterPolicyMemberOutputWithContext(ctx context.Context) GetParameterPolicyMemberOutput { + return pulumi.ToOutputWithContext(ctx, i).(GetParameterPolicyMemberOutput) +} + +// GetParameterPolicyMemberArrayInput is an input type that accepts GetParameterPolicyMemberArray and GetParameterPolicyMemberArrayOutput values. +// You can construct a concrete instance of `GetParameterPolicyMemberArrayInput` via: +// +// GetParameterPolicyMemberArray{ GetParameterPolicyMemberArgs{...} } +type GetParameterPolicyMemberArrayInput interface { + pulumi.Input + + ToGetParameterPolicyMemberArrayOutput() GetParameterPolicyMemberArrayOutput + ToGetParameterPolicyMemberArrayOutputWithContext(context.Context) GetParameterPolicyMemberArrayOutput +} + +type GetParameterPolicyMemberArray []GetParameterPolicyMemberInput + +func (GetParameterPolicyMemberArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]GetParameterPolicyMember)(nil)).Elem() +} + +func (i GetParameterPolicyMemberArray) ToGetParameterPolicyMemberArrayOutput() GetParameterPolicyMemberArrayOutput { + return i.ToGetParameterPolicyMemberArrayOutputWithContext(context.Background()) +} + +func (i GetParameterPolicyMemberArray) ToGetParameterPolicyMemberArrayOutputWithContext(ctx context.Context) GetParameterPolicyMemberArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(GetParameterPolicyMemberArrayOutput) +} + +type GetParameterPolicyMemberOutput struct{ *pulumi.OutputState } + +func (GetParameterPolicyMemberOutput) ElementType() reflect.Type { + return reflect.TypeOf((*GetParameterPolicyMember)(nil)).Elem() +} + +func (o GetParameterPolicyMemberOutput) ToGetParameterPolicyMemberOutput() GetParameterPolicyMemberOutput { + return o +} + +func (o GetParameterPolicyMemberOutput) ToGetParameterPolicyMemberOutputWithContext(ctx context.Context) GetParameterPolicyMemberOutput { + return o +} + +// IAM policy binding member referring to a Google Cloud resource by user-assigned name. If a +// resource is deleted and recreated with the same name, the binding will be applicable to the +// new resource. Format: +// 'principal://parametermanager.googleapis.com/projects/{{project}}/name/locations/global/parameters/{{parameter_id}}' +func (o GetParameterPolicyMemberOutput) IamPolicyNamePrincipal() pulumi.StringOutput { + return o.ApplyT(func(v GetParameterPolicyMember) string { return v.IamPolicyNamePrincipal }).(pulumi.StringOutput) +} + +// IAM policy binding member referring to a Google Cloud resource by system-assigned unique identifier. +// If a resource is deleted and recreated with the same name, the binding will not be applicable to the +// new resource. Format: +// 'principal://parametermanager.googleapis.com/projects/{{project}}/uid/locations/global/parameters/{{uid}}' +func (o GetParameterPolicyMemberOutput) IamPolicyUidPrincipal() pulumi.StringOutput { + return o.ApplyT(func(v GetParameterPolicyMember) string { return v.IamPolicyUidPrincipal }).(pulumi.StringOutput) +} + +type GetParameterPolicyMemberArrayOutput struct{ *pulumi.OutputState } + +func (GetParameterPolicyMemberArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]GetParameterPolicyMember)(nil)).Elem() +} + +func (o GetParameterPolicyMemberArrayOutput) ToGetParameterPolicyMemberArrayOutput() GetParameterPolicyMemberArrayOutput { + return o +} + +func (o GetParameterPolicyMemberArrayOutput) ToGetParameterPolicyMemberArrayOutputWithContext(ctx context.Context) GetParameterPolicyMemberArrayOutput { + return o +} + +func (o GetParameterPolicyMemberArrayOutput) Index(i pulumi.IntInput) GetParameterPolicyMemberOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) GetParameterPolicyMember { + return vs[0].([]GetParameterPolicyMember)[vs[1].(int)] + }).(GetParameterPolicyMemberOutput) +} + type GetRegionalParameterPolicyMember struct { // IAM policy binding member referring to a Google Cloud resource by user-assigned name. If a resource is // deleted and recreated with the same name, the binding will be applicable to the new resource. Format: @@ -391,17 +515,340 @@ func (o GetRegionalParameterPolicyMemberArrayOutput) Index(i pulumi.IntInput) Ge }).(GetRegionalParameterPolicyMemberOutput) } +type GetRegionalParametersParameter struct { + // The time at which the regional parameter was created. + CreateTime string `pulumi:"createTime"` + EffectiveLabels map[string]string `pulumi:"effectiveLabels"` + // The format type of the regional parameter. + Format string `pulumi:"format"` + // The labels assigned to the regional parameter. + Labels map[string]string `pulumi:"labels"` + // The location of regional parameter. + Location string `pulumi:"location"` + // The resource name of the regional parameter. Format: `projects/{{project}}/locations/{{location}}/parameters/{{parameter_id}}` + Name string `pulumi:"name"` + // The unique name of the resource. + ParameterId string `pulumi:"parameterId"` + // An object containing a unique resource identity tied to the regional parameter. Structure is documented below. + PolicyMembers []GetRegionalParametersParameterPolicyMember `pulumi:"policyMembers"` + // The ID of the project. + Project string `pulumi:"project"` + // The combination of labels configured directly on the resource + // and default labels configured on the provider. + PulumiLabels map[string]string `pulumi:"pulumiLabels"` + // The time at which the regional parameter was updated. + UpdateTime string `pulumi:"updateTime"` +} + +// GetRegionalParametersParameterInput is an input type that accepts GetRegionalParametersParameterArgs and GetRegionalParametersParameterOutput values. +// You can construct a concrete instance of `GetRegionalParametersParameterInput` via: +// +// GetRegionalParametersParameterArgs{...} +type GetRegionalParametersParameterInput interface { + pulumi.Input + + ToGetRegionalParametersParameterOutput() GetRegionalParametersParameterOutput + ToGetRegionalParametersParameterOutputWithContext(context.Context) GetRegionalParametersParameterOutput +} + +type GetRegionalParametersParameterArgs struct { + // The time at which the regional parameter was created. + CreateTime pulumi.StringInput `pulumi:"createTime"` + EffectiveLabels pulumi.StringMapInput `pulumi:"effectiveLabels"` + // The format type of the regional parameter. + Format pulumi.StringInput `pulumi:"format"` + // The labels assigned to the regional parameter. + Labels pulumi.StringMapInput `pulumi:"labels"` + // The location of regional parameter. + Location pulumi.StringInput `pulumi:"location"` + // The resource name of the regional parameter. Format: `projects/{{project}}/locations/{{location}}/parameters/{{parameter_id}}` + Name pulumi.StringInput `pulumi:"name"` + // The unique name of the resource. + ParameterId pulumi.StringInput `pulumi:"parameterId"` + // An object containing a unique resource identity tied to the regional parameter. Structure is documented below. + PolicyMembers GetRegionalParametersParameterPolicyMemberArrayInput `pulumi:"policyMembers"` + // The ID of the project. + Project pulumi.StringInput `pulumi:"project"` + // The combination of labels configured directly on the resource + // and default labels configured on the provider. + PulumiLabels pulumi.StringMapInput `pulumi:"pulumiLabels"` + // The time at which the regional parameter was updated. + UpdateTime pulumi.StringInput `pulumi:"updateTime"` +} + +func (GetRegionalParametersParameterArgs) ElementType() reflect.Type { + return reflect.TypeOf((*GetRegionalParametersParameter)(nil)).Elem() +} + +func (i GetRegionalParametersParameterArgs) ToGetRegionalParametersParameterOutput() GetRegionalParametersParameterOutput { + return i.ToGetRegionalParametersParameterOutputWithContext(context.Background()) +} + +func (i GetRegionalParametersParameterArgs) ToGetRegionalParametersParameterOutputWithContext(ctx context.Context) GetRegionalParametersParameterOutput { + return pulumi.ToOutputWithContext(ctx, i).(GetRegionalParametersParameterOutput) +} + +// GetRegionalParametersParameterArrayInput is an input type that accepts GetRegionalParametersParameterArray and GetRegionalParametersParameterArrayOutput values. +// You can construct a concrete instance of `GetRegionalParametersParameterArrayInput` via: +// +// GetRegionalParametersParameterArray{ GetRegionalParametersParameterArgs{...} } +type GetRegionalParametersParameterArrayInput interface { + pulumi.Input + + ToGetRegionalParametersParameterArrayOutput() GetRegionalParametersParameterArrayOutput + ToGetRegionalParametersParameterArrayOutputWithContext(context.Context) GetRegionalParametersParameterArrayOutput +} + +type GetRegionalParametersParameterArray []GetRegionalParametersParameterInput + +func (GetRegionalParametersParameterArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]GetRegionalParametersParameter)(nil)).Elem() +} + +func (i GetRegionalParametersParameterArray) ToGetRegionalParametersParameterArrayOutput() GetRegionalParametersParameterArrayOutput { + return i.ToGetRegionalParametersParameterArrayOutputWithContext(context.Background()) +} + +func (i GetRegionalParametersParameterArray) ToGetRegionalParametersParameterArrayOutputWithContext(ctx context.Context) GetRegionalParametersParameterArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(GetRegionalParametersParameterArrayOutput) +} + +type GetRegionalParametersParameterOutput struct{ *pulumi.OutputState } + +func (GetRegionalParametersParameterOutput) ElementType() reflect.Type { + return reflect.TypeOf((*GetRegionalParametersParameter)(nil)).Elem() +} + +func (o GetRegionalParametersParameterOutput) ToGetRegionalParametersParameterOutput() GetRegionalParametersParameterOutput { + return o +} + +func (o GetRegionalParametersParameterOutput) ToGetRegionalParametersParameterOutputWithContext(ctx context.Context) GetRegionalParametersParameterOutput { + return o +} + +// The time at which the regional parameter was created. +func (o GetRegionalParametersParameterOutput) CreateTime() pulumi.StringOutput { + return o.ApplyT(func(v GetRegionalParametersParameter) string { return v.CreateTime }).(pulumi.StringOutput) +} + +func (o GetRegionalParametersParameterOutput) EffectiveLabels() pulumi.StringMapOutput { + return o.ApplyT(func(v GetRegionalParametersParameter) map[string]string { return v.EffectiveLabels }).(pulumi.StringMapOutput) +} + +// The format type of the regional parameter. +func (o GetRegionalParametersParameterOutput) Format() pulumi.StringOutput { + return o.ApplyT(func(v GetRegionalParametersParameter) string { return v.Format }).(pulumi.StringOutput) +} + +// The labels assigned to the regional parameter. +func (o GetRegionalParametersParameterOutput) Labels() pulumi.StringMapOutput { + return o.ApplyT(func(v GetRegionalParametersParameter) map[string]string { return v.Labels }).(pulumi.StringMapOutput) +} + +// The location of regional parameter. +func (o GetRegionalParametersParameterOutput) Location() pulumi.StringOutput { + return o.ApplyT(func(v GetRegionalParametersParameter) string { return v.Location }).(pulumi.StringOutput) +} + +// The resource name of the regional parameter. Format: `projects/{{project}}/locations/{{location}}/parameters/{{parameter_id}}` +func (o GetRegionalParametersParameterOutput) Name() pulumi.StringOutput { + return o.ApplyT(func(v GetRegionalParametersParameter) string { return v.Name }).(pulumi.StringOutput) +} + +// The unique name of the resource. +func (o GetRegionalParametersParameterOutput) ParameterId() pulumi.StringOutput { + return o.ApplyT(func(v GetRegionalParametersParameter) string { return v.ParameterId }).(pulumi.StringOutput) +} + +// An object containing a unique resource identity tied to the regional parameter. Structure is documented below. +func (o GetRegionalParametersParameterOutput) PolicyMembers() GetRegionalParametersParameterPolicyMemberArrayOutput { + return o.ApplyT(func(v GetRegionalParametersParameter) []GetRegionalParametersParameterPolicyMember { + return v.PolicyMembers + }).(GetRegionalParametersParameterPolicyMemberArrayOutput) +} + +// The ID of the project. +func (o GetRegionalParametersParameterOutput) Project() pulumi.StringOutput { + return o.ApplyT(func(v GetRegionalParametersParameter) string { return v.Project }).(pulumi.StringOutput) +} + +// The combination of labels configured directly on the resource +// +// and default labels configured on the provider. +func (o GetRegionalParametersParameterOutput) PulumiLabels() pulumi.StringMapOutput { + return o.ApplyT(func(v GetRegionalParametersParameter) map[string]string { return v.PulumiLabels }).(pulumi.StringMapOutput) +} + +// The time at which the regional parameter was updated. +func (o GetRegionalParametersParameterOutput) UpdateTime() pulumi.StringOutput { + return o.ApplyT(func(v GetRegionalParametersParameter) string { return v.UpdateTime }).(pulumi.StringOutput) +} + +type GetRegionalParametersParameterArrayOutput struct{ *pulumi.OutputState } + +func (GetRegionalParametersParameterArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]GetRegionalParametersParameter)(nil)).Elem() +} + +func (o GetRegionalParametersParameterArrayOutput) ToGetRegionalParametersParameterArrayOutput() GetRegionalParametersParameterArrayOutput { + return o +} + +func (o GetRegionalParametersParameterArrayOutput) ToGetRegionalParametersParameterArrayOutputWithContext(ctx context.Context) GetRegionalParametersParameterArrayOutput { + return o +} + +func (o GetRegionalParametersParameterArrayOutput) Index(i pulumi.IntInput) GetRegionalParametersParameterOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) GetRegionalParametersParameter { + return vs[0].([]GetRegionalParametersParameter)[vs[1].(int)] + }).(GetRegionalParametersParameterOutput) +} + +type GetRegionalParametersParameterPolicyMember struct { + // AM policy binding member referring to a Google Cloud resource by user-assigned name. If a resource is deleted and recreated with the same name, the binding will be applicable to the + // new resource. Format: + // `principal://parametermanager.googleapis.com/projects/{{project}}/name/locations/{{location}}/parameters/{{parameter_id}}` + IamPolicyNamePrincipal string `pulumi:"iamPolicyNamePrincipal"` + // IAM policy binding member referring to a Google Cloud resource by system-assigned unique identifier. + // If a resource is deleted and recreated with the same name, the binding will not be applicable to the + // new resource. Format: + // `principal://parametermanager.googleapis.com/projects/{{project}}/uid/locations/{{location}}/parameters/{{uid}}` + IamPolicyUidPrincipal string `pulumi:"iamPolicyUidPrincipal"` +} + +// GetRegionalParametersParameterPolicyMemberInput is an input type that accepts GetRegionalParametersParameterPolicyMemberArgs and GetRegionalParametersParameterPolicyMemberOutput values. +// You can construct a concrete instance of `GetRegionalParametersParameterPolicyMemberInput` via: +// +// GetRegionalParametersParameterPolicyMemberArgs{...} +type GetRegionalParametersParameterPolicyMemberInput interface { + pulumi.Input + + ToGetRegionalParametersParameterPolicyMemberOutput() GetRegionalParametersParameterPolicyMemberOutput + ToGetRegionalParametersParameterPolicyMemberOutputWithContext(context.Context) GetRegionalParametersParameterPolicyMemberOutput +} + +type GetRegionalParametersParameterPolicyMemberArgs struct { + // AM policy binding member referring to a Google Cloud resource by user-assigned name. If a resource is deleted and recreated with the same name, the binding will be applicable to the + // new resource. Format: + // `principal://parametermanager.googleapis.com/projects/{{project}}/name/locations/{{location}}/parameters/{{parameter_id}}` + IamPolicyNamePrincipal pulumi.StringInput `pulumi:"iamPolicyNamePrincipal"` + // IAM policy binding member referring to a Google Cloud resource by system-assigned unique identifier. + // If a resource is deleted and recreated with the same name, the binding will not be applicable to the + // new resource. Format: + // `principal://parametermanager.googleapis.com/projects/{{project}}/uid/locations/{{location}}/parameters/{{uid}}` + IamPolicyUidPrincipal pulumi.StringInput `pulumi:"iamPolicyUidPrincipal"` +} + +func (GetRegionalParametersParameterPolicyMemberArgs) ElementType() reflect.Type { + return reflect.TypeOf((*GetRegionalParametersParameterPolicyMember)(nil)).Elem() +} + +func (i GetRegionalParametersParameterPolicyMemberArgs) ToGetRegionalParametersParameterPolicyMemberOutput() GetRegionalParametersParameterPolicyMemberOutput { + return i.ToGetRegionalParametersParameterPolicyMemberOutputWithContext(context.Background()) +} + +func (i GetRegionalParametersParameterPolicyMemberArgs) ToGetRegionalParametersParameterPolicyMemberOutputWithContext(ctx context.Context) GetRegionalParametersParameterPolicyMemberOutput { + return pulumi.ToOutputWithContext(ctx, i).(GetRegionalParametersParameterPolicyMemberOutput) +} + +// GetRegionalParametersParameterPolicyMemberArrayInput is an input type that accepts GetRegionalParametersParameterPolicyMemberArray and GetRegionalParametersParameterPolicyMemberArrayOutput values. +// You can construct a concrete instance of `GetRegionalParametersParameterPolicyMemberArrayInput` via: +// +// GetRegionalParametersParameterPolicyMemberArray{ GetRegionalParametersParameterPolicyMemberArgs{...} } +type GetRegionalParametersParameterPolicyMemberArrayInput interface { + pulumi.Input + + ToGetRegionalParametersParameterPolicyMemberArrayOutput() GetRegionalParametersParameterPolicyMemberArrayOutput + ToGetRegionalParametersParameterPolicyMemberArrayOutputWithContext(context.Context) GetRegionalParametersParameterPolicyMemberArrayOutput +} + +type GetRegionalParametersParameterPolicyMemberArray []GetRegionalParametersParameterPolicyMemberInput + +func (GetRegionalParametersParameterPolicyMemberArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]GetRegionalParametersParameterPolicyMember)(nil)).Elem() +} + +func (i GetRegionalParametersParameterPolicyMemberArray) ToGetRegionalParametersParameterPolicyMemberArrayOutput() GetRegionalParametersParameterPolicyMemberArrayOutput { + return i.ToGetRegionalParametersParameterPolicyMemberArrayOutputWithContext(context.Background()) +} + +func (i GetRegionalParametersParameterPolicyMemberArray) ToGetRegionalParametersParameterPolicyMemberArrayOutputWithContext(ctx context.Context) GetRegionalParametersParameterPolicyMemberArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(GetRegionalParametersParameterPolicyMemberArrayOutput) +} + +type GetRegionalParametersParameterPolicyMemberOutput struct{ *pulumi.OutputState } + +func (GetRegionalParametersParameterPolicyMemberOutput) ElementType() reflect.Type { + return reflect.TypeOf((*GetRegionalParametersParameterPolicyMember)(nil)).Elem() +} + +func (o GetRegionalParametersParameterPolicyMemberOutput) ToGetRegionalParametersParameterPolicyMemberOutput() GetRegionalParametersParameterPolicyMemberOutput { + return o +} + +func (o GetRegionalParametersParameterPolicyMemberOutput) ToGetRegionalParametersParameterPolicyMemberOutputWithContext(ctx context.Context) GetRegionalParametersParameterPolicyMemberOutput { + return o +} + +// AM policy binding member referring to a Google Cloud resource by user-assigned name. If a resource is deleted and recreated with the same name, the binding will be applicable to the +// new resource. Format: +// `principal://parametermanager.googleapis.com/projects/{{project}}/name/locations/{{location}}/parameters/{{parameter_id}}` +func (o GetRegionalParametersParameterPolicyMemberOutput) IamPolicyNamePrincipal() pulumi.StringOutput { + return o.ApplyT(func(v GetRegionalParametersParameterPolicyMember) string { return v.IamPolicyNamePrincipal }).(pulumi.StringOutput) +} + +// IAM policy binding member referring to a Google Cloud resource by system-assigned unique identifier. +// If a resource is deleted and recreated with the same name, the binding will not be applicable to the +// new resource. Format: +// `principal://parametermanager.googleapis.com/projects/{{project}}/uid/locations/{{location}}/parameters/{{uid}}` +func (o GetRegionalParametersParameterPolicyMemberOutput) IamPolicyUidPrincipal() pulumi.StringOutput { + return o.ApplyT(func(v GetRegionalParametersParameterPolicyMember) string { return v.IamPolicyUidPrincipal }).(pulumi.StringOutput) +} + +type GetRegionalParametersParameterPolicyMemberArrayOutput struct{ *pulumi.OutputState } + +func (GetRegionalParametersParameterPolicyMemberArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]GetRegionalParametersParameterPolicyMember)(nil)).Elem() +} + +func (o GetRegionalParametersParameterPolicyMemberArrayOutput) ToGetRegionalParametersParameterPolicyMemberArrayOutput() GetRegionalParametersParameterPolicyMemberArrayOutput { + return o +} + +func (o GetRegionalParametersParameterPolicyMemberArrayOutput) ToGetRegionalParametersParameterPolicyMemberArrayOutputWithContext(ctx context.Context) GetRegionalParametersParameterPolicyMemberArrayOutput { + return o +} + +func (o GetRegionalParametersParameterPolicyMemberArrayOutput) Index(i pulumi.IntInput) GetRegionalParametersParameterPolicyMemberOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) GetRegionalParametersParameterPolicyMember { + return vs[0].([]GetRegionalParametersParameterPolicyMember)[vs[1].(int)] + }).(GetRegionalParametersParameterPolicyMemberOutput) +} + func init() { pulumi.RegisterInputType(reflect.TypeOf((*ParameterPolicyMemberInput)(nil)).Elem(), ParameterPolicyMemberArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*ParameterPolicyMemberArrayInput)(nil)).Elem(), ParameterPolicyMemberArray{}) pulumi.RegisterInputType(reflect.TypeOf((*RegionalParameterPolicyMemberInput)(nil)).Elem(), RegionalParameterPolicyMemberArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*RegionalParameterPolicyMemberArrayInput)(nil)).Elem(), RegionalParameterPolicyMemberArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*GetParameterPolicyMemberInput)(nil)).Elem(), GetParameterPolicyMemberArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*GetParameterPolicyMemberArrayInput)(nil)).Elem(), GetParameterPolicyMemberArray{}) pulumi.RegisterInputType(reflect.TypeOf((*GetRegionalParameterPolicyMemberInput)(nil)).Elem(), GetRegionalParameterPolicyMemberArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*GetRegionalParameterPolicyMemberArrayInput)(nil)).Elem(), GetRegionalParameterPolicyMemberArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*GetRegionalParametersParameterInput)(nil)).Elem(), GetRegionalParametersParameterArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*GetRegionalParametersParameterArrayInput)(nil)).Elem(), GetRegionalParametersParameterArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*GetRegionalParametersParameterPolicyMemberInput)(nil)).Elem(), GetRegionalParametersParameterPolicyMemberArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*GetRegionalParametersParameterPolicyMemberArrayInput)(nil)).Elem(), GetRegionalParametersParameterPolicyMemberArray{}) pulumi.RegisterOutputType(ParameterPolicyMemberOutput{}) pulumi.RegisterOutputType(ParameterPolicyMemberArrayOutput{}) pulumi.RegisterOutputType(RegionalParameterPolicyMemberOutput{}) pulumi.RegisterOutputType(RegionalParameterPolicyMemberArrayOutput{}) + pulumi.RegisterOutputType(GetParameterPolicyMemberOutput{}) + pulumi.RegisterOutputType(GetParameterPolicyMemberArrayOutput{}) pulumi.RegisterOutputType(GetRegionalParameterPolicyMemberOutput{}) pulumi.RegisterOutputType(GetRegionalParameterPolicyMemberArrayOutput{}) + pulumi.RegisterOutputType(GetRegionalParametersParameterOutput{}) + pulumi.RegisterOutputType(GetRegionalParametersParameterArrayOutput{}) + pulumi.RegisterOutputType(GetRegionalParametersParameterPolicyMemberOutput{}) + pulumi.RegisterOutputType(GetRegionalParametersParameterPolicyMemberArrayOutput{}) } diff --git a/sdk/go/gcp/parametermanager/regionalParameterVersion.go b/sdk/go/gcp/parametermanager/regionalParameterVersion.go index e8d4b8bd3f..c0a15e963a 100644 --- a/sdk/go/gcp/parametermanager/regionalParameterVersion.go +++ b/sdk/go/gcp/parametermanager/regionalParameterVersion.go @@ -55,8 +55,9 @@ import ( // // import ( // +// "encoding/json" +// // "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/parametermanager" -// "github.com/pulumi/pulumi-std/sdk/go/std" // "github.com/pulumi/pulumi/sdk/v3/go/pulumi" // // ) @@ -71,58 +72,18 @@ import ( // if err != nil { // return err // } -// invokeFile, err := std.File(ctx, &std.FileArgs{ -// Input: "parameter_data_json_format.yaml", -// }, nil) -// if err != nil { -// return err -// } -// _, err = parametermanager.NewRegionalParameterVersion(ctx, "regional-parameter-version-with-json-format", ¶metermanager.RegionalParameterVersionArgs{ -// Parameter: regional_parameter_basic.ID(), -// ParameterVersionId: pulumi.String("regional_parameter_version"), -// ParameterData: pulumi.String(invokeFile.Result), +// tmpJSON0, err := json.Marshal(map[string]interface{}{ +// "key1": "val1", +// "key2": "val2", // }) // if err != nil { // return err // } -// return nil -// }) -// } -// -// ``` -// ### Regional Parameter Version With Yaml Format -// -// ```go -// package main -// -// import ( -// -// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/parametermanager" -// "github.com/pulumi/pulumi-std/sdk/go/std" -// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" -// -// ) -// -// func main() { -// pulumi.Run(func(ctx *pulumi.Context) error { -// _, err := parametermanager.NewRegionalParameter(ctx, "regional-parameter-basic", ¶metermanager.RegionalParameterArgs{ -// ParameterId: pulumi.String("regional_parameter"), -// Format: pulumi.String("YAML"), -// Location: pulumi.String("us-central1"), -// }) -// if err != nil { -// return err -// } -// invokeFile, err := std.File(ctx, &std.FileArgs{ -// Input: "parameter_data_yaml_format.yaml", -// }, nil) -// if err != nil { -// return err -// } -// _, err = parametermanager.NewRegionalParameterVersion(ctx, "regional-parameter-version-with-yaml-format", ¶metermanager.RegionalParameterVersionArgs{ +// json0 := string(tmpJSON0) +// _, err = parametermanager.NewRegionalParameterVersion(ctx, "regional-parameter-version-with-json-format", ¶metermanager.RegionalParameterVersionArgs{ // Parameter: regional_parameter_basic.ID(), // ParameterVersionId: pulumi.String("regional_parameter_version"), -// ParameterData: pulumi.String(invokeFile.Result), +// ParameterData: pulumi.String(json0), // }) // if err != nil { // return err @@ -132,7 +93,6 @@ import ( // } // // ``` -// // ## Import // // RegionalParameterVersion can be imported using any of these accepted formats: diff --git a/sdk/go/gcp/provider.go b/sdk/go/gcp/provider.go index 72ba63cab0..e70afd7f11 100644 --- a/sdk/go/gcp/provider.go +++ b/sdk/go/gcp/provider.go @@ -25,6 +25,7 @@ type Provider struct { AlloydbCustomEndpoint pulumi.StringPtrOutput `pulumi:"alloydbCustomEndpoint"` ApiGatewayCustomEndpoint pulumi.StringPtrOutput `pulumi:"apiGatewayCustomEndpoint"` ApigeeCustomEndpoint pulumi.StringPtrOutput `pulumi:"apigeeCustomEndpoint"` + ApihubCustomEndpoint pulumi.StringPtrOutput `pulumi:"apihubCustomEndpoint"` ApikeysCustomEndpoint pulumi.StringPtrOutput `pulumi:"apikeysCustomEndpoint"` AppEngineCustomEndpoint pulumi.StringPtrOutput `pulumi:"appEngineCustomEndpoint"` ApphubCustomEndpoint pulumi.StringPtrOutput `pulumi:"apphubCustomEndpoint"` @@ -244,6 +245,7 @@ type providerArgs struct { AlloydbCustomEndpoint *string `pulumi:"alloydbCustomEndpoint"` ApiGatewayCustomEndpoint *string `pulumi:"apiGatewayCustomEndpoint"` ApigeeCustomEndpoint *string `pulumi:"apigeeCustomEndpoint"` + ApihubCustomEndpoint *string `pulumi:"apihubCustomEndpoint"` ApikeysCustomEndpoint *string `pulumi:"apikeysCustomEndpoint"` AppEngineCustomEndpoint *string `pulumi:"appEngineCustomEndpoint"` ApphubCustomEndpoint *string `pulumi:"apphubCustomEndpoint"` @@ -432,6 +434,7 @@ type ProviderArgs struct { AlloydbCustomEndpoint pulumi.StringPtrInput ApiGatewayCustomEndpoint pulumi.StringPtrInput ApigeeCustomEndpoint pulumi.StringPtrInput + ApihubCustomEndpoint pulumi.StringPtrInput ApikeysCustomEndpoint pulumi.StringPtrInput AppEngineCustomEndpoint pulumi.StringPtrInput ApphubCustomEndpoint pulumi.StringPtrInput @@ -675,6 +678,10 @@ func (o ProviderOutput) ApigeeCustomEndpoint() pulumi.StringPtrOutput { return o.ApplyT(func(v *Provider) pulumi.StringPtrOutput { return v.ApigeeCustomEndpoint }).(pulumi.StringPtrOutput) } +func (o ProviderOutput) ApihubCustomEndpoint() pulumi.StringPtrOutput { + return o.ApplyT(func(v *Provider) pulumi.StringPtrOutput { return v.ApihubCustomEndpoint }).(pulumi.StringPtrOutput) +} + func (o ProviderOutput) ApikeysCustomEndpoint() pulumi.StringPtrOutput { return o.ApplyT(func(v *Provider) pulumi.StringPtrOutput { return v.ApikeysCustomEndpoint }).(pulumi.StringPtrOutput) } diff --git a/sdk/go/gcp/pubsub/pulumiTypes.go b/sdk/go/gcp/pubsub/pulumiTypes.go index 12b426303e..e70df495e3 100644 --- a/sdk/go/gcp/pubsub/pulumiTypes.go +++ b/sdk/go/gcp/pubsub/pulumiTypes.go @@ -3669,6 +3669,9 @@ type TopicIngestionDataSourceSettings struct { // Settings for ingestion from Amazon Kinesis Data Streams. // Structure is documented below. AwsKinesis *TopicIngestionDataSourceSettingsAwsKinesis `pulumi:"awsKinesis"` + // Settings for ingestion from Azure Event Hubs. + // Structure is documented below. + AzureEventHubs *TopicIngestionDataSourceSettingsAzureEventHubs `pulumi:"azureEventHubs"` // Settings for ingestion from Cloud Storage. // Structure is documented below. CloudStorage *TopicIngestionDataSourceSettingsCloudStorage `pulumi:"cloudStorage"` @@ -3693,6 +3696,9 @@ type TopicIngestionDataSourceSettingsArgs struct { // Settings for ingestion from Amazon Kinesis Data Streams. // Structure is documented below. AwsKinesis TopicIngestionDataSourceSettingsAwsKinesisPtrInput `pulumi:"awsKinesis"` + // Settings for ingestion from Azure Event Hubs. + // Structure is documented below. + AzureEventHubs TopicIngestionDataSourceSettingsAzureEventHubsPtrInput `pulumi:"azureEventHubs"` // Settings for ingestion from Cloud Storage. // Structure is documented below. CloudStorage TopicIngestionDataSourceSettingsCloudStoragePtrInput `pulumi:"cloudStorage"` @@ -3787,6 +3793,14 @@ func (o TopicIngestionDataSourceSettingsOutput) AwsKinesis() TopicIngestionDataS }).(TopicIngestionDataSourceSettingsAwsKinesisPtrOutput) } +// Settings for ingestion from Azure Event Hubs. +// Structure is documented below. +func (o TopicIngestionDataSourceSettingsOutput) AzureEventHubs() TopicIngestionDataSourceSettingsAzureEventHubsPtrOutput { + return o.ApplyT(func(v TopicIngestionDataSourceSettings) *TopicIngestionDataSourceSettingsAzureEventHubs { + return v.AzureEventHubs + }).(TopicIngestionDataSourceSettingsAzureEventHubsPtrOutput) +} + // Settings for ingestion from Cloud Storage. // Structure is documented below. func (o TopicIngestionDataSourceSettingsOutput) CloudStorage() TopicIngestionDataSourceSettingsCloudStoragePtrOutput { @@ -3839,6 +3853,17 @@ func (o TopicIngestionDataSourceSettingsPtrOutput) AwsKinesis() TopicIngestionDa }).(TopicIngestionDataSourceSettingsAwsKinesisPtrOutput) } +// Settings for ingestion from Azure Event Hubs. +// Structure is documented below. +func (o TopicIngestionDataSourceSettingsPtrOutput) AzureEventHubs() TopicIngestionDataSourceSettingsAzureEventHubsPtrOutput { + return o.ApplyT(func(v *TopicIngestionDataSourceSettings) *TopicIngestionDataSourceSettingsAzureEventHubs { + if v == nil { + return nil + } + return v.AzureEventHubs + }).(TopicIngestionDataSourceSettingsAzureEventHubsPtrOutput) +} + // Settings for ingestion from Cloud Storage. // Structure is documented below. func (o TopicIngestionDataSourceSettingsPtrOutput) CloudStorage() TopicIngestionDataSourceSettingsCloudStoragePtrOutput { @@ -4084,6 +4109,265 @@ func (o TopicIngestionDataSourceSettingsAwsKinesisPtrOutput) StreamArn() pulumi. }).(pulumi.StringPtrOutput) } +type TopicIngestionDataSourceSettingsAzureEventHubs struct { + // The Azure event hub client ID to use for ingestion. + ClientId *string `pulumi:"clientId"` + // The Azure event hub to ingest data from. + EventHub *string `pulumi:"eventHub"` + // The GCP service account to be used for Federated Identity authentication + // with Azure (via a `AssumeRoleWithWebIdentity` call for the provided + // role). + GcpServiceAccount *string `pulumi:"gcpServiceAccount"` + // The Azure event hub namespace to ingest data from. + Namespace *string `pulumi:"namespace"` + // The name of the resource group within an Azure subscription. + ResourceGroup *string `pulumi:"resourceGroup"` + // The Azure event hub subscription ID to use for ingestion. + SubscriptionId *string `pulumi:"subscriptionId"` + // The Azure event hub tenant ID to use for ingestion. + TenantId *string `pulumi:"tenantId"` +} + +// TopicIngestionDataSourceSettingsAzureEventHubsInput is an input type that accepts TopicIngestionDataSourceSettingsAzureEventHubsArgs and TopicIngestionDataSourceSettingsAzureEventHubsOutput values. +// You can construct a concrete instance of `TopicIngestionDataSourceSettingsAzureEventHubsInput` via: +// +// TopicIngestionDataSourceSettingsAzureEventHubsArgs{...} +type TopicIngestionDataSourceSettingsAzureEventHubsInput interface { + pulumi.Input + + ToTopicIngestionDataSourceSettingsAzureEventHubsOutput() TopicIngestionDataSourceSettingsAzureEventHubsOutput + ToTopicIngestionDataSourceSettingsAzureEventHubsOutputWithContext(context.Context) TopicIngestionDataSourceSettingsAzureEventHubsOutput +} + +type TopicIngestionDataSourceSettingsAzureEventHubsArgs struct { + // The Azure event hub client ID to use for ingestion. + ClientId pulumi.StringPtrInput `pulumi:"clientId"` + // The Azure event hub to ingest data from. + EventHub pulumi.StringPtrInput `pulumi:"eventHub"` + // The GCP service account to be used for Federated Identity authentication + // with Azure (via a `AssumeRoleWithWebIdentity` call for the provided + // role). + GcpServiceAccount pulumi.StringPtrInput `pulumi:"gcpServiceAccount"` + // The Azure event hub namespace to ingest data from. + Namespace pulumi.StringPtrInput `pulumi:"namespace"` + // The name of the resource group within an Azure subscription. + ResourceGroup pulumi.StringPtrInput `pulumi:"resourceGroup"` + // The Azure event hub subscription ID to use for ingestion. + SubscriptionId pulumi.StringPtrInput `pulumi:"subscriptionId"` + // The Azure event hub tenant ID to use for ingestion. + TenantId pulumi.StringPtrInput `pulumi:"tenantId"` +} + +func (TopicIngestionDataSourceSettingsAzureEventHubsArgs) ElementType() reflect.Type { + return reflect.TypeOf((*TopicIngestionDataSourceSettingsAzureEventHubs)(nil)).Elem() +} + +func (i TopicIngestionDataSourceSettingsAzureEventHubsArgs) ToTopicIngestionDataSourceSettingsAzureEventHubsOutput() TopicIngestionDataSourceSettingsAzureEventHubsOutput { + return i.ToTopicIngestionDataSourceSettingsAzureEventHubsOutputWithContext(context.Background()) +} + +func (i TopicIngestionDataSourceSettingsAzureEventHubsArgs) ToTopicIngestionDataSourceSettingsAzureEventHubsOutputWithContext(ctx context.Context) TopicIngestionDataSourceSettingsAzureEventHubsOutput { + return pulumi.ToOutputWithContext(ctx, i).(TopicIngestionDataSourceSettingsAzureEventHubsOutput) +} + +func (i TopicIngestionDataSourceSettingsAzureEventHubsArgs) ToTopicIngestionDataSourceSettingsAzureEventHubsPtrOutput() TopicIngestionDataSourceSettingsAzureEventHubsPtrOutput { + return i.ToTopicIngestionDataSourceSettingsAzureEventHubsPtrOutputWithContext(context.Background()) +} + +func (i TopicIngestionDataSourceSettingsAzureEventHubsArgs) ToTopicIngestionDataSourceSettingsAzureEventHubsPtrOutputWithContext(ctx context.Context) TopicIngestionDataSourceSettingsAzureEventHubsPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(TopicIngestionDataSourceSettingsAzureEventHubsOutput).ToTopicIngestionDataSourceSettingsAzureEventHubsPtrOutputWithContext(ctx) +} + +// TopicIngestionDataSourceSettingsAzureEventHubsPtrInput is an input type that accepts TopicIngestionDataSourceSettingsAzureEventHubsArgs, TopicIngestionDataSourceSettingsAzureEventHubsPtr and TopicIngestionDataSourceSettingsAzureEventHubsPtrOutput values. +// You can construct a concrete instance of `TopicIngestionDataSourceSettingsAzureEventHubsPtrInput` via: +// +// TopicIngestionDataSourceSettingsAzureEventHubsArgs{...} +// +// or: +// +// nil +type TopicIngestionDataSourceSettingsAzureEventHubsPtrInput interface { + pulumi.Input + + ToTopicIngestionDataSourceSettingsAzureEventHubsPtrOutput() TopicIngestionDataSourceSettingsAzureEventHubsPtrOutput + ToTopicIngestionDataSourceSettingsAzureEventHubsPtrOutputWithContext(context.Context) TopicIngestionDataSourceSettingsAzureEventHubsPtrOutput +} + +type topicIngestionDataSourceSettingsAzureEventHubsPtrType TopicIngestionDataSourceSettingsAzureEventHubsArgs + +func TopicIngestionDataSourceSettingsAzureEventHubsPtr(v *TopicIngestionDataSourceSettingsAzureEventHubsArgs) TopicIngestionDataSourceSettingsAzureEventHubsPtrInput { + return (*topicIngestionDataSourceSettingsAzureEventHubsPtrType)(v) +} + +func (*topicIngestionDataSourceSettingsAzureEventHubsPtrType) ElementType() reflect.Type { + return reflect.TypeOf((**TopicIngestionDataSourceSettingsAzureEventHubs)(nil)).Elem() +} + +func (i *topicIngestionDataSourceSettingsAzureEventHubsPtrType) ToTopicIngestionDataSourceSettingsAzureEventHubsPtrOutput() TopicIngestionDataSourceSettingsAzureEventHubsPtrOutput { + return i.ToTopicIngestionDataSourceSettingsAzureEventHubsPtrOutputWithContext(context.Background()) +} + +func (i *topicIngestionDataSourceSettingsAzureEventHubsPtrType) ToTopicIngestionDataSourceSettingsAzureEventHubsPtrOutputWithContext(ctx context.Context) TopicIngestionDataSourceSettingsAzureEventHubsPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(TopicIngestionDataSourceSettingsAzureEventHubsPtrOutput) +} + +type TopicIngestionDataSourceSettingsAzureEventHubsOutput struct{ *pulumi.OutputState } + +func (TopicIngestionDataSourceSettingsAzureEventHubsOutput) ElementType() reflect.Type { + return reflect.TypeOf((*TopicIngestionDataSourceSettingsAzureEventHubs)(nil)).Elem() +} + +func (o TopicIngestionDataSourceSettingsAzureEventHubsOutput) ToTopicIngestionDataSourceSettingsAzureEventHubsOutput() TopicIngestionDataSourceSettingsAzureEventHubsOutput { + return o +} + +func (o TopicIngestionDataSourceSettingsAzureEventHubsOutput) ToTopicIngestionDataSourceSettingsAzureEventHubsOutputWithContext(ctx context.Context) TopicIngestionDataSourceSettingsAzureEventHubsOutput { + return o +} + +func (o TopicIngestionDataSourceSettingsAzureEventHubsOutput) ToTopicIngestionDataSourceSettingsAzureEventHubsPtrOutput() TopicIngestionDataSourceSettingsAzureEventHubsPtrOutput { + return o.ToTopicIngestionDataSourceSettingsAzureEventHubsPtrOutputWithContext(context.Background()) +} + +func (o TopicIngestionDataSourceSettingsAzureEventHubsOutput) ToTopicIngestionDataSourceSettingsAzureEventHubsPtrOutputWithContext(ctx context.Context) TopicIngestionDataSourceSettingsAzureEventHubsPtrOutput { + return o.ApplyTWithContext(ctx, func(_ context.Context, v TopicIngestionDataSourceSettingsAzureEventHubs) *TopicIngestionDataSourceSettingsAzureEventHubs { + return &v + }).(TopicIngestionDataSourceSettingsAzureEventHubsPtrOutput) +} + +// The Azure event hub client ID to use for ingestion. +func (o TopicIngestionDataSourceSettingsAzureEventHubsOutput) ClientId() pulumi.StringPtrOutput { + return o.ApplyT(func(v TopicIngestionDataSourceSettingsAzureEventHubs) *string { return v.ClientId }).(pulumi.StringPtrOutput) +} + +// The Azure event hub to ingest data from. +func (o TopicIngestionDataSourceSettingsAzureEventHubsOutput) EventHub() pulumi.StringPtrOutput { + return o.ApplyT(func(v TopicIngestionDataSourceSettingsAzureEventHubs) *string { return v.EventHub }).(pulumi.StringPtrOutput) +} + +// The GCP service account to be used for Federated Identity authentication +// with Azure (via a `AssumeRoleWithWebIdentity` call for the provided +// role). +func (o TopicIngestionDataSourceSettingsAzureEventHubsOutput) GcpServiceAccount() pulumi.StringPtrOutput { + return o.ApplyT(func(v TopicIngestionDataSourceSettingsAzureEventHubs) *string { return v.GcpServiceAccount }).(pulumi.StringPtrOutput) +} + +// The Azure event hub namespace to ingest data from. +func (o TopicIngestionDataSourceSettingsAzureEventHubsOutput) Namespace() pulumi.StringPtrOutput { + return o.ApplyT(func(v TopicIngestionDataSourceSettingsAzureEventHubs) *string { return v.Namespace }).(pulumi.StringPtrOutput) +} + +// The name of the resource group within an Azure subscription. +func (o TopicIngestionDataSourceSettingsAzureEventHubsOutput) ResourceGroup() pulumi.StringPtrOutput { + return o.ApplyT(func(v TopicIngestionDataSourceSettingsAzureEventHubs) *string { return v.ResourceGroup }).(pulumi.StringPtrOutput) +} + +// The Azure event hub subscription ID to use for ingestion. +func (o TopicIngestionDataSourceSettingsAzureEventHubsOutput) SubscriptionId() pulumi.StringPtrOutput { + return o.ApplyT(func(v TopicIngestionDataSourceSettingsAzureEventHubs) *string { return v.SubscriptionId }).(pulumi.StringPtrOutput) +} + +// The Azure event hub tenant ID to use for ingestion. +func (o TopicIngestionDataSourceSettingsAzureEventHubsOutput) TenantId() pulumi.StringPtrOutput { + return o.ApplyT(func(v TopicIngestionDataSourceSettingsAzureEventHubs) *string { return v.TenantId }).(pulumi.StringPtrOutput) +} + +type TopicIngestionDataSourceSettingsAzureEventHubsPtrOutput struct{ *pulumi.OutputState } + +func (TopicIngestionDataSourceSettingsAzureEventHubsPtrOutput) ElementType() reflect.Type { + return reflect.TypeOf((**TopicIngestionDataSourceSettingsAzureEventHubs)(nil)).Elem() +} + +func (o TopicIngestionDataSourceSettingsAzureEventHubsPtrOutput) ToTopicIngestionDataSourceSettingsAzureEventHubsPtrOutput() TopicIngestionDataSourceSettingsAzureEventHubsPtrOutput { + return o +} + +func (o TopicIngestionDataSourceSettingsAzureEventHubsPtrOutput) ToTopicIngestionDataSourceSettingsAzureEventHubsPtrOutputWithContext(ctx context.Context) TopicIngestionDataSourceSettingsAzureEventHubsPtrOutput { + return o +} + +func (o TopicIngestionDataSourceSettingsAzureEventHubsPtrOutput) Elem() TopicIngestionDataSourceSettingsAzureEventHubsOutput { + return o.ApplyT(func(v *TopicIngestionDataSourceSettingsAzureEventHubs) TopicIngestionDataSourceSettingsAzureEventHubs { + if v != nil { + return *v + } + var ret TopicIngestionDataSourceSettingsAzureEventHubs + return ret + }).(TopicIngestionDataSourceSettingsAzureEventHubsOutput) +} + +// The Azure event hub client ID to use for ingestion. +func (o TopicIngestionDataSourceSettingsAzureEventHubsPtrOutput) ClientId() pulumi.StringPtrOutput { + return o.ApplyT(func(v *TopicIngestionDataSourceSettingsAzureEventHubs) *string { + if v == nil { + return nil + } + return v.ClientId + }).(pulumi.StringPtrOutput) +} + +// The Azure event hub to ingest data from. +func (o TopicIngestionDataSourceSettingsAzureEventHubsPtrOutput) EventHub() pulumi.StringPtrOutput { + return o.ApplyT(func(v *TopicIngestionDataSourceSettingsAzureEventHubs) *string { + if v == nil { + return nil + } + return v.EventHub + }).(pulumi.StringPtrOutput) +} + +// The GCP service account to be used for Federated Identity authentication +// with Azure (via a `AssumeRoleWithWebIdentity` call for the provided +// role). +func (o TopicIngestionDataSourceSettingsAzureEventHubsPtrOutput) GcpServiceAccount() pulumi.StringPtrOutput { + return o.ApplyT(func(v *TopicIngestionDataSourceSettingsAzureEventHubs) *string { + if v == nil { + return nil + } + return v.GcpServiceAccount + }).(pulumi.StringPtrOutput) +} + +// The Azure event hub namespace to ingest data from. +func (o TopicIngestionDataSourceSettingsAzureEventHubsPtrOutput) Namespace() pulumi.StringPtrOutput { + return o.ApplyT(func(v *TopicIngestionDataSourceSettingsAzureEventHubs) *string { + if v == nil { + return nil + } + return v.Namespace + }).(pulumi.StringPtrOutput) +} + +// The name of the resource group within an Azure subscription. +func (o TopicIngestionDataSourceSettingsAzureEventHubsPtrOutput) ResourceGroup() pulumi.StringPtrOutput { + return o.ApplyT(func(v *TopicIngestionDataSourceSettingsAzureEventHubs) *string { + if v == nil { + return nil + } + return v.ResourceGroup + }).(pulumi.StringPtrOutput) +} + +// The Azure event hub subscription ID to use for ingestion. +func (o TopicIngestionDataSourceSettingsAzureEventHubsPtrOutput) SubscriptionId() pulumi.StringPtrOutput { + return o.ApplyT(func(v *TopicIngestionDataSourceSettingsAzureEventHubs) *string { + if v == nil { + return nil + } + return v.SubscriptionId + }).(pulumi.StringPtrOutput) +} + +// The Azure event hub tenant ID to use for ingestion. +func (o TopicIngestionDataSourceSettingsAzureEventHubsPtrOutput) TenantId() pulumi.StringPtrOutput { + return o.ApplyT(func(v *TopicIngestionDataSourceSettingsAzureEventHubs) *string { + if v == nil { + return nil + } + return v.TenantId + }).(pulumi.StringPtrOutput) +} + type TopicIngestionDataSourceSettingsCloudStorage struct { // Configuration for reading Cloud Storage data in Avro binary format. The // bytes of each object will be set to the `data` field of a Pub/Sub message. @@ -4912,6 +5196,11 @@ type TopicMessageStoragePolicy struct { // allowed regions. An empty list means that no regions are allowed, // and is not a valid configuration. AllowedPersistenceRegions []string `pulumi:"allowedPersistenceRegions"` + // If true, `allowedPersistenceRegions` is also used to enforce in-transit + // guarantees for messages. That is, Pub/Sub will fail topics.publish + // operations on this topic and subscribe operations on any subscription + // attached to this topic in any region that is not in `allowedPersistenceRegions`. + EnforceInTransit *bool `pulumi:"enforceInTransit"` } // TopicMessageStoragePolicyInput is an input type that accepts TopicMessageStoragePolicyArgs and TopicMessageStoragePolicyOutput values. @@ -4933,6 +5222,11 @@ type TopicMessageStoragePolicyArgs struct { // allowed regions. An empty list means that no regions are allowed, // and is not a valid configuration. AllowedPersistenceRegions pulumi.StringArrayInput `pulumi:"allowedPersistenceRegions"` + // If true, `allowedPersistenceRegions` is also used to enforce in-transit + // guarantees for messages. That is, Pub/Sub will fail topics.publish + // operations on this topic and subscribe operations on any subscription + // attached to this topic in any region that is not in `allowedPersistenceRegions`. + EnforceInTransit pulumi.BoolPtrInput `pulumi:"enforceInTransit"` } func (TopicMessageStoragePolicyArgs) ElementType() reflect.Type { @@ -5022,6 +5316,14 @@ func (o TopicMessageStoragePolicyOutput) AllowedPersistenceRegions() pulumi.Stri return o.ApplyT(func(v TopicMessageStoragePolicy) []string { return v.AllowedPersistenceRegions }).(pulumi.StringArrayOutput) } +// If true, `allowedPersistenceRegions` is also used to enforce in-transit +// guarantees for messages. That is, Pub/Sub will fail topics.publish +// operations on this topic and subscribe operations on any subscription +// attached to this topic in any region that is not in `allowedPersistenceRegions`. +func (o TopicMessageStoragePolicyOutput) EnforceInTransit() pulumi.BoolPtrOutput { + return o.ApplyT(func(v TopicMessageStoragePolicy) *bool { return v.EnforceInTransit }).(pulumi.BoolPtrOutput) +} + type TopicMessageStoragePolicyPtrOutput struct{ *pulumi.OutputState } func (TopicMessageStoragePolicyPtrOutput) ElementType() reflect.Type { @@ -5061,6 +5363,19 @@ func (o TopicMessageStoragePolicyPtrOutput) AllowedPersistenceRegions() pulumi.S }).(pulumi.StringArrayOutput) } +// If true, `allowedPersistenceRegions` is also used to enforce in-transit +// guarantees for messages. That is, Pub/Sub will fail topics.publish +// operations on this topic and subscribe operations on any subscription +// attached to this topic in any region that is not in `allowedPersistenceRegions`. +func (o TopicMessageStoragePolicyPtrOutput) EnforceInTransit() pulumi.BoolPtrOutput { + return o.ApplyT(func(v *TopicMessageStoragePolicy) *bool { + if v == nil { + return nil + } + return v.EnforceInTransit + }).(pulumi.BoolPtrOutput) +} + type TopicSchemaSettings struct { // The encoding of messages validated against schema. // Default value is `ENCODING_UNSPECIFIED`. @@ -6529,6 +6844,8 @@ func (o GetSubscriptionRetryPolicyArrayOutput) Index(i pulumi.IntInput) GetSubsc type GetTopicIngestionDataSourceSetting struct { // Settings for ingestion from Amazon Kinesis Data Streams. AwsKineses []GetTopicIngestionDataSourceSettingAwsKinese `pulumi:"awsKineses"` + // Settings for ingestion from Azure Event Hubs. + AzureEventHubs []GetTopicIngestionDataSourceSettingAzureEventHub `pulumi:"azureEventHubs"` // Settings for ingestion from Cloud Storage. CloudStorages []GetTopicIngestionDataSourceSettingCloudStorage `pulumi:"cloudStorages"` // Settings for Platform Logs regarding ingestion to Pub/Sub. If unset, @@ -6550,6 +6867,8 @@ type GetTopicIngestionDataSourceSettingInput interface { type GetTopicIngestionDataSourceSettingArgs struct { // Settings for ingestion from Amazon Kinesis Data Streams. AwsKineses GetTopicIngestionDataSourceSettingAwsKineseArrayInput `pulumi:"awsKineses"` + // Settings for ingestion from Azure Event Hubs. + AzureEventHubs GetTopicIngestionDataSourceSettingAzureEventHubArrayInput `pulumi:"azureEventHubs"` // Settings for ingestion from Cloud Storage. CloudStorages GetTopicIngestionDataSourceSettingCloudStorageArrayInput `pulumi:"cloudStorages"` // Settings for Platform Logs regarding ingestion to Pub/Sub. If unset, @@ -6615,6 +6934,13 @@ func (o GetTopicIngestionDataSourceSettingOutput) AwsKineses() GetTopicIngestion }).(GetTopicIngestionDataSourceSettingAwsKineseArrayOutput) } +// Settings for ingestion from Azure Event Hubs. +func (o GetTopicIngestionDataSourceSettingOutput) AzureEventHubs() GetTopicIngestionDataSourceSettingAzureEventHubArrayOutput { + return o.ApplyT(func(v GetTopicIngestionDataSourceSetting) []GetTopicIngestionDataSourceSettingAzureEventHub { + return v.AzureEventHubs + }).(GetTopicIngestionDataSourceSettingAzureEventHubArrayOutput) +} + // Settings for ingestion from Cloud Storage. func (o GetTopicIngestionDataSourceSettingOutput) CloudStorages() GetTopicIngestionDataSourceSettingCloudStorageArrayOutput { return o.ApplyT(func(v GetTopicIngestionDataSourceSetting) []GetTopicIngestionDataSourceSettingCloudStorage { @@ -6795,6 +7121,163 @@ func (o GetTopicIngestionDataSourceSettingAwsKineseArrayOutput) Index(i pulumi.I }).(GetTopicIngestionDataSourceSettingAwsKineseOutput) } +type GetTopicIngestionDataSourceSettingAzureEventHub struct { + // The Azure event hub client ID to use for ingestion. + ClientId string `pulumi:"clientId"` + // The Azure event hub to ingest data from. + EventHub string `pulumi:"eventHub"` + // The GCP service account to be used for Federated Identity authentication + // with Azure (via a 'AssumeRoleWithWebIdentity' call for the provided + // role). + GcpServiceAccount string `pulumi:"gcpServiceAccount"` + // The Azure event hub namespace to ingest data from. + Namespace string `pulumi:"namespace"` + // The name of the resource group within an Azure subscription. + ResourceGroup string `pulumi:"resourceGroup"` + // The Azure event hub subscription ID to use for ingestion. + SubscriptionId string `pulumi:"subscriptionId"` + // The Azure event hub tenant ID to use for ingestion. + TenantId string `pulumi:"tenantId"` +} + +// GetTopicIngestionDataSourceSettingAzureEventHubInput is an input type that accepts GetTopicIngestionDataSourceSettingAzureEventHubArgs and GetTopicIngestionDataSourceSettingAzureEventHubOutput values. +// You can construct a concrete instance of `GetTopicIngestionDataSourceSettingAzureEventHubInput` via: +// +// GetTopicIngestionDataSourceSettingAzureEventHubArgs{...} +type GetTopicIngestionDataSourceSettingAzureEventHubInput interface { + pulumi.Input + + ToGetTopicIngestionDataSourceSettingAzureEventHubOutput() GetTopicIngestionDataSourceSettingAzureEventHubOutput + ToGetTopicIngestionDataSourceSettingAzureEventHubOutputWithContext(context.Context) GetTopicIngestionDataSourceSettingAzureEventHubOutput +} + +type GetTopicIngestionDataSourceSettingAzureEventHubArgs struct { + // The Azure event hub client ID to use for ingestion. + ClientId pulumi.StringInput `pulumi:"clientId"` + // The Azure event hub to ingest data from. + EventHub pulumi.StringInput `pulumi:"eventHub"` + // The GCP service account to be used for Federated Identity authentication + // with Azure (via a 'AssumeRoleWithWebIdentity' call for the provided + // role). + GcpServiceAccount pulumi.StringInput `pulumi:"gcpServiceAccount"` + // The Azure event hub namespace to ingest data from. + Namespace pulumi.StringInput `pulumi:"namespace"` + // The name of the resource group within an Azure subscription. + ResourceGroup pulumi.StringInput `pulumi:"resourceGroup"` + // The Azure event hub subscription ID to use for ingestion. + SubscriptionId pulumi.StringInput `pulumi:"subscriptionId"` + // The Azure event hub tenant ID to use for ingestion. + TenantId pulumi.StringInput `pulumi:"tenantId"` +} + +func (GetTopicIngestionDataSourceSettingAzureEventHubArgs) ElementType() reflect.Type { + return reflect.TypeOf((*GetTopicIngestionDataSourceSettingAzureEventHub)(nil)).Elem() +} + +func (i GetTopicIngestionDataSourceSettingAzureEventHubArgs) ToGetTopicIngestionDataSourceSettingAzureEventHubOutput() GetTopicIngestionDataSourceSettingAzureEventHubOutput { + return i.ToGetTopicIngestionDataSourceSettingAzureEventHubOutputWithContext(context.Background()) +} + +func (i GetTopicIngestionDataSourceSettingAzureEventHubArgs) ToGetTopicIngestionDataSourceSettingAzureEventHubOutputWithContext(ctx context.Context) GetTopicIngestionDataSourceSettingAzureEventHubOutput { + return pulumi.ToOutputWithContext(ctx, i).(GetTopicIngestionDataSourceSettingAzureEventHubOutput) +} + +// GetTopicIngestionDataSourceSettingAzureEventHubArrayInput is an input type that accepts GetTopicIngestionDataSourceSettingAzureEventHubArray and GetTopicIngestionDataSourceSettingAzureEventHubArrayOutput values. +// You can construct a concrete instance of `GetTopicIngestionDataSourceSettingAzureEventHubArrayInput` via: +// +// GetTopicIngestionDataSourceSettingAzureEventHubArray{ GetTopicIngestionDataSourceSettingAzureEventHubArgs{...} } +type GetTopicIngestionDataSourceSettingAzureEventHubArrayInput interface { + pulumi.Input + + ToGetTopicIngestionDataSourceSettingAzureEventHubArrayOutput() GetTopicIngestionDataSourceSettingAzureEventHubArrayOutput + ToGetTopicIngestionDataSourceSettingAzureEventHubArrayOutputWithContext(context.Context) GetTopicIngestionDataSourceSettingAzureEventHubArrayOutput +} + +type GetTopicIngestionDataSourceSettingAzureEventHubArray []GetTopicIngestionDataSourceSettingAzureEventHubInput + +func (GetTopicIngestionDataSourceSettingAzureEventHubArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]GetTopicIngestionDataSourceSettingAzureEventHub)(nil)).Elem() +} + +func (i GetTopicIngestionDataSourceSettingAzureEventHubArray) ToGetTopicIngestionDataSourceSettingAzureEventHubArrayOutput() GetTopicIngestionDataSourceSettingAzureEventHubArrayOutput { + return i.ToGetTopicIngestionDataSourceSettingAzureEventHubArrayOutputWithContext(context.Background()) +} + +func (i GetTopicIngestionDataSourceSettingAzureEventHubArray) ToGetTopicIngestionDataSourceSettingAzureEventHubArrayOutputWithContext(ctx context.Context) GetTopicIngestionDataSourceSettingAzureEventHubArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(GetTopicIngestionDataSourceSettingAzureEventHubArrayOutput) +} + +type GetTopicIngestionDataSourceSettingAzureEventHubOutput struct{ *pulumi.OutputState } + +func (GetTopicIngestionDataSourceSettingAzureEventHubOutput) ElementType() reflect.Type { + return reflect.TypeOf((*GetTopicIngestionDataSourceSettingAzureEventHub)(nil)).Elem() +} + +func (o GetTopicIngestionDataSourceSettingAzureEventHubOutput) ToGetTopicIngestionDataSourceSettingAzureEventHubOutput() GetTopicIngestionDataSourceSettingAzureEventHubOutput { + return o +} + +func (o GetTopicIngestionDataSourceSettingAzureEventHubOutput) ToGetTopicIngestionDataSourceSettingAzureEventHubOutputWithContext(ctx context.Context) GetTopicIngestionDataSourceSettingAzureEventHubOutput { + return o +} + +// The Azure event hub client ID to use for ingestion. +func (o GetTopicIngestionDataSourceSettingAzureEventHubOutput) ClientId() pulumi.StringOutput { + return o.ApplyT(func(v GetTopicIngestionDataSourceSettingAzureEventHub) string { return v.ClientId }).(pulumi.StringOutput) +} + +// The Azure event hub to ingest data from. +func (o GetTopicIngestionDataSourceSettingAzureEventHubOutput) EventHub() pulumi.StringOutput { + return o.ApplyT(func(v GetTopicIngestionDataSourceSettingAzureEventHub) string { return v.EventHub }).(pulumi.StringOutput) +} + +// The GCP service account to be used for Federated Identity authentication +// with Azure (via a 'AssumeRoleWithWebIdentity' call for the provided +// role). +func (o GetTopicIngestionDataSourceSettingAzureEventHubOutput) GcpServiceAccount() pulumi.StringOutput { + return o.ApplyT(func(v GetTopicIngestionDataSourceSettingAzureEventHub) string { return v.GcpServiceAccount }).(pulumi.StringOutput) +} + +// The Azure event hub namespace to ingest data from. +func (o GetTopicIngestionDataSourceSettingAzureEventHubOutput) Namespace() pulumi.StringOutput { + return o.ApplyT(func(v GetTopicIngestionDataSourceSettingAzureEventHub) string { return v.Namespace }).(pulumi.StringOutput) +} + +// The name of the resource group within an Azure subscription. +func (o GetTopicIngestionDataSourceSettingAzureEventHubOutput) ResourceGroup() pulumi.StringOutput { + return o.ApplyT(func(v GetTopicIngestionDataSourceSettingAzureEventHub) string { return v.ResourceGroup }).(pulumi.StringOutput) +} + +// The Azure event hub subscription ID to use for ingestion. +func (o GetTopicIngestionDataSourceSettingAzureEventHubOutput) SubscriptionId() pulumi.StringOutput { + return o.ApplyT(func(v GetTopicIngestionDataSourceSettingAzureEventHub) string { return v.SubscriptionId }).(pulumi.StringOutput) +} + +// The Azure event hub tenant ID to use for ingestion. +func (o GetTopicIngestionDataSourceSettingAzureEventHubOutput) TenantId() pulumi.StringOutput { + return o.ApplyT(func(v GetTopicIngestionDataSourceSettingAzureEventHub) string { return v.TenantId }).(pulumi.StringOutput) +} + +type GetTopicIngestionDataSourceSettingAzureEventHubArrayOutput struct{ *pulumi.OutputState } + +func (GetTopicIngestionDataSourceSettingAzureEventHubArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]GetTopicIngestionDataSourceSettingAzureEventHub)(nil)).Elem() +} + +func (o GetTopicIngestionDataSourceSettingAzureEventHubArrayOutput) ToGetTopicIngestionDataSourceSettingAzureEventHubArrayOutput() GetTopicIngestionDataSourceSettingAzureEventHubArrayOutput { + return o +} + +func (o GetTopicIngestionDataSourceSettingAzureEventHubArrayOutput) ToGetTopicIngestionDataSourceSettingAzureEventHubArrayOutputWithContext(ctx context.Context) GetTopicIngestionDataSourceSettingAzureEventHubArrayOutput { + return o +} + +func (o GetTopicIngestionDataSourceSettingAzureEventHubArrayOutput) Index(i pulumi.IntInput) GetTopicIngestionDataSourceSettingAzureEventHubOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) GetTopicIngestionDataSourceSettingAzureEventHub { + return vs[0].([]GetTopicIngestionDataSourceSettingAzureEventHub)[vs[1].(int)] + }).(GetTopicIngestionDataSourceSettingAzureEventHubOutput) +} + type GetTopicIngestionDataSourceSettingCloudStorage struct { // Configuration for reading Cloud Storage data in Avro binary format. The // bytes of each object will be set to the 'data' field of a Pub/Sub message. @@ -7366,6 +7849,11 @@ type GetTopicMessageStoragePolicy struct { // allowed regions. An empty list means that no regions are allowed, // and is not a valid configuration. AllowedPersistenceRegions []string `pulumi:"allowedPersistenceRegions"` + // If true, 'allowedPersistenceRegions' is also used to enforce in-transit + // guarantees for messages. That is, Pub/Sub will fail topics.publish + // operations on this topic and subscribe operations on any subscription + // attached to this topic in any region that is not in 'allowedPersistenceRegions'. + EnforceInTransit bool `pulumi:"enforceInTransit"` } // GetTopicMessageStoragePolicyInput is an input type that accepts GetTopicMessageStoragePolicyArgs and GetTopicMessageStoragePolicyOutput values. @@ -7387,6 +7875,11 @@ type GetTopicMessageStoragePolicyArgs struct { // allowed regions. An empty list means that no regions are allowed, // and is not a valid configuration. AllowedPersistenceRegions pulumi.StringArrayInput `pulumi:"allowedPersistenceRegions"` + // If true, 'allowedPersistenceRegions' is also used to enforce in-transit + // guarantees for messages. That is, Pub/Sub will fail topics.publish + // operations on this topic and subscribe operations on any subscription + // attached to this topic in any region that is not in 'allowedPersistenceRegions'. + EnforceInTransit pulumi.BoolInput `pulumi:"enforceInTransit"` } func (GetTopicMessageStoragePolicyArgs) ElementType() reflect.Type { @@ -7450,6 +7943,14 @@ func (o GetTopicMessageStoragePolicyOutput) AllowedPersistenceRegions() pulumi.S return o.ApplyT(func(v GetTopicMessageStoragePolicy) []string { return v.AllowedPersistenceRegions }).(pulumi.StringArrayOutput) } +// If true, 'allowedPersistenceRegions' is also used to enforce in-transit +// guarantees for messages. That is, Pub/Sub will fail topics.publish +// operations on this topic and subscribe operations on any subscription +// attached to this topic in any region that is not in 'allowedPersistenceRegions'. +func (o GetTopicMessageStoragePolicyOutput) EnforceInTransit() pulumi.BoolOutput { + return o.ApplyT(func(v GetTopicMessageStoragePolicy) bool { return v.EnforceInTransit }).(pulumi.BoolOutput) +} + type GetTopicMessageStoragePolicyArrayOutput struct{ *pulumi.OutputState } func (GetTopicMessageStoragePolicyArrayOutput) ElementType() reflect.Type { @@ -7630,6 +8131,8 @@ func init() { pulumi.RegisterInputType(reflect.TypeOf((*TopicIngestionDataSourceSettingsPtrInput)(nil)).Elem(), TopicIngestionDataSourceSettingsArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*TopicIngestionDataSourceSettingsAwsKinesisInput)(nil)).Elem(), TopicIngestionDataSourceSettingsAwsKinesisArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*TopicIngestionDataSourceSettingsAwsKinesisPtrInput)(nil)).Elem(), TopicIngestionDataSourceSettingsAwsKinesisArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*TopicIngestionDataSourceSettingsAzureEventHubsInput)(nil)).Elem(), TopicIngestionDataSourceSettingsAzureEventHubsArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*TopicIngestionDataSourceSettingsAzureEventHubsPtrInput)(nil)).Elem(), TopicIngestionDataSourceSettingsAzureEventHubsArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*TopicIngestionDataSourceSettingsCloudStorageInput)(nil)).Elem(), TopicIngestionDataSourceSettingsCloudStorageArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*TopicIngestionDataSourceSettingsCloudStoragePtrInput)(nil)).Elem(), TopicIngestionDataSourceSettingsCloudStorageArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*TopicIngestionDataSourceSettingsCloudStorageAvroFormatInput)(nil)).Elem(), TopicIngestionDataSourceSettingsCloudStorageAvroFormatArgs{}) @@ -7666,6 +8169,8 @@ func init() { pulumi.RegisterInputType(reflect.TypeOf((*GetTopicIngestionDataSourceSettingArrayInput)(nil)).Elem(), GetTopicIngestionDataSourceSettingArray{}) pulumi.RegisterInputType(reflect.TypeOf((*GetTopicIngestionDataSourceSettingAwsKineseInput)(nil)).Elem(), GetTopicIngestionDataSourceSettingAwsKineseArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*GetTopicIngestionDataSourceSettingAwsKineseArrayInput)(nil)).Elem(), GetTopicIngestionDataSourceSettingAwsKineseArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*GetTopicIngestionDataSourceSettingAzureEventHubInput)(nil)).Elem(), GetTopicIngestionDataSourceSettingAzureEventHubArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*GetTopicIngestionDataSourceSettingAzureEventHubArrayInput)(nil)).Elem(), GetTopicIngestionDataSourceSettingAzureEventHubArray{}) pulumi.RegisterInputType(reflect.TypeOf((*GetTopicIngestionDataSourceSettingCloudStorageInput)(nil)).Elem(), GetTopicIngestionDataSourceSettingCloudStorageArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*GetTopicIngestionDataSourceSettingCloudStorageArrayInput)(nil)).Elem(), GetTopicIngestionDataSourceSettingCloudStorageArray{}) pulumi.RegisterInputType(reflect.TypeOf((*GetTopicIngestionDataSourceSettingCloudStorageAvroFormatInput)(nil)).Elem(), GetTopicIngestionDataSourceSettingCloudStorageAvroFormatArgs{}) @@ -7724,6 +8229,8 @@ func init() { pulumi.RegisterOutputType(TopicIngestionDataSourceSettingsPtrOutput{}) pulumi.RegisterOutputType(TopicIngestionDataSourceSettingsAwsKinesisOutput{}) pulumi.RegisterOutputType(TopicIngestionDataSourceSettingsAwsKinesisPtrOutput{}) + pulumi.RegisterOutputType(TopicIngestionDataSourceSettingsAzureEventHubsOutput{}) + pulumi.RegisterOutputType(TopicIngestionDataSourceSettingsAzureEventHubsPtrOutput{}) pulumi.RegisterOutputType(TopicIngestionDataSourceSettingsCloudStorageOutput{}) pulumi.RegisterOutputType(TopicIngestionDataSourceSettingsCloudStoragePtrOutput{}) pulumi.RegisterOutputType(TopicIngestionDataSourceSettingsCloudStorageAvroFormatOutput{}) @@ -7760,6 +8267,8 @@ func init() { pulumi.RegisterOutputType(GetTopicIngestionDataSourceSettingArrayOutput{}) pulumi.RegisterOutputType(GetTopicIngestionDataSourceSettingAwsKineseOutput{}) pulumi.RegisterOutputType(GetTopicIngestionDataSourceSettingAwsKineseArrayOutput{}) + pulumi.RegisterOutputType(GetTopicIngestionDataSourceSettingAzureEventHubOutput{}) + pulumi.RegisterOutputType(GetTopicIngestionDataSourceSettingAzureEventHubArrayOutput{}) pulumi.RegisterOutputType(GetTopicIngestionDataSourceSettingCloudStorageOutput{}) pulumi.RegisterOutputType(GetTopicIngestionDataSourceSettingCloudStorageArrayOutput{}) pulumi.RegisterOutputType(GetTopicIngestionDataSourceSettingCloudStorageAvroFormatOutput{}) diff --git a/sdk/go/gcp/pubsub/topic.go b/sdk/go/gcp/pubsub/topic.go index fd50335734..c8437d2002 100644 --- a/sdk/go/gcp/pubsub/topic.go +++ b/sdk/go/gcp/pubsub/topic.go @@ -114,6 +114,7 @@ import ( // AllowedPersistenceRegions: pulumi.StringArray{ // pulumi.String("europe-west3"), // }, +// EnforceInTransit: pulumi.Bool(true), // }, // }) // if err != nil { @@ -250,6 +251,42 @@ import ( // } // // ``` +// ### Pubsub Topic Ingestion Azure Event Hubs +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/pubsub" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := pubsub.NewTopic(ctx, "example", &pubsub.TopicArgs{ +// Name: pulumi.String("example-topic"), +// IngestionDataSourceSettings: &pubsub.TopicIngestionDataSourceSettingsArgs{ +// AzureEventHubs: &pubsub.TopicIngestionDataSourceSettingsAzureEventHubsArgs{ +// ResourceGroup: pulumi.String("azure-ingestion-resource-group"), +// Namespace: pulumi.String("azure-ingestion-namespace"), +// EventHub: pulumi.String("azure-ingestion-event-hub"), +// ClientId: pulumi.String("aZZZZZZZ-YYYY-HHHH-GGGG-abcdef569123"), +// TenantId: pulumi.String("0XXXXXXX-YYYY-HHHH-GGGG-123456789123"), +// SubscriptionId: pulumi.String("bXXXXXXX-YYYY-HHHH-GGGG-123456789123"), +// GcpServiceAccount: pulumi.String("fake-service-account@fake-gcp-project.iam.gserviceaccount.com"), +// }, +// }, +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` // // ## Import // diff --git a/sdk/go/gcp/redis/cluster.go b/sdk/go/gcp/redis/cluster.go index bd8e453385..c081857d86 100644 --- a/sdk/go/gcp/redis/cluster.go +++ b/sdk/go/gcp/redis/cluster.go @@ -595,17 +595,19 @@ type Cluster struct { pulumi.CustomResourceState // Optional. The authorization mode of the Redis cluster. If not provided, auth feature is disabled for the cluster. - // Default value: "AUTH_MODE_DISABLED" Possible values: ["AUTH_MODE_UNSPECIFIED", "AUTH_MODE_IAM_AUTH", - // "AUTH_MODE_DISABLED"] + // Default value is `AUTH_MODE_DISABLED`. + // Possible values are: `AUTH_MODE_UNSPECIFIED`, `AUTH_MODE_IAM_AUTH`, `AUTH_MODE_DISABLED`. AuthorizationMode pulumi.StringPtrOutput `pulumi:"authorizationMode"` // The timestamp associated with the cluster creation request. A timestamp in // RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional // digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". CreateTime pulumi.StringOutput `pulumi:"createTime"` // Cross cluster replication config + // Structure is documented below. CrossClusterReplicationConfig ClusterCrossClusterReplicationConfigOutput `pulumi:"crossClusterReplicationConfig"` - // Optional. Indicates if the cluster is deletion protected or not. If the value if set to true, any delete cluster - // operation will fail. Default value is true. + // Optional. Indicates if the cluster is deletion protected or not. + // If the value if set to true, any delete cluster operation will fail. + // Default value is true. DeletionProtectionEnabled pulumi.BoolPtrOutput `pulumi:"deletionProtectionEnabled"` // Output only. Endpoints created on each given network, // for Redis clients to connect to the cluster. @@ -613,21 +615,28 @@ type Cluster struct { // Structure is documented below. DiscoveryEndpoints ClusterDiscoveryEndpointArrayOutput `pulumi:"discoveryEndpoints"` // Maintenance policy for a cluster + // Structure is documented below. MaintenancePolicy ClusterMaintenancePolicyPtrOutput `pulumi:"maintenancePolicy"` // Upcoming maintenance schedule. // Structure is documented below. MaintenanceSchedules ClusterMaintenanceScheduleArrayOutput `pulumi:"maintenanceSchedules"` // Unique name of the resource in this scope including project and location using the form: // projects/{projectId}/locations/{locationId}/clusters/{clusterId} + // + // *** Name pulumi.StringOutput `pulumi:"name"` - // The nodeType for the Redis cluster. If not provided, REDIS_HIGHMEM_MEDIUM will be used as default Possible values: - // ["REDIS_SHARED_CORE_NANO", "REDIS_HIGHMEM_MEDIUM", "REDIS_HIGHMEM_XLARGE", "REDIS_STANDARD_SMALL"] + // The nodeType for the Redis cluster. + // If not provided, REDIS_HIGHMEM_MEDIUM will be used as default + // Possible values are: `REDIS_SHARED_CORE_NANO`, `REDIS_HIGHMEM_MEDIUM`, `REDIS_HIGHMEM_XLARGE`, `REDIS_STANDARD_SMALL`. NodeType pulumi.StringOutput `pulumi:"nodeType"` // Persistence config (RDB, AOF) for the cluster. + // Structure is documented below. PersistenceConfig ClusterPersistenceConfigOutput `pulumi:"persistenceConfig"` // Output only. Redis memory precise size in GB for the entire cluster. PreciseSizeGb pulumi.Float64Output `pulumi:"preciseSizeGb"` - Project pulumi.StringOutput `pulumi:"project"` + // The ID of the project in which the resource belongs. + // If it is not provided, the provider project is used. + Project pulumi.StringOutput `pulumi:"project"` // Required. Each PscConfig configures the consumer network where two // network addresses will be designated to the cluster for client access. // Currently, only one PscConfig is supported. @@ -636,8 +645,11 @@ type Cluster struct { // Output only. PSC connections for discovery of the cluster topology and accessing the cluster. // Structure is documented below. PscConnections ClusterPscConnectionArrayOutput `pulumi:"pscConnections"` - // Configure Redis Cluster behavior using a subset of native Redis configuration parameters. Please check Memorystore - // documentation for the list of supported parameters: + // Service attachment details to configure Psc connections. + // Structure is documented below. + PscServiceAttachments ClusterPscServiceAttachmentArrayOutput `pulumi:"pscServiceAttachments"` + // Configure Redis Cluster behavior using a subset of native Redis configuration parameters. + // Please check Memorystore documentation for the list of supported parameters: // https://cloud.google.com/memorystore/docs/cluster/supported-instance-configurations RedisConfigs pulumi.StringMapOutput `pulumi:"redisConfigs"` // The name of the region of the Redis cluster. @@ -653,14 +665,16 @@ type Cluster struct { // Output only. Additional information about the current state of the cluster. // Structure is documented below. StateInfos ClusterStateInfoArrayOutput `pulumi:"stateInfos"` - // Optional. The in-transit encryption for the Redis cluster. If not provided, encryption is disabled for the cluster. - // Default value: "TRANSIT_ENCRYPTION_MODE_DISABLED" Possible values: ["TRANSIT_ENCRYPTION_MODE_UNSPECIFIED", - // "TRANSIT_ENCRYPTION_MODE_DISABLED", "TRANSIT_ENCRYPTION_MODE_SERVER_AUTHENTICATION"] + // Optional. The in-transit encryption for the Redis cluster. + // If not provided, encryption is disabled for the cluster. + // Default value is `TRANSIT_ENCRYPTION_MODE_DISABLED`. + // Possible values are: `TRANSIT_ENCRYPTION_MODE_UNSPECIFIED`, `TRANSIT_ENCRYPTION_MODE_DISABLED`, `TRANSIT_ENCRYPTION_MODE_SERVER_AUTHENTICATION`. TransitEncryptionMode pulumi.StringPtrOutput `pulumi:"transitEncryptionMode"` // System assigned, unique identifier for the cluster. Uid pulumi.StringOutput `pulumi:"uid"` // Immutable. Zone distribution config for Memorystore Redis cluster. - ZoneDistributionConfig ClusterZoneDistributionConfigPtrOutput `pulumi:"zoneDistributionConfig"` + // Structure is documented below. + ZoneDistributionConfig ClusterZoneDistributionConfigOutput `pulumi:"zoneDistributionConfig"` } // NewCluster registers a new resource with the given unique name, arguments, and options. @@ -670,9 +684,6 @@ func NewCluster(ctx *pulumi.Context, return nil, errors.New("missing one or more required arguments") } - if args.PscConfigs == nil { - return nil, errors.New("invalid value for required argument 'PscConfigs'") - } if args.ShardCount == nil { return nil, errors.New("invalid value for required argument 'ShardCount'") } @@ -700,17 +711,19 @@ func GetCluster(ctx *pulumi.Context, // Input properties used for looking up and filtering Cluster resources. type clusterState struct { // Optional. The authorization mode of the Redis cluster. If not provided, auth feature is disabled for the cluster. - // Default value: "AUTH_MODE_DISABLED" Possible values: ["AUTH_MODE_UNSPECIFIED", "AUTH_MODE_IAM_AUTH", - // "AUTH_MODE_DISABLED"] + // Default value is `AUTH_MODE_DISABLED`. + // Possible values are: `AUTH_MODE_UNSPECIFIED`, `AUTH_MODE_IAM_AUTH`, `AUTH_MODE_DISABLED`. AuthorizationMode *string `pulumi:"authorizationMode"` // The timestamp associated with the cluster creation request. A timestamp in // RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional // digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". CreateTime *string `pulumi:"createTime"` // Cross cluster replication config + // Structure is documented below. CrossClusterReplicationConfig *ClusterCrossClusterReplicationConfig `pulumi:"crossClusterReplicationConfig"` - // Optional. Indicates if the cluster is deletion protected or not. If the value if set to true, any delete cluster - // operation will fail. Default value is true. + // Optional. Indicates if the cluster is deletion protected or not. + // If the value if set to true, any delete cluster operation will fail. + // Default value is true. DeletionProtectionEnabled *bool `pulumi:"deletionProtectionEnabled"` // Output only. Endpoints created on each given network, // for Redis clients to connect to the cluster. @@ -718,21 +731,28 @@ type clusterState struct { // Structure is documented below. DiscoveryEndpoints []ClusterDiscoveryEndpoint `pulumi:"discoveryEndpoints"` // Maintenance policy for a cluster + // Structure is documented below. MaintenancePolicy *ClusterMaintenancePolicy `pulumi:"maintenancePolicy"` // Upcoming maintenance schedule. // Structure is documented below. MaintenanceSchedules []ClusterMaintenanceSchedule `pulumi:"maintenanceSchedules"` // Unique name of the resource in this scope including project and location using the form: // projects/{projectId}/locations/{locationId}/clusters/{clusterId} + // + // *** Name *string `pulumi:"name"` - // The nodeType for the Redis cluster. If not provided, REDIS_HIGHMEM_MEDIUM will be used as default Possible values: - // ["REDIS_SHARED_CORE_NANO", "REDIS_HIGHMEM_MEDIUM", "REDIS_HIGHMEM_XLARGE", "REDIS_STANDARD_SMALL"] + // The nodeType for the Redis cluster. + // If not provided, REDIS_HIGHMEM_MEDIUM will be used as default + // Possible values are: `REDIS_SHARED_CORE_NANO`, `REDIS_HIGHMEM_MEDIUM`, `REDIS_HIGHMEM_XLARGE`, `REDIS_STANDARD_SMALL`. NodeType *string `pulumi:"nodeType"` // Persistence config (RDB, AOF) for the cluster. + // Structure is documented below. PersistenceConfig *ClusterPersistenceConfig `pulumi:"persistenceConfig"` // Output only. Redis memory precise size in GB for the entire cluster. PreciseSizeGb *float64 `pulumi:"preciseSizeGb"` - Project *string `pulumi:"project"` + // The ID of the project in which the resource belongs. + // If it is not provided, the provider project is used. + Project *string `pulumi:"project"` // Required. Each PscConfig configures the consumer network where two // network addresses will be designated to the cluster for client access. // Currently, only one PscConfig is supported. @@ -741,8 +761,11 @@ type clusterState struct { // Output only. PSC connections for discovery of the cluster topology and accessing the cluster. // Structure is documented below. PscConnections []ClusterPscConnection `pulumi:"pscConnections"` - // Configure Redis Cluster behavior using a subset of native Redis configuration parameters. Please check Memorystore - // documentation for the list of supported parameters: + // Service attachment details to configure Psc connections. + // Structure is documented below. + PscServiceAttachments []ClusterPscServiceAttachment `pulumi:"pscServiceAttachments"` + // Configure Redis Cluster behavior using a subset of native Redis configuration parameters. + // Please check Memorystore documentation for the list of supported parameters: // https://cloud.google.com/memorystore/docs/cluster/supported-instance-configurations RedisConfigs map[string]string `pulumi:"redisConfigs"` // The name of the region of the Redis cluster. @@ -758,29 +781,33 @@ type clusterState struct { // Output only. Additional information about the current state of the cluster. // Structure is documented below. StateInfos []ClusterStateInfo `pulumi:"stateInfos"` - // Optional. The in-transit encryption for the Redis cluster. If not provided, encryption is disabled for the cluster. - // Default value: "TRANSIT_ENCRYPTION_MODE_DISABLED" Possible values: ["TRANSIT_ENCRYPTION_MODE_UNSPECIFIED", - // "TRANSIT_ENCRYPTION_MODE_DISABLED", "TRANSIT_ENCRYPTION_MODE_SERVER_AUTHENTICATION"] + // Optional. The in-transit encryption for the Redis cluster. + // If not provided, encryption is disabled for the cluster. + // Default value is `TRANSIT_ENCRYPTION_MODE_DISABLED`. + // Possible values are: `TRANSIT_ENCRYPTION_MODE_UNSPECIFIED`, `TRANSIT_ENCRYPTION_MODE_DISABLED`, `TRANSIT_ENCRYPTION_MODE_SERVER_AUTHENTICATION`. TransitEncryptionMode *string `pulumi:"transitEncryptionMode"` // System assigned, unique identifier for the cluster. Uid *string `pulumi:"uid"` // Immutable. Zone distribution config for Memorystore Redis cluster. + // Structure is documented below. ZoneDistributionConfig *ClusterZoneDistributionConfig `pulumi:"zoneDistributionConfig"` } type ClusterState struct { // Optional. The authorization mode of the Redis cluster. If not provided, auth feature is disabled for the cluster. - // Default value: "AUTH_MODE_DISABLED" Possible values: ["AUTH_MODE_UNSPECIFIED", "AUTH_MODE_IAM_AUTH", - // "AUTH_MODE_DISABLED"] + // Default value is `AUTH_MODE_DISABLED`. + // Possible values are: `AUTH_MODE_UNSPECIFIED`, `AUTH_MODE_IAM_AUTH`, `AUTH_MODE_DISABLED`. AuthorizationMode pulumi.StringPtrInput // The timestamp associated with the cluster creation request. A timestamp in // RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional // digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". CreateTime pulumi.StringPtrInput // Cross cluster replication config + // Structure is documented below. CrossClusterReplicationConfig ClusterCrossClusterReplicationConfigPtrInput - // Optional. Indicates if the cluster is deletion protected or not. If the value if set to true, any delete cluster - // operation will fail. Default value is true. + // Optional. Indicates if the cluster is deletion protected or not. + // If the value if set to true, any delete cluster operation will fail. + // Default value is true. DeletionProtectionEnabled pulumi.BoolPtrInput // Output only. Endpoints created on each given network, // for Redis clients to connect to the cluster. @@ -788,21 +815,28 @@ type ClusterState struct { // Structure is documented below. DiscoveryEndpoints ClusterDiscoveryEndpointArrayInput // Maintenance policy for a cluster + // Structure is documented below. MaintenancePolicy ClusterMaintenancePolicyPtrInput // Upcoming maintenance schedule. // Structure is documented below. MaintenanceSchedules ClusterMaintenanceScheduleArrayInput // Unique name of the resource in this scope including project and location using the form: // projects/{projectId}/locations/{locationId}/clusters/{clusterId} + // + // *** Name pulumi.StringPtrInput - // The nodeType for the Redis cluster. If not provided, REDIS_HIGHMEM_MEDIUM will be used as default Possible values: - // ["REDIS_SHARED_CORE_NANO", "REDIS_HIGHMEM_MEDIUM", "REDIS_HIGHMEM_XLARGE", "REDIS_STANDARD_SMALL"] + // The nodeType for the Redis cluster. + // If not provided, REDIS_HIGHMEM_MEDIUM will be used as default + // Possible values are: `REDIS_SHARED_CORE_NANO`, `REDIS_HIGHMEM_MEDIUM`, `REDIS_HIGHMEM_XLARGE`, `REDIS_STANDARD_SMALL`. NodeType pulumi.StringPtrInput // Persistence config (RDB, AOF) for the cluster. + // Structure is documented below. PersistenceConfig ClusterPersistenceConfigPtrInput // Output only. Redis memory precise size in GB for the entire cluster. PreciseSizeGb pulumi.Float64PtrInput - Project pulumi.StringPtrInput + // The ID of the project in which the resource belongs. + // If it is not provided, the provider project is used. + Project pulumi.StringPtrInput // Required. Each PscConfig configures the consumer network where two // network addresses will be designated to the cluster for client access. // Currently, only one PscConfig is supported. @@ -811,8 +845,11 @@ type ClusterState struct { // Output only. PSC connections for discovery of the cluster topology and accessing the cluster. // Structure is documented below. PscConnections ClusterPscConnectionArrayInput - // Configure Redis Cluster behavior using a subset of native Redis configuration parameters. Please check Memorystore - // documentation for the list of supported parameters: + // Service attachment details to configure Psc connections. + // Structure is documented below. + PscServiceAttachments ClusterPscServiceAttachmentArrayInput + // Configure Redis Cluster behavior using a subset of native Redis configuration parameters. + // Please check Memorystore documentation for the list of supported parameters: // https://cloud.google.com/memorystore/docs/cluster/supported-instance-configurations RedisConfigs pulumi.StringMapInput // The name of the region of the Redis cluster. @@ -828,13 +865,15 @@ type ClusterState struct { // Output only. Additional information about the current state of the cluster. // Structure is documented below. StateInfos ClusterStateInfoArrayInput - // Optional. The in-transit encryption for the Redis cluster. If not provided, encryption is disabled for the cluster. - // Default value: "TRANSIT_ENCRYPTION_MODE_DISABLED" Possible values: ["TRANSIT_ENCRYPTION_MODE_UNSPECIFIED", - // "TRANSIT_ENCRYPTION_MODE_DISABLED", "TRANSIT_ENCRYPTION_MODE_SERVER_AUTHENTICATION"] + // Optional. The in-transit encryption for the Redis cluster. + // If not provided, encryption is disabled for the cluster. + // Default value is `TRANSIT_ENCRYPTION_MODE_DISABLED`. + // Possible values are: `TRANSIT_ENCRYPTION_MODE_UNSPECIFIED`, `TRANSIT_ENCRYPTION_MODE_DISABLED`, `TRANSIT_ENCRYPTION_MODE_SERVER_AUTHENTICATION`. TransitEncryptionMode pulumi.StringPtrInput // System assigned, unique identifier for the cluster. Uid pulumi.StringPtrInput // Immutable. Zone distribution config for Memorystore Redis cluster. + // Structure is documented below. ZoneDistributionConfig ClusterZoneDistributionConfigPtrInput } @@ -844,32 +883,41 @@ func (ClusterState) ElementType() reflect.Type { type clusterArgs struct { // Optional. The authorization mode of the Redis cluster. If not provided, auth feature is disabled for the cluster. - // Default value: "AUTH_MODE_DISABLED" Possible values: ["AUTH_MODE_UNSPECIFIED", "AUTH_MODE_IAM_AUTH", - // "AUTH_MODE_DISABLED"] + // Default value is `AUTH_MODE_DISABLED`. + // Possible values are: `AUTH_MODE_UNSPECIFIED`, `AUTH_MODE_IAM_AUTH`, `AUTH_MODE_DISABLED`. AuthorizationMode *string `pulumi:"authorizationMode"` // Cross cluster replication config + // Structure is documented below. CrossClusterReplicationConfig *ClusterCrossClusterReplicationConfig `pulumi:"crossClusterReplicationConfig"` - // Optional. Indicates if the cluster is deletion protected or not. If the value if set to true, any delete cluster - // operation will fail. Default value is true. + // Optional. Indicates if the cluster is deletion protected or not. + // If the value if set to true, any delete cluster operation will fail. + // Default value is true. DeletionProtectionEnabled *bool `pulumi:"deletionProtectionEnabled"` // Maintenance policy for a cluster + // Structure is documented below. MaintenancePolicy *ClusterMaintenancePolicy `pulumi:"maintenancePolicy"` // Unique name of the resource in this scope including project and location using the form: // projects/{projectId}/locations/{locationId}/clusters/{clusterId} + // + // *** Name *string `pulumi:"name"` - // The nodeType for the Redis cluster. If not provided, REDIS_HIGHMEM_MEDIUM will be used as default Possible values: - // ["REDIS_SHARED_CORE_NANO", "REDIS_HIGHMEM_MEDIUM", "REDIS_HIGHMEM_XLARGE", "REDIS_STANDARD_SMALL"] + // The nodeType for the Redis cluster. + // If not provided, REDIS_HIGHMEM_MEDIUM will be used as default + // Possible values are: `REDIS_SHARED_CORE_NANO`, `REDIS_HIGHMEM_MEDIUM`, `REDIS_HIGHMEM_XLARGE`, `REDIS_STANDARD_SMALL`. NodeType *string `pulumi:"nodeType"` // Persistence config (RDB, AOF) for the cluster. + // Structure is documented below. PersistenceConfig *ClusterPersistenceConfig `pulumi:"persistenceConfig"` - Project *string `pulumi:"project"` + // The ID of the project in which the resource belongs. + // If it is not provided, the provider project is used. + Project *string `pulumi:"project"` // Required. Each PscConfig configures the consumer network where two // network addresses will be designated to the cluster for client access. // Currently, only one PscConfig is supported. // Structure is documented below. PscConfigs []ClusterPscConfig `pulumi:"pscConfigs"` - // Configure Redis Cluster behavior using a subset of native Redis configuration parameters. Please check Memorystore - // documentation for the list of supported parameters: + // Configure Redis Cluster behavior using a subset of native Redis configuration parameters. + // Please check Memorystore documentation for the list of supported parameters: // https://cloud.google.com/memorystore/docs/cluster/supported-instance-configurations RedisConfigs map[string]string `pulumi:"redisConfigs"` // The name of the region of the Redis cluster. @@ -878,43 +926,54 @@ type clusterArgs struct { ReplicaCount *int `pulumi:"replicaCount"` // Required. Number of shards for the Redis cluster. ShardCount int `pulumi:"shardCount"` - // Optional. The in-transit encryption for the Redis cluster. If not provided, encryption is disabled for the cluster. - // Default value: "TRANSIT_ENCRYPTION_MODE_DISABLED" Possible values: ["TRANSIT_ENCRYPTION_MODE_UNSPECIFIED", - // "TRANSIT_ENCRYPTION_MODE_DISABLED", "TRANSIT_ENCRYPTION_MODE_SERVER_AUTHENTICATION"] + // Optional. The in-transit encryption for the Redis cluster. + // If not provided, encryption is disabled for the cluster. + // Default value is `TRANSIT_ENCRYPTION_MODE_DISABLED`. + // Possible values are: `TRANSIT_ENCRYPTION_MODE_UNSPECIFIED`, `TRANSIT_ENCRYPTION_MODE_DISABLED`, `TRANSIT_ENCRYPTION_MODE_SERVER_AUTHENTICATION`. TransitEncryptionMode *string `pulumi:"transitEncryptionMode"` // Immutable. Zone distribution config for Memorystore Redis cluster. + // Structure is documented below. ZoneDistributionConfig *ClusterZoneDistributionConfig `pulumi:"zoneDistributionConfig"` } // The set of arguments for constructing a Cluster resource. type ClusterArgs struct { // Optional. The authorization mode of the Redis cluster. If not provided, auth feature is disabled for the cluster. - // Default value: "AUTH_MODE_DISABLED" Possible values: ["AUTH_MODE_UNSPECIFIED", "AUTH_MODE_IAM_AUTH", - // "AUTH_MODE_DISABLED"] + // Default value is `AUTH_MODE_DISABLED`. + // Possible values are: `AUTH_MODE_UNSPECIFIED`, `AUTH_MODE_IAM_AUTH`, `AUTH_MODE_DISABLED`. AuthorizationMode pulumi.StringPtrInput // Cross cluster replication config + // Structure is documented below. CrossClusterReplicationConfig ClusterCrossClusterReplicationConfigPtrInput - // Optional. Indicates if the cluster is deletion protected or not. If the value if set to true, any delete cluster - // operation will fail. Default value is true. + // Optional. Indicates if the cluster is deletion protected or not. + // If the value if set to true, any delete cluster operation will fail. + // Default value is true. DeletionProtectionEnabled pulumi.BoolPtrInput // Maintenance policy for a cluster + // Structure is documented below. MaintenancePolicy ClusterMaintenancePolicyPtrInput // Unique name of the resource in this scope including project and location using the form: // projects/{projectId}/locations/{locationId}/clusters/{clusterId} + // + // *** Name pulumi.StringPtrInput - // The nodeType for the Redis cluster. If not provided, REDIS_HIGHMEM_MEDIUM will be used as default Possible values: - // ["REDIS_SHARED_CORE_NANO", "REDIS_HIGHMEM_MEDIUM", "REDIS_HIGHMEM_XLARGE", "REDIS_STANDARD_SMALL"] + // The nodeType for the Redis cluster. + // If not provided, REDIS_HIGHMEM_MEDIUM will be used as default + // Possible values are: `REDIS_SHARED_CORE_NANO`, `REDIS_HIGHMEM_MEDIUM`, `REDIS_HIGHMEM_XLARGE`, `REDIS_STANDARD_SMALL`. NodeType pulumi.StringPtrInput // Persistence config (RDB, AOF) for the cluster. + // Structure is documented below. PersistenceConfig ClusterPersistenceConfigPtrInput - Project pulumi.StringPtrInput + // The ID of the project in which the resource belongs. + // If it is not provided, the provider project is used. + Project pulumi.StringPtrInput // Required. Each PscConfig configures the consumer network where two // network addresses will be designated to the cluster for client access. // Currently, only one PscConfig is supported. // Structure is documented below. PscConfigs ClusterPscConfigArrayInput - // Configure Redis Cluster behavior using a subset of native Redis configuration parameters. Please check Memorystore - // documentation for the list of supported parameters: + // Configure Redis Cluster behavior using a subset of native Redis configuration parameters. + // Please check Memorystore documentation for the list of supported parameters: // https://cloud.google.com/memorystore/docs/cluster/supported-instance-configurations RedisConfigs pulumi.StringMapInput // The name of the region of the Redis cluster. @@ -923,11 +982,13 @@ type ClusterArgs struct { ReplicaCount pulumi.IntPtrInput // Required. Number of shards for the Redis cluster. ShardCount pulumi.IntInput - // Optional. The in-transit encryption for the Redis cluster. If not provided, encryption is disabled for the cluster. - // Default value: "TRANSIT_ENCRYPTION_MODE_DISABLED" Possible values: ["TRANSIT_ENCRYPTION_MODE_UNSPECIFIED", - // "TRANSIT_ENCRYPTION_MODE_DISABLED", "TRANSIT_ENCRYPTION_MODE_SERVER_AUTHENTICATION"] + // Optional. The in-transit encryption for the Redis cluster. + // If not provided, encryption is disabled for the cluster. + // Default value is `TRANSIT_ENCRYPTION_MODE_DISABLED`. + // Possible values are: `TRANSIT_ENCRYPTION_MODE_UNSPECIFIED`, `TRANSIT_ENCRYPTION_MODE_DISABLED`, `TRANSIT_ENCRYPTION_MODE_SERVER_AUTHENTICATION`. TransitEncryptionMode pulumi.StringPtrInput // Immutable. Zone distribution config for Memorystore Redis cluster. + // Structure is documented below. ZoneDistributionConfig ClusterZoneDistributionConfigPtrInput } @@ -1019,8 +1080,8 @@ func (o ClusterOutput) ToClusterOutputWithContext(ctx context.Context) ClusterOu } // Optional. The authorization mode of the Redis cluster. If not provided, auth feature is disabled for the cluster. -// Default value: "AUTH_MODE_DISABLED" Possible values: ["AUTH_MODE_UNSPECIFIED", "AUTH_MODE_IAM_AUTH", -// "AUTH_MODE_DISABLED"] +// Default value is `AUTH_MODE_DISABLED`. +// Possible values are: `AUTH_MODE_UNSPECIFIED`, `AUTH_MODE_IAM_AUTH`, `AUTH_MODE_DISABLED`. func (o ClusterOutput) AuthorizationMode() pulumi.StringPtrOutput { return o.ApplyT(func(v *Cluster) pulumi.StringPtrOutput { return v.AuthorizationMode }).(pulumi.StringPtrOutput) } @@ -1033,12 +1094,14 @@ func (o ClusterOutput) CreateTime() pulumi.StringOutput { } // Cross cluster replication config +// Structure is documented below. func (o ClusterOutput) CrossClusterReplicationConfig() ClusterCrossClusterReplicationConfigOutput { return o.ApplyT(func(v *Cluster) ClusterCrossClusterReplicationConfigOutput { return v.CrossClusterReplicationConfig }).(ClusterCrossClusterReplicationConfigOutput) } -// Optional. Indicates if the cluster is deletion protected or not. If the value if set to true, any delete cluster -// operation will fail. Default value is true. +// Optional. Indicates if the cluster is deletion protected or not. +// If the value if set to true, any delete cluster operation will fail. +// Default value is true. func (o ClusterOutput) DeletionProtectionEnabled() pulumi.BoolPtrOutput { return o.ApplyT(func(v *Cluster) pulumi.BoolPtrOutput { return v.DeletionProtectionEnabled }).(pulumi.BoolPtrOutput) } @@ -1052,6 +1115,7 @@ func (o ClusterOutput) DiscoveryEndpoints() ClusterDiscoveryEndpointArrayOutput } // Maintenance policy for a cluster +// Structure is documented below. func (o ClusterOutput) MaintenancePolicy() ClusterMaintenancePolicyPtrOutput { return o.ApplyT(func(v *Cluster) ClusterMaintenancePolicyPtrOutput { return v.MaintenancePolicy }).(ClusterMaintenancePolicyPtrOutput) } @@ -1064,17 +1128,21 @@ func (o ClusterOutput) MaintenanceSchedules() ClusterMaintenanceScheduleArrayOut // Unique name of the resource in this scope including project and location using the form: // projects/{projectId}/locations/{locationId}/clusters/{clusterId} +// +// *** func (o ClusterOutput) Name() pulumi.StringOutput { return o.ApplyT(func(v *Cluster) pulumi.StringOutput { return v.Name }).(pulumi.StringOutput) } -// The nodeType for the Redis cluster. If not provided, REDIS_HIGHMEM_MEDIUM will be used as default Possible values: -// ["REDIS_SHARED_CORE_NANO", "REDIS_HIGHMEM_MEDIUM", "REDIS_HIGHMEM_XLARGE", "REDIS_STANDARD_SMALL"] +// The nodeType for the Redis cluster. +// If not provided, REDIS_HIGHMEM_MEDIUM will be used as default +// Possible values are: `REDIS_SHARED_CORE_NANO`, `REDIS_HIGHMEM_MEDIUM`, `REDIS_HIGHMEM_XLARGE`, `REDIS_STANDARD_SMALL`. func (o ClusterOutput) NodeType() pulumi.StringOutput { return o.ApplyT(func(v *Cluster) pulumi.StringOutput { return v.NodeType }).(pulumi.StringOutput) } // Persistence config (RDB, AOF) for the cluster. +// Structure is documented below. func (o ClusterOutput) PersistenceConfig() ClusterPersistenceConfigOutput { return o.ApplyT(func(v *Cluster) ClusterPersistenceConfigOutput { return v.PersistenceConfig }).(ClusterPersistenceConfigOutput) } @@ -1084,6 +1152,8 @@ func (o ClusterOutput) PreciseSizeGb() pulumi.Float64Output { return o.ApplyT(func(v *Cluster) pulumi.Float64Output { return v.PreciseSizeGb }).(pulumi.Float64Output) } +// The ID of the project in which the resource belongs. +// If it is not provided, the provider project is used. func (o ClusterOutput) Project() pulumi.StringOutput { return o.ApplyT(func(v *Cluster) pulumi.StringOutput { return v.Project }).(pulumi.StringOutput) } @@ -1102,8 +1172,14 @@ func (o ClusterOutput) PscConnections() ClusterPscConnectionArrayOutput { return o.ApplyT(func(v *Cluster) ClusterPscConnectionArrayOutput { return v.PscConnections }).(ClusterPscConnectionArrayOutput) } -// Configure Redis Cluster behavior using a subset of native Redis configuration parameters. Please check Memorystore -// documentation for the list of supported parameters: +// Service attachment details to configure Psc connections. +// Structure is documented below. +func (o ClusterOutput) PscServiceAttachments() ClusterPscServiceAttachmentArrayOutput { + return o.ApplyT(func(v *Cluster) ClusterPscServiceAttachmentArrayOutput { return v.PscServiceAttachments }).(ClusterPscServiceAttachmentArrayOutput) +} + +// Configure Redis Cluster behavior using a subset of native Redis configuration parameters. +// Please check Memorystore documentation for the list of supported parameters: // https://cloud.google.com/memorystore/docs/cluster/supported-instance-configurations func (o ClusterOutput) RedisConfigs() pulumi.StringMapOutput { return o.ApplyT(func(v *Cluster) pulumi.StringMapOutput { return v.RedisConfigs }).(pulumi.StringMapOutput) @@ -1140,9 +1216,10 @@ func (o ClusterOutput) StateInfos() ClusterStateInfoArrayOutput { return o.ApplyT(func(v *Cluster) ClusterStateInfoArrayOutput { return v.StateInfos }).(ClusterStateInfoArrayOutput) } -// Optional. The in-transit encryption for the Redis cluster. If not provided, encryption is disabled for the cluster. -// Default value: "TRANSIT_ENCRYPTION_MODE_DISABLED" Possible values: ["TRANSIT_ENCRYPTION_MODE_UNSPECIFIED", -// "TRANSIT_ENCRYPTION_MODE_DISABLED", "TRANSIT_ENCRYPTION_MODE_SERVER_AUTHENTICATION"] +// Optional. The in-transit encryption for the Redis cluster. +// If not provided, encryption is disabled for the cluster. +// Default value is `TRANSIT_ENCRYPTION_MODE_DISABLED`. +// Possible values are: `TRANSIT_ENCRYPTION_MODE_UNSPECIFIED`, `TRANSIT_ENCRYPTION_MODE_DISABLED`, `TRANSIT_ENCRYPTION_MODE_SERVER_AUTHENTICATION`. func (o ClusterOutput) TransitEncryptionMode() pulumi.StringPtrOutput { return o.ApplyT(func(v *Cluster) pulumi.StringPtrOutput { return v.TransitEncryptionMode }).(pulumi.StringPtrOutput) } @@ -1153,8 +1230,9 @@ func (o ClusterOutput) Uid() pulumi.StringOutput { } // Immutable. Zone distribution config for Memorystore Redis cluster. -func (o ClusterOutput) ZoneDistributionConfig() ClusterZoneDistributionConfigPtrOutput { - return o.ApplyT(func(v *Cluster) ClusterZoneDistributionConfigPtrOutput { return v.ZoneDistributionConfig }).(ClusterZoneDistributionConfigPtrOutput) +// Structure is documented below. +func (o ClusterOutput) ZoneDistributionConfig() ClusterZoneDistributionConfigOutput { + return o.ApplyT(func(v *Cluster) ClusterZoneDistributionConfigOutput { return v.ZoneDistributionConfig }).(ClusterZoneDistributionConfigOutput) } type ClusterArrayOutput struct{ *pulumi.OutputState } diff --git a/sdk/go/gcp/redis/clusterUserCreatedConnections.go b/sdk/go/gcp/redis/clusterUserCreatedConnections.go new file mode 100644 index 0000000000..5013d6845c --- /dev/null +++ b/sdk/go/gcp/redis/clusterUserCreatedConnections.go @@ -0,0 +1,710 @@ +// Code generated by the Pulumi Terraform Bridge (tfgen) Tool DO NOT EDIT. +// *** WARNING: Do not edit by hand unless you're certain you know what you are doing! *** + +package redis + +import ( + "context" + "reflect" + + "errors" + "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/internal" + "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +) + +// ## Example Usage +// +// ### Redis Cluster User Created Connections +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute" +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations" +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/redis" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// network1, err := compute.NewNetwork(ctx, "network1", &compute.NetworkArgs{ +// Name: pulumi.String("net1"), +// AutoCreateSubnetworks: pulumi.Bool(false), +// }) +// if err != nil { +// return err +// } +// subnetNetwork1, err := compute.NewSubnetwork(ctx, "subnet_network1", &compute.SubnetworkArgs{ +// Name: pulumi.String("subnet-net1"), +// IpCidrRange: pulumi.String("10.0.0.248/29"), +// Region: pulumi.String("us-central1"), +// Network: network1.ID(), +// }) +// if err != nil { +// return err +// } +// ip1Network1, err := compute.NewAddress(ctx, "ip1_network1", &compute.AddressArgs{ +// Name: pulumi.String("ip1-net1"), +// Region: pulumi.String("us-central1"), +// Subnetwork: subnetNetwork1.ID(), +// AddressType: pulumi.String("INTERNAL"), +// Purpose: pulumi.String("GCE_ENDPOINT"), +// }) +// if err != nil { +// return err +// } +// // redis cluster without endpoint +// _, err = redis.NewCluster(ctx, "cluster-user-conn", &redis.ClusterArgs{ +// Name: pulumi.String("cluster-user-conn"), +// ShardCount: pulumi.Int(3), +// Region: pulumi.String("us-central1"), +// ReplicaCount: pulumi.Int(0), +// DeletionProtectionEnabled: pulumi.Bool(false), +// }) +// if err != nil { +// return err +// } +// forwardingRule1Network1, err := compute.NewForwardingRule(ctx, "forwarding_rule1_network1", &compute.ForwardingRuleArgs{ +// Name: pulumi.String("fwd1-net1"), +// Region: pulumi.String("us-central1"), +// IpAddress: ip1Network1.ID(), +// LoadBalancingScheme: pulumi.String(""), +// Network: network1.ID(), +// Target: pulumi.String(cluster_user_connCluster.PscServiceAttachments.ApplyT(func(pscServiceAttachments []redis.ClusterPscServiceAttachment) (*string, error) { +// return &pscServiceAttachments[0].ServiceAttachment, nil +// }).(pulumi.StringPtrOutput)), +// }) +// if err != nil { +// return err +// } +// ip2Network1, err := compute.NewAddress(ctx, "ip2_network1", &compute.AddressArgs{ +// Name: pulumi.String("ip2-net1"), +// Region: pulumi.String("us-central1"), +// Subnetwork: subnetNetwork1.ID(), +// AddressType: pulumi.String("INTERNAL"), +// Purpose: pulumi.String("GCE_ENDPOINT"), +// }) +// if err != nil { +// return err +// } +// forwardingRule2Network1, err := compute.NewForwardingRule(ctx, "forwarding_rule2_network1", &compute.ForwardingRuleArgs{ +// Name: pulumi.String("fwd2-net1"), +// Region: pulumi.String("us-central1"), +// IpAddress: ip2Network1.ID(), +// LoadBalancingScheme: pulumi.String(""), +// Network: network1.ID(), +// Target: pulumi.String(cluster_user_connCluster.PscServiceAttachments.ApplyT(func(pscServiceAttachments []redis.ClusterPscServiceAttachment) (*string, error) { +// return &pscServiceAttachments[1].ServiceAttachment, nil +// }).(pulumi.StringPtrOutput)), +// }) +// if err != nil { +// return err +// } +// network2, err := compute.NewNetwork(ctx, "network2", &compute.NetworkArgs{ +// Name: pulumi.String("network2"), +// AutoCreateSubnetworks: pulumi.Bool(false), +// }) +// if err != nil { +// return err +// } +// subnetNetwork2, err := compute.NewSubnetwork(ctx, "subnet_network2", &compute.SubnetworkArgs{ +// Name: pulumi.String("subnet-net2"), +// IpCidrRange: pulumi.String("10.0.0.248/29"), +// Region: pulumi.String("us-central1"), +// Network: network2.ID(), +// }) +// if err != nil { +// return err +// } +// ip1Network2, err := compute.NewAddress(ctx, "ip1_network2", &compute.AddressArgs{ +// Name: pulumi.String("ip1-net2"), +// Region: pulumi.String("us-central1"), +// Subnetwork: subnetNetwork2.ID(), +// AddressType: pulumi.String("INTERNAL"), +// Purpose: pulumi.String("GCE_ENDPOINT"), +// }) +// if err != nil { +// return err +// } +// forwardingRule1Network2, err := compute.NewForwardingRule(ctx, "forwarding_rule1_network2", &compute.ForwardingRuleArgs{ +// Name: pulumi.String("fwd1-net2"), +// Region: pulumi.String("us-central1"), +// IpAddress: ip1Network2.ID(), +// LoadBalancingScheme: pulumi.String(""), +// Network: network2.ID(), +// Target: pulumi.String(cluster_user_connCluster.PscServiceAttachments.ApplyT(func(pscServiceAttachments []redis.ClusterPscServiceAttachment) (*string, error) { +// return &pscServiceAttachments[0].ServiceAttachment, nil +// }).(pulumi.StringPtrOutput)), +// }) +// if err != nil { +// return err +// } +// ip2Network2, err := compute.NewAddress(ctx, "ip2_network2", &compute.AddressArgs{ +// Name: pulumi.String("ip2-net2"), +// Region: pulumi.String("us-central1"), +// Subnetwork: subnetNetwork2.ID(), +// AddressType: pulumi.String("INTERNAL"), +// Purpose: pulumi.String("GCE_ENDPOINT"), +// }) +// if err != nil { +// return err +// } +// forwardingRule2Network2, err := compute.NewForwardingRule(ctx, "forwarding_rule2_network2", &compute.ForwardingRuleArgs{ +// Name: pulumi.String("fwd2-net2"), +// Region: pulumi.String("us-central1"), +// IpAddress: ip2Network2.ID(), +// LoadBalancingScheme: pulumi.String(""), +// Network: network2.ID(), +// Target: pulumi.String(cluster_user_connCluster.PscServiceAttachments.ApplyT(func(pscServiceAttachments []redis.ClusterPscServiceAttachment) (*string, error) { +// return &pscServiceAttachments[1].ServiceAttachment, nil +// }).(pulumi.StringPtrOutput)), +// }) +// if err != nil { +// return err +// } +// project, err := organizations.LookupProject(ctx, &organizations.LookupProjectArgs{}, nil) +// if err != nil { +// return err +// } +// _, err = redis.NewClusterUserCreatedConnections(ctx, "cluster-user-conn", &redis.ClusterUserCreatedConnectionsArgs{ +// Name: pulumi.String("cluster-user-conn"), +// Region: pulumi.String("us-central1"), +// ClusterEndpoints: redis.ClusterUserCreatedConnectionsClusterEndpointArray{ +// &redis.ClusterUserCreatedConnectionsClusterEndpointArgs{ +// Connections: redis.ClusterUserCreatedConnectionsClusterEndpointConnectionArray{ +// &redis.ClusterUserCreatedConnectionsClusterEndpointConnectionArgs{ +// PscConnection: &redis.ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionArgs{ +// PscConnectionId: forwardingRule1Network1.PscConnectionId, +// Address: ip1Network1.Address, +// ForwardingRule: forwardingRule1Network1.ID(), +// Network: network1.ID(), +// ProjectId: pulumi.String(project.ProjectId), +// ServiceAttachment: cluster_user_connCluster.PscServiceAttachments.ApplyT(func(pscServiceAttachments []redis.ClusterPscServiceAttachment) (*string, error) { +// return &pscServiceAttachments[0].ServiceAttachment, nil +// }).(pulumi.StringPtrOutput), +// }, +// }, +// &redis.ClusterUserCreatedConnectionsClusterEndpointConnectionArgs{ +// PscConnection: &redis.ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionArgs{ +// PscConnectionId: forwardingRule2Network1.PscConnectionId, +// Address: ip2Network1.Address, +// ForwardingRule: forwardingRule2Network1.ID(), +// Network: network1.ID(), +// ServiceAttachment: cluster_user_connCluster.PscServiceAttachments.ApplyT(func(pscServiceAttachments []redis.ClusterPscServiceAttachment) (*string, error) { +// return &pscServiceAttachments[1].ServiceAttachment, nil +// }).(pulumi.StringPtrOutput), +// }, +// }, +// }, +// }, +// &redis.ClusterUserCreatedConnectionsClusterEndpointArgs{ +// Connections: redis.ClusterUserCreatedConnectionsClusterEndpointConnectionArray{ +// &redis.ClusterUserCreatedConnectionsClusterEndpointConnectionArgs{ +// PscConnection: &redis.ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionArgs{ +// PscConnectionId: forwardingRule1Network2.PscConnectionId, +// Address: ip1Network2.Address, +// ForwardingRule: forwardingRule1Network2.ID(), +// Network: network2.ID(), +// ServiceAttachment: cluster_user_connCluster.PscServiceAttachments.ApplyT(func(pscServiceAttachments []redis.ClusterPscServiceAttachment) (*string, error) { +// return &pscServiceAttachments[0].ServiceAttachment, nil +// }).(pulumi.StringPtrOutput), +// }, +// }, +// &redis.ClusterUserCreatedConnectionsClusterEndpointConnectionArgs{ +// PscConnection: &redis.ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionArgs{ +// PscConnectionId: forwardingRule2Network2.PscConnectionId, +// Address: ip2Network2.Address, +// ForwardingRule: forwardingRule2Network2.ID(), +// Network: network2.ID(), +// ServiceAttachment: cluster_user_connCluster.PscServiceAttachments.ApplyT(func(pscServiceAttachments []redis.ClusterPscServiceAttachment) (*string, error) { +// return &pscServiceAttachments[1].ServiceAttachment, nil +// }).(pulumi.StringPtrOutput), +// }, +// }, +// }, +// }, +// }, +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// ### Redis Cluster User And Auto Created Connections +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute" +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networkconnectivity" +// "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/redis" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// network2, err := compute.NewNetwork(ctx, "network2", &compute.NetworkArgs{ +// Name: pulumi.String("network2"), +// AutoCreateSubnetworks: pulumi.Bool(false), +// }) +// if err != nil { +// return err +// } +// subnetNetwork2, err := compute.NewSubnetwork(ctx, "subnet_network2", &compute.SubnetworkArgs{ +// Name: pulumi.String("subnet-net2"), +// IpCidrRange: pulumi.String("10.0.0.248/29"), +// Region: pulumi.String("us-central1"), +// Network: network2.ID(), +// }) +// if err != nil { +// return err +// } +// ip1Network2, err := compute.NewAddress(ctx, "ip1_network2", &compute.AddressArgs{ +// Name: pulumi.String("ip1-net2"), +// Region: pulumi.String("us-central1"), +// Subnetwork: subnetNetwork2.ID(), +// AddressType: pulumi.String("INTERNAL"), +// Purpose: pulumi.String("GCE_ENDPOINT"), +// }) +// if err != nil { +// return err +// } +// network1, err := compute.NewNetwork(ctx, "network1", &compute.NetworkArgs{ +// Name: pulumi.String("net1"), +// AutoCreateSubnetworks: pulumi.Bool(false), +// }) +// if err != nil { +// return err +// } +// subnetNetwork1, err := compute.NewSubnetwork(ctx, "subnet_network1", &compute.SubnetworkArgs{ +// Name: pulumi.String("subnet-net1"), +// IpCidrRange: pulumi.String("10.0.0.248/29"), +// Region: pulumi.String("us-central1"), +// Network: network1.ID(), +// }) +// if err != nil { +// return err +// } +// _, err = networkconnectivity.NewServiceConnectionPolicy(ctx, "default", &networkconnectivity.ServiceConnectionPolicyArgs{ +// Name: pulumi.String("scpolicy"), +// Location: pulumi.String("us-central1"), +// ServiceClass: pulumi.String("gcp-memorystore-redis"), +// Description: pulumi.String("my basic service connection policy"), +// Network: network1.ID(), +// PscConfig: &networkconnectivity.ServiceConnectionPolicyPscConfigArgs{ +// Subnetworks: pulumi.StringArray{ +// subnetNetwork1.ID(), +// }, +// }, +// }) +// if err != nil { +// return err +// } +// // redis cluster without endpoint +// _, err = redis.NewCluster(ctx, "cluster-user-auto-conn", &redis.ClusterArgs{ +// Name: pulumi.String("cluster-user-auto-conn"), +// ShardCount: pulumi.Int(3), +// Region: pulumi.String("us-central1"), +// ReplicaCount: pulumi.Int(0), +// DeletionProtectionEnabled: pulumi.Bool(false), +// PscConfigs: redis.ClusterPscConfigArray{ +// &redis.ClusterPscConfigArgs{ +// Network: network1.ID(), +// }, +// }, +// }, pulumi.DependsOn([]pulumi.Resource{ +// _default, +// })) +// if err != nil { +// return err +// } +// forwardingRule1Network2, err := compute.NewForwardingRule(ctx, "forwarding_rule1_network2", &compute.ForwardingRuleArgs{ +// Name: pulumi.String("fwd1-net2"), +// Region: pulumi.String("us-central1"), +// IpAddress: ip1Network2.ID(), +// LoadBalancingScheme: pulumi.String(""), +// Network: network2.ID(), +// Target: pulumi.String(cluster_user_auto_connCluster.PscServiceAttachments.ApplyT(func(pscServiceAttachments []redis.ClusterPscServiceAttachment) (*string, error) { +// return &pscServiceAttachments[0].ServiceAttachment, nil +// }).(pulumi.StringPtrOutput)), +// }) +// if err != nil { +// return err +// } +// ip2Network2, err := compute.NewAddress(ctx, "ip2_network2", &compute.AddressArgs{ +// Name: pulumi.String("ip2-net2"), +// Region: pulumi.String("us-central1"), +// Subnetwork: subnetNetwork2.ID(), +// AddressType: pulumi.String("INTERNAL"), +// Purpose: pulumi.String("GCE_ENDPOINT"), +// }) +// if err != nil { +// return err +// } +// forwardingRule2Network2, err := compute.NewForwardingRule(ctx, "forwarding_rule2_network2", &compute.ForwardingRuleArgs{ +// Name: pulumi.String("fwd2-net2"), +// Region: pulumi.String("us-central1"), +// IpAddress: ip2Network2.ID(), +// LoadBalancingScheme: pulumi.String(""), +// Network: network2.ID(), +// Target: pulumi.String(cluster_user_auto_connCluster.PscServiceAttachments.ApplyT(func(pscServiceAttachments []redis.ClusterPscServiceAttachment) (*string, error) { +// return &pscServiceAttachments[1].ServiceAttachment, nil +// }).(pulumi.StringPtrOutput)), +// }) +// if err != nil { +// return err +// } +// _, err = redis.NewClusterUserCreatedConnections(ctx, "cluster-user-auto-conn", &redis.ClusterUserCreatedConnectionsArgs{ +// Name: pulumi.String("cluster-user-auto-conn"), +// Region: pulumi.String("us-central1"), +// ClusterEndpoints: redis.ClusterUserCreatedConnectionsClusterEndpointArray{ +// &redis.ClusterUserCreatedConnectionsClusterEndpointArgs{ +// Connections: redis.ClusterUserCreatedConnectionsClusterEndpointConnectionArray{ +// &redis.ClusterUserCreatedConnectionsClusterEndpointConnectionArgs{ +// PscConnection: &redis.ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionArgs{ +// PscConnectionId: forwardingRule1Network2.PscConnectionId, +// Address: ip1Network2.Address, +// ForwardingRule: forwardingRule1Network2.ID(), +// Network: network2.ID(), +// ServiceAttachment: cluster_user_auto_connCluster.PscServiceAttachments.ApplyT(func(pscServiceAttachments []redis.ClusterPscServiceAttachment) (*string, error) { +// return &pscServiceAttachments[0].ServiceAttachment, nil +// }).(pulumi.StringPtrOutput), +// }, +// }, +// &redis.ClusterUserCreatedConnectionsClusterEndpointConnectionArgs{ +// PscConnection: &redis.ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionArgs{ +// PscConnectionId: forwardingRule2Network2.PscConnectionId, +// Address: ip2Network2.Address, +// ForwardingRule: forwardingRule2Network2.ID(), +// Network: network2.ID(), +// ServiceAttachment: cluster_user_auto_connCluster.PscServiceAttachments.ApplyT(func(pscServiceAttachments []redis.ClusterPscServiceAttachment) (*string, error) { +// return &pscServiceAttachments[1].ServiceAttachment, nil +// }).(pulumi.StringPtrOutput), +// }, +// }, +// }, +// }, +// }, +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## Import +// +// ClusterUserCreatedConnections can be imported using any of these accepted formats: +// +// * `projects/{{project}}/locations/{{region}}/clusters/{{name}}` +// +// * `{{project}}/{{region}}/{{name}}` +// +// * `{{region}}/{{name}}` +// +// * `{{name}}` +// +// When using the `pulumi import` command, ClusterUserCreatedConnections can be imported using one of the formats above. For example: +// +// ```sh +// $ pulumi import gcp:redis/clusterUserCreatedConnections:ClusterUserCreatedConnections default projects/{{project}}/locations/{{region}}/clusters/{{name}} +// ``` +// +// ```sh +// $ pulumi import gcp:redis/clusterUserCreatedConnections:ClusterUserCreatedConnections default {{project}}/{{region}}/{{name}} +// ``` +// +// ```sh +// $ pulumi import gcp:redis/clusterUserCreatedConnections:ClusterUserCreatedConnections default {{region}}/{{name}} +// ``` +// +// ```sh +// $ pulumi import gcp:redis/clusterUserCreatedConnections:ClusterUserCreatedConnections default {{name}} +// ``` +type ClusterUserCreatedConnections struct { + pulumi.CustomResourceState + + // A list of cluster endpoints + // Structure is documented below. + ClusterEndpoints ClusterUserCreatedConnectionsClusterEndpointArrayOutput `pulumi:"clusterEndpoints"` + // The name of the Redis cluster these endpoints should be added to. + Name pulumi.StringOutput `pulumi:"name"` + // The ID of the project in which the resource belongs. + // If it is not provided, the provider project is used. + Project pulumi.StringOutput `pulumi:"project"` + // The name of the region of the Redis cluster these endpoints should be added to. + // + // *** + Region pulumi.StringOutput `pulumi:"region"` +} + +// NewClusterUserCreatedConnections registers a new resource with the given unique name, arguments, and options. +func NewClusterUserCreatedConnections(ctx *pulumi.Context, + name string, args *ClusterUserCreatedConnectionsArgs, opts ...pulumi.ResourceOption) (*ClusterUserCreatedConnections, error) { + if args == nil { + return nil, errors.New("missing one or more required arguments") + } + + if args.Region == nil { + return nil, errors.New("invalid value for required argument 'Region'") + } + opts = internal.PkgResourceDefaultOpts(opts) + var resource ClusterUserCreatedConnections + err := ctx.RegisterResource("gcp:redis/clusterUserCreatedConnections:ClusterUserCreatedConnections", name, args, &resource, opts...) + if err != nil { + return nil, err + } + return &resource, nil +} + +// GetClusterUserCreatedConnections gets an existing ClusterUserCreatedConnections resource's state with the given name, ID, and optional +// state properties that are used to uniquely qualify the lookup (nil if not required). +func GetClusterUserCreatedConnections(ctx *pulumi.Context, + name string, id pulumi.IDInput, state *ClusterUserCreatedConnectionsState, opts ...pulumi.ResourceOption) (*ClusterUserCreatedConnections, error) { + var resource ClusterUserCreatedConnections + err := ctx.ReadResource("gcp:redis/clusterUserCreatedConnections:ClusterUserCreatedConnections", name, id, state, &resource, opts...) + if err != nil { + return nil, err + } + return &resource, nil +} + +// Input properties used for looking up and filtering ClusterUserCreatedConnections resources. +type clusterUserCreatedConnectionsState struct { + // A list of cluster endpoints + // Structure is documented below. + ClusterEndpoints []ClusterUserCreatedConnectionsClusterEndpoint `pulumi:"clusterEndpoints"` + // The name of the Redis cluster these endpoints should be added to. + Name *string `pulumi:"name"` + // The ID of the project in which the resource belongs. + // If it is not provided, the provider project is used. + Project *string `pulumi:"project"` + // The name of the region of the Redis cluster these endpoints should be added to. + // + // *** + Region *string `pulumi:"region"` +} + +type ClusterUserCreatedConnectionsState struct { + // A list of cluster endpoints + // Structure is documented below. + ClusterEndpoints ClusterUserCreatedConnectionsClusterEndpointArrayInput + // The name of the Redis cluster these endpoints should be added to. + Name pulumi.StringPtrInput + // The ID of the project in which the resource belongs. + // If it is not provided, the provider project is used. + Project pulumi.StringPtrInput + // The name of the region of the Redis cluster these endpoints should be added to. + // + // *** + Region pulumi.StringPtrInput +} + +func (ClusterUserCreatedConnectionsState) ElementType() reflect.Type { + return reflect.TypeOf((*clusterUserCreatedConnectionsState)(nil)).Elem() +} + +type clusterUserCreatedConnectionsArgs struct { + // A list of cluster endpoints + // Structure is documented below. + ClusterEndpoints []ClusterUserCreatedConnectionsClusterEndpoint `pulumi:"clusterEndpoints"` + // The name of the Redis cluster these endpoints should be added to. + Name *string `pulumi:"name"` + // The ID of the project in which the resource belongs. + // If it is not provided, the provider project is used. + Project *string `pulumi:"project"` + // The name of the region of the Redis cluster these endpoints should be added to. + // + // *** + Region string `pulumi:"region"` +} + +// The set of arguments for constructing a ClusterUserCreatedConnections resource. +type ClusterUserCreatedConnectionsArgs struct { + // A list of cluster endpoints + // Structure is documented below. + ClusterEndpoints ClusterUserCreatedConnectionsClusterEndpointArrayInput + // The name of the Redis cluster these endpoints should be added to. + Name pulumi.StringPtrInput + // The ID of the project in which the resource belongs. + // If it is not provided, the provider project is used. + Project pulumi.StringPtrInput + // The name of the region of the Redis cluster these endpoints should be added to. + // + // *** + Region pulumi.StringInput +} + +func (ClusterUserCreatedConnectionsArgs) ElementType() reflect.Type { + return reflect.TypeOf((*clusterUserCreatedConnectionsArgs)(nil)).Elem() +} + +type ClusterUserCreatedConnectionsInput interface { + pulumi.Input + + ToClusterUserCreatedConnectionsOutput() ClusterUserCreatedConnectionsOutput + ToClusterUserCreatedConnectionsOutputWithContext(ctx context.Context) ClusterUserCreatedConnectionsOutput +} + +func (*ClusterUserCreatedConnections) ElementType() reflect.Type { + return reflect.TypeOf((**ClusterUserCreatedConnections)(nil)).Elem() +} + +func (i *ClusterUserCreatedConnections) ToClusterUserCreatedConnectionsOutput() ClusterUserCreatedConnectionsOutput { + return i.ToClusterUserCreatedConnectionsOutputWithContext(context.Background()) +} + +func (i *ClusterUserCreatedConnections) ToClusterUserCreatedConnectionsOutputWithContext(ctx context.Context) ClusterUserCreatedConnectionsOutput { + return pulumi.ToOutputWithContext(ctx, i).(ClusterUserCreatedConnectionsOutput) +} + +// ClusterUserCreatedConnectionsArrayInput is an input type that accepts ClusterUserCreatedConnectionsArray and ClusterUserCreatedConnectionsArrayOutput values. +// You can construct a concrete instance of `ClusterUserCreatedConnectionsArrayInput` via: +// +// ClusterUserCreatedConnectionsArray{ ClusterUserCreatedConnectionsArgs{...} } +type ClusterUserCreatedConnectionsArrayInput interface { + pulumi.Input + + ToClusterUserCreatedConnectionsArrayOutput() ClusterUserCreatedConnectionsArrayOutput + ToClusterUserCreatedConnectionsArrayOutputWithContext(context.Context) ClusterUserCreatedConnectionsArrayOutput +} + +type ClusterUserCreatedConnectionsArray []ClusterUserCreatedConnectionsInput + +func (ClusterUserCreatedConnectionsArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]*ClusterUserCreatedConnections)(nil)).Elem() +} + +func (i ClusterUserCreatedConnectionsArray) ToClusterUserCreatedConnectionsArrayOutput() ClusterUserCreatedConnectionsArrayOutput { + return i.ToClusterUserCreatedConnectionsArrayOutputWithContext(context.Background()) +} + +func (i ClusterUserCreatedConnectionsArray) ToClusterUserCreatedConnectionsArrayOutputWithContext(ctx context.Context) ClusterUserCreatedConnectionsArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(ClusterUserCreatedConnectionsArrayOutput) +} + +// ClusterUserCreatedConnectionsMapInput is an input type that accepts ClusterUserCreatedConnectionsMap and ClusterUserCreatedConnectionsMapOutput values. +// You can construct a concrete instance of `ClusterUserCreatedConnectionsMapInput` via: +// +// ClusterUserCreatedConnectionsMap{ "key": ClusterUserCreatedConnectionsArgs{...} } +type ClusterUserCreatedConnectionsMapInput interface { + pulumi.Input + + ToClusterUserCreatedConnectionsMapOutput() ClusterUserCreatedConnectionsMapOutput + ToClusterUserCreatedConnectionsMapOutputWithContext(context.Context) ClusterUserCreatedConnectionsMapOutput +} + +type ClusterUserCreatedConnectionsMap map[string]ClusterUserCreatedConnectionsInput + +func (ClusterUserCreatedConnectionsMap) ElementType() reflect.Type { + return reflect.TypeOf((*map[string]*ClusterUserCreatedConnections)(nil)).Elem() +} + +func (i ClusterUserCreatedConnectionsMap) ToClusterUserCreatedConnectionsMapOutput() ClusterUserCreatedConnectionsMapOutput { + return i.ToClusterUserCreatedConnectionsMapOutputWithContext(context.Background()) +} + +func (i ClusterUserCreatedConnectionsMap) ToClusterUserCreatedConnectionsMapOutputWithContext(ctx context.Context) ClusterUserCreatedConnectionsMapOutput { + return pulumi.ToOutputWithContext(ctx, i).(ClusterUserCreatedConnectionsMapOutput) +} + +type ClusterUserCreatedConnectionsOutput struct{ *pulumi.OutputState } + +func (ClusterUserCreatedConnectionsOutput) ElementType() reflect.Type { + return reflect.TypeOf((**ClusterUserCreatedConnections)(nil)).Elem() +} + +func (o ClusterUserCreatedConnectionsOutput) ToClusterUserCreatedConnectionsOutput() ClusterUserCreatedConnectionsOutput { + return o +} + +func (o ClusterUserCreatedConnectionsOutput) ToClusterUserCreatedConnectionsOutputWithContext(ctx context.Context) ClusterUserCreatedConnectionsOutput { + return o +} + +// A list of cluster endpoints +// Structure is documented below. +func (o ClusterUserCreatedConnectionsOutput) ClusterEndpoints() ClusterUserCreatedConnectionsClusterEndpointArrayOutput { + return o.ApplyT(func(v *ClusterUserCreatedConnections) ClusterUserCreatedConnectionsClusterEndpointArrayOutput { + return v.ClusterEndpoints + }).(ClusterUserCreatedConnectionsClusterEndpointArrayOutput) +} + +// The name of the Redis cluster these endpoints should be added to. +func (o ClusterUserCreatedConnectionsOutput) Name() pulumi.StringOutput { + return o.ApplyT(func(v *ClusterUserCreatedConnections) pulumi.StringOutput { return v.Name }).(pulumi.StringOutput) +} + +// The ID of the project in which the resource belongs. +// If it is not provided, the provider project is used. +func (o ClusterUserCreatedConnectionsOutput) Project() pulumi.StringOutput { + return o.ApplyT(func(v *ClusterUserCreatedConnections) pulumi.StringOutput { return v.Project }).(pulumi.StringOutput) +} + +// The name of the region of the Redis cluster these endpoints should be added to. +// +// *** +func (o ClusterUserCreatedConnectionsOutput) Region() pulumi.StringOutput { + return o.ApplyT(func(v *ClusterUserCreatedConnections) pulumi.StringOutput { return v.Region }).(pulumi.StringOutput) +} + +type ClusterUserCreatedConnectionsArrayOutput struct{ *pulumi.OutputState } + +func (ClusterUserCreatedConnectionsArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]*ClusterUserCreatedConnections)(nil)).Elem() +} + +func (o ClusterUserCreatedConnectionsArrayOutput) ToClusterUserCreatedConnectionsArrayOutput() ClusterUserCreatedConnectionsArrayOutput { + return o +} + +func (o ClusterUserCreatedConnectionsArrayOutput) ToClusterUserCreatedConnectionsArrayOutputWithContext(ctx context.Context) ClusterUserCreatedConnectionsArrayOutput { + return o +} + +func (o ClusterUserCreatedConnectionsArrayOutput) Index(i pulumi.IntInput) ClusterUserCreatedConnectionsOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) *ClusterUserCreatedConnections { + return vs[0].([]*ClusterUserCreatedConnections)[vs[1].(int)] + }).(ClusterUserCreatedConnectionsOutput) +} + +type ClusterUserCreatedConnectionsMapOutput struct{ *pulumi.OutputState } + +func (ClusterUserCreatedConnectionsMapOutput) ElementType() reflect.Type { + return reflect.TypeOf((*map[string]*ClusterUserCreatedConnections)(nil)).Elem() +} + +func (o ClusterUserCreatedConnectionsMapOutput) ToClusterUserCreatedConnectionsMapOutput() ClusterUserCreatedConnectionsMapOutput { + return o +} + +func (o ClusterUserCreatedConnectionsMapOutput) ToClusterUserCreatedConnectionsMapOutputWithContext(ctx context.Context) ClusterUserCreatedConnectionsMapOutput { + return o +} + +func (o ClusterUserCreatedConnectionsMapOutput) MapIndex(k pulumi.StringInput) ClusterUserCreatedConnectionsOutput { + return pulumi.All(o, k).ApplyT(func(vs []interface{}) *ClusterUserCreatedConnections { + return vs[0].(map[string]*ClusterUserCreatedConnections)[vs[1].(string)] + }).(ClusterUserCreatedConnectionsOutput) +} + +func init() { + pulumi.RegisterInputType(reflect.TypeOf((*ClusterUserCreatedConnectionsInput)(nil)).Elem(), &ClusterUserCreatedConnections{}) + pulumi.RegisterInputType(reflect.TypeOf((*ClusterUserCreatedConnectionsArrayInput)(nil)).Elem(), ClusterUserCreatedConnectionsArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*ClusterUserCreatedConnectionsMapInput)(nil)).Elem(), ClusterUserCreatedConnectionsMap{}) + pulumi.RegisterOutputType(ClusterUserCreatedConnectionsOutput{}) + pulumi.RegisterOutputType(ClusterUserCreatedConnectionsArrayOutput{}) + pulumi.RegisterOutputType(ClusterUserCreatedConnectionsMapOutput{}) +} diff --git a/sdk/go/gcp/redis/init.go b/sdk/go/gcp/redis/init.go index 462f382884..e1b072d063 100644 --- a/sdk/go/gcp/redis/init.go +++ b/sdk/go/gcp/redis/init.go @@ -23,6 +23,8 @@ func (m *module) Construct(ctx *pulumi.Context, name, typ, urn string) (r pulumi switch typ { case "gcp:redis/cluster:Cluster": r = &Cluster{} + case "gcp:redis/clusterUserCreatedConnections:ClusterUserCreatedConnections": + r = &ClusterUserCreatedConnections{} case "gcp:redis/instance:Instance": r = &Instance{} default: @@ -43,6 +45,11 @@ func init() { "redis/cluster", &module{version}, ) + pulumi.RegisterResourceModule( + "gcp", + "redis/clusterUserCreatedConnections", + &module{version}, + ) pulumi.RegisterResourceModule( "gcp", "redis/instance", diff --git a/sdk/go/gcp/redis/pulumiTypes.go b/sdk/go/gcp/redis/pulumiTypes.go index 8963d4767b..14666b32d4 100644 --- a/sdk/go/gcp/redis/pulumiTypes.go +++ b/sdk/go/gcp/redis/pulumiTypes.go @@ -2275,8 +2275,6 @@ type ClusterPscConfig struct { // Required. The consumer network where the network address of // the discovery endpoint will be reserved, in the form of // projects/{network_project_id_or_number}/global/networks/{network_id}. - // - // *** Network string `pulumi:"network"` } @@ -2295,8 +2293,6 @@ type ClusterPscConfigArgs struct { // Required. The consumer network where the network address of // the discovery endpoint will be reserved, in the form of // projects/{network_project_id_or_number}/global/networks/{network_id}. - // - // *** Network pulumi.StringInput `pulumi:"network"` } @@ -2354,8 +2350,6 @@ func (o ClusterPscConfigOutput) ToClusterPscConfigOutputWithContext(ctx context. // Required. The consumer network where the network address of // the discovery endpoint will be reserved, in the form of // projects/{network_project_id_or_number}/global/networks/{network_id}. -// -// *** func (o ClusterPscConfigOutput) Network() pulumi.StringOutput { return o.ApplyT(func(v ClusterPscConfig) string { return v.Network }).(pulumi.StringOutput) } @@ -2513,6 +2507,118 @@ func (o ClusterPscConnectionArrayOutput) Index(i pulumi.IntInput) ClusterPscConn }).(ClusterPscConnectionOutput) } +type ClusterPscServiceAttachment struct { + // (Output) + // Type of a PSC connection targeting this service attachment. + ConnectionType *string `pulumi:"connectionType"` + // (Output) + // Service attachment URI which your self-created PscConnection should use as + ServiceAttachment *string `pulumi:"serviceAttachment"` +} + +// ClusterPscServiceAttachmentInput is an input type that accepts ClusterPscServiceAttachmentArgs and ClusterPscServiceAttachmentOutput values. +// You can construct a concrete instance of `ClusterPscServiceAttachmentInput` via: +// +// ClusterPscServiceAttachmentArgs{...} +type ClusterPscServiceAttachmentInput interface { + pulumi.Input + + ToClusterPscServiceAttachmentOutput() ClusterPscServiceAttachmentOutput + ToClusterPscServiceAttachmentOutputWithContext(context.Context) ClusterPscServiceAttachmentOutput +} + +type ClusterPscServiceAttachmentArgs struct { + // (Output) + // Type of a PSC connection targeting this service attachment. + ConnectionType pulumi.StringPtrInput `pulumi:"connectionType"` + // (Output) + // Service attachment URI which your self-created PscConnection should use as + ServiceAttachment pulumi.StringPtrInput `pulumi:"serviceAttachment"` +} + +func (ClusterPscServiceAttachmentArgs) ElementType() reflect.Type { + return reflect.TypeOf((*ClusterPscServiceAttachment)(nil)).Elem() +} + +func (i ClusterPscServiceAttachmentArgs) ToClusterPscServiceAttachmentOutput() ClusterPscServiceAttachmentOutput { + return i.ToClusterPscServiceAttachmentOutputWithContext(context.Background()) +} + +func (i ClusterPscServiceAttachmentArgs) ToClusterPscServiceAttachmentOutputWithContext(ctx context.Context) ClusterPscServiceAttachmentOutput { + return pulumi.ToOutputWithContext(ctx, i).(ClusterPscServiceAttachmentOutput) +} + +// ClusterPscServiceAttachmentArrayInput is an input type that accepts ClusterPscServiceAttachmentArray and ClusterPscServiceAttachmentArrayOutput values. +// You can construct a concrete instance of `ClusterPscServiceAttachmentArrayInput` via: +// +// ClusterPscServiceAttachmentArray{ ClusterPscServiceAttachmentArgs{...} } +type ClusterPscServiceAttachmentArrayInput interface { + pulumi.Input + + ToClusterPscServiceAttachmentArrayOutput() ClusterPscServiceAttachmentArrayOutput + ToClusterPscServiceAttachmentArrayOutputWithContext(context.Context) ClusterPscServiceAttachmentArrayOutput +} + +type ClusterPscServiceAttachmentArray []ClusterPscServiceAttachmentInput + +func (ClusterPscServiceAttachmentArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]ClusterPscServiceAttachment)(nil)).Elem() +} + +func (i ClusterPscServiceAttachmentArray) ToClusterPscServiceAttachmentArrayOutput() ClusterPscServiceAttachmentArrayOutput { + return i.ToClusterPscServiceAttachmentArrayOutputWithContext(context.Background()) +} + +func (i ClusterPscServiceAttachmentArray) ToClusterPscServiceAttachmentArrayOutputWithContext(ctx context.Context) ClusterPscServiceAttachmentArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(ClusterPscServiceAttachmentArrayOutput) +} + +type ClusterPscServiceAttachmentOutput struct{ *pulumi.OutputState } + +func (ClusterPscServiceAttachmentOutput) ElementType() reflect.Type { + return reflect.TypeOf((*ClusterPscServiceAttachment)(nil)).Elem() +} + +func (o ClusterPscServiceAttachmentOutput) ToClusterPscServiceAttachmentOutput() ClusterPscServiceAttachmentOutput { + return o +} + +func (o ClusterPscServiceAttachmentOutput) ToClusterPscServiceAttachmentOutputWithContext(ctx context.Context) ClusterPscServiceAttachmentOutput { + return o +} + +// (Output) +// Type of a PSC connection targeting this service attachment. +func (o ClusterPscServiceAttachmentOutput) ConnectionType() pulumi.StringPtrOutput { + return o.ApplyT(func(v ClusterPscServiceAttachment) *string { return v.ConnectionType }).(pulumi.StringPtrOutput) +} + +// (Output) +// Service attachment URI which your self-created PscConnection should use as +func (o ClusterPscServiceAttachmentOutput) ServiceAttachment() pulumi.StringPtrOutput { + return o.ApplyT(func(v ClusterPscServiceAttachment) *string { return v.ServiceAttachment }).(pulumi.StringPtrOutput) +} + +type ClusterPscServiceAttachmentArrayOutput struct{ *pulumi.OutputState } + +func (ClusterPscServiceAttachmentArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]ClusterPscServiceAttachment)(nil)).Elem() +} + +func (o ClusterPscServiceAttachmentArrayOutput) ToClusterPscServiceAttachmentArrayOutput() ClusterPscServiceAttachmentArrayOutput { + return o +} + +func (o ClusterPscServiceAttachmentArrayOutput) ToClusterPscServiceAttachmentArrayOutputWithContext(ctx context.Context) ClusterPscServiceAttachmentArrayOutput { + return o +} + +func (o ClusterPscServiceAttachmentArrayOutput) Index(i pulumi.IntInput) ClusterPscServiceAttachmentOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) ClusterPscServiceAttachment { + return vs[0].([]ClusterPscServiceAttachment)[vs[1].(int)] + }).(ClusterPscServiceAttachmentOutput) +} + type ClusterStateInfo struct { // A nested object resource. // Structure is documented below. @@ -2769,6 +2875,544 @@ func (o ClusterStateInfoUpdateInfoPtrOutput) TargetShardCount() pulumi.IntPtrOut }).(pulumi.IntPtrOutput) } +type ClusterUserCreatedConnectionsClusterEndpoint struct { + // Structure is documented below. + Connections []ClusterUserCreatedConnectionsClusterEndpointConnection `pulumi:"connections"` +} + +// ClusterUserCreatedConnectionsClusterEndpointInput is an input type that accepts ClusterUserCreatedConnectionsClusterEndpointArgs and ClusterUserCreatedConnectionsClusterEndpointOutput values. +// You can construct a concrete instance of `ClusterUserCreatedConnectionsClusterEndpointInput` via: +// +// ClusterUserCreatedConnectionsClusterEndpointArgs{...} +type ClusterUserCreatedConnectionsClusterEndpointInput interface { + pulumi.Input + + ToClusterUserCreatedConnectionsClusterEndpointOutput() ClusterUserCreatedConnectionsClusterEndpointOutput + ToClusterUserCreatedConnectionsClusterEndpointOutputWithContext(context.Context) ClusterUserCreatedConnectionsClusterEndpointOutput +} + +type ClusterUserCreatedConnectionsClusterEndpointArgs struct { + // Structure is documented below. + Connections ClusterUserCreatedConnectionsClusterEndpointConnectionArrayInput `pulumi:"connections"` +} + +func (ClusterUserCreatedConnectionsClusterEndpointArgs) ElementType() reflect.Type { + return reflect.TypeOf((*ClusterUserCreatedConnectionsClusterEndpoint)(nil)).Elem() +} + +func (i ClusterUserCreatedConnectionsClusterEndpointArgs) ToClusterUserCreatedConnectionsClusterEndpointOutput() ClusterUserCreatedConnectionsClusterEndpointOutput { + return i.ToClusterUserCreatedConnectionsClusterEndpointOutputWithContext(context.Background()) +} + +func (i ClusterUserCreatedConnectionsClusterEndpointArgs) ToClusterUserCreatedConnectionsClusterEndpointOutputWithContext(ctx context.Context) ClusterUserCreatedConnectionsClusterEndpointOutput { + return pulumi.ToOutputWithContext(ctx, i).(ClusterUserCreatedConnectionsClusterEndpointOutput) +} + +// ClusterUserCreatedConnectionsClusterEndpointArrayInput is an input type that accepts ClusterUserCreatedConnectionsClusterEndpointArray and ClusterUserCreatedConnectionsClusterEndpointArrayOutput values. +// You can construct a concrete instance of `ClusterUserCreatedConnectionsClusterEndpointArrayInput` via: +// +// ClusterUserCreatedConnectionsClusterEndpointArray{ ClusterUserCreatedConnectionsClusterEndpointArgs{...} } +type ClusterUserCreatedConnectionsClusterEndpointArrayInput interface { + pulumi.Input + + ToClusterUserCreatedConnectionsClusterEndpointArrayOutput() ClusterUserCreatedConnectionsClusterEndpointArrayOutput + ToClusterUserCreatedConnectionsClusterEndpointArrayOutputWithContext(context.Context) ClusterUserCreatedConnectionsClusterEndpointArrayOutput +} + +type ClusterUserCreatedConnectionsClusterEndpointArray []ClusterUserCreatedConnectionsClusterEndpointInput + +func (ClusterUserCreatedConnectionsClusterEndpointArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]ClusterUserCreatedConnectionsClusterEndpoint)(nil)).Elem() +} + +func (i ClusterUserCreatedConnectionsClusterEndpointArray) ToClusterUserCreatedConnectionsClusterEndpointArrayOutput() ClusterUserCreatedConnectionsClusterEndpointArrayOutput { + return i.ToClusterUserCreatedConnectionsClusterEndpointArrayOutputWithContext(context.Background()) +} + +func (i ClusterUserCreatedConnectionsClusterEndpointArray) ToClusterUserCreatedConnectionsClusterEndpointArrayOutputWithContext(ctx context.Context) ClusterUserCreatedConnectionsClusterEndpointArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(ClusterUserCreatedConnectionsClusterEndpointArrayOutput) +} + +type ClusterUserCreatedConnectionsClusterEndpointOutput struct{ *pulumi.OutputState } + +func (ClusterUserCreatedConnectionsClusterEndpointOutput) ElementType() reflect.Type { + return reflect.TypeOf((*ClusterUserCreatedConnectionsClusterEndpoint)(nil)).Elem() +} + +func (o ClusterUserCreatedConnectionsClusterEndpointOutput) ToClusterUserCreatedConnectionsClusterEndpointOutput() ClusterUserCreatedConnectionsClusterEndpointOutput { + return o +} + +func (o ClusterUserCreatedConnectionsClusterEndpointOutput) ToClusterUserCreatedConnectionsClusterEndpointOutputWithContext(ctx context.Context) ClusterUserCreatedConnectionsClusterEndpointOutput { + return o +} + +// Structure is documented below. +func (o ClusterUserCreatedConnectionsClusterEndpointOutput) Connections() ClusterUserCreatedConnectionsClusterEndpointConnectionArrayOutput { + return o.ApplyT(func(v ClusterUserCreatedConnectionsClusterEndpoint) []ClusterUserCreatedConnectionsClusterEndpointConnection { + return v.Connections + }).(ClusterUserCreatedConnectionsClusterEndpointConnectionArrayOutput) +} + +type ClusterUserCreatedConnectionsClusterEndpointArrayOutput struct{ *pulumi.OutputState } + +func (ClusterUserCreatedConnectionsClusterEndpointArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]ClusterUserCreatedConnectionsClusterEndpoint)(nil)).Elem() +} + +func (o ClusterUserCreatedConnectionsClusterEndpointArrayOutput) ToClusterUserCreatedConnectionsClusterEndpointArrayOutput() ClusterUserCreatedConnectionsClusterEndpointArrayOutput { + return o +} + +func (o ClusterUserCreatedConnectionsClusterEndpointArrayOutput) ToClusterUserCreatedConnectionsClusterEndpointArrayOutputWithContext(ctx context.Context) ClusterUserCreatedConnectionsClusterEndpointArrayOutput { + return o +} + +func (o ClusterUserCreatedConnectionsClusterEndpointArrayOutput) Index(i pulumi.IntInput) ClusterUserCreatedConnectionsClusterEndpointOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) ClusterUserCreatedConnectionsClusterEndpoint { + return vs[0].([]ClusterUserCreatedConnectionsClusterEndpoint)[vs[1].(int)] + }).(ClusterUserCreatedConnectionsClusterEndpointOutput) +} + +type ClusterUserCreatedConnectionsClusterEndpointConnection struct { + // Detailed information of a PSC connection that is created by the customer + // who owns the cluster. + // Structure is documented below. + PscConnection *ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnection `pulumi:"pscConnection"` +} + +// ClusterUserCreatedConnectionsClusterEndpointConnectionInput is an input type that accepts ClusterUserCreatedConnectionsClusterEndpointConnectionArgs and ClusterUserCreatedConnectionsClusterEndpointConnectionOutput values. +// You can construct a concrete instance of `ClusterUserCreatedConnectionsClusterEndpointConnectionInput` via: +// +// ClusterUserCreatedConnectionsClusterEndpointConnectionArgs{...} +type ClusterUserCreatedConnectionsClusterEndpointConnectionInput interface { + pulumi.Input + + ToClusterUserCreatedConnectionsClusterEndpointConnectionOutput() ClusterUserCreatedConnectionsClusterEndpointConnectionOutput + ToClusterUserCreatedConnectionsClusterEndpointConnectionOutputWithContext(context.Context) ClusterUserCreatedConnectionsClusterEndpointConnectionOutput +} + +type ClusterUserCreatedConnectionsClusterEndpointConnectionArgs struct { + // Detailed information of a PSC connection that is created by the customer + // who owns the cluster. + // Structure is documented below. + PscConnection ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionPtrInput `pulumi:"pscConnection"` +} + +func (ClusterUserCreatedConnectionsClusterEndpointConnectionArgs) ElementType() reflect.Type { + return reflect.TypeOf((*ClusterUserCreatedConnectionsClusterEndpointConnection)(nil)).Elem() +} + +func (i ClusterUserCreatedConnectionsClusterEndpointConnectionArgs) ToClusterUserCreatedConnectionsClusterEndpointConnectionOutput() ClusterUserCreatedConnectionsClusterEndpointConnectionOutput { + return i.ToClusterUserCreatedConnectionsClusterEndpointConnectionOutputWithContext(context.Background()) +} + +func (i ClusterUserCreatedConnectionsClusterEndpointConnectionArgs) ToClusterUserCreatedConnectionsClusterEndpointConnectionOutputWithContext(ctx context.Context) ClusterUserCreatedConnectionsClusterEndpointConnectionOutput { + return pulumi.ToOutputWithContext(ctx, i).(ClusterUserCreatedConnectionsClusterEndpointConnectionOutput) +} + +// ClusterUserCreatedConnectionsClusterEndpointConnectionArrayInput is an input type that accepts ClusterUserCreatedConnectionsClusterEndpointConnectionArray and ClusterUserCreatedConnectionsClusterEndpointConnectionArrayOutput values. +// You can construct a concrete instance of `ClusterUserCreatedConnectionsClusterEndpointConnectionArrayInput` via: +// +// ClusterUserCreatedConnectionsClusterEndpointConnectionArray{ ClusterUserCreatedConnectionsClusterEndpointConnectionArgs{...} } +type ClusterUserCreatedConnectionsClusterEndpointConnectionArrayInput interface { + pulumi.Input + + ToClusterUserCreatedConnectionsClusterEndpointConnectionArrayOutput() ClusterUserCreatedConnectionsClusterEndpointConnectionArrayOutput + ToClusterUserCreatedConnectionsClusterEndpointConnectionArrayOutputWithContext(context.Context) ClusterUserCreatedConnectionsClusterEndpointConnectionArrayOutput +} + +type ClusterUserCreatedConnectionsClusterEndpointConnectionArray []ClusterUserCreatedConnectionsClusterEndpointConnectionInput + +func (ClusterUserCreatedConnectionsClusterEndpointConnectionArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]ClusterUserCreatedConnectionsClusterEndpointConnection)(nil)).Elem() +} + +func (i ClusterUserCreatedConnectionsClusterEndpointConnectionArray) ToClusterUserCreatedConnectionsClusterEndpointConnectionArrayOutput() ClusterUserCreatedConnectionsClusterEndpointConnectionArrayOutput { + return i.ToClusterUserCreatedConnectionsClusterEndpointConnectionArrayOutputWithContext(context.Background()) +} + +func (i ClusterUserCreatedConnectionsClusterEndpointConnectionArray) ToClusterUserCreatedConnectionsClusterEndpointConnectionArrayOutputWithContext(ctx context.Context) ClusterUserCreatedConnectionsClusterEndpointConnectionArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(ClusterUserCreatedConnectionsClusterEndpointConnectionArrayOutput) +} + +type ClusterUserCreatedConnectionsClusterEndpointConnectionOutput struct{ *pulumi.OutputState } + +func (ClusterUserCreatedConnectionsClusterEndpointConnectionOutput) ElementType() reflect.Type { + return reflect.TypeOf((*ClusterUserCreatedConnectionsClusterEndpointConnection)(nil)).Elem() +} + +func (o ClusterUserCreatedConnectionsClusterEndpointConnectionOutput) ToClusterUserCreatedConnectionsClusterEndpointConnectionOutput() ClusterUserCreatedConnectionsClusterEndpointConnectionOutput { + return o +} + +func (o ClusterUserCreatedConnectionsClusterEndpointConnectionOutput) ToClusterUserCreatedConnectionsClusterEndpointConnectionOutputWithContext(ctx context.Context) ClusterUserCreatedConnectionsClusterEndpointConnectionOutput { + return o +} + +// Detailed information of a PSC connection that is created by the customer +// who owns the cluster. +// Structure is documented below. +func (o ClusterUserCreatedConnectionsClusterEndpointConnectionOutput) PscConnection() ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionPtrOutput { + return o.ApplyT(func(v ClusterUserCreatedConnectionsClusterEndpointConnection) *ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnection { + return v.PscConnection + }).(ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionPtrOutput) +} + +type ClusterUserCreatedConnectionsClusterEndpointConnectionArrayOutput struct{ *pulumi.OutputState } + +func (ClusterUserCreatedConnectionsClusterEndpointConnectionArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]ClusterUserCreatedConnectionsClusterEndpointConnection)(nil)).Elem() +} + +func (o ClusterUserCreatedConnectionsClusterEndpointConnectionArrayOutput) ToClusterUserCreatedConnectionsClusterEndpointConnectionArrayOutput() ClusterUserCreatedConnectionsClusterEndpointConnectionArrayOutput { + return o +} + +func (o ClusterUserCreatedConnectionsClusterEndpointConnectionArrayOutput) ToClusterUserCreatedConnectionsClusterEndpointConnectionArrayOutputWithContext(ctx context.Context) ClusterUserCreatedConnectionsClusterEndpointConnectionArrayOutput { + return o +} + +func (o ClusterUserCreatedConnectionsClusterEndpointConnectionArrayOutput) Index(i pulumi.IntInput) ClusterUserCreatedConnectionsClusterEndpointConnectionOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) ClusterUserCreatedConnectionsClusterEndpointConnection { + return vs[0].([]ClusterUserCreatedConnectionsClusterEndpointConnection)[vs[1].(int)] + }).(ClusterUserCreatedConnectionsClusterEndpointConnectionOutput) +} + +type ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnection struct { + // The IP allocated on the consumer network for the PSC forwarding rule. + Address string `pulumi:"address"` + // (Output) + // Output Only. Type of a PSC Connection. + // Possible values: + // CONNECTION_TYPE_DISCOVERY + // CONNECTION_TYPE_PRIMARY + // CONNECTION_TYPE_READER + ConnectionType *string `pulumi:"connectionType"` + // The URI of the consumer side forwarding rule. + // Format: + // projects/{project}/regions/{region}/forwardingRules/{forwarding_rule} + ForwardingRule string `pulumi:"forwardingRule"` + // The consumer network where the IP address resides, in the form of + // projects/{project_id}/global/networks/{network_id}. + Network string `pulumi:"network"` + // The consumer projectId where the forwarding rule is created from. + ProjectId *string `pulumi:"projectId"` + // The PSC connection id of the forwarding rule connected to the + // service attachment. + PscConnectionId string `pulumi:"pscConnectionId"` + // (Output) + // Output Only. The status of the PSC connection: whether a connection exists and ACTIVE or it no longer exists. + // Possible values: + // ACTIVE + // NOT_FOUND + PscConnectionStatus *string `pulumi:"pscConnectionStatus"` + // The service attachment which is the target of the PSC connection, in the form of projects/{project-id}/regions/{region}/serviceAttachments/{service-attachment-id}. + ServiceAttachment string `pulumi:"serviceAttachment"` +} + +// ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionInput is an input type that accepts ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionArgs and ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionOutput values. +// You can construct a concrete instance of `ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionInput` via: +// +// ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionArgs{...} +type ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionInput interface { + pulumi.Input + + ToClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionOutput() ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionOutput + ToClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionOutputWithContext(context.Context) ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionOutput +} + +type ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionArgs struct { + // The IP allocated on the consumer network for the PSC forwarding rule. + Address pulumi.StringInput `pulumi:"address"` + // (Output) + // Output Only. Type of a PSC Connection. + // Possible values: + // CONNECTION_TYPE_DISCOVERY + // CONNECTION_TYPE_PRIMARY + // CONNECTION_TYPE_READER + ConnectionType pulumi.StringPtrInput `pulumi:"connectionType"` + // The URI of the consumer side forwarding rule. + // Format: + // projects/{project}/regions/{region}/forwardingRules/{forwarding_rule} + ForwardingRule pulumi.StringInput `pulumi:"forwardingRule"` + // The consumer network where the IP address resides, in the form of + // projects/{project_id}/global/networks/{network_id}. + Network pulumi.StringInput `pulumi:"network"` + // The consumer projectId where the forwarding rule is created from. + ProjectId pulumi.StringPtrInput `pulumi:"projectId"` + // The PSC connection id of the forwarding rule connected to the + // service attachment. + PscConnectionId pulumi.StringInput `pulumi:"pscConnectionId"` + // (Output) + // Output Only. The status of the PSC connection: whether a connection exists and ACTIVE or it no longer exists. + // Possible values: + // ACTIVE + // NOT_FOUND + PscConnectionStatus pulumi.StringPtrInput `pulumi:"pscConnectionStatus"` + // The service attachment which is the target of the PSC connection, in the form of projects/{project-id}/regions/{region}/serviceAttachments/{service-attachment-id}. + ServiceAttachment pulumi.StringInput `pulumi:"serviceAttachment"` +} + +func (ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionArgs) ElementType() reflect.Type { + return reflect.TypeOf((*ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnection)(nil)).Elem() +} + +func (i ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionArgs) ToClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionOutput() ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionOutput { + return i.ToClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionOutputWithContext(context.Background()) +} + +func (i ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionArgs) ToClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionOutputWithContext(ctx context.Context) ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionOutput { + return pulumi.ToOutputWithContext(ctx, i).(ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionOutput) +} + +func (i ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionArgs) ToClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionPtrOutput() ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionPtrOutput { + return i.ToClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionPtrOutputWithContext(context.Background()) +} + +func (i ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionArgs) ToClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionPtrOutputWithContext(ctx context.Context) ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionOutput).ToClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionPtrOutputWithContext(ctx) +} + +// ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionPtrInput is an input type that accepts ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionArgs, ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionPtr and ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionPtrOutput values. +// You can construct a concrete instance of `ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionPtrInput` via: +// +// ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionArgs{...} +// +// or: +// +// nil +type ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionPtrInput interface { + pulumi.Input + + ToClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionPtrOutput() ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionPtrOutput + ToClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionPtrOutputWithContext(context.Context) ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionPtrOutput +} + +type clusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionPtrType ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionArgs + +func ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionPtr(v *ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionArgs) ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionPtrInput { + return (*clusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionPtrType)(v) +} + +func (*clusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionPtrType) ElementType() reflect.Type { + return reflect.TypeOf((**ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnection)(nil)).Elem() +} + +func (i *clusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionPtrType) ToClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionPtrOutput() ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionPtrOutput { + return i.ToClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionPtrOutputWithContext(context.Background()) +} + +func (i *clusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionPtrType) ToClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionPtrOutputWithContext(ctx context.Context) ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionPtrOutput) +} + +type ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionOutput struct{ *pulumi.OutputState } + +func (ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionOutput) ElementType() reflect.Type { + return reflect.TypeOf((*ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnection)(nil)).Elem() +} + +func (o ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionOutput) ToClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionOutput() ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionOutput { + return o +} + +func (o ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionOutput) ToClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionOutputWithContext(ctx context.Context) ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionOutput { + return o +} + +func (o ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionOutput) ToClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionPtrOutput() ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionPtrOutput { + return o.ToClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionPtrOutputWithContext(context.Background()) +} + +func (o ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionOutput) ToClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionPtrOutputWithContext(ctx context.Context) ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionPtrOutput { + return o.ApplyTWithContext(ctx, func(_ context.Context, v ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnection) *ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnection { + return &v + }).(ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionPtrOutput) +} + +// The IP allocated on the consumer network for the PSC forwarding rule. +func (o ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionOutput) Address() pulumi.StringOutput { + return o.ApplyT(func(v ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnection) string { return v.Address }).(pulumi.StringOutput) +} + +// (Output) +// Output Only. Type of a PSC Connection. +// Possible values: +// CONNECTION_TYPE_DISCOVERY +// CONNECTION_TYPE_PRIMARY +// CONNECTION_TYPE_READER +func (o ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionOutput) ConnectionType() pulumi.StringPtrOutput { + return o.ApplyT(func(v ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnection) *string { + return v.ConnectionType + }).(pulumi.StringPtrOutput) +} + +// The URI of the consumer side forwarding rule. +// Format: +// projects/{project}/regions/{region}/forwardingRules/{forwarding_rule} +func (o ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionOutput) ForwardingRule() pulumi.StringOutput { + return o.ApplyT(func(v ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnection) string { + return v.ForwardingRule + }).(pulumi.StringOutput) +} + +// The consumer network where the IP address resides, in the form of +// projects/{project_id}/global/networks/{network_id}. +func (o ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionOutput) Network() pulumi.StringOutput { + return o.ApplyT(func(v ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnection) string { return v.Network }).(pulumi.StringOutput) +} + +// The consumer projectId where the forwarding rule is created from. +func (o ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionOutput) ProjectId() pulumi.StringPtrOutput { + return o.ApplyT(func(v ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnection) *string { + return v.ProjectId + }).(pulumi.StringPtrOutput) +} + +// The PSC connection id of the forwarding rule connected to the +// service attachment. +func (o ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionOutput) PscConnectionId() pulumi.StringOutput { + return o.ApplyT(func(v ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnection) string { + return v.PscConnectionId + }).(pulumi.StringOutput) +} + +// (Output) +// Output Only. The status of the PSC connection: whether a connection exists and ACTIVE or it no longer exists. +// Possible values: +// ACTIVE +// NOT_FOUND +func (o ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionOutput) PscConnectionStatus() pulumi.StringPtrOutput { + return o.ApplyT(func(v ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnection) *string { + return v.PscConnectionStatus + }).(pulumi.StringPtrOutput) +} + +// The service attachment which is the target of the PSC connection, in the form of projects/{project-id}/regions/{region}/serviceAttachments/{service-attachment-id}. +func (o ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionOutput) ServiceAttachment() pulumi.StringOutput { + return o.ApplyT(func(v ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnection) string { + return v.ServiceAttachment + }).(pulumi.StringOutput) +} + +type ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionPtrOutput struct{ *pulumi.OutputState } + +func (ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionPtrOutput) ElementType() reflect.Type { + return reflect.TypeOf((**ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnection)(nil)).Elem() +} + +func (o ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionPtrOutput) ToClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionPtrOutput() ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionPtrOutput { + return o +} + +func (o ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionPtrOutput) ToClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionPtrOutputWithContext(ctx context.Context) ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionPtrOutput { + return o +} + +func (o ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionPtrOutput) Elem() ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionOutput { + return o.ApplyT(func(v *ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnection) ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnection { + if v != nil { + return *v + } + var ret ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnection + return ret + }).(ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionOutput) +} + +// The IP allocated on the consumer network for the PSC forwarding rule. +func (o ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionPtrOutput) Address() pulumi.StringPtrOutput { + return o.ApplyT(func(v *ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnection) *string { + if v == nil { + return nil + } + return &v.Address + }).(pulumi.StringPtrOutput) +} + +// (Output) +// Output Only. Type of a PSC Connection. +// Possible values: +// CONNECTION_TYPE_DISCOVERY +// CONNECTION_TYPE_PRIMARY +// CONNECTION_TYPE_READER +func (o ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionPtrOutput) ConnectionType() pulumi.StringPtrOutput { + return o.ApplyT(func(v *ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnection) *string { + if v == nil { + return nil + } + return v.ConnectionType + }).(pulumi.StringPtrOutput) +} + +// The URI of the consumer side forwarding rule. +// Format: +// projects/{project}/regions/{region}/forwardingRules/{forwarding_rule} +func (o ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionPtrOutput) ForwardingRule() pulumi.StringPtrOutput { + return o.ApplyT(func(v *ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnection) *string { + if v == nil { + return nil + } + return &v.ForwardingRule + }).(pulumi.StringPtrOutput) +} + +// The consumer network where the IP address resides, in the form of +// projects/{project_id}/global/networks/{network_id}. +func (o ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionPtrOutput) Network() pulumi.StringPtrOutput { + return o.ApplyT(func(v *ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnection) *string { + if v == nil { + return nil + } + return &v.Network + }).(pulumi.StringPtrOutput) +} + +// The consumer projectId where the forwarding rule is created from. +func (o ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionPtrOutput) ProjectId() pulumi.StringPtrOutput { + return o.ApplyT(func(v *ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnection) *string { + if v == nil { + return nil + } + return v.ProjectId + }).(pulumi.StringPtrOutput) +} + +// The PSC connection id of the forwarding rule connected to the +// service attachment. +func (o ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionPtrOutput) PscConnectionId() pulumi.StringPtrOutput { + return o.ApplyT(func(v *ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnection) *string { + if v == nil { + return nil + } + return &v.PscConnectionId + }).(pulumi.StringPtrOutput) +} + +// (Output) +// Output Only. The status of the PSC connection: whether a connection exists and ACTIVE or it no longer exists. +// Possible values: +// ACTIVE +// NOT_FOUND +func (o ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionPtrOutput) PscConnectionStatus() pulumi.StringPtrOutput { + return o.ApplyT(func(v *ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnection) *string { + if v == nil { + return nil + } + return v.PscConnectionStatus + }).(pulumi.StringPtrOutput) +} + +// The service attachment which is the target of the PSC connection, in the form of projects/{project-id}/regions/{region}/serviceAttachments/{service-attachment-id}. +func (o ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionPtrOutput) ServiceAttachment() pulumi.StringPtrOutput { + return o.ApplyT(func(v *ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnection) *string { + if v == nil { + return nil + } + return &v.ServiceAttachment + }).(pulumi.StringPtrOutput) +} + type ClusterZoneDistributionConfig struct { // Immutable. The mode for zone distribution for Memorystore Redis cluster. // If not provided, MULTI_ZONE will be used as default @@ -5098,10 +5742,18 @@ func init() { pulumi.RegisterInputType(reflect.TypeOf((*ClusterPscConfigArrayInput)(nil)).Elem(), ClusterPscConfigArray{}) pulumi.RegisterInputType(reflect.TypeOf((*ClusterPscConnectionInput)(nil)).Elem(), ClusterPscConnectionArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*ClusterPscConnectionArrayInput)(nil)).Elem(), ClusterPscConnectionArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*ClusterPscServiceAttachmentInput)(nil)).Elem(), ClusterPscServiceAttachmentArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*ClusterPscServiceAttachmentArrayInput)(nil)).Elem(), ClusterPscServiceAttachmentArray{}) pulumi.RegisterInputType(reflect.TypeOf((*ClusterStateInfoInput)(nil)).Elem(), ClusterStateInfoArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*ClusterStateInfoArrayInput)(nil)).Elem(), ClusterStateInfoArray{}) pulumi.RegisterInputType(reflect.TypeOf((*ClusterStateInfoUpdateInfoInput)(nil)).Elem(), ClusterStateInfoUpdateInfoArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*ClusterStateInfoUpdateInfoPtrInput)(nil)).Elem(), ClusterStateInfoUpdateInfoArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*ClusterUserCreatedConnectionsClusterEndpointInput)(nil)).Elem(), ClusterUserCreatedConnectionsClusterEndpointArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*ClusterUserCreatedConnectionsClusterEndpointArrayInput)(nil)).Elem(), ClusterUserCreatedConnectionsClusterEndpointArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*ClusterUserCreatedConnectionsClusterEndpointConnectionInput)(nil)).Elem(), ClusterUserCreatedConnectionsClusterEndpointConnectionArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*ClusterUserCreatedConnectionsClusterEndpointConnectionArrayInput)(nil)).Elem(), ClusterUserCreatedConnectionsClusterEndpointConnectionArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionInput)(nil)).Elem(), ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionPtrInput)(nil)).Elem(), ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*ClusterZoneDistributionConfigInput)(nil)).Elem(), ClusterZoneDistributionConfigArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*ClusterZoneDistributionConfigPtrInput)(nil)).Elem(), ClusterZoneDistributionConfigArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*InstanceMaintenancePolicyInput)(nil)).Elem(), InstanceMaintenancePolicyArgs{}) @@ -5164,10 +5816,18 @@ func init() { pulumi.RegisterOutputType(ClusterPscConfigArrayOutput{}) pulumi.RegisterOutputType(ClusterPscConnectionOutput{}) pulumi.RegisterOutputType(ClusterPscConnectionArrayOutput{}) + pulumi.RegisterOutputType(ClusterPscServiceAttachmentOutput{}) + pulumi.RegisterOutputType(ClusterPscServiceAttachmentArrayOutput{}) pulumi.RegisterOutputType(ClusterStateInfoOutput{}) pulumi.RegisterOutputType(ClusterStateInfoArrayOutput{}) pulumi.RegisterOutputType(ClusterStateInfoUpdateInfoOutput{}) pulumi.RegisterOutputType(ClusterStateInfoUpdateInfoPtrOutput{}) + pulumi.RegisterOutputType(ClusterUserCreatedConnectionsClusterEndpointOutput{}) + pulumi.RegisterOutputType(ClusterUserCreatedConnectionsClusterEndpointArrayOutput{}) + pulumi.RegisterOutputType(ClusterUserCreatedConnectionsClusterEndpointConnectionOutput{}) + pulumi.RegisterOutputType(ClusterUserCreatedConnectionsClusterEndpointConnectionArrayOutput{}) + pulumi.RegisterOutputType(ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionOutput{}) + pulumi.RegisterOutputType(ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionPtrOutput{}) pulumi.RegisterOutputType(ClusterZoneDistributionConfigOutput{}) pulumi.RegisterOutputType(ClusterZoneDistributionConfigPtrOutput{}) pulumi.RegisterOutputType(InstanceMaintenancePolicyOutput{}) diff --git a/sdk/java/build.gradle b/sdk/java/build.gradle index 522fd74c20..74ff585bd5 100644 --- a/sdk/java/build.gradle +++ b/sdk/java/build.gradle @@ -44,7 +44,7 @@ repositories { dependencies { implementation("com.google.code.findbugs:jsr305:3.0.2") implementation("com.google.code.gson:gson:2.8.9") - implementation("com.pulumi:pulumi:1.0.0") + implementation("com.pulumi:pulumi:1.1.0") } task sourcesJar(type: Jar) { diff --git a/sdk/java/src/main/java/com/pulumi/gcp/Config.java b/sdk/java/src/main/java/com/pulumi/gcp/Config.java index a68677e18f..d2b082fe70 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/Config.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/Config.java @@ -39,6 +39,9 @@ public Optional apiGatewayCustomEndpoint() { public Optional apigeeCustomEndpoint() { return Codegen.stringProp("apigeeCustomEndpoint").config(config).get(); } + public Optional apihubCustomEndpoint() { + return Codegen.stringProp("apihubCustomEndpoint").config(config).get(); + } public Optional apikeysCustomEndpoint() { return Codegen.stringProp("apikeysCustomEndpoint").config(config).get(); } diff --git a/sdk/java/src/main/java/com/pulumi/gcp/Provider.java b/sdk/java/src/main/java/com/pulumi/gcp/Provider.java index c3a2da1e93..2aa7b2afb6 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/Provider.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/Provider.java @@ -65,6 +65,12 @@ public Output> apiGatewayCustomEndpoint() { public Output> apigeeCustomEndpoint() { return Codegen.optional(this.apigeeCustomEndpoint); } + @Export(name="apihubCustomEndpoint", refs={String.class}, tree="[0]") + private Output apihubCustomEndpoint; + + public Output> apihubCustomEndpoint() { + return Codegen.optional(this.apihubCustomEndpoint); + } @Export(name="apikeysCustomEndpoint", refs={String.class}, tree="[0]") private Output apikeysCustomEndpoint; diff --git a/sdk/java/src/main/java/com/pulumi/gcp/ProviderArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/ProviderArgs.java index 0e7c61c0c5..4643320e7d 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/ProviderArgs.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/ProviderArgs.java @@ -76,6 +76,13 @@ public Optional> apigeeCustomEndpoint() { return Optional.ofNullable(this.apigeeCustomEndpoint); } + @Import(name="apihubCustomEndpoint") + private @Nullable Output apihubCustomEndpoint; + + public Optional> apihubCustomEndpoint() { + return Optional.ofNullable(this.apihubCustomEndpoint); + } + @Import(name="apikeysCustomEndpoint") private @Nullable Output apikeysCustomEndpoint; @@ -1319,6 +1326,7 @@ private ProviderArgs(ProviderArgs $) { this.alloydbCustomEndpoint = $.alloydbCustomEndpoint; this.apiGatewayCustomEndpoint = $.apiGatewayCustomEndpoint; this.apigeeCustomEndpoint = $.apigeeCustomEndpoint; + this.apihubCustomEndpoint = $.apihubCustomEndpoint; this.apikeysCustomEndpoint = $.apikeysCustomEndpoint; this.appEngineCustomEndpoint = $.appEngineCustomEndpoint; this.apphubCustomEndpoint = $.apphubCustomEndpoint; @@ -1587,6 +1595,15 @@ public Builder apigeeCustomEndpoint(String apigeeCustomEndpoint) { return apigeeCustomEndpoint(Output.of(apigeeCustomEndpoint)); } + public Builder apihubCustomEndpoint(@Nullable Output apihubCustomEndpoint) { + $.apihubCustomEndpoint = apihubCustomEndpoint; + return this; + } + + public Builder apihubCustomEndpoint(String apihubCustomEndpoint) { + return apihubCustomEndpoint(Output.of(apihubCustomEndpoint)); + } + public Builder apikeysCustomEndpoint(@Nullable Output apikeysCustomEndpoint) { $.apikeysCustomEndpoint = apikeysCustomEndpoint; return this; diff --git a/sdk/java/src/main/java/com/pulumi/gcp/alloydb/Cluster.java b/sdk/java/src/main/java/com/pulumi/gcp/alloydb/Cluster.java index 9461fa0be2..f20ac393fc 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/alloydb/Cluster.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/alloydb/Cluster.java @@ -426,14 +426,16 @@ public Output> continuousBackupInfos() { return this.continuousBackupInfos; } /** - * The database engine major version. This is an optional field and it's populated at the Cluster creation time. This field cannot be changed after cluster creation. + * The database engine major version. This is an optional field and it's populated at the Cluster creation time. + * Note: Changing this field to a higer version results in upgrading the AlloyDB cluster which is an irreversible change. * */ @Export(name="databaseVersion", refs={String.class}, tree="[0]") private Output databaseVersion; /** - * @return The database engine major version. This is an optional field and it's populated at the Cluster creation time. This field cannot be changed after cluster creation. + * @return The database engine major version. This is an optional field and it's populated at the Cluster creation time. + * Note: Changing this field to a higer version results in upgrading the AlloyDB cluster which is an irreversible change. * */ public Output databaseVersion() { @@ -769,6 +771,24 @@ public Output> restoreContinuousB public Output> secondaryConfig() { return Codegen.optional(this.secondaryConfig); } + /** + * Set to true to skip awaiting on the major version upgrade of the cluster. + * Possible values: true, false + * Default value: "true" + * + */ + @Export(name="skipAwaitMajorVersionUpgrade", refs={Boolean.class}, tree="[0]") + private Output skipAwaitMajorVersionUpgrade; + + /** + * @return Set to true to skip awaiting on the major version upgrade of the cluster. + * Possible values: true, false + * Default value: "true" + * + */ + public Output> skipAwaitMajorVersionUpgrade() { + return Codegen.optional(this.skipAwaitMajorVersionUpgrade); + } /** * Output only. The current serving state of the cluster. * diff --git a/sdk/java/src/main/java/com/pulumi/gcp/alloydb/ClusterArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/alloydb/ClusterArgs.java index 3cf36bc2b2..ab84ef97ef 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/alloydb/ClusterArgs.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/alloydb/ClusterArgs.java @@ -16,6 +16,7 @@ import com.pulumi.gcp.alloydb.inputs.ClusterRestoreBackupSourceArgs; import com.pulumi.gcp.alloydb.inputs.ClusterRestoreContinuousBackupSourceArgs; import com.pulumi.gcp.alloydb.inputs.ClusterSecondaryConfigArgs; +import java.lang.Boolean; import java.lang.String; import java.util.Map; import java.util.Objects; @@ -121,14 +122,16 @@ public Optional> continuousBackupConfi } /** - * The database engine major version. This is an optional field and it's populated at the Cluster creation time. This field cannot be changed after cluster creation. + * The database engine major version. This is an optional field and it's populated at the Cluster creation time. + * Note: Changing this field to a higer version results in upgrading the AlloyDB cluster which is an irreversible change. * */ @Import(name="databaseVersion") private @Nullable Output databaseVersion; /** - * @return The database engine major version. This is an optional field and it's populated at the Cluster creation time. This field cannot be changed after cluster creation. + * @return The database engine major version. This is an optional field and it's populated at the Cluster creation time. + * Note: Changing this field to a higer version results in upgrading the AlloyDB cluster which is an irreversible change. * */ public Optional> databaseVersion() { @@ -377,6 +380,25 @@ public Optional> secondaryConfig() { return Optional.ofNullable(this.secondaryConfig); } + /** + * Set to true to skip awaiting on the major version upgrade of the cluster. + * Possible values: true, false + * Default value: "true" + * + */ + @Import(name="skipAwaitMajorVersionUpgrade") + private @Nullable Output skipAwaitMajorVersionUpgrade; + + /** + * @return Set to true to skip awaiting on the major version upgrade of the cluster. + * Possible values: true, false + * Default value: "true" + * + */ + public Optional> skipAwaitMajorVersionUpgrade() { + return Optional.ofNullable(this.skipAwaitMajorVersionUpgrade); + } + /** * The subscrition type of cluster. * Possible values are: `TRIAL`, `STANDARD`. @@ -417,6 +439,7 @@ private ClusterArgs(ClusterArgs $) { this.restoreBackupSource = $.restoreBackupSource; this.restoreContinuousBackupSource = $.restoreContinuousBackupSource; this.secondaryConfig = $.secondaryConfig; + this.skipAwaitMajorVersionUpgrade = $.skipAwaitMajorVersionUpgrade; this.subscriptionType = $.subscriptionType; } @@ -562,7 +585,8 @@ public Builder continuousBackupConfig(ClusterContinuousBackupConfigArgs continuo } /** - * @param databaseVersion The database engine major version. This is an optional field and it's populated at the Cluster creation time. This field cannot be changed after cluster creation. + * @param databaseVersion The database engine major version. This is an optional field and it's populated at the Cluster creation time. + * Note: Changing this field to a higer version results in upgrading the AlloyDB cluster which is an irreversible change. * * @return builder * @@ -573,7 +597,8 @@ public Builder databaseVersion(@Nullable Output databaseVersion) { } /** - * @param databaseVersion The database engine major version. This is an optional field and it's populated at the Cluster creation time. This field cannot be changed after cluster creation. + * @param databaseVersion The database engine major version. This is an optional field and it's populated at the Cluster creation time. + * Note: Changing this field to a higer version results in upgrading the AlloyDB cluster which is an irreversible change. * * @return builder * @@ -908,6 +933,31 @@ public Builder secondaryConfig(ClusterSecondaryConfigArgs secondaryConfig) { return secondaryConfig(Output.of(secondaryConfig)); } + /** + * @param skipAwaitMajorVersionUpgrade Set to true to skip awaiting on the major version upgrade of the cluster. + * Possible values: true, false + * Default value: "true" + * + * @return builder + * + */ + public Builder skipAwaitMajorVersionUpgrade(@Nullable Output skipAwaitMajorVersionUpgrade) { + $.skipAwaitMajorVersionUpgrade = skipAwaitMajorVersionUpgrade; + return this; + } + + /** + * @param skipAwaitMajorVersionUpgrade Set to true to skip awaiting on the major version upgrade of the cluster. + * Possible values: true, false + * Default value: "true" + * + * @return builder + * + */ + public Builder skipAwaitMajorVersionUpgrade(Boolean skipAwaitMajorVersionUpgrade) { + return skipAwaitMajorVersionUpgrade(Output.of(skipAwaitMajorVersionUpgrade)); + } + /** * @param subscriptionType The subscrition type of cluster. * Possible values are: `TRIAL`, `STANDARD`. diff --git a/sdk/java/src/main/java/com/pulumi/gcp/alloydb/inputs/ClusterState.java b/sdk/java/src/main/java/com/pulumi/gcp/alloydb/inputs/ClusterState.java index f7806e0ee8..db8f1677ec 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/alloydb/inputs/ClusterState.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/alloydb/inputs/ClusterState.java @@ -161,14 +161,16 @@ public Optional>> continuousBackupI } /** - * The database engine major version. This is an optional field and it's populated at the Cluster creation time. This field cannot be changed after cluster creation. + * The database engine major version. This is an optional field and it's populated at the Cluster creation time. + * Note: Changing this field to a higer version results in upgrading the AlloyDB cluster which is an irreversible change. * */ @Import(name="databaseVersion") private @Nullable Output databaseVersion; /** - * @return The database engine major version. This is an optional field and it's populated at the Cluster creation time. This field cannot be changed after cluster creation. + * @return The database engine major version. This is an optional field and it's populated at the Cluster creation time. + * Note: Changing this field to a higer version results in upgrading the AlloyDB cluster which is an irreversible change. * */ public Optional> databaseVersion() { @@ -526,6 +528,25 @@ public Optional> secondaryConfig() { return Optional.ofNullable(this.secondaryConfig); } + /** + * Set to true to skip awaiting on the major version upgrade of the cluster. + * Possible values: true, false + * Default value: "true" + * + */ + @Import(name="skipAwaitMajorVersionUpgrade") + private @Nullable Output skipAwaitMajorVersionUpgrade; + + /** + * @return Set to true to skip awaiting on the major version upgrade of the cluster. + * Possible values: true, false + * Default value: "true" + * + */ + public Optional> skipAwaitMajorVersionUpgrade() { + return Optional.ofNullable(this.skipAwaitMajorVersionUpgrade); + } + /** * Output only. The current serving state of the cluster. * @@ -622,6 +643,7 @@ private ClusterState(ClusterState $) { this.restoreBackupSource = $.restoreBackupSource; this.restoreContinuousBackupSource = $.restoreContinuousBackupSource; this.secondaryConfig = $.secondaryConfig; + this.skipAwaitMajorVersionUpgrade = $.skipAwaitMajorVersionUpgrade; this.state = $.state; this.subscriptionType = $.subscriptionType; this.trialMetadatas = $.trialMetadatas; @@ -838,7 +860,8 @@ public Builder continuousBackupInfos(ClusterContinuousBackupInfoArgs... continuo } /** - * @param databaseVersion The database engine major version. This is an optional field and it's populated at the Cluster creation time. This field cannot be changed after cluster creation. + * @param databaseVersion The database engine major version. This is an optional field and it's populated at the Cluster creation time. + * Note: Changing this field to a higer version results in upgrading the AlloyDB cluster which is an irreversible change. * * @return builder * @@ -849,7 +872,8 @@ public Builder databaseVersion(@Nullable Output databaseVersion) { } /** - * @param databaseVersion The database engine major version. This is an optional field and it's populated at the Cluster creation time. This field cannot be changed after cluster creation. + * @param databaseVersion The database engine major version. This is an optional field and it's populated at the Cluster creation time. + * Note: Changing this field to a higer version results in upgrading the AlloyDB cluster which is an irreversible change. * * @return builder * @@ -1354,6 +1378,31 @@ public Builder secondaryConfig(ClusterSecondaryConfigArgs secondaryConfig) { return secondaryConfig(Output.of(secondaryConfig)); } + /** + * @param skipAwaitMajorVersionUpgrade Set to true to skip awaiting on the major version upgrade of the cluster. + * Possible values: true, false + * Default value: "true" + * + * @return builder + * + */ + public Builder skipAwaitMajorVersionUpgrade(@Nullable Output skipAwaitMajorVersionUpgrade) { + $.skipAwaitMajorVersionUpgrade = skipAwaitMajorVersionUpgrade; + return this; + } + + /** + * @param skipAwaitMajorVersionUpgrade Set to true to skip awaiting on the major version upgrade of the cluster. + * Possible values: true, false + * Default value: "true" + * + * @return builder + * + */ + public Builder skipAwaitMajorVersionUpgrade(Boolean skipAwaitMajorVersionUpgrade) { + return skipAwaitMajorVersionUpgrade(Output.of(skipAwaitMajorVersionUpgrade)); + } + /** * @param state Output only. The current serving state of the cluster. * diff --git a/sdk/java/src/main/java/com/pulumi/gcp/apigee/EndpointAttachment.java b/sdk/java/src/main/java/com/pulumi/gcp/apigee/EndpointAttachment.java index fffd3915c8..c28aa71808 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/apigee/EndpointAttachment.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/apigee/EndpointAttachment.java @@ -22,84 +22,6 @@ * * How-to Guides * * [Creating an environment](https://cloud.google.com/apigee/docs/api-platform/get-started/create-environment) * - * ## Example Usage - * - * ### Apigee Endpoint Attachment Basic - * - * <!--Start PulumiCodeChooser --> - * 
- * {@code
- * package generated_program;
- * 
- * import com.pulumi.Context;
- * import com.pulumi.Pulumi;
- * import com.pulumi.core.Output;
- * import com.pulumi.gcp.organizations.OrganizationsFunctions;
- * import com.pulumi.gcp.compute.Network;
- * import com.pulumi.gcp.compute.NetworkArgs;
- * import com.pulumi.gcp.compute.GlobalAddress;
- * import com.pulumi.gcp.compute.GlobalAddressArgs;
- * import com.pulumi.gcp.servicenetworking.Connection;
- * import com.pulumi.gcp.servicenetworking.ConnectionArgs;
- * import com.pulumi.gcp.apigee.Organization;
- * import com.pulumi.gcp.apigee.OrganizationArgs;
- * import com.pulumi.gcp.apigee.EndpointAttachment;
- * import com.pulumi.gcp.apigee.EndpointAttachmentArgs;
- * import com.pulumi.resources.CustomResourceOptions;
- * import java.util.List;
- * import java.util.ArrayList;
- * import java.util.Map;
- * import java.io.File;
- * import java.nio.file.Files;
- * import java.nio.file.Paths;
- * 
- * public class App {
- *     public static void main(String[] args) {
- *         Pulumi.run(App::stack);
- *     }
- * 
- *     public static void stack(Context ctx) {
- *         final var current = OrganizationsFunctions.getClientConfig();
- * 
- *         var apigeeNetwork = new Network("apigeeNetwork", NetworkArgs.builder()
- *             .name("apigee-network")
- *             .build());
- * 
- *         var apigeeRange = new GlobalAddress("apigeeRange", GlobalAddressArgs.builder()
- *             .name("apigee-range")
- *             .purpose("VPC_PEERING")
- *             .addressType("INTERNAL")
- *             .prefixLength(16)
- *             .network(apigeeNetwork.id())
- *             .build());
- * 
- *         var apigeeVpcConnection = new Connection("apigeeVpcConnection", ConnectionArgs.builder()
- *             .network(apigeeNetwork.id())
- *             .service("servicenetworking.googleapis.com")
- *             .reservedPeeringRanges(apigeeRange.name())
- *             .build());
- * 
- *         var apigeeOrg = new Organization("apigeeOrg", OrganizationArgs.builder()
- *             .analyticsRegion("us-central1")
- *             .projectId(current.applyValue(getClientConfigResult -> getClientConfigResult.project()))
- *             .authorizedNetwork(apigeeNetwork.id())
- *             .build(), CustomResourceOptions.builder()
- *                 .dependsOn(apigeeVpcConnection)
- *                 .build());
- * 
- *         var apigeeEndpointAttachment = new EndpointAttachment("apigeeEndpointAttachment", EndpointAttachmentArgs.builder()
- *             .orgId(apigeeOrg.id())
- *             .endpointAttachmentId("test1")
- *             .location("{google_compute_service_attachment location}")
- *             .serviceAttachment("{google_compute_service_attachment id}")
- *             .build());
- * 
- *     }
- * }
- * }
- *
- * <!--End PulumiCodeChooser --> - * * ## Import * * EndpointAttachment can be imported using any of these accepted formats: diff --git a/sdk/java/src/main/java/com/pulumi/gcp/apigee/Environment.java b/sdk/java/src/main/java/com/pulumi/gcp/apigee/Environment.java index 43a7d81dd0..f887b215d2 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/apigee/Environment.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/apigee/Environment.java @@ -11,6 +11,7 @@ import com.pulumi.gcp.apigee.EnvironmentArgs; import com.pulumi.gcp.apigee.inputs.EnvironmentState; import com.pulumi.gcp.apigee.outputs.EnvironmentNodeConfig; +import com.pulumi.gcp.apigee.outputs.EnvironmentProperties; import java.lang.String; import java.util.Optional; import javax.annotation.Nullable; @@ -261,6 +262,22 @@ public Output nodeConfig() { public Output orgId() { return this.orgId; } + /** + * Key-value pairs that may be used for customizing the environment. + * Structure is documented below. + * + */ + @Export(name="properties", refs={EnvironmentProperties.class}, tree="[0]") + private Output properties; + + /** + * @return Key-value pairs that may be used for customizing the environment. + * Structure is documented below. + * + */ + public Output> properties() { + return Codegen.optional(this.properties); + } /** * Types that can be selected for an Environment. Each of the types are * limited by capability and capacity. Refer to Apigee's public documentation diff --git a/sdk/java/src/main/java/com/pulumi/gcp/apigee/EnvironmentArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/apigee/EnvironmentArgs.java index e7970f3d38..9636247182 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/apigee/EnvironmentArgs.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/apigee/EnvironmentArgs.java @@ -7,6 +7,7 @@ import com.pulumi.core.annotations.Import; import com.pulumi.exceptions.MissingRequiredPropertyException; import com.pulumi.gcp.apigee.inputs.EnvironmentNodeConfigArgs; +import com.pulumi.gcp.apigee.inputs.EnvironmentPropertiesArgs; import java.lang.String; import java.util.Objects; import java.util.Optional; @@ -163,6 +164,23 @@ public Output orgId() { return this.orgId; } + /** + * Key-value pairs that may be used for customizing the environment. + * Structure is documented below. + * + */ + @Import(name="properties") + private @Nullable Output properties; + + /** + * @return Key-value pairs that may be used for customizing the environment. + * Structure is documented below. + * + */ + public Optional> properties() { + return Optional.ofNullable(this.properties); + } + /** * Types that can be selected for an Environment. Each of the types are * limited by capability and capacity. Refer to Apigee's public documentation @@ -197,6 +215,7 @@ private EnvironmentArgs(EnvironmentArgs $) { this.name = $.name; this.nodeConfig = $.nodeConfig; this.orgId = $.orgId; + this.properties = $.properties; this.type = $.type; } @@ -412,6 +431,29 @@ public Builder orgId(String orgId) { return orgId(Output.of(orgId)); } + /** + * @param properties Key-value pairs that may be used for customizing the environment. + * Structure is documented below. + * + * @return builder + * + */ + public Builder properties(@Nullable Output properties) { + $.properties = properties; + return this; + } + + /** + * @param properties Key-value pairs that may be used for customizing the environment. + * Structure is documented below. + * + * @return builder + * + */ + public Builder properties(EnvironmentPropertiesArgs properties) { + return properties(Output.of(properties)); + } + /** * @param type Types that can be selected for an Environment. Each of the types are * limited by capability and capacity. Refer to Apigee's public documentation diff --git a/sdk/java/src/main/java/com/pulumi/gcp/apigee/inputs/EnvironmentPropertiesArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/apigee/inputs/EnvironmentPropertiesArgs.java new file mode 100644 index 0000000000..53866aeb9d --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/apigee/inputs/EnvironmentPropertiesArgs.java @@ -0,0 +1,99 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.apigee.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.gcp.apigee.inputs.EnvironmentPropertiesPropertyArgs; +import java.util.List; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class EnvironmentPropertiesArgs extends com.pulumi.resources.ResourceArgs { + + public static final EnvironmentPropertiesArgs Empty = new EnvironmentPropertiesArgs(); + + /** + * List of all properties in the object. + * Structure is documented below. + * + */ + @Import(name="properties") + private @Nullable Output> properties; + + /** + * @return List of all properties in the object. + * Structure is documented below. + * + */ + public Optional>> properties() { + return Optional.ofNullable(this.properties); + } + + private EnvironmentPropertiesArgs() {} + + private EnvironmentPropertiesArgs(EnvironmentPropertiesArgs $) { + this.properties = $.properties; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(EnvironmentPropertiesArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private EnvironmentPropertiesArgs $; + + public Builder() { + $ = new EnvironmentPropertiesArgs(); + } + + public Builder(EnvironmentPropertiesArgs defaults) { + $ = new EnvironmentPropertiesArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param properties List of all properties in the object. + * Structure is documented below. + * + * @return builder + * + */ + public Builder properties(@Nullable Output> properties) { + $.properties = properties; + return this; + } + + /** + * @param properties List of all properties in the object. + * Structure is documented below. + * + * @return builder + * + */ + public Builder properties(List properties) { + return properties(Output.of(properties)); + } + + /** + * @param properties List of all properties in the object. + * Structure is documented below. + * + * @return builder + * + */ + public Builder properties(EnvironmentPropertiesPropertyArgs... properties) { + return properties(List.of(properties)); + } + + public EnvironmentPropertiesArgs build() { + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/apigee/inputs/EnvironmentPropertiesPropertyArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/apigee/inputs/EnvironmentPropertiesPropertyArgs.java new file mode 100644 index 0000000000..9cd00dd7c2 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/apigee/inputs/EnvironmentPropertiesPropertyArgs.java @@ -0,0 +1,120 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.apigee.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class EnvironmentPropertiesPropertyArgs extends com.pulumi.resources.ResourceArgs { + + public static final EnvironmentPropertiesPropertyArgs Empty = new EnvironmentPropertiesPropertyArgs(); + + /** + * The property key. + * + */ + @Import(name="name") + private @Nullable Output name; + + /** + * @return The property key. + * + */ + public Optional> name() { + return Optional.ofNullable(this.name); + } + + /** + * The property value. + * + */ + @Import(name="value") + private @Nullable Output value; + + /** + * @return The property value. + * + */ + public Optional> value() { + return Optional.ofNullable(this.value); + } + + private EnvironmentPropertiesPropertyArgs() {} + + private EnvironmentPropertiesPropertyArgs(EnvironmentPropertiesPropertyArgs $) { + this.name = $.name; + this.value = $.value; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(EnvironmentPropertiesPropertyArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private EnvironmentPropertiesPropertyArgs $; + + public Builder() { + $ = new EnvironmentPropertiesPropertyArgs(); + } + + public Builder(EnvironmentPropertiesPropertyArgs defaults) { + $ = new EnvironmentPropertiesPropertyArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param name The property key. + * + * @return builder + * + */ + public Builder name(@Nullable Output name) { + $.name = name; + return this; + } + + /** + * @param name The property key. + * + * @return builder + * + */ + public Builder name(String name) { + return name(Output.of(name)); + } + + /** + * @param value The property value. + * + * @return builder + * + */ + public Builder value(@Nullable Output value) { + $.value = value; + return this; + } + + /** + * @param value The property value. + * + * @return builder + * + */ + public Builder value(String value) { + return value(Output.of(value)); + } + + public EnvironmentPropertiesPropertyArgs build() { + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/apigee/inputs/EnvironmentState.java b/sdk/java/src/main/java/com/pulumi/gcp/apigee/inputs/EnvironmentState.java index 4349ce495a..3d0b579b38 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/apigee/inputs/EnvironmentState.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/apigee/inputs/EnvironmentState.java @@ -6,6 +6,7 @@ import com.pulumi.core.Output; import com.pulumi.core.annotations.Import; import com.pulumi.gcp.apigee.inputs.EnvironmentNodeConfigArgs; +import com.pulumi.gcp.apigee.inputs.EnvironmentPropertiesArgs; import java.lang.String; import java.util.Objects; import java.util.Optional; @@ -162,6 +163,23 @@ public Optional> orgId() { return Optional.ofNullable(this.orgId); } + /** + * Key-value pairs that may be used for customizing the environment. + * Structure is documented below. + * + */ + @Import(name="properties") + private @Nullable Output properties; + + /** + * @return Key-value pairs that may be used for customizing the environment. + * Structure is documented below. + * + */ + public Optional> properties() { + return Optional.ofNullable(this.properties); + } + /** * Types that can be selected for an Environment. Each of the types are * limited by capability and capacity. Refer to Apigee's public documentation @@ -196,6 +214,7 @@ private EnvironmentState(EnvironmentState $) { this.name = $.name; this.nodeConfig = $.nodeConfig; this.orgId = $.orgId; + this.properties = $.properties; this.type = $.type; } @@ -411,6 +430,29 @@ public Builder orgId(String orgId) { return orgId(Output.of(orgId)); } + /** + * @param properties Key-value pairs that may be used for customizing the environment. + * Structure is documented below. + * + * @return builder + * + */ + public Builder properties(@Nullable Output properties) { + $.properties = properties; + return this; + } + + /** + * @param properties Key-value pairs that may be used for customizing the environment. + * Structure is documented below. + * + * @return builder + * + */ + public Builder properties(EnvironmentPropertiesArgs properties) { + return properties(Output.of(properties)); + } + /** * @param type Types that can be selected for an Environment. Each of the types are * limited by capability and capacity. Refer to Apigee's public documentation diff --git a/sdk/java/src/main/java/com/pulumi/gcp/apigee/outputs/EnvironmentProperties.java b/sdk/java/src/main/java/com/pulumi/gcp/apigee/outputs/EnvironmentProperties.java new file mode 100644 index 0000000000..7a6a74aebc --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/apigee/outputs/EnvironmentProperties.java @@ -0,0 +1,62 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.apigee.outputs; + +import com.pulumi.core.annotations.CustomType; +import com.pulumi.gcp.apigee.outputs.EnvironmentPropertiesProperty; +import java.util.List; +import java.util.Objects; +import javax.annotation.Nullable; + +@CustomType +public final class EnvironmentProperties { + /** + * @return List of all properties in the object. + * Structure is documented below. + * + */ + private @Nullable List properties; + + private EnvironmentProperties() {} + /** + * @return List of all properties in the object. + * Structure is documented below. + * + */ + public List properties() { + return this.properties == null ? List.of() : this.properties; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(EnvironmentProperties defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private @Nullable List properties; + public Builder() {} + public Builder(EnvironmentProperties defaults) { + Objects.requireNonNull(defaults); + this.properties = defaults.properties; + } + + @CustomType.Setter + public Builder properties(@Nullable List properties) { + + this.properties = properties; + return this; + } + public Builder properties(EnvironmentPropertiesProperty... properties) { + return properties(List.of(properties)); + } + public EnvironmentProperties build() { + final var _resultValue = new EnvironmentProperties(); + _resultValue.properties = properties; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/apigee/outputs/EnvironmentPropertiesProperty.java b/sdk/java/src/main/java/com/pulumi/gcp/apigee/outputs/EnvironmentPropertiesProperty.java new file mode 100644 index 0000000000..b47aa33ba8 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/apigee/outputs/EnvironmentPropertiesProperty.java @@ -0,0 +1,78 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.apigee.outputs; + +import com.pulumi.core.annotations.CustomType; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + +@CustomType +public final class EnvironmentPropertiesProperty { + /** + * @return The property key. + * + */ + private @Nullable String name; + /** + * @return The property value. + * + */ + private @Nullable String value; + + private EnvironmentPropertiesProperty() {} + /** + * @return The property key. + * + */ + public Optional name() { + return Optional.ofNullable(this.name); + } + /** + * @return The property value. + * + */ + public Optional value() { + return Optional.ofNullable(this.value); + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(EnvironmentPropertiesProperty defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private @Nullable String name; + private @Nullable String value; + public Builder() {} + public Builder(EnvironmentPropertiesProperty defaults) { + Objects.requireNonNull(defaults); + this.name = defaults.name; + this.value = defaults.value; + } + + @CustomType.Setter + public Builder name(@Nullable String name) { + + this.name = name; + return this; + } + @CustomType.Setter + public Builder value(@Nullable String value) { + + this.value = value; + return this; + } + public EnvironmentPropertiesProperty build() { + final var _resultValue = new EnvironmentPropertiesProperty(); + _resultValue.name = name; + _resultValue.value = value; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/apihub/ApiHubInstance.java b/sdk/java/src/main/java/com/pulumi/gcp/apihub/ApiHubInstance.java new file mode 100644 index 0000000000..f71b7865f9 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/apihub/ApiHubInstance.java @@ -0,0 +1,406 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.apihub; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Export; +import com.pulumi.core.annotations.ResourceType; +import com.pulumi.core.internal.Codegen; +import com.pulumi.gcp.Utilities; +import com.pulumi.gcp.apihub.ApiHubInstanceArgs; +import com.pulumi.gcp.apihub.inputs.ApiHubInstanceState; +import com.pulumi.gcp.apihub.outputs.ApiHubInstanceConfig; +import java.lang.String; +import java.util.List; +import java.util.Map; +import java.util.Optional; +import javax.annotation.Nullable; + +/** + * An ApiHubInstance represents the instance resources of the API Hub. + * Currently, only one ApiHub instance is allowed for each project. + * Currently, updation/deletion of ApiHub instance is not allowed. + * + * ## Example Usage + * + * ### Apihub Api Hub Instance Basic + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.apihub.ApiHubInstance;
+ * import com.pulumi.gcp.apihub.ApiHubInstanceArgs;
+ * import com.pulumi.gcp.apihub.inputs.ApiHubInstanceConfigArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App {
+ *     public static void main(String[] args) {
+ *         Pulumi.run(App::stack);
+ *     }
+ * 
+ *     public static void stack(Context ctx) {
+ *         var apihub_instance_without_search = new ApiHubInstance("apihub-instance-without-search", ApiHubInstanceArgs.builder()
+ *             .location("us-central1")
+ *             .config(ApiHubInstanceConfigArgs.builder()
+ *                 .disableSearch(true)
+ *                 .build())
+ *             .build());
+ * 
+ *     }
+ * }
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * ### Apihub Api Hub Instance Full + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.apihub.ApiHubInstance;
+ * import com.pulumi.gcp.apihub.ApiHubInstanceArgs;
+ * import com.pulumi.gcp.apihub.inputs.ApiHubInstanceConfigArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App {
+ *     public static void main(String[] args) {
+ *         Pulumi.run(App::stack);
+ *     }
+ * 
+ *     public static void stack(Context ctx) {
+ *         var apihub_instance_search = new ApiHubInstance("apihub-instance-search", ApiHubInstanceArgs.builder()
+ *             .project("my-project")
+ *             .apiHubInstanceId("test-instance-full")
+ *             .description("Test API hub instance")
+ *             .location("us-central1")
+ *             .config(ApiHubInstanceConfigArgs.builder()
+ *                 .encryptionType("CMEK")
+ *                 .cmekKeyName("projects/my-project/locations/us-central1/keyRings/apihub/cryptoKeys/apihub-key")
+ *                 .disableSearch(false)
+ *                 .vertexLocation("us")
+ *                 .build())
+ *             .labels(Map.of("environment", "dev"))
+ *             .build());
+ * 
+ *     }
+ * }
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * ## Import + * + * ApiHubInstance can be imported using any of these accepted formats: + * + * * `projects/{{project}}/locations/{{location}}/apiHubInstances/{{api_hub_instance_id}}` + * + * * `{{project}}/{{location}}/{{api_hub_instance_id}}` + * + * * `{{location}}/{{api_hub_instance_id}}` + * + * When using the `pulumi import` command, ApiHubInstance can be imported using one of the formats above. For example: + * + * ```sh + * $ pulumi import gcp:apihub/apiHubInstance:ApiHubInstance default projects/{{project}}/locations/{{location}}/apiHubInstances/{{api_hub_instance_id}} + * ``` + * + * ```sh + * $ pulumi import gcp:apihub/apiHubInstance:ApiHubInstance default {{project}}/{{location}}/{{api_hub_instance_id}} + * ``` + * + * ```sh + * $ pulumi import gcp:apihub/apiHubInstance:ApiHubInstance default {{location}}/{{api_hub_instance_id}} + * ``` + * + */ +@ResourceType(type="gcp:apihub/apiHubInstance:ApiHubInstance") +public class ApiHubInstance extends com.pulumi.resources.CustomResource { + /** + * Optional. Identifier to assign to the Api Hub instance. Must be unique within scope of the parent resource. If the field + * is not provided, system generated id will be used. This value should be 4-40 characters, and valid characters are + * '/a-z[0-9]-_/'. + * + */ + @Export(name="apiHubInstanceId", refs={String.class}, tree="[0]") + private Output apiHubInstanceId; + + /** + * @return Optional. Identifier to assign to the Api Hub instance. Must be unique within scope of the parent resource. If the field + * is not provided, system generated id will be used. This value should be 4-40 characters, and valid characters are + * '/a-z[0-9]-_/'. + * + */ + public Output> apiHubInstanceId() { + return Codegen.optional(this.apiHubInstanceId); + } + /** + * Available configurations to provision an ApiHub Instance. + * Structure is documented below. + * + */ + @Export(name="config", refs={ApiHubInstanceConfig.class}, tree="[0]") + private Output config; + + /** + * @return Available configurations to provision an ApiHub Instance. + * Structure is documented below. + * + */ + public Output config() { + return this.config; + } + /** + * Output only. Creation timestamp. + * + */ + @Export(name="createTime", refs={String.class}, tree="[0]") + private Output createTime; + + /** + * @return Output only. Creation timestamp. + * + */ + public Output createTime() { + return this.createTime; + } + /** + * Optional. Description of the ApiHub instance. + * + */ + @Export(name="description", refs={String.class}, tree="[0]") + private Output description; + + /** + * @return Optional. Description of the ApiHub instance. + * + */ + public Output> description() { + return Codegen.optional(this.description); + } + /** + * All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. + * + */ + @Export(name="effectiveLabels", refs={Map.class,String.class}, tree="[0,1,1]") + private Output> effectiveLabels; + + /** + * @return All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. + * + */ + public Output> effectiveLabels() { + return this.effectiveLabels; + } + /** + * Optional. Instance labels to represent user-provided metadata. Refer to cloud documentation on labels for more details. + * https://cloud.google.com/compute/docs/labeling-resources **Note**: This field is non-authoritative, and will only manage + * the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels present on + * the resource. + * + */ + @Export(name="labels", refs={Map.class,String.class}, tree="[0,1,1]") + private Output> labels; + + /** + * @return Optional. Instance labels to represent user-provided metadata. Refer to cloud documentation on labels for more details. + * https://cloud.google.com/compute/docs/labeling-resources **Note**: This field is non-authoritative, and will only manage + * the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels present on + * the resource. + * + */ + public Output>> labels() { + return Codegen.optional(this.labels); + } + /** + * Resource ID segment making up resource `name`. It identifies the resource within its parent collection as described in https://google.aip.dev/122. + * + */ + @Export(name="location", refs={String.class}, tree="[0]") + private Output location; + + /** + * @return Resource ID segment making up resource `name`. It identifies the resource within its parent collection as described in https://google.aip.dev/122. + * + */ + public Output location() { + return this.location; + } + /** + * Identifier. Format: + * `projects/{project}/locations/{location}/apiHubInstances/{apiHubInstance}`. + * + */ + @Export(name="name", refs={String.class}, tree="[0]") + private Output name; + + /** + * @return Identifier. Format: + * `projects/{project}/locations/{location}/apiHubInstances/{apiHubInstance}`. + * + */ + public Output name() { + return this.name; + } + @Export(name="project", refs={String.class}, tree="[0]") + private Output project; + + public Output project() { + return this.project; + } + /** + * The combination of labels configured directly on the resource + * and default labels configured on the provider. + * + */ + @Export(name="pulumiLabels", refs={Map.class,String.class}, tree="[0,1,1]") + private Output> pulumiLabels; + + /** + * @return The combination of labels configured directly on the resource + * and default labels configured on the provider. + * + */ + public Output> pulumiLabels() { + return this.pulumiLabels; + } + /** + * Output only. The current state of the ApiHub instance. + * Possible values: + * STATE_UNSPECIFIED + * INACTIVE + * CREATING + * ACTIVE + * UPDATING + * DELETING + * FAILED + * + */ + @Export(name="state", refs={String.class}, tree="[0]") + private Output state; + + /** + * @return Output only. The current state of the ApiHub instance. + * Possible values: + * STATE_UNSPECIFIED + * INACTIVE + * CREATING + * ACTIVE + * UPDATING + * DELETING + * FAILED + * + */ + public Output state() { + return this.state; + } + /** + * Output only. Extra information about ApiHub instance state. Currently the message + * would be populated when state is `FAILED`. + * + */ + @Export(name="stateMessage", refs={String.class}, tree="[0]") + private Output stateMessage; + + /** + * @return Output only. Extra information about ApiHub instance state. Currently the message + * would be populated when state is `FAILED`. + * + */ + public Output stateMessage() { + return this.stateMessage; + } + /** + * Output only. Last update timestamp. + * + */ + @Export(name="updateTime", refs={String.class}, tree="[0]") + private Output updateTime; + + /** + * @return Output only. Last update timestamp. + * + */ + public Output updateTime() { + return this.updateTime; + } + + /** + * + * @param name The _unique_ name of the resulting resource. + */ + public ApiHubInstance(java.lang.String name) { + this(name, ApiHubInstanceArgs.Empty); + } + /** + * + * @param name The _unique_ name of the resulting resource. + * @param args The arguments to use to populate this resource's properties. + */ + public ApiHubInstance(java.lang.String name, ApiHubInstanceArgs args) { + this(name, args, null); + } + /** + * + * @param name The _unique_ name of the resulting resource. + * @param args The arguments to use to populate this resource's properties. + * @param options A bag of options that control this resource's behavior. + */ + public ApiHubInstance(java.lang.String name, ApiHubInstanceArgs args, @Nullable com.pulumi.resources.CustomResourceOptions options) { + super("gcp:apihub/apiHubInstance:ApiHubInstance", name, makeArgs(args, options), makeResourceOptions(options, Codegen.empty()), false); + } + + private ApiHubInstance(java.lang.String name, Output id, @Nullable ApiHubInstanceState state, @Nullable com.pulumi.resources.CustomResourceOptions options) { + super("gcp:apihub/apiHubInstance:ApiHubInstance", name, state, makeResourceOptions(options, id), false); + } + + private static ApiHubInstanceArgs makeArgs(ApiHubInstanceArgs args, @Nullable com.pulumi.resources.CustomResourceOptions options) { + if (options != null && options.getUrn().isPresent()) { + return null; + } + return args == null ? ApiHubInstanceArgs.Empty : args; + } + + private static com.pulumi.resources.CustomResourceOptions makeResourceOptions(@Nullable com.pulumi.resources.CustomResourceOptions options, @Nullable Output id) { + var defaultOptions = com.pulumi.resources.CustomResourceOptions.builder() + .version(Utilities.getVersion()) + .additionalSecretOutputs(List.of( + "effectiveLabels", + "pulumiLabels" + )) + .build(); + return com.pulumi.resources.CustomResourceOptions.merge(defaultOptions, options, id); + } + + /** + * Get an existing Host resource's state with the given name, ID, and optional extra + * properties used to qualify the lookup. + * + * @param name The _unique_ name of the resulting resource. + * @param id The _unique_ provider ID of the resource to lookup. + * @param state + * @param options Optional settings to control the behavior of the CustomResource. + */ + public static ApiHubInstance get(java.lang.String name, Output id, @Nullable ApiHubInstanceState state, @Nullable com.pulumi.resources.CustomResourceOptions options) { + return new ApiHubInstance(name, id, state, options); + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/apihub/ApiHubInstanceArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/apihub/ApiHubInstanceArgs.java new file mode 100644 index 0000000000..25458fb031 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/apihub/ApiHubInstanceArgs.java @@ -0,0 +1,281 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.apihub; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import com.pulumi.gcp.apihub.inputs.ApiHubInstanceConfigArgs; +import java.lang.String; +import java.util.Map; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class ApiHubInstanceArgs extends com.pulumi.resources.ResourceArgs { + + public static final ApiHubInstanceArgs Empty = new ApiHubInstanceArgs(); + + /** + * Optional. Identifier to assign to the Api Hub instance. Must be unique within scope of the parent resource. If the field + * is not provided, system generated id will be used. This value should be 4-40 characters, and valid characters are + * '/a-z[0-9]-_/'. + * + */ + @Import(name="apiHubInstanceId") + private @Nullable Output apiHubInstanceId; + + /** + * @return Optional. Identifier to assign to the Api Hub instance. Must be unique within scope of the parent resource. If the field + * is not provided, system generated id will be used. This value should be 4-40 characters, and valid characters are + * '/a-z[0-9]-_/'. + * + */ + public Optional> apiHubInstanceId() { + return Optional.ofNullable(this.apiHubInstanceId); + } + + /** + * Available configurations to provision an ApiHub Instance. + * Structure is documented below. + * + */ + @Import(name="config", required=true) + private Output config; + + /** + * @return Available configurations to provision an ApiHub Instance. + * Structure is documented below. + * + */ + public Output config() { + return this.config; + } + + /** + * Optional. Description of the ApiHub instance. + * + */ + @Import(name="description") + private @Nullable Output description; + + /** + * @return Optional. Description of the ApiHub instance. + * + */ + public Optional> description() { + return Optional.ofNullable(this.description); + } + + /** + * Optional. Instance labels to represent user-provided metadata. Refer to cloud documentation on labels for more details. + * https://cloud.google.com/compute/docs/labeling-resources **Note**: This field is non-authoritative, and will only manage + * the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels present on + * the resource. + * + */ + @Import(name="labels") + private @Nullable Output> labels; + + /** + * @return Optional. Instance labels to represent user-provided metadata. Refer to cloud documentation on labels for more details. + * https://cloud.google.com/compute/docs/labeling-resources **Note**: This field is non-authoritative, and will only manage + * the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels present on + * the resource. + * + */ + public Optional>> labels() { + return Optional.ofNullable(this.labels); + } + + /** + * Resource ID segment making up resource `name`. It identifies the resource within its parent collection as described in https://google.aip.dev/122. + * + */ + @Import(name="location", required=true) + private Output location; + + /** + * @return Resource ID segment making up resource `name`. It identifies the resource within its parent collection as described in https://google.aip.dev/122. + * + */ + public Output location() { + return this.location; + } + + @Import(name="project") + private @Nullable Output project; + + public Optional> project() { + return Optional.ofNullable(this.project); + } + + private ApiHubInstanceArgs() {} + + private ApiHubInstanceArgs(ApiHubInstanceArgs $) { + this.apiHubInstanceId = $.apiHubInstanceId; + this.config = $.config; + this.description = $.description; + this.labels = $.labels; + this.location = $.location; + this.project = $.project; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(ApiHubInstanceArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private ApiHubInstanceArgs $; + + public Builder() { + $ = new ApiHubInstanceArgs(); + } + + public Builder(ApiHubInstanceArgs defaults) { + $ = new ApiHubInstanceArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param apiHubInstanceId Optional. Identifier to assign to the Api Hub instance. Must be unique within scope of the parent resource. If the field + * is not provided, system generated id will be used. This value should be 4-40 characters, and valid characters are + * '/a-z[0-9]-_/'. + * + * @return builder + * + */ + public Builder apiHubInstanceId(@Nullable Output apiHubInstanceId) { + $.apiHubInstanceId = apiHubInstanceId; + return this; + } + + /** + * @param apiHubInstanceId Optional. Identifier to assign to the Api Hub instance. Must be unique within scope of the parent resource. If the field + * is not provided, system generated id will be used. This value should be 4-40 characters, and valid characters are + * '/a-z[0-9]-_/'. + * + * @return builder + * + */ + public Builder apiHubInstanceId(String apiHubInstanceId) { + return apiHubInstanceId(Output.of(apiHubInstanceId)); + } + + /** + * @param config Available configurations to provision an ApiHub Instance. + * Structure is documented below. + * + * @return builder + * + */ + public Builder config(Output config) { + $.config = config; + return this; + } + + /** + * @param config Available configurations to provision an ApiHub Instance. + * Structure is documented below. + * + * @return builder + * + */ + public Builder config(ApiHubInstanceConfigArgs config) { + return config(Output.of(config)); + } + + /** + * @param description Optional. Description of the ApiHub instance. + * + * @return builder + * + */ + public Builder description(@Nullable Output description) { + $.description = description; + return this; + } + + /** + * @param description Optional. Description of the ApiHub instance. + * + * @return builder + * + */ + public Builder description(String description) { + return description(Output.of(description)); + } + + /** + * @param labels Optional. Instance labels to represent user-provided metadata. Refer to cloud documentation on labels for more details. + * https://cloud.google.com/compute/docs/labeling-resources **Note**: This field is non-authoritative, and will only manage + * the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels present on + * the resource. + * + * @return builder + * + */ + public Builder labels(@Nullable Output> labels) { + $.labels = labels; + return this; + } + + /** + * @param labels Optional. Instance labels to represent user-provided metadata. Refer to cloud documentation on labels for more details. + * https://cloud.google.com/compute/docs/labeling-resources **Note**: This field is non-authoritative, and will only manage + * the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels present on + * the resource. + * + * @return builder + * + */ + public Builder labels(Map labels) { + return labels(Output.of(labels)); + } + + /** + * @param location Resource ID segment making up resource `name`. It identifies the resource within its parent collection as described in https://google.aip.dev/122. + * + * @return builder + * + */ + public Builder location(Output location) { + $.location = location; + return this; + } + + /** + * @param location Resource ID segment making up resource `name`. It identifies the resource within its parent collection as described in https://google.aip.dev/122. + * + * @return builder + * + */ + public Builder location(String location) { + return location(Output.of(location)); + } + + public Builder project(@Nullable Output project) { + $.project = project; + return this; + } + + public Builder project(String project) { + return project(Output.of(project)); + } + + public ApiHubInstanceArgs build() { + if ($.config == null) { + throw new MissingRequiredPropertyException("ApiHubInstanceArgs", "config"); + } + if ($.location == null) { + throw new MissingRequiredPropertyException("ApiHubInstanceArgs", "location"); + } + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/apihub/inputs/ApiHubInstanceConfigArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/apihub/inputs/ApiHubInstanceConfigArgs.java new file mode 100644 index 0000000000..47bfbb078b --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/apihub/inputs/ApiHubInstanceConfigArgs.java @@ -0,0 +1,247 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.apihub.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import java.lang.Boolean; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class ApiHubInstanceConfigArgs extends com.pulumi.resources.ResourceArgs { + + public static final ApiHubInstanceConfigArgs Empty = new ApiHubInstanceConfigArgs(); + + /** + * Optional. The Customer Managed Encryption Key (CMEK) used for data encryption. + * The CMEK name should follow the format of + * `projects/([^/]+)/locations/([^/]+)/keyRings/([^/]+)/cryptoKeys/([^/]+)`, + * where the location must match the instance location. + * If the CMEK is not provided, a GMEK will be created for the instance. + * + */ + @Import(name="cmekKeyName") + private @Nullable Output cmekKeyName; + + /** + * @return Optional. The Customer Managed Encryption Key (CMEK) used for data encryption. + * The CMEK name should follow the format of + * `projects/([^/]+)/locations/([^/]+)/keyRings/([^/]+)/cryptoKeys/([^/]+)`, + * where the location must match the instance location. + * If the CMEK is not provided, a GMEK will be created for the instance. + * + */ + public Optional> cmekKeyName() { + return Optional.ofNullable(this.cmekKeyName); + } + + /** + * Optional. If true, the search will be disabled for the instance. The default value + * is false. + * + */ + @Import(name="disableSearch") + private @Nullable Output disableSearch; + + /** + * @return Optional. If true, the search will be disabled for the instance. The default value + * is false. + * + */ + public Optional> disableSearch() { + return Optional.ofNullable(this.disableSearch); + } + + /** + * Optional. Encryption type for the region. If the encryption type is CMEK, the + * cmek_key_name must be provided. If no encryption type is provided, + * GMEK will be used. + * Possible values: + * ENCRYPTION_TYPE_UNSPECIFIED + * GMEK + * CMEK + * + */ + @Import(name="encryptionType") + private @Nullable Output encryptionType; + + /** + * @return Optional. Encryption type for the region. If the encryption type is CMEK, the + * cmek_key_name must be provided. If no encryption type is provided, + * GMEK will be used. + * Possible values: + * ENCRYPTION_TYPE_UNSPECIFIED + * GMEK + * CMEK + * + */ + public Optional> encryptionType() { + return Optional.ofNullable(this.encryptionType); + } + + /** + * Optional. The name of the Vertex AI location where the data store is stored. + * + * *** + * + */ + @Import(name="vertexLocation") + private @Nullable Output vertexLocation; + + /** + * @return Optional. The name of the Vertex AI location where the data store is stored. + * + * *** + * + */ + public Optional> vertexLocation() { + return Optional.ofNullable(this.vertexLocation); + } + + private ApiHubInstanceConfigArgs() {} + + private ApiHubInstanceConfigArgs(ApiHubInstanceConfigArgs $) { + this.cmekKeyName = $.cmekKeyName; + this.disableSearch = $.disableSearch; + this.encryptionType = $.encryptionType; + this.vertexLocation = $.vertexLocation; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(ApiHubInstanceConfigArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private ApiHubInstanceConfigArgs $; + + public Builder() { + $ = new ApiHubInstanceConfigArgs(); + } + + public Builder(ApiHubInstanceConfigArgs defaults) { + $ = new ApiHubInstanceConfigArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param cmekKeyName Optional. The Customer Managed Encryption Key (CMEK) used for data encryption. + * The CMEK name should follow the format of + * `projects/([^/]+)/locations/([^/]+)/keyRings/([^/]+)/cryptoKeys/([^/]+)`, + * where the location must match the instance location. + * If the CMEK is not provided, a GMEK will be created for the instance. + * + * @return builder + * + */ + public Builder cmekKeyName(@Nullable Output cmekKeyName) { + $.cmekKeyName = cmekKeyName; + return this; + } + + /** + * @param cmekKeyName Optional. The Customer Managed Encryption Key (CMEK) used for data encryption. + * The CMEK name should follow the format of + * `projects/([^/]+)/locations/([^/]+)/keyRings/([^/]+)/cryptoKeys/([^/]+)`, + * where the location must match the instance location. + * If the CMEK is not provided, a GMEK will be created for the instance. + * + * @return builder + * + */ + public Builder cmekKeyName(String cmekKeyName) { + return cmekKeyName(Output.of(cmekKeyName)); + } + + /** + * @param disableSearch Optional. If true, the search will be disabled for the instance. The default value + * is false. + * + * @return builder + * + */ + public Builder disableSearch(@Nullable Output disableSearch) { + $.disableSearch = disableSearch; + return this; + } + + /** + * @param disableSearch Optional. If true, the search will be disabled for the instance. The default value + * is false. + * + * @return builder + * + */ + public Builder disableSearch(Boolean disableSearch) { + return disableSearch(Output.of(disableSearch)); + } + + /** + * @param encryptionType Optional. Encryption type for the region. If the encryption type is CMEK, the + * cmek_key_name must be provided. If no encryption type is provided, + * GMEK will be used. + * Possible values: + * ENCRYPTION_TYPE_UNSPECIFIED + * GMEK + * CMEK + * + * @return builder + * + */ + public Builder encryptionType(@Nullable Output encryptionType) { + $.encryptionType = encryptionType; + return this; + } + + /** + * @param encryptionType Optional. Encryption type for the region. If the encryption type is CMEK, the + * cmek_key_name must be provided. If no encryption type is provided, + * GMEK will be used. + * Possible values: + * ENCRYPTION_TYPE_UNSPECIFIED + * GMEK + * CMEK + * + * @return builder + * + */ + public Builder encryptionType(String encryptionType) { + return encryptionType(Output.of(encryptionType)); + } + + /** + * @param vertexLocation Optional. The name of the Vertex AI location where the data store is stored. + * + * *** + * + * @return builder + * + */ + public Builder vertexLocation(@Nullable Output vertexLocation) { + $.vertexLocation = vertexLocation; + return this; + } + + /** + * @param vertexLocation Optional. The name of the Vertex AI location where the data store is stored. + * + * *** + * + * @return builder + * + */ + public Builder vertexLocation(String vertexLocation) { + return vertexLocation(Output.of(vertexLocation)); + } + + public ApiHubInstanceConfigArgs build() { + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/apihub/inputs/ApiHubInstanceState.java b/sdk/java/src/main/java/com/pulumi/gcp/apihub/inputs/ApiHubInstanceState.java new file mode 100644 index 0000000000..55fb1a80e2 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/apihub/inputs/ApiHubInstanceState.java @@ -0,0 +1,577 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.apihub.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.gcp.apihub.inputs.ApiHubInstanceConfigArgs; +import java.lang.String; +import java.util.Map; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class ApiHubInstanceState extends com.pulumi.resources.ResourceArgs { + + public static final ApiHubInstanceState Empty = new ApiHubInstanceState(); + + /** + * Optional. Identifier to assign to the Api Hub instance. Must be unique within scope of the parent resource. If the field + * is not provided, system generated id will be used. This value should be 4-40 characters, and valid characters are + * '/a-z[0-9]-_/'. + * + */ + @Import(name="apiHubInstanceId") + private @Nullable Output apiHubInstanceId; + + /** + * @return Optional. Identifier to assign to the Api Hub instance. Must be unique within scope of the parent resource. If the field + * is not provided, system generated id will be used. This value should be 4-40 characters, and valid characters are + * '/a-z[0-9]-_/'. + * + */ + public Optional> apiHubInstanceId() { + return Optional.ofNullable(this.apiHubInstanceId); + } + + /** + * Available configurations to provision an ApiHub Instance. + * Structure is documented below. + * + */ + @Import(name="config") + private @Nullable Output config; + + /** + * @return Available configurations to provision an ApiHub Instance. + * Structure is documented below. + * + */ + public Optional> config() { + return Optional.ofNullable(this.config); + } + + /** + * Output only. Creation timestamp. + * + */ + @Import(name="createTime") + private @Nullable Output createTime; + + /** + * @return Output only. Creation timestamp. + * + */ + public Optional> createTime() { + return Optional.ofNullable(this.createTime); + } + + /** + * Optional. Description of the ApiHub instance. + * + */ + @Import(name="description") + private @Nullable Output description; + + /** + * @return Optional. Description of the ApiHub instance. + * + */ + public Optional> description() { + return Optional.ofNullable(this.description); + } + + /** + * All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. + * + */ + @Import(name="effectiveLabels") + private @Nullable Output> effectiveLabels; + + /** + * @return All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. + * + */ + public Optional>> effectiveLabels() { + return Optional.ofNullable(this.effectiveLabels); + } + + /** + * Optional. Instance labels to represent user-provided metadata. Refer to cloud documentation on labels for more details. + * https://cloud.google.com/compute/docs/labeling-resources **Note**: This field is non-authoritative, and will only manage + * the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels present on + * the resource. + * + */ + @Import(name="labels") + private @Nullable Output> labels; + + /** + * @return Optional. Instance labels to represent user-provided metadata. Refer to cloud documentation on labels for more details. + * https://cloud.google.com/compute/docs/labeling-resources **Note**: This field is non-authoritative, and will only manage + * the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels present on + * the resource. + * + */ + public Optional>> labels() { + return Optional.ofNullable(this.labels); + } + + /** + * Resource ID segment making up resource `name`. It identifies the resource within its parent collection as described in https://google.aip.dev/122. + * + */ + @Import(name="location") + private @Nullable Output location; + + /** + * @return Resource ID segment making up resource `name`. It identifies the resource within its parent collection as described in https://google.aip.dev/122. + * + */ + public Optional> location() { + return Optional.ofNullable(this.location); + } + + /** + * Identifier. Format: + * `projects/{project}/locations/{location}/apiHubInstances/{apiHubInstance}`. + * + */ + @Import(name="name") + private @Nullable Output name; + + /** + * @return Identifier. Format: + * `projects/{project}/locations/{location}/apiHubInstances/{apiHubInstance}`. + * + */ + public Optional> name() { + return Optional.ofNullable(this.name); + } + + @Import(name="project") + private @Nullable Output project; + + public Optional> project() { + return Optional.ofNullable(this.project); + } + + /** + * The combination of labels configured directly on the resource + * and default labels configured on the provider. + * + */ + @Import(name="pulumiLabels") + private @Nullable Output> pulumiLabels; + + /** + * @return The combination of labels configured directly on the resource + * and default labels configured on the provider. + * + */ + public Optional>> pulumiLabels() { + return Optional.ofNullable(this.pulumiLabels); + } + + /** + * Output only. The current state of the ApiHub instance. + * Possible values: + * STATE_UNSPECIFIED + * INACTIVE + * CREATING + * ACTIVE + * UPDATING + * DELETING + * FAILED + * + */ + @Import(name="state") + private @Nullable Output state; + + /** + * @return Output only. The current state of the ApiHub instance. + * Possible values: + * STATE_UNSPECIFIED + * INACTIVE + * CREATING + * ACTIVE + * UPDATING + * DELETING + * FAILED + * + */ + public Optional> state() { + return Optional.ofNullable(this.state); + } + + /** + * Output only. Extra information about ApiHub instance state. Currently the message + * would be populated when state is `FAILED`. + * + */ + @Import(name="stateMessage") + private @Nullable Output stateMessage; + + /** + * @return Output only. Extra information about ApiHub instance state. Currently the message + * would be populated when state is `FAILED`. + * + */ + public Optional> stateMessage() { + return Optional.ofNullable(this.stateMessage); + } + + /** + * Output only. Last update timestamp. + * + */ + @Import(name="updateTime") + private @Nullable Output updateTime; + + /** + * @return Output only. Last update timestamp. + * + */ + public Optional> updateTime() { + return Optional.ofNullable(this.updateTime); + } + + private ApiHubInstanceState() {} + + private ApiHubInstanceState(ApiHubInstanceState $) { + this.apiHubInstanceId = $.apiHubInstanceId; + this.config = $.config; + this.createTime = $.createTime; + this.description = $.description; + this.effectiveLabels = $.effectiveLabels; + this.labels = $.labels; + this.location = $.location; + this.name = $.name; + this.project = $.project; + this.pulumiLabels = $.pulumiLabels; + this.state = $.state; + this.stateMessage = $.stateMessage; + this.updateTime = $.updateTime; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(ApiHubInstanceState defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private ApiHubInstanceState $; + + public Builder() { + $ = new ApiHubInstanceState(); + } + + public Builder(ApiHubInstanceState defaults) { + $ = new ApiHubInstanceState(Objects.requireNonNull(defaults)); + } + + /** + * @param apiHubInstanceId Optional. Identifier to assign to the Api Hub instance. Must be unique within scope of the parent resource. If the field + * is not provided, system generated id will be used. This value should be 4-40 characters, and valid characters are + * '/a-z[0-9]-_/'. + * + * @return builder + * + */ + public Builder apiHubInstanceId(@Nullable Output apiHubInstanceId) { + $.apiHubInstanceId = apiHubInstanceId; + return this; + } + + /** + * @param apiHubInstanceId Optional. Identifier to assign to the Api Hub instance. Must be unique within scope of the parent resource. If the field + * is not provided, system generated id will be used. This value should be 4-40 characters, and valid characters are + * '/a-z[0-9]-_/'. + * + * @return builder + * + */ + public Builder apiHubInstanceId(String apiHubInstanceId) { + return apiHubInstanceId(Output.of(apiHubInstanceId)); + } + + /** + * @param config Available configurations to provision an ApiHub Instance. + * Structure is documented below. + * + * @return builder + * + */ + public Builder config(@Nullable Output config) { + $.config = config; + return this; + } + + /** + * @param config Available configurations to provision an ApiHub Instance. + * Structure is documented below. + * + * @return builder + * + */ + public Builder config(ApiHubInstanceConfigArgs config) { + return config(Output.of(config)); + } + + /** + * @param createTime Output only. Creation timestamp. + * + * @return builder + * + */ + public Builder createTime(@Nullable Output createTime) { + $.createTime = createTime; + return this; + } + + /** + * @param createTime Output only. Creation timestamp. + * + * @return builder + * + */ + public Builder createTime(String createTime) { + return createTime(Output.of(createTime)); + } + + /** + * @param description Optional. Description of the ApiHub instance. + * + * @return builder + * + */ + public Builder description(@Nullable Output description) { + $.description = description; + return this; + } + + /** + * @param description Optional. Description of the ApiHub instance. + * + * @return builder + * + */ + public Builder description(String description) { + return description(Output.of(description)); + } + + /** + * @param effectiveLabels All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. + * + * @return builder + * + */ + public Builder effectiveLabels(@Nullable Output> effectiveLabels) { + $.effectiveLabels = effectiveLabels; + return this; + } + + /** + * @param effectiveLabels All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. + * + * @return builder + * + */ + public Builder effectiveLabels(Map effectiveLabels) { + return effectiveLabels(Output.of(effectiveLabels)); + } + + /** + * @param labels Optional. Instance labels to represent user-provided metadata. Refer to cloud documentation on labels for more details. + * https://cloud.google.com/compute/docs/labeling-resources **Note**: This field is non-authoritative, and will only manage + * the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels present on + * the resource. + * + * @return builder + * + */ + public Builder labels(@Nullable Output> labels) { + $.labels = labels; + return this; + } + + /** + * @param labels Optional. Instance labels to represent user-provided metadata. Refer to cloud documentation on labels for more details. + * https://cloud.google.com/compute/docs/labeling-resources **Note**: This field is non-authoritative, and will only manage + * the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels present on + * the resource. + * + * @return builder + * + */ + public Builder labels(Map labels) { + return labels(Output.of(labels)); + } + + /** + * @param location Resource ID segment making up resource `name`. It identifies the resource within its parent collection as described in https://google.aip.dev/122. + * + * @return builder + * + */ + public Builder location(@Nullable Output location) { + $.location = location; + return this; + } + + /** + * @param location Resource ID segment making up resource `name`. It identifies the resource within its parent collection as described in https://google.aip.dev/122. + * + * @return builder + * + */ + public Builder location(String location) { + return location(Output.of(location)); + } + + /** + * @param name Identifier. Format: + * `projects/{project}/locations/{location}/apiHubInstances/{apiHubInstance}`. + * + * @return builder + * + */ + public Builder name(@Nullable Output name) { + $.name = name; + return this; + } + + /** + * @param name Identifier. Format: + * `projects/{project}/locations/{location}/apiHubInstances/{apiHubInstance}`. + * + * @return builder + * + */ + public Builder name(String name) { + return name(Output.of(name)); + } + + public Builder project(@Nullable Output project) { + $.project = project; + return this; + } + + public Builder project(String project) { + return project(Output.of(project)); + } + + /** + * @param pulumiLabels The combination of labels configured directly on the resource + * and default labels configured on the provider. + * + * @return builder + * + */ + public Builder pulumiLabels(@Nullable Output> pulumiLabels) { + $.pulumiLabels = pulumiLabels; + return this; + } + + /** + * @param pulumiLabels The combination of labels configured directly on the resource + * and default labels configured on the provider. + * + * @return builder + * + */ + public Builder pulumiLabels(Map pulumiLabels) { + return pulumiLabels(Output.of(pulumiLabels)); + } + + /** + * @param state Output only. The current state of the ApiHub instance. + * Possible values: + * STATE_UNSPECIFIED + * INACTIVE + * CREATING + * ACTIVE + * UPDATING + * DELETING + * FAILED + * + * @return builder + * + */ + public Builder state(@Nullable Output state) { + $.state = state; + return this; + } + + /** + * @param state Output only. The current state of the ApiHub instance. + * Possible values: + * STATE_UNSPECIFIED + * INACTIVE + * CREATING + * ACTIVE + * UPDATING + * DELETING + * FAILED + * + * @return builder + * + */ + public Builder state(String state) { + return state(Output.of(state)); + } + + /** + * @param stateMessage Output only. Extra information about ApiHub instance state. Currently the message + * would be populated when state is `FAILED`. + * + * @return builder + * + */ + public Builder stateMessage(@Nullable Output stateMessage) { + $.stateMessage = stateMessage; + return this; + } + + /** + * @param stateMessage Output only. Extra information about ApiHub instance state. Currently the message + * would be populated when state is `FAILED`. + * + * @return builder + * + */ + public Builder stateMessage(String stateMessage) { + return stateMessage(Output.of(stateMessage)); + } + + /** + * @param updateTime Output only. Last update timestamp. + * + * @return builder + * + */ + public Builder updateTime(@Nullable Output updateTime) { + $.updateTime = updateTime; + return this; + } + + /** + * @param updateTime Output only. Last update timestamp. + * + * @return builder + * + */ + public Builder updateTime(String updateTime) { + return updateTime(Output.of(updateTime)); + } + + public ApiHubInstanceState build() { + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/apihub/outputs/ApiHubInstanceConfig.java b/sdk/java/src/main/java/com/pulumi/gcp/apihub/outputs/ApiHubInstanceConfig.java new file mode 100644 index 0000000000..6b5815d61b --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/apihub/outputs/ApiHubInstanceConfig.java @@ -0,0 +1,147 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.apihub.outputs; + +import com.pulumi.core.annotations.CustomType; +import java.lang.Boolean; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + +@CustomType +public final class ApiHubInstanceConfig { + /** + * @return Optional. The Customer Managed Encryption Key (CMEK) used for data encryption. + * The CMEK name should follow the format of + * `projects/([^/]+)/locations/([^/]+)/keyRings/([^/]+)/cryptoKeys/([^/]+)`, + * where the location must match the instance location. + * If the CMEK is not provided, a GMEK will be created for the instance. + * + */ + private @Nullable String cmekKeyName; + /** + * @return Optional. If true, the search will be disabled for the instance. The default value + * is false. + * + */ + private @Nullable Boolean disableSearch; + /** + * @return Optional. Encryption type for the region. If the encryption type is CMEK, the + * cmek_key_name must be provided. If no encryption type is provided, + * GMEK will be used. + * Possible values: + * ENCRYPTION_TYPE_UNSPECIFIED + * GMEK + * CMEK + * + */ + private @Nullable String encryptionType; + /** + * @return Optional. The name of the Vertex AI location where the data store is stored. + * + * *** + * + */ + private @Nullable String vertexLocation; + + private ApiHubInstanceConfig() {} + /** + * @return Optional. The Customer Managed Encryption Key (CMEK) used for data encryption. + * The CMEK name should follow the format of + * `projects/([^/]+)/locations/([^/]+)/keyRings/([^/]+)/cryptoKeys/([^/]+)`, + * where the location must match the instance location. + * If the CMEK is not provided, a GMEK will be created for the instance. + * + */ + public Optional cmekKeyName() { + return Optional.ofNullable(this.cmekKeyName); + } + /** + * @return Optional. If true, the search will be disabled for the instance. The default value + * is false. + * + */ + public Optional disableSearch() { + return Optional.ofNullable(this.disableSearch); + } + /** + * @return Optional. Encryption type for the region. If the encryption type is CMEK, the + * cmek_key_name must be provided. If no encryption type is provided, + * GMEK will be used. + * Possible values: + * ENCRYPTION_TYPE_UNSPECIFIED + * GMEK + * CMEK + * + */ + public Optional encryptionType() { + return Optional.ofNullable(this.encryptionType); + } + /** + * @return Optional. The name of the Vertex AI location where the data store is stored. + * + * *** + * + */ + public Optional vertexLocation() { + return Optional.ofNullable(this.vertexLocation); + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(ApiHubInstanceConfig defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private @Nullable String cmekKeyName; + private @Nullable Boolean disableSearch; + private @Nullable String encryptionType; + private @Nullable String vertexLocation; + public Builder() {} + public Builder(ApiHubInstanceConfig defaults) { + Objects.requireNonNull(defaults); + this.cmekKeyName = defaults.cmekKeyName; + this.disableSearch = defaults.disableSearch; + this.encryptionType = defaults.encryptionType; + this.vertexLocation = defaults.vertexLocation; + } + + @CustomType.Setter + public Builder cmekKeyName(@Nullable String cmekKeyName) { + + this.cmekKeyName = cmekKeyName; + return this; + } + @CustomType.Setter + public Builder disableSearch(@Nullable Boolean disableSearch) { + + this.disableSearch = disableSearch; + return this; + } + @CustomType.Setter + public Builder encryptionType(@Nullable String encryptionType) { + + this.encryptionType = encryptionType; + return this; + } + @CustomType.Setter + public Builder vertexLocation(@Nullable String vertexLocation) { + + this.vertexLocation = vertexLocation; + return this; + } + public ApiHubInstanceConfig build() { + final var _resultValue = new ApiHubInstanceConfig(); + _resultValue.cmekKeyName = cmekKeyName; + _resultValue.disableSearch = disableSearch; + _resultValue.encryptionType = encryptionType; + _resultValue.vertexLocation = vertexLocation; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/chronicle/Retrohunt.java b/sdk/java/src/main/java/com/pulumi/gcp/chronicle/Retrohunt.java new file mode 100644 index 0000000000..38faef4186 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/chronicle/Retrohunt.java @@ -0,0 +1,284 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.chronicle; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Export; +import com.pulumi.core.annotations.ResourceType; +import com.pulumi.core.internal.Codegen; +import com.pulumi.gcp.Utilities; +import com.pulumi.gcp.chronicle.RetrohuntArgs; +import com.pulumi.gcp.chronicle.inputs.RetrohuntState; +import com.pulumi.gcp.chronicle.outputs.RetrohuntExecutionInterval; +import com.pulumi.gcp.chronicle.outputs.RetrohuntProcessInterval; +import java.lang.Double; +import java.lang.String; +import java.util.List; +import javax.annotation.Nullable; + +/** + * Retrohunt is an execution of a Rule over a time range in the past. + * + * To get more information about Retrohunt, see: + * + * * [API documentation](https://cloud.google.com/chronicle/docs/reference/rest/v1alpha/projects.locations.instances.rules.retrohunts) + * * How-to Guides + * * [Google SecOps Guides](https://cloud.google.com/chronicle/docs/secops/secops-overview) + * + * ## Example Usage + * + * ## Import + * + * Retrohunt can be imported using any of these accepted formats: + * + * * `projects/{{project}}/locations/{{location}}/instances/{{instance}}/rules/{{rule}}/retrohunts/{{retrohunt}}` + * + * * `{{project}}/{{location}}/{{instance}}/{{rule}}/{{retrohunt}}` + * + * * `{{location}}/{{instance}}/{{rule}}/{{retrohunt}}` + * + * When using the `pulumi import` command, Retrohunt can be imported using one of the formats above. For example: + * + * ```sh + * $ pulumi import gcp:chronicle/retrohunt:Retrohunt default projects/{{project}}/locations/{{location}}/instances/{{instance}}/rules/{{rule}}/retrohunts/{{retrohunt}} + * ``` + * + * ```sh + * $ pulumi import gcp:chronicle/retrohunt:Retrohunt default {{project}}/{{location}}/{{instance}}/{{rule}}/{{retrohunt}} + * ``` + * + * ```sh + * $ pulumi import gcp:chronicle/retrohunt:Retrohunt default {{location}}/{{instance}}/{{rule}}/{{retrohunt}} + * ``` + * + */ +@ResourceType(type="gcp:chronicle/retrohunt:Retrohunt") +public class Retrohunt extends com.pulumi.resources.CustomResource { + /** + * The retrohunt ID of the Retrohunt. A retrohunt is an execution of a Rule over a time range in the past. + * + */ + @Export(name="RetrohuntId", refs={String.class}, tree="[0]") + private Output RetrohuntId; + + /** + * @return The retrohunt ID of the Retrohunt. A retrohunt is an execution of a Rule over a time range in the past. + * + */ + public Output RetrohuntId() { + return this.RetrohuntId; + } + /** + * Represents a time interval, encoded as a Timestamp start (inclusive) and a + * Timestamp end (exclusive). + * The start must be less than or equal to the end. + * When the start equals the end, the interval is empty (matches no time). + * When both start and end are unspecified, the interval matches any time. + * Structure is documented below. + * + */ + @Export(name="executionIntervals", refs={List.class,RetrohuntExecutionInterval.class}, tree="[0,1]") + private Output> executionIntervals; + + /** + * @return Represents a time interval, encoded as a Timestamp start (inclusive) and a + * Timestamp end (exclusive). + * The start must be less than or equal to the end. + * When the start equals the end, the interval is empty (matches no time). + * When both start and end are unspecified, the interval matches any time. + * Structure is documented below. + * + */ + public Output> executionIntervals() { + return this.executionIntervals; + } + /** + * The unique identifier for the Chronicle instance, which is the same as the customer ID. + * + */ + @Export(name="instance", refs={String.class}, tree="[0]") + private Output instance; + + /** + * @return The unique identifier for the Chronicle instance, which is the same as the customer ID. + * + */ + public Output instance() { + return this.instance; + } + /** + * The location of the resource. This is the geographical region where the Chronicle instance resides, such as "us" or "europe-west2". + * + */ + @Export(name="location", refs={String.class}, tree="[0]") + private Output location; + + /** + * @return The location of the resource. This is the geographical region where the Chronicle instance resides, such as "us" or "europe-west2". + * + */ + public Output location() { + return this.location; + } + /** + * The resource name of the retrohunt. + * Retrohunt is the child of a rule revision. {rule} in the format below is + * structured as {rule_id{@literal @}revision_id}. + * Format: + * projects/{project}/locations/{location}/instances/{instance}/rules/{rule}/retrohunts/{retrohunt} + * + */ + @Export(name="name", refs={String.class}, tree="[0]") + private Output name; + + /** + * @return The resource name of the retrohunt. + * Retrohunt is the child of a rule revision. {rule} in the format below is + * structured as {rule_id{@literal @}revision_id}. + * Format: + * projects/{project}/locations/{location}/instances/{instance}/rules/{rule}/retrohunts/{retrohunt} + * + */ + public Output name() { + return this.name; + } + /** + * Represents a time interval, encoded as a Timestamp start (inclusive) and a + * Timestamp end (exclusive). + * The start must be less than or equal to the end. + * When the start equals the end, the interval is empty (matches no time). + * When both start and end are unspecified, the interval matches any time. + * Structure is documented below. + * + */ + @Export(name="processInterval", refs={RetrohuntProcessInterval.class}, tree="[0]") + private Output processInterval; + + /** + * @return Represents a time interval, encoded as a Timestamp start (inclusive) and a + * Timestamp end (exclusive). + * The start must be less than or equal to the end. + * When the start equals the end, the interval is empty (matches no time). + * When both start and end are unspecified, the interval matches any time. + * Structure is documented below. + * + */ + public Output processInterval() { + return this.processInterval; + } + /** + * Output only. Percent progress of the retrohunt towards completion, from 0.00 to 100.00. + * + */ + @Export(name="progressPercentage", refs={Double.class}, tree="[0]") + private Output progressPercentage; + + /** + * @return Output only. Percent progress of the retrohunt towards completion, from 0.00 to 100.00. + * + */ + public Output progressPercentage() { + return this.progressPercentage; + } + @Export(name="project", refs={String.class}, tree="[0]") + private Output project; + + public Output project() { + return this.project; + } + /** + * The Rule ID of the rule. + * + */ + @Export(name="rule", refs={String.class}, tree="[0]") + private Output rule; + + /** + * @return The Rule ID of the rule. + * + */ + public Output rule() { + return this.rule; + } + /** + * Output only. The state of the retrohunt. + * Possible values: + * RUNNING + * DONE + * CANCELLED + * FAILED + * + */ + @Export(name="state", refs={String.class}, tree="[0]") + private Output state; + + /** + * @return Output only. The state of the retrohunt. + * Possible values: + * RUNNING + * DONE + * CANCELLED + * FAILED + * + */ + public Output state() { + return this.state; + } + + /** + * + * @param name The _unique_ name of the resulting resource. + */ + public Retrohunt(java.lang.String name) { + this(name, RetrohuntArgs.Empty); + } + /** + * + * @param name The _unique_ name of the resulting resource. + * @param args The arguments to use to populate this resource's properties. + */ + public Retrohunt(java.lang.String name, RetrohuntArgs args) { + this(name, args, null); + } + /** + * + * @param name The _unique_ name of the resulting resource. + * @param args The arguments to use to populate this resource's properties. + * @param options A bag of options that control this resource's behavior. + */ + public Retrohunt(java.lang.String name, RetrohuntArgs args, @Nullable com.pulumi.resources.CustomResourceOptions options) { + super("gcp:chronicle/retrohunt:Retrohunt", name, makeArgs(args, options), makeResourceOptions(options, Codegen.empty()), false); + } + + private Retrohunt(java.lang.String name, Output id, @Nullable RetrohuntState state, @Nullable com.pulumi.resources.CustomResourceOptions options) { + super("gcp:chronicle/retrohunt:Retrohunt", name, state, makeResourceOptions(options, id), false); + } + + private static RetrohuntArgs makeArgs(RetrohuntArgs args, @Nullable com.pulumi.resources.CustomResourceOptions options) { + if (options != null && options.getUrn().isPresent()) { + return null; + } + return args == null ? RetrohuntArgs.Empty : args; + } + + private static com.pulumi.resources.CustomResourceOptions makeResourceOptions(@Nullable com.pulumi.resources.CustomResourceOptions options, @Nullable Output id) { + var defaultOptions = com.pulumi.resources.CustomResourceOptions.builder() + .version(Utilities.getVersion()) + .build(); + return com.pulumi.resources.CustomResourceOptions.merge(defaultOptions, options, id); + } + + /** + * Get an existing Host resource's state with the given name, ID, and optional extra + * properties used to qualify the lookup. + * + * @param name The _unique_ name of the resulting resource. + * @param id The _unique_ provider ID of the resource to lookup. + * @param state + * @param options Optional settings to control the behavior of the CustomResource. + */ + public static Retrohunt get(java.lang.String name, Output id, @Nullable RetrohuntState state, @Nullable com.pulumi.resources.CustomResourceOptions options) { + return new Retrohunt(name, id, state, options); + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/chronicle/RetrohuntArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/chronicle/RetrohuntArgs.java new file mode 100644 index 0000000000..281ca9d6bf --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/chronicle/RetrohuntArgs.java @@ -0,0 +1,282 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.chronicle; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import com.pulumi.gcp.chronicle.inputs.RetrohuntProcessIntervalArgs; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class RetrohuntArgs extends com.pulumi.resources.ResourceArgs { + + public static final RetrohuntArgs Empty = new RetrohuntArgs(); + + /** + * The retrohunt ID of the Retrohunt. A retrohunt is an execution of a Rule over a time range in the past. + * + */ + @Import(name="RetrohuntId") + private @Nullable Output RetrohuntId; + + /** + * @return The retrohunt ID of the Retrohunt. A retrohunt is an execution of a Rule over a time range in the past. + * + */ + public Optional> RetrohuntId() { + return Optional.ofNullable(this.RetrohuntId); + } + + /** + * The unique identifier for the Chronicle instance, which is the same as the customer ID. + * + */ + @Import(name="instance", required=true) + private Output instance; + + /** + * @return The unique identifier for the Chronicle instance, which is the same as the customer ID. + * + */ + public Output instance() { + return this.instance; + } + + /** + * The location of the resource. This is the geographical region where the Chronicle instance resides, such as "us" or "europe-west2". + * + */ + @Import(name="location", required=true) + private Output location; + + /** + * @return The location of the resource. This is the geographical region where the Chronicle instance resides, such as "us" or "europe-west2". + * + */ + public Output location() { + return this.location; + } + + /** + * Represents a time interval, encoded as a Timestamp start (inclusive) and a + * Timestamp end (exclusive). + * The start must be less than or equal to the end. + * When the start equals the end, the interval is empty (matches no time). + * When both start and end are unspecified, the interval matches any time. + * Structure is documented below. + * + */ + @Import(name="processInterval", required=true) + private Output processInterval; + + /** + * @return Represents a time interval, encoded as a Timestamp start (inclusive) and a + * Timestamp end (exclusive). + * The start must be less than or equal to the end. + * When the start equals the end, the interval is empty (matches no time). + * When both start and end are unspecified, the interval matches any time. + * Structure is documented below. + * + */ + public Output processInterval() { + return this.processInterval; + } + + @Import(name="project") + private @Nullable Output project; + + public Optional> project() { + return Optional.ofNullable(this.project); + } + + /** + * The Rule ID of the rule. + * + */ + @Import(name="rule", required=true) + private Output rule; + + /** + * @return The Rule ID of the rule. + * + */ + public Output rule() { + return this.rule; + } + + private RetrohuntArgs() {} + + private RetrohuntArgs(RetrohuntArgs $) { + this.RetrohuntId = $.RetrohuntId; + this.instance = $.instance; + this.location = $.location; + this.processInterval = $.processInterval; + this.project = $.project; + this.rule = $.rule; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(RetrohuntArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private RetrohuntArgs $; + + public Builder() { + $ = new RetrohuntArgs(); + } + + public Builder(RetrohuntArgs defaults) { + $ = new RetrohuntArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param RetrohuntId The retrohunt ID of the Retrohunt. A retrohunt is an execution of a Rule over a time range in the past. + * + * @return builder + * + */ + public Builder RetrohuntId(@Nullable Output RetrohuntId) { + $.RetrohuntId = RetrohuntId; + return this; + } + + /** + * @param RetrohuntId The retrohunt ID of the Retrohunt. A retrohunt is an execution of a Rule over a time range in the past. + * + * @return builder + * + */ + public Builder RetrohuntId(String RetrohuntId) { + return RetrohuntId(Output.of(RetrohuntId)); + } + + /** + * @param instance The unique identifier for the Chronicle instance, which is the same as the customer ID. + * + * @return builder + * + */ + public Builder instance(Output instance) { + $.instance = instance; + return this; + } + + /** + * @param instance The unique identifier for the Chronicle instance, which is the same as the customer ID. + * + * @return builder + * + */ + public Builder instance(String instance) { + return instance(Output.of(instance)); + } + + /** + * @param location The location of the resource. This is the geographical region where the Chronicle instance resides, such as "us" or "europe-west2". + * + * @return builder + * + */ + public Builder location(Output location) { + $.location = location; + return this; + } + + /** + * @param location The location of the resource. This is the geographical region where the Chronicle instance resides, such as "us" or "europe-west2". + * + * @return builder + * + */ + public Builder location(String location) { + return location(Output.of(location)); + } + + /** + * @param processInterval Represents a time interval, encoded as a Timestamp start (inclusive) and a + * Timestamp end (exclusive). + * The start must be less than or equal to the end. + * When the start equals the end, the interval is empty (matches no time). + * When both start and end are unspecified, the interval matches any time. + * Structure is documented below. + * + * @return builder + * + */ + public Builder processInterval(Output processInterval) { + $.processInterval = processInterval; + return this; + } + + /** + * @param processInterval Represents a time interval, encoded as a Timestamp start (inclusive) and a + * Timestamp end (exclusive). + * The start must be less than or equal to the end. + * When the start equals the end, the interval is empty (matches no time). + * When both start and end are unspecified, the interval matches any time. + * Structure is documented below. + * + * @return builder + * + */ + public Builder processInterval(RetrohuntProcessIntervalArgs processInterval) { + return processInterval(Output.of(processInterval)); + } + + public Builder project(@Nullable Output project) { + $.project = project; + return this; + } + + public Builder project(String project) { + return project(Output.of(project)); + } + + /** + * @param rule The Rule ID of the rule. + * + * @return builder + * + */ + public Builder rule(Output rule) { + $.rule = rule; + return this; + } + + /** + * @param rule The Rule ID of the rule. + * + * @return builder + * + */ + public Builder rule(String rule) { + return rule(Output.of(rule)); + } + + public RetrohuntArgs build() { + if ($.instance == null) { + throw new MissingRequiredPropertyException("RetrohuntArgs", "instance"); + } + if ($.location == null) { + throw new MissingRequiredPropertyException("RetrohuntArgs", "location"); + } + if ($.processInterval == null) { + throw new MissingRequiredPropertyException("RetrohuntArgs", "processInterval"); + } + if ($.rule == null) { + throw new MissingRequiredPropertyException("RetrohuntArgs", "rule"); + } + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/chronicle/inputs/RetrohuntExecutionIntervalArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/chronicle/inputs/RetrohuntExecutionIntervalArgs.java new file mode 100644 index 0000000000..fbac2abbe2 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/chronicle/inputs/RetrohuntExecutionIntervalArgs.java @@ -0,0 +1,136 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.chronicle.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class RetrohuntExecutionIntervalArgs extends com.pulumi.resources.ResourceArgs { + + public static final RetrohuntExecutionIntervalArgs Empty = new RetrohuntExecutionIntervalArgs(); + + /** + * Optional. Exclusive end of the interval. + * If specified, a Timestamp matching this interval will have to be before the + * end. + * + */ + @Import(name="endTime") + private @Nullable Output endTime; + + /** + * @return Optional. Exclusive end of the interval. + * If specified, a Timestamp matching this interval will have to be before the + * end. + * + */ + public Optional> endTime() { + return Optional.ofNullable(this.endTime); + } + + /** + * Optional. Inclusive start of the interval. + * If specified, a Timestamp matching this interval will have to be the same + * or after the start. + * + */ + @Import(name="startTime") + private @Nullable Output startTime; + + /** + * @return Optional. Inclusive start of the interval. + * If specified, a Timestamp matching this interval will have to be the same + * or after the start. + * + */ + public Optional> startTime() { + return Optional.ofNullable(this.startTime); + } + + private RetrohuntExecutionIntervalArgs() {} + + private RetrohuntExecutionIntervalArgs(RetrohuntExecutionIntervalArgs $) { + this.endTime = $.endTime; + this.startTime = $.startTime; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(RetrohuntExecutionIntervalArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private RetrohuntExecutionIntervalArgs $; + + public Builder() { + $ = new RetrohuntExecutionIntervalArgs(); + } + + public Builder(RetrohuntExecutionIntervalArgs defaults) { + $ = new RetrohuntExecutionIntervalArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param endTime Optional. Exclusive end of the interval. + * If specified, a Timestamp matching this interval will have to be before the + * end. + * + * @return builder + * + */ + public Builder endTime(@Nullable Output endTime) { + $.endTime = endTime; + return this; + } + + /** + * @param endTime Optional. Exclusive end of the interval. + * If specified, a Timestamp matching this interval will have to be before the + * end. + * + * @return builder + * + */ + public Builder endTime(String endTime) { + return endTime(Output.of(endTime)); + } + + /** + * @param startTime Optional. Inclusive start of the interval. + * If specified, a Timestamp matching this interval will have to be the same + * or after the start. + * + * @return builder + * + */ + public Builder startTime(@Nullable Output startTime) { + $.startTime = startTime; + return this; + } + + /** + * @param startTime Optional. Inclusive start of the interval. + * If specified, a Timestamp matching this interval will have to be the same + * or after the start. + * + * @return builder + * + */ + public Builder startTime(String startTime) { + return startTime(Output.of(startTime)); + } + + public RetrohuntExecutionIntervalArgs build() { + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/chronicle/inputs/RetrohuntProcessIntervalArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/chronicle/inputs/RetrohuntProcessIntervalArgs.java new file mode 100644 index 0000000000..e9c4b4e3fc --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/chronicle/inputs/RetrohuntProcessIntervalArgs.java @@ -0,0 +1,133 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.chronicle.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.Objects; + + +public final class RetrohuntProcessIntervalArgs extends com.pulumi.resources.ResourceArgs { + + public static final RetrohuntProcessIntervalArgs Empty = new RetrohuntProcessIntervalArgs(); + + /** + * Exclusive end of the interval. + * + * *** + * + */ + @Import(name="endTime", required=true) + private Output endTime; + + /** + * @return Exclusive end of the interval. + * + * *** + * + */ + public Output endTime() { + return this.endTime; + } + + /** + * Inclusive start of the interval. + * + */ + @Import(name="startTime", required=true) + private Output startTime; + + /** + * @return Inclusive start of the interval. + * + */ + public Output startTime() { + return this.startTime; + } + + private RetrohuntProcessIntervalArgs() {} + + private RetrohuntProcessIntervalArgs(RetrohuntProcessIntervalArgs $) { + this.endTime = $.endTime; + this.startTime = $.startTime; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(RetrohuntProcessIntervalArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private RetrohuntProcessIntervalArgs $; + + public Builder() { + $ = new RetrohuntProcessIntervalArgs(); + } + + public Builder(RetrohuntProcessIntervalArgs defaults) { + $ = new RetrohuntProcessIntervalArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param endTime Exclusive end of the interval. + * + * *** + * + * @return builder + * + */ + public Builder endTime(Output endTime) { + $.endTime = endTime; + return this; + } + + /** + * @param endTime Exclusive end of the interval. + * + * *** + * + * @return builder + * + */ + public Builder endTime(String endTime) { + return endTime(Output.of(endTime)); + } + + /** + * @param startTime Inclusive start of the interval. + * + * @return builder + * + */ + public Builder startTime(Output startTime) { + $.startTime = startTime; + return this; + } + + /** + * @param startTime Inclusive start of the interval. + * + * @return builder + * + */ + public Builder startTime(String startTime) { + return startTime(Output.of(startTime)); + } + + public RetrohuntProcessIntervalArgs build() { + if ($.endTime == null) { + throw new MissingRequiredPropertyException("RetrohuntProcessIntervalArgs", "endTime"); + } + if ($.startTime == null) { + throw new MissingRequiredPropertyException("RetrohuntProcessIntervalArgs", "startTime"); + } + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/chronicle/inputs/RetrohuntState.java b/sdk/java/src/main/java/com/pulumi/gcp/chronicle/inputs/RetrohuntState.java new file mode 100644 index 0000000000..880152388f --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/chronicle/inputs/RetrohuntState.java @@ -0,0 +1,491 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.chronicle.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.gcp.chronicle.inputs.RetrohuntExecutionIntervalArgs; +import com.pulumi.gcp.chronicle.inputs.RetrohuntProcessIntervalArgs; +import java.lang.Double; +import java.lang.String; +import java.util.List; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class RetrohuntState extends com.pulumi.resources.ResourceArgs { + + public static final RetrohuntState Empty = new RetrohuntState(); + + /** + * The retrohunt ID of the Retrohunt. A retrohunt is an execution of a Rule over a time range in the past. + * + */ + @Import(name="RetrohuntId") + private @Nullable Output RetrohuntId; + + /** + * @return The retrohunt ID of the Retrohunt. A retrohunt is an execution of a Rule over a time range in the past. + * + */ + public Optional> RetrohuntId() { + return Optional.ofNullable(this.RetrohuntId); + } + + /** + * Represents a time interval, encoded as a Timestamp start (inclusive) and a + * Timestamp end (exclusive). + * The start must be less than or equal to the end. + * When the start equals the end, the interval is empty (matches no time). + * When both start and end are unspecified, the interval matches any time. + * Structure is documented below. + * + */ + @Import(name="executionIntervals") + private @Nullable Output> executionIntervals; + + /** + * @return Represents a time interval, encoded as a Timestamp start (inclusive) and a + * Timestamp end (exclusive). + * The start must be less than or equal to the end. + * When the start equals the end, the interval is empty (matches no time). + * When both start and end are unspecified, the interval matches any time. + * Structure is documented below. + * + */ + public Optional>> executionIntervals() { + return Optional.ofNullable(this.executionIntervals); + } + + /** + * The unique identifier for the Chronicle instance, which is the same as the customer ID. + * + */ + @Import(name="instance") + private @Nullable Output instance; + + /** + * @return The unique identifier for the Chronicle instance, which is the same as the customer ID. + * + */ + public Optional> instance() { + return Optional.ofNullable(this.instance); + } + + /** + * The location of the resource. This is the geographical region where the Chronicle instance resides, such as "us" or "europe-west2". + * + */ + @Import(name="location") + private @Nullable Output location; + + /** + * @return The location of the resource. This is the geographical region where the Chronicle instance resides, such as "us" or "europe-west2". + * + */ + public Optional> location() { + return Optional.ofNullable(this.location); + } + + /** + * The resource name of the retrohunt. + * Retrohunt is the child of a rule revision. {rule} in the format below is + * structured as {rule_id{@literal @}revision_id}. + * Format: + * projects/{project}/locations/{location}/instances/{instance}/rules/{rule}/retrohunts/{retrohunt} + * + */ + @Import(name="name") + private @Nullable Output name; + + /** + * @return The resource name of the retrohunt. + * Retrohunt is the child of a rule revision. {rule} in the format below is + * structured as {rule_id{@literal @}revision_id}. + * Format: + * projects/{project}/locations/{location}/instances/{instance}/rules/{rule}/retrohunts/{retrohunt} + * + */ + public Optional> name() { + return Optional.ofNullable(this.name); + } + + /** + * Represents a time interval, encoded as a Timestamp start (inclusive) and a + * Timestamp end (exclusive). + * The start must be less than or equal to the end. + * When the start equals the end, the interval is empty (matches no time). + * When both start and end are unspecified, the interval matches any time. + * Structure is documented below. + * + */ + @Import(name="processInterval") + private @Nullable Output processInterval; + + /** + * @return Represents a time interval, encoded as a Timestamp start (inclusive) and a + * Timestamp end (exclusive). + * The start must be less than or equal to the end. + * When the start equals the end, the interval is empty (matches no time). + * When both start and end are unspecified, the interval matches any time. + * Structure is documented below. + * + */ + public Optional> processInterval() { + return Optional.ofNullable(this.processInterval); + } + + /** + * Output only. Percent progress of the retrohunt towards completion, from 0.00 to 100.00. + * + */ + @Import(name="progressPercentage") + private @Nullable Output progressPercentage; + + /** + * @return Output only. Percent progress of the retrohunt towards completion, from 0.00 to 100.00. + * + */ + public Optional> progressPercentage() { + return Optional.ofNullable(this.progressPercentage); + } + + @Import(name="project") + private @Nullable Output project; + + public Optional> project() { + return Optional.ofNullable(this.project); + } + + /** + * The Rule ID of the rule. + * + */ + @Import(name="rule") + private @Nullable Output rule; + + /** + * @return The Rule ID of the rule. + * + */ + public Optional> rule() { + return Optional.ofNullable(this.rule); + } + + /** + * Output only. The state of the retrohunt. + * Possible values: + * RUNNING + * DONE + * CANCELLED + * FAILED + * + */ + @Import(name="state") + private @Nullable Output state; + + /** + * @return Output only. The state of the retrohunt. + * Possible values: + * RUNNING + * DONE + * CANCELLED + * FAILED + * + */ + public Optional> state() { + return Optional.ofNullable(this.state); + } + + private RetrohuntState() {} + + private RetrohuntState(RetrohuntState $) { + this.RetrohuntId = $.RetrohuntId; + this.executionIntervals = $.executionIntervals; + this.instance = $.instance; + this.location = $.location; + this.name = $.name; + this.processInterval = $.processInterval; + this.progressPercentage = $.progressPercentage; + this.project = $.project; + this.rule = $.rule; + this.state = $.state; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(RetrohuntState defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private RetrohuntState $; + + public Builder() { + $ = new RetrohuntState(); + } + + public Builder(RetrohuntState defaults) { + $ = new RetrohuntState(Objects.requireNonNull(defaults)); + } + + /** + * @param RetrohuntId The retrohunt ID of the Retrohunt. A retrohunt is an execution of a Rule over a time range in the past. + * + * @return builder + * + */ + public Builder RetrohuntId(@Nullable Output RetrohuntId) { + $.RetrohuntId = RetrohuntId; + return this; + } + + /** + * @param RetrohuntId The retrohunt ID of the Retrohunt. A retrohunt is an execution of a Rule over a time range in the past. + * + * @return builder + * + */ + public Builder RetrohuntId(String RetrohuntId) { + return RetrohuntId(Output.of(RetrohuntId)); + } + + /** + * @param executionIntervals Represents a time interval, encoded as a Timestamp start (inclusive) and a + * Timestamp end (exclusive). + * The start must be less than or equal to the end. + * When the start equals the end, the interval is empty (matches no time). + * When both start and end are unspecified, the interval matches any time. + * Structure is documented below. + * + * @return builder + * + */ + public Builder executionIntervals(@Nullable Output> executionIntervals) { + $.executionIntervals = executionIntervals; + return this; + } + + /** + * @param executionIntervals Represents a time interval, encoded as a Timestamp start (inclusive) and a + * Timestamp end (exclusive). + * The start must be less than or equal to the end. + * When the start equals the end, the interval is empty (matches no time). + * When both start and end are unspecified, the interval matches any time. + * Structure is documented below. + * + * @return builder + * + */ + public Builder executionIntervals(List executionIntervals) { + return executionIntervals(Output.of(executionIntervals)); + } + + /** + * @param executionIntervals Represents a time interval, encoded as a Timestamp start (inclusive) and a + * Timestamp end (exclusive). + * The start must be less than or equal to the end. + * When the start equals the end, the interval is empty (matches no time). + * When both start and end are unspecified, the interval matches any time. + * Structure is documented below. + * + * @return builder + * + */ + public Builder executionIntervals(RetrohuntExecutionIntervalArgs... executionIntervals) { + return executionIntervals(List.of(executionIntervals)); + } + + /** + * @param instance The unique identifier for the Chronicle instance, which is the same as the customer ID. + * + * @return builder + * + */ + public Builder instance(@Nullable Output instance) { + $.instance = instance; + return this; + } + + /** + * @param instance The unique identifier for the Chronicle instance, which is the same as the customer ID. + * + * @return builder + * + */ + public Builder instance(String instance) { + return instance(Output.of(instance)); + } + + /** + * @param location The location of the resource. This is the geographical region where the Chronicle instance resides, such as "us" or "europe-west2". + * + * @return builder + * + */ + public Builder location(@Nullable Output location) { + $.location = location; + return this; + } + + /** + * @param location The location of the resource. This is the geographical region where the Chronicle instance resides, such as "us" or "europe-west2". + * + * @return builder + * + */ + public Builder location(String location) { + return location(Output.of(location)); + } + + /** + * @param name The resource name of the retrohunt. + * Retrohunt is the child of a rule revision. {rule} in the format below is + * structured as {rule_id{@literal @}revision_id}. + * Format: + * projects/{project}/locations/{location}/instances/{instance}/rules/{rule}/retrohunts/{retrohunt} + * + * @return builder + * + */ + public Builder name(@Nullable Output name) { + $.name = name; + return this; + } + + /** + * @param name The resource name of the retrohunt. + * Retrohunt is the child of a rule revision. {rule} in the format below is + * structured as {rule_id{@literal @}revision_id}. + * Format: + * projects/{project}/locations/{location}/instances/{instance}/rules/{rule}/retrohunts/{retrohunt} + * + * @return builder + * + */ + public Builder name(String name) { + return name(Output.of(name)); + } + + /** + * @param processInterval Represents a time interval, encoded as a Timestamp start (inclusive) and a + * Timestamp end (exclusive). + * The start must be less than or equal to the end. + * When the start equals the end, the interval is empty (matches no time). + * When both start and end are unspecified, the interval matches any time. + * Structure is documented below. + * + * @return builder + * + */ + public Builder processInterval(@Nullable Output processInterval) { + $.processInterval = processInterval; + return this; + } + + /** + * @param processInterval Represents a time interval, encoded as a Timestamp start (inclusive) and a + * Timestamp end (exclusive). + * The start must be less than or equal to the end. + * When the start equals the end, the interval is empty (matches no time). + * When both start and end are unspecified, the interval matches any time. + * Structure is documented below. + * + * @return builder + * + */ + public Builder processInterval(RetrohuntProcessIntervalArgs processInterval) { + return processInterval(Output.of(processInterval)); + } + + /** + * @param progressPercentage Output only. Percent progress of the retrohunt towards completion, from 0.00 to 100.00. + * + * @return builder + * + */ + public Builder progressPercentage(@Nullable Output progressPercentage) { + $.progressPercentage = progressPercentage; + return this; + } + + /** + * @param progressPercentage Output only. Percent progress of the retrohunt towards completion, from 0.00 to 100.00. + * + * @return builder + * + */ + public Builder progressPercentage(Double progressPercentage) { + return progressPercentage(Output.of(progressPercentage)); + } + + public Builder project(@Nullable Output project) { + $.project = project; + return this; + } + + public Builder project(String project) { + return project(Output.of(project)); + } + + /** + * @param rule The Rule ID of the rule. + * + * @return builder + * + */ + public Builder rule(@Nullable Output rule) { + $.rule = rule; + return this; + } + + /** + * @param rule The Rule ID of the rule. + * + * @return builder + * + */ + public Builder rule(String rule) { + return rule(Output.of(rule)); + } + + /** + * @param state Output only. The state of the retrohunt. + * Possible values: + * RUNNING + * DONE + * CANCELLED + * FAILED + * + * @return builder + * + */ + public Builder state(@Nullable Output state) { + $.state = state; + return this; + } + + /** + * @param state Output only. The state of the retrohunt. + * Possible values: + * RUNNING + * DONE + * CANCELLED + * FAILED + * + * @return builder + * + */ + public Builder state(String state) { + return state(Output.of(state)); + } + + public RetrohuntState build() { + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/chronicle/outputs/RetrohuntExecutionInterval.java b/sdk/java/src/main/java/com/pulumi/gcp/chronicle/outputs/RetrohuntExecutionInterval.java new file mode 100644 index 0000000000..6486d00955 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/chronicle/outputs/RetrohuntExecutionInterval.java @@ -0,0 +1,86 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.chronicle.outputs; + +import com.pulumi.core.annotations.CustomType; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + +@CustomType +public final class RetrohuntExecutionInterval { + /** + * @return Optional. Exclusive end of the interval. + * If specified, a Timestamp matching this interval will have to be before the + * end. + * + */ + private @Nullable String endTime; + /** + * @return Optional. Inclusive start of the interval. + * If specified, a Timestamp matching this interval will have to be the same + * or after the start. + * + */ + private @Nullable String startTime; + + private RetrohuntExecutionInterval() {} + /** + * @return Optional. Exclusive end of the interval. + * If specified, a Timestamp matching this interval will have to be before the + * end. + * + */ + public Optional endTime() { + return Optional.ofNullable(this.endTime); + } + /** + * @return Optional. Inclusive start of the interval. + * If specified, a Timestamp matching this interval will have to be the same + * or after the start. + * + */ + public Optional startTime() { + return Optional.ofNullable(this.startTime); + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(RetrohuntExecutionInterval defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private @Nullable String endTime; + private @Nullable String startTime; + public Builder() {} + public Builder(RetrohuntExecutionInterval defaults) { + Objects.requireNonNull(defaults); + this.endTime = defaults.endTime; + this.startTime = defaults.startTime; + } + + @CustomType.Setter + public Builder endTime(@Nullable String endTime) { + + this.endTime = endTime; + return this; + } + @CustomType.Setter + public Builder startTime(@Nullable String startTime) { + + this.startTime = startTime; + return this; + } + public RetrohuntExecutionInterval build() { + final var _resultValue = new RetrohuntExecutionInterval(); + _resultValue.endTime = endTime; + _resultValue.startTime = startTime; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/chronicle/outputs/RetrohuntProcessInterval.java b/sdk/java/src/main/java/com/pulumi/gcp/chronicle/outputs/RetrohuntProcessInterval.java new file mode 100644 index 0000000000..d6bc2c9636 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/chronicle/outputs/RetrohuntProcessInterval.java @@ -0,0 +1,85 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.chronicle.outputs; + +import com.pulumi.core.annotations.CustomType; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.Objects; + +@CustomType +public final class RetrohuntProcessInterval { + /** + * @return Exclusive end of the interval. + * + * *** + * + */ + private String endTime; + /** + * @return Inclusive start of the interval. + * + */ + private String startTime; + + private RetrohuntProcessInterval() {} + /** + * @return Exclusive end of the interval. + * + * *** + * + */ + public String endTime() { + return this.endTime; + } + /** + * @return Inclusive start of the interval. + * + */ + public String startTime() { + return this.startTime; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(RetrohuntProcessInterval defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private String endTime; + private String startTime; + public Builder() {} + public Builder(RetrohuntProcessInterval defaults) { + Objects.requireNonNull(defaults); + this.endTime = defaults.endTime; + this.startTime = defaults.startTime; + } + + @CustomType.Setter + public Builder endTime(String endTime) { + if (endTime == null) { + throw new MissingRequiredPropertyException("RetrohuntProcessInterval", "endTime"); + } + this.endTime = endTime; + return this; + } + @CustomType.Setter + public Builder startTime(String startTime) { + if (startTime == null) { + throw new MissingRequiredPropertyException("RetrohuntProcessInterval", "startTime"); + } + this.startTime = startTime; + return this; + } + public RetrohuntProcessInterval build() { + final var _resultValue = new RetrohuntProcessInterval(); + _resultValue.endTime = endTime; + _resultValue.startTime = startTime; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/cloudrunv2/Service.java b/sdk/java/src/main/java/com/pulumi/gcp/cloudrunv2/Service.java index bdeec38a36..09bf79f066 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/cloudrunv2/Service.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/cloudrunv2/Service.java @@ -11,6 +11,7 @@ import com.pulumi.gcp.cloudrunv2.ServiceArgs; import com.pulumi.gcp.cloudrunv2.inputs.ServiceState; import com.pulumi.gcp.cloudrunv2.outputs.ServiceBinaryAuthorization; +import com.pulumi.gcp.cloudrunv2.outputs.ServiceBuildConfig; import com.pulumi.gcp.cloudrunv2.outputs.ServiceCondition; import com.pulumi.gcp.cloudrunv2.outputs.ServiceScaling; import com.pulumi.gcp.cloudrunv2.outputs.ServiceTemplate; @@ -915,6 +916,113 @@ * } * * <!--End PulumiCodeChooser --> + * ### Cloudrunv2 Service Function + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.organizations.OrganizationsFunctions;
+ * import com.pulumi.gcp.organizations.inputs.GetProjectArgs;
+ * import com.pulumi.gcp.storage.Bucket;
+ * import com.pulumi.gcp.storage.BucketArgs;
+ * import com.pulumi.gcp.storage.BucketObject;
+ * import com.pulumi.gcp.storage.BucketObjectArgs;
+ * import com.pulumi.gcp.serviceaccount.Account;
+ * import com.pulumi.gcp.serviceaccount.AccountArgs;
+ * import com.pulumi.gcp.projects.IAMMember;
+ * import com.pulumi.gcp.projects.IAMMemberArgs;
+ * import com.pulumi.gcp.cloudrunv2.Service;
+ * import com.pulumi.gcp.cloudrunv2.ServiceArgs;
+ * import com.pulumi.gcp.cloudrunv2.inputs.ServiceTemplateArgs;
+ * import com.pulumi.gcp.cloudrunv2.inputs.ServiceBuildConfigArgs;
+ * import com.pulumi.resources.CustomResourceOptions;
+ * import com.pulumi.asset.FileAsset;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App {
+ *     public static void main(String[] args) {
+ *         Pulumi.run(App::stack);
+ *     }
+ * 
+ *     public static void stack(Context ctx) {
+ *         final var project = OrganizationsFunctions.getProject();
+ * 
+ *         var bucket = new Bucket("bucket", BucketArgs.builder()
+ *             .name(String.format("%s-gcf-source", project.applyValue(getProjectResult -> getProjectResult.projectId())))
+ *             .location("US")
+ *             .uniformBucketLevelAccess(true)
+ *             .build());
+ * 
+ *         var object = new BucketObject("object", BucketObjectArgs.builder()
+ *             .name("function-source.zip")
+ *             .bucket(bucket.name())
+ *             .source(new FileAsset("function_source.zip"))
+ *             .build());
+ * 
+ *         var cloudbuildServiceAccount = new Account("cloudbuildServiceAccount", AccountArgs.builder()
+ *             .accountId("build-sa")
+ *             .build());
+ * 
+ *         var actAs = new IAMMember("actAs", IAMMemberArgs.builder()
+ *             .project(project.applyValue(getProjectResult -> getProjectResult.projectId()))
+ *             .role("roles/iam.serviceAccountUser")
+ *             .member(cloudbuildServiceAccount.email().applyValue(email -> String.format("serviceAccount:%s", email)))
+ *             .build());
+ * 
+ *         var logsWriter = new IAMMember("logsWriter", IAMMemberArgs.builder()
+ *             .project(project.applyValue(getProjectResult -> getProjectResult.projectId()))
+ *             .role("roles/logging.logWriter")
+ *             .member(cloudbuildServiceAccount.email().applyValue(email -> String.format("serviceAccount:%s", email)))
+ *             .build());
+ * 
+ *         var default_ = new Service("default", ServiceArgs.builder()
+ *             .name("cloudrun-service")
+ *             .location("us-central1")
+ *             .deletionProtection(false)
+ *             .ingress("INGRESS_TRAFFIC_ALL")
+ *             .template(ServiceTemplateArgs.builder()
+ *                 .containers(ServiceTemplateContainerArgs.builder()
+ *                     .image("us-docker.pkg.dev/cloudrun/container/hello")
+ *                     .build())
+ *                 .build())
+ *             .buildConfig(ServiceBuildConfigArgs.builder()
+ *                 .sourceLocation(Output.tuple(bucket.name(), object.name()).applyValue(values -> {
+ *                     var bucketName = values.t1;
+ *                     var objectName = values.t2;
+ *                     return String.format("gs://%s/%s", bucketName,objectName);
+ *                 }))
+ *                 .functionTarget("helloHttp")
+ *                 .imageUri("us-docker.pkg.dev/cloudrun/container/hello")
+ *                 .baseImage("us-central1-docker.pkg.dev/serverless-runtimes/google-22-full/runtimes/nodejs22")
+ *                 .enableAutomaticUpdates(true)
+ *                 .workerPool("worker-pool")
+ *                 .environmentVariables(Map.ofEntries(
+ *                     Map.entry("FOO_KEY", "FOO_VALUE"),
+ *                     Map.entry("BAR_KEY", "BAR_VALUE")
+ *                 ))
+ *                 .serviceAccount(cloudbuildServiceAccount.id())
+ *                 .build())
+ *             .build(), CustomResourceOptions.builder()
+ *                 .dependsOn(                
+ *                     actAs,
+ *                     logsWriter)
+ *                 .build());
+ * 
+ *     }
+ * }
+ * }
+ *
+ * <!--End PulumiCodeChooser --> * * ## Import * @@ -983,6 +1091,20 @@ public Output>> annotations() { public Output> binaryAuthorization() { return Codegen.optional(this.binaryAuthorization); } + /** + * Configuration for building a Cloud Run function. + * + */ + @Export(name="buildConfig", refs={ServiceBuildConfig.class}, tree="[0]") + private Output buildConfig; + + /** + * @return Configuration for building a Cloud Run function. + * + */ + public Output> buildConfig() { + return Codegen.optional(this.buildConfig); + } /** * Arbitrary identifier for the API client. * diff --git a/sdk/java/src/main/java/com/pulumi/gcp/cloudrunv2/ServiceArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/cloudrunv2/ServiceArgs.java index adac13a657..cf1738d2c6 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/cloudrunv2/ServiceArgs.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/cloudrunv2/ServiceArgs.java @@ -7,6 +7,7 @@ import com.pulumi.core.annotations.Import; import com.pulumi.exceptions.MissingRequiredPropertyException; import com.pulumi.gcp.cloudrunv2.inputs.ServiceBinaryAuthorizationArgs; +import com.pulumi.gcp.cloudrunv2.inputs.ServiceBuildConfigArgs; import com.pulumi.gcp.cloudrunv2.inputs.ServiceScalingArgs; import com.pulumi.gcp.cloudrunv2.inputs.ServiceTemplateArgs; import com.pulumi.gcp.cloudrunv2.inputs.ServiceTrafficArgs; @@ -65,6 +66,21 @@ public Optional> binaryAuthorization() { return Optional.ofNullable(this.binaryAuthorization); } + /** + * Configuration for building a Cloud Run function. + * + */ + @Import(name="buildConfig") + private @Nullable Output buildConfig; + + /** + * @return Configuration for building a Cloud Run function. + * + */ + public Optional> buildConfig() { + return Optional.ofNullable(this.buildConfig); + } + /** * Arbitrary identifier for the API client. * @@ -332,6 +348,7 @@ private ServiceArgs() {} private ServiceArgs(ServiceArgs $) { this.annotations = $.annotations; this.binaryAuthorization = $.binaryAuthorization; + this.buildConfig = $.buildConfig; this.client = $.client; this.clientVersion = $.clientVersion; this.customAudiences = $.customAudiences; @@ -422,6 +439,27 @@ public Builder binaryAuthorization(ServiceBinaryAuthorizationArgs binaryAuthoriz return binaryAuthorization(Output.of(binaryAuthorization)); } + /** + * @param buildConfig Configuration for building a Cloud Run function. + * + * @return builder + * + */ + public Builder buildConfig(@Nullable Output buildConfig) { + $.buildConfig = buildConfig; + return this; + } + + /** + * @param buildConfig Configuration for building a Cloud Run function. + * + * @return builder + * + */ + public Builder buildConfig(ServiceBuildConfigArgs buildConfig) { + return buildConfig(Output.of(buildConfig)); + } + /** * @param client Arbitrary identifier for the API client. * diff --git a/sdk/java/src/main/java/com/pulumi/gcp/cloudrunv2/inputs/ServiceBuildConfigArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/cloudrunv2/inputs/ServiceBuildConfigArgs.java new file mode 100644 index 0000000000..7c269b1e9e --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/cloudrunv2/inputs/ServiceBuildConfigArgs.java @@ -0,0 +1,385 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.cloudrunv2.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import java.lang.Boolean; +import java.lang.String; +import java.util.Map; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class ServiceBuildConfigArgs extends com.pulumi.resources.ResourceArgs { + + public static final ServiceBuildConfigArgs Empty = new ServiceBuildConfigArgs(); + + /** + * The base image used to build the function. + * + */ + @Import(name="baseImage") + private @Nullable Output baseImage; + + /** + * @return The base image used to build the function. + * + */ + public Optional> baseImage() { + return Optional.ofNullable(this.baseImage); + } + + /** + * Sets whether the function will receive automatic base image updates. + * + */ + @Import(name="enableAutomaticUpdates") + private @Nullable Output enableAutomaticUpdates; + + /** + * @return Sets whether the function will receive automatic base image updates. + * + */ + public Optional> enableAutomaticUpdates() { + return Optional.ofNullable(this.enableAutomaticUpdates); + } + + /** + * User-provided build-time environment variables for the function. + * + */ + @Import(name="environmentVariables") + private @Nullable Output> environmentVariables; + + /** + * @return User-provided build-time environment variables for the function. + * + */ + public Optional>> environmentVariables() { + return Optional.ofNullable(this.environmentVariables); + } + + /** + * The name of the function (as defined in source code) that will be executed. Defaults to the resource name suffix, if not specified. For backward compatibility, if function with given name is not found, then the system will try to use function named "function". + * + */ + @Import(name="functionTarget") + private @Nullable Output functionTarget; + + /** + * @return The name of the function (as defined in source code) that will be executed. Defaults to the resource name suffix, if not specified. For backward compatibility, if function with given name is not found, then the system will try to use function named "function". + * + */ + public Optional> functionTarget() { + return Optional.ofNullable(this.functionTarget); + } + + /** + * Artifact Registry URI to store the built image. + * + */ + @Import(name="imageUri") + private @Nullable Output imageUri; + + /** + * @return Artifact Registry URI to store the built image. + * + */ + public Optional> imageUri() { + return Optional.ofNullable(this.imageUri); + } + + /** + * (Output) + * The Cloud Build name of the latest successful deployment of the function. + * + */ + @Import(name="name") + private @Nullable Output name; + + /** + * @return (Output) + * The Cloud Build name of the latest successful deployment of the function. + * + */ + public Optional> name() { + return Optional.ofNullable(this.name); + } + + /** + * Service account to be used for building the container. The format of this field is `projects/{projectId}/serviceAccounts/{serviceAccountEmail}`. + * + */ + @Import(name="serviceAccount") + private @Nullable Output serviceAccount; + + /** + * @return Service account to be used for building the container. The format of this field is `projects/{projectId}/serviceAccounts/{serviceAccountEmail}`. + * + */ + public Optional> serviceAccount() { + return Optional.ofNullable(this.serviceAccount); + } + + /** + * The Cloud Storage bucket URI where the function source code is located. + * + */ + @Import(name="sourceLocation") + private @Nullable Output sourceLocation; + + /** + * @return The Cloud Storage bucket URI where the function source code is located. + * + */ + public Optional> sourceLocation() { + return Optional.ofNullable(this.sourceLocation); + } + + /** + * Name of the Cloud Build Custom Worker Pool that should be used to build the Cloud Run function. The format of this field is `projects/{project}/locations/{region}/workerPools/{workerPool}` where {project} and {region} are the project id and region respectively where the worker pool is defined and {workerPool} is the short name of the worker pool. + * + */ + @Import(name="workerPool") + private @Nullable Output workerPool; + + /** + * @return Name of the Cloud Build Custom Worker Pool that should be used to build the Cloud Run function. The format of this field is `projects/{project}/locations/{region}/workerPools/{workerPool}` where {project} and {region} are the project id and region respectively where the worker pool is defined and {workerPool} is the short name of the worker pool. + * + */ + public Optional> workerPool() { + return Optional.ofNullable(this.workerPool); + } + + private ServiceBuildConfigArgs() {} + + private ServiceBuildConfigArgs(ServiceBuildConfigArgs $) { + this.baseImage = $.baseImage; + this.enableAutomaticUpdates = $.enableAutomaticUpdates; + this.environmentVariables = $.environmentVariables; + this.functionTarget = $.functionTarget; + this.imageUri = $.imageUri; + this.name = $.name; + this.serviceAccount = $.serviceAccount; + this.sourceLocation = $.sourceLocation; + this.workerPool = $.workerPool; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(ServiceBuildConfigArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private ServiceBuildConfigArgs $; + + public Builder() { + $ = new ServiceBuildConfigArgs(); + } + + public Builder(ServiceBuildConfigArgs defaults) { + $ = new ServiceBuildConfigArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param baseImage The base image used to build the function. + * + * @return builder + * + */ + public Builder baseImage(@Nullable Output baseImage) { + $.baseImage = baseImage; + return this; + } + + /** + * @param baseImage The base image used to build the function. + * + * @return builder + * + */ + public Builder baseImage(String baseImage) { + return baseImage(Output.of(baseImage)); + } + + /** + * @param enableAutomaticUpdates Sets whether the function will receive automatic base image updates. + * + * @return builder + * + */ + public Builder enableAutomaticUpdates(@Nullable Output enableAutomaticUpdates) { + $.enableAutomaticUpdates = enableAutomaticUpdates; + return this; + } + + /** + * @param enableAutomaticUpdates Sets whether the function will receive automatic base image updates. + * + * @return builder + * + */ + public Builder enableAutomaticUpdates(Boolean enableAutomaticUpdates) { + return enableAutomaticUpdates(Output.of(enableAutomaticUpdates)); + } + + /** + * @param environmentVariables User-provided build-time environment variables for the function. + * + * @return builder + * + */ + public Builder environmentVariables(@Nullable Output> environmentVariables) { + $.environmentVariables = environmentVariables; + return this; + } + + /** + * @param environmentVariables User-provided build-time environment variables for the function. + * + * @return builder + * + */ + public Builder environmentVariables(Map environmentVariables) { + return environmentVariables(Output.of(environmentVariables)); + } + + /** + * @param functionTarget The name of the function (as defined in source code) that will be executed. Defaults to the resource name suffix, if not specified. For backward compatibility, if function with given name is not found, then the system will try to use function named "function". + * + * @return builder + * + */ + public Builder functionTarget(@Nullable Output functionTarget) { + $.functionTarget = functionTarget; + return this; + } + + /** + * @param functionTarget The name of the function (as defined in source code) that will be executed. Defaults to the resource name suffix, if not specified. For backward compatibility, if function with given name is not found, then the system will try to use function named "function". + * + * @return builder + * + */ + public Builder functionTarget(String functionTarget) { + return functionTarget(Output.of(functionTarget)); + } + + /** + * @param imageUri Artifact Registry URI to store the built image. + * + * @return builder + * + */ + public Builder imageUri(@Nullable Output imageUri) { + $.imageUri = imageUri; + return this; + } + + /** + * @param imageUri Artifact Registry URI to store the built image. + * + * @return builder + * + */ + public Builder imageUri(String imageUri) { + return imageUri(Output.of(imageUri)); + } + + /** + * @param name (Output) + * The Cloud Build name of the latest successful deployment of the function. + * + * @return builder + * + */ + public Builder name(@Nullable Output name) { + $.name = name; + return this; + } + + /** + * @param name (Output) + * The Cloud Build name of the latest successful deployment of the function. + * + * @return builder + * + */ + public Builder name(String name) { + return name(Output.of(name)); + } + + /** + * @param serviceAccount Service account to be used for building the container. The format of this field is `projects/{projectId}/serviceAccounts/{serviceAccountEmail}`. + * + * @return builder + * + */ + public Builder serviceAccount(@Nullable Output serviceAccount) { + $.serviceAccount = serviceAccount; + return this; + } + + /** + * @param serviceAccount Service account to be used for building the container. The format of this field is `projects/{projectId}/serviceAccounts/{serviceAccountEmail}`. + * + * @return builder + * + */ + public Builder serviceAccount(String serviceAccount) { + return serviceAccount(Output.of(serviceAccount)); + } + + /** + * @param sourceLocation The Cloud Storage bucket URI where the function source code is located. + * + * @return builder + * + */ + public Builder sourceLocation(@Nullable Output sourceLocation) { + $.sourceLocation = sourceLocation; + return this; + } + + /** + * @param sourceLocation The Cloud Storage bucket URI where the function source code is located. + * + * @return builder + * + */ + public Builder sourceLocation(String sourceLocation) { + return sourceLocation(Output.of(sourceLocation)); + } + + /** + * @param workerPool Name of the Cloud Build Custom Worker Pool that should be used to build the Cloud Run function. The format of this field is `projects/{project}/locations/{region}/workerPools/{workerPool}` where {project} and {region} are the project id and region respectively where the worker pool is defined and {workerPool} is the short name of the worker pool. + * + * @return builder + * + */ + public Builder workerPool(@Nullable Output workerPool) { + $.workerPool = workerPool; + return this; + } + + /** + * @param workerPool Name of the Cloud Build Custom Worker Pool that should be used to build the Cloud Run function. The format of this field is `projects/{project}/locations/{region}/workerPools/{workerPool}` where {project} and {region} are the project id and region respectively where the worker pool is defined and {workerPool} is the short name of the worker pool. + * + * @return builder + * + */ + public Builder workerPool(String workerPool) { + return workerPool(Output.of(workerPool)); + } + + public ServiceBuildConfigArgs build() { + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/cloudrunv2/inputs/ServiceState.java b/sdk/java/src/main/java/com/pulumi/gcp/cloudrunv2/inputs/ServiceState.java index 704204e922..61cb474542 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/cloudrunv2/inputs/ServiceState.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/cloudrunv2/inputs/ServiceState.java @@ -6,6 +6,7 @@ import com.pulumi.core.Output; import com.pulumi.core.annotations.Import; import com.pulumi.gcp.cloudrunv2.inputs.ServiceBinaryAuthorizationArgs; +import com.pulumi.gcp.cloudrunv2.inputs.ServiceBuildConfigArgs; import com.pulumi.gcp.cloudrunv2.inputs.ServiceConditionArgs; import com.pulumi.gcp.cloudrunv2.inputs.ServiceScalingArgs; import com.pulumi.gcp.cloudrunv2.inputs.ServiceTemplateArgs; @@ -67,6 +68,21 @@ public Optional> binaryAuthorization() { return Optional.ofNullable(this.binaryAuthorization); } + /** + * Configuration for building a Cloud Run function. + * + */ + @Import(name="buildConfig") + private @Nullable Output buildConfig; + + /** + * @return Configuration for building a Cloud Run function. + * + */ + public Optional> buildConfig() { + return Optional.ofNullable(this.buildConfig); + } + /** * Arbitrary identifier for the API client. * @@ -657,6 +673,7 @@ private ServiceState() {} private ServiceState(ServiceState $) { this.annotations = $.annotations; this.binaryAuthorization = $.binaryAuthorization; + this.buildConfig = $.buildConfig; this.client = $.client; this.clientVersion = $.clientVersion; this.conditions = $.conditions; @@ -768,6 +785,27 @@ public Builder binaryAuthorization(ServiceBinaryAuthorizationArgs binaryAuthoriz return binaryAuthorization(Output.of(binaryAuthorization)); } + /** + * @param buildConfig Configuration for building a Cloud Run function. + * + * @return builder + * + */ + public Builder buildConfig(@Nullable Output buildConfig) { + $.buildConfig = buildConfig; + return this; + } + + /** + * @param buildConfig Configuration for building a Cloud Run function. + * + * @return builder + * + */ + public Builder buildConfig(ServiceBuildConfigArgs buildConfig) { + return buildConfig(Output.of(buildConfig)); + } + /** * @param client Arbitrary identifier for the API client. * diff --git a/sdk/java/src/main/java/com/pulumi/gcp/cloudrunv2/outputs/GetServiceBuildConfig.java b/sdk/java/src/main/java/com/pulumi/gcp/cloudrunv2/outputs/GetServiceBuildConfig.java new file mode 100644 index 0000000000..d8385ce8ff --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/cloudrunv2/outputs/GetServiceBuildConfig.java @@ -0,0 +1,244 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.cloudrunv2.outputs; + +import com.pulumi.core.annotations.CustomType; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.Boolean; +import java.lang.String; +import java.util.Map; +import java.util.Objects; + +@CustomType +public final class GetServiceBuildConfig { + /** + * @return The base image used to build the function. + * + */ + private String baseImage; + /** + * @return Sets whether the function will receive automatic base image updates. + * + */ + private Boolean enableAutomaticUpdates; + /** + * @return User-provided build-time environment variables for the function. + * + */ + private Map environmentVariables; + /** + * @return The name of the function (as defined in source code) that will be executed. Defaults to the resource name suffix, if not specified. For backward compatibility, if function with given name is not found, then the system will try to use function named "function". + * + */ + private String functionTarget; + /** + * @return Artifact Registry URI to store the built image. + * + */ + private String imageUri; + /** + * @return The name of the Cloud Run v2 Service. + * + */ + private String name; + /** + * @return Service account to be used for building the container. The format of this field is 'projects/{projectId}/serviceAccounts/{serviceAccountEmail}'. + * + */ + private String serviceAccount; + /** + * @return The Cloud Storage bucket URI where the function source code is located. + * + */ + private String sourceLocation; + /** + * @return Name of the Cloud Build Custom Worker Pool that should be used to build the Cloud Run function. The format of this field is 'projects/{project}/locations/{region}/workerPools/{workerPool}' where {project} and {region} are the project id and region respectively where the worker pool is defined and {workerPool} is the short name of the worker pool. + * + */ + private String workerPool; + + private GetServiceBuildConfig() {} + /** + * @return The base image used to build the function. + * + */ + public String baseImage() { + return this.baseImage; + } + /** + * @return Sets whether the function will receive automatic base image updates. + * + */ + public Boolean enableAutomaticUpdates() { + return this.enableAutomaticUpdates; + } + /** + * @return User-provided build-time environment variables for the function. + * + */ + public Map environmentVariables() { + return this.environmentVariables; + } + /** + * @return The name of the function (as defined in source code) that will be executed. Defaults to the resource name suffix, if not specified. For backward compatibility, if function with given name is not found, then the system will try to use function named "function". + * + */ + public String functionTarget() { + return this.functionTarget; + } + /** + * @return Artifact Registry URI to store the built image. + * + */ + public String imageUri() { + return this.imageUri; + } + /** + * @return The name of the Cloud Run v2 Service. + * + */ + public String name() { + return this.name; + } + /** + * @return Service account to be used for building the container. The format of this field is 'projects/{projectId}/serviceAccounts/{serviceAccountEmail}'. + * + */ + public String serviceAccount() { + return this.serviceAccount; + } + /** + * @return The Cloud Storage bucket URI where the function source code is located. + * + */ + public String sourceLocation() { + return this.sourceLocation; + } + /** + * @return Name of the Cloud Build Custom Worker Pool that should be used to build the Cloud Run function. The format of this field is 'projects/{project}/locations/{region}/workerPools/{workerPool}' where {project} and {region} are the project id and region respectively where the worker pool is defined and {workerPool} is the short name of the worker pool. + * + */ + public String workerPool() { + return this.workerPool; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(GetServiceBuildConfig defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private String baseImage; + private Boolean enableAutomaticUpdates; + private Map environmentVariables; + private String functionTarget; + private String imageUri; + private String name; + private String serviceAccount; + private String sourceLocation; + private String workerPool; + public Builder() {} + public Builder(GetServiceBuildConfig defaults) { + Objects.requireNonNull(defaults); + this.baseImage = defaults.baseImage; + this.enableAutomaticUpdates = defaults.enableAutomaticUpdates; + this.environmentVariables = defaults.environmentVariables; + this.functionTarget = defaults.functionTarget; + this.imageUri = defaults.imageUri; + this.name = defaults.name; + this.serviceAccount = defaults.serviceAccount; + this.sourceLocation = defaults.sourceLocation; + this.workerPool = defaults.workerPool; + } + + @CustomType.Setter + public Builder baseImage(String baseImage) { + if (baseImage == null) { + throw new MissingRequiredPropertyException("GetServiceBuildConfig", "baseImage"); + } + this.baseImage = baseImage; + return this; + } + @CustomType.Setter + public Builder enableAutomaticUpdates(Boolean enableAutomaticUpdates) { + if (enableAutomaticUpdates == null) { + throw new MissingRequiredPropertyException("GetServiceBuildConfig", "enableAutomaticUpdates"); + } + this.enableAutomaticUpdates = enableAutomaticUpdates; + return this; + } + @CustomType.Setter + public Builder environmentVariables(Map environmentVariables) { + if (environmentVariables == null) { + throw new MissingRequiredPropertyException("GetServiceBuildConfig", "environmentVariables"); + } + this.environmentVariables = environmentVariables; + return this; + } + @CustomType.Setter + public Builder functionTarget(String functionTarget) { + if (functionTarget == null) { + throw new MissingRequiredPropertyException("GetServiceBuildConfig", "functionTarget"); + } + this.functionTarget = functionTarget; + return this; + } + @CustomType.Setter + public Builder imageUri(String imageUri) { + if (imageUri == null) { + throw new MissingRequiredPropertyException("GetServiceBuildConfig", "imageUri"); + } + this.imageUri = imageUri; + return this; + } + @CustomType.Setter + public Builder name(String name) { + if (name == null) { + throw new MissingRequiredPropertyException("GetServiceBuildConfig", "name"); + } + this.name = name; + return this; + } + @CustomType.Setter + public Builder serviceAccount(String serviceAccount) { + if (serviceAccount == null) { + throw new MissingRequiredPropertyException("GetServiceBuildConfig", "serviceAccount"); + } + this.serviceAccount = serviceAccount; + return this; + } + @CustomType.Setter + public Builder sourceLocation(String sourceLocation) { + if (sourceLocation == null) { + throw new MissingRequiredPropertyException("GetServiceBuildConfig", "sourceLocation"); + } + this.sourceLocation = sourceLocation; + return this; + } + @CustomType.Setter + public Builder workerPool(String workerPool) { + if (workerPool == null) { + throw new MissingRequiredPropertyException("GetServiceBuildConfig", "workerPool"); + } + this.workerPool = workerPool; + return this; + } + public GetServiceBuildConfig build() { + final var _resultValue = new GetServiceBuildConfig(); + _resultValue.baseImage = baseImage; + _resultValue.enableAutomaticUpdates = enableAutomaticUpdates; + _resultValue.environmentVariables = environmentVariables; + _resultValue.functionTarget = functionTarget; + _resultValue.imageUri = imageUri; + _resultValue.name = name; + _resultValue.serviceAccount = serviceAccount; + _resultValue.sourceLocation = sourceLocation; + _resultValue.workerPool = workerPool; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/cloudrunv2/outputs/GetServiceResult.java b/sdk/java/src/main/java/com/pulumi/gcp/cloudrunv2/outputs/GetServiceResult.java index b2e3b861b9..df3be4744b 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/cloudrunv2/outputs/GetServiceResult.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/cloudrunv2/outputs/GetServiceResult.java @@ -6,6 +6,7 @@ import com.pulumi.core.annotations.CustomType; import com.pulumi.exceptions.MissingRequiredPropertyException; import com.pulumi.gcp.cloudrunv2.outputs.GetServiceBinaryAuthorization; +import com.pulumi.gcp.cloudrunv2.outputs.GetServiceBuildConfig; import com.pulumi.gcp.cloudrunv2.outputs.GetServiceCondition; import com.pulumi.gcp.cloudrunv2.outputs.GetServiceScaling; import com.pulumi.gcp.cloudrunv2.outputs.GetServiceTemplate; @@ -24,6 +25,7 @@ public final class GetServiceResult { private Map annotations; private List binaryAuthorizations; + private List buildConfigs; private String client; private String clientVersion; private List conditions; @@ -74,6 +76,9 @@ public Map annotations() { public List binaryAuthorizations() { return this.binaryAuthorizations; } + public List buildConfigs() { + return this.buildConfigs; + } public String client() { return this.client; } @@ -204,6 +209,7 @@ public static Builder builder(GetServiceResult defaults) { public static final class Builder { private Map annotations; private List binaryAuthorizations; + private List buildConfigs; private String client; private String clientVersion; private List conditions; @@ -247,6 +253,7 @@ public Builder(GetServiceResult defaults) { Objects.requireNonNull(defaults); this.annotations = defaults.annotations; this.binaryAuthorizations = defaults.binaryAuthorizations; + this.buildConfigs = defaults.buildConfigs; this.client = defaults.client; this.clientVersion = defaults.clientVersion; this.conditions = defaults.conditions; @@ -307,6 +314,17 @@ public Builder binaryAuthorizations(GetServiceBinaryAuthorization... binaryAutho return binaryAuthorizations(List.of(binaryAuthorizations)); } @CustomType.Setter + public Builder buildConfigs(List buildConfigs) { + if (buildConfigs == null) { + throw new MissingRequiredPropertyException("GetServiceResult", "buildConfigs"); + } + this.buildConfigs = buildConfigs; + return this; + } + public Builder buildConfigs(GetServiceBuildConfig... buildConfigs) { + return buildConfigs(List.of(buildConfigs)); + } + @CustomType.Setter public Builder client(String client) { if (client == null) { throw new MissingRequiredPropertyException("GetServiceResult", "client"); @@ -634,6 +652,7 @@ public GetServiceResult build() { final var _resultValue = new GetServiceResult(); _resultValue.annotations = annotations; _resultValue.binaryAuthorizations = binaryAuthorizations; + _resultValue.buildConfigs = buildConfigs; _resultValue.client = client; _resultValue.clientVersion = clientVersion; _resultValue.conditions = conditions; diff --git a/sdk/java/src/main/java/com/pulumi/gcp/cloudrunv2/outputs/ServiceBuildConfig.java b/sdk/java/src/main/java/com/pulumi/gcp/cloudrunv2/outputs/ServiceBuildConfig.java new file mode 100644 index 0000000000..25ed7dbeeb --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/cloudrunv2/outputs/ServiceBuildConfig.java @@ -0,0 +1,229 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.cloudrunv2.outputs; + +import com.pulumi.core.annotations.CustomType; +import java.lang.Boolean; +import java.lang.String; +import java.util.Map; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + +@CustomType +public final class ServiceBuildConfig { + /** + * @return The base image used to build the function. + * + */ + private @Nullable String baseImage; + /** + * @return Sets whether the function will receive automatic base image updates. + * + */ + private @Nullable Boolean enableAutomaticUpdates; + /** + * @return User-provided build-time environment variables for the function. + * + */ + private @Nullable Map environmentVariables; + /** + * @return The name of the function (as defined in source code) that will be executed. Defaults to the resource name suffix, if not specified. For backward compatibility, if function with given name is not found, then the system will try to use function named "function". + * + */ + private @Nullable String functionTarget; + /** + * @return Artifact Registry URI to store the built image. + * + */ + private @Nullable String imageUri; + /** + * @return (Output) + * The Cloud Build name of the latest successful deployment of the function. + * + */ + private @Nullable String name; + /** + * @return Service account to be used for building the container. The format of this field is `projects/{projectId}/serviceAccounts/{serviceAccountEmail}`. + * + */ + private @Nullable String serviceAccount; + /** + * @return The Cloud Storage bucket URI where the function source code is located. + * + */ + private @Nullable String sourceLocation; + /** + * @return Name of the Cloud Build Custom Worker Pool that should be used to build the Cloud Run function. The format of this field is `projects/{project}/locations/{region}/workerPools/{workerPool}` where {project} and {region} are the project id and region respectively where the worker pool is defined and {workerPool} is the short name of the worker pool. + * + */ + private @Nullable String workerPool; + + private ServiceBuildConfig() {} + /** + * @return The base image used to build the function. + * + */ + public Optional baseImage() { + return Optional.ofNullable(this.baseImage); + } + /** + * @return Sets whether the function will receive automatic base image updates. + * + */ + public Optional enableAutomaticUpdates() { + return Optional.ofNullable(this.enableAutomaticUpdates); + } + /** + * @return User-provided build-time environment variables for the function. + * + */ + public Map environmentVariables() { + return this.environmentVariables == null ? Map.of() : this.environmentVariables; + } + /** + * @return The name of the function (as defined in source code) that will be executed. Defaults to the resource name suffix, if not specified. For backward compatibility, if function with given name is not found, then the system will try to use function named "function". + * + */ + public Optional functionTarget() { + return Optional.ofNullable(this.functionTarget); + } + /** + * @return Artifact Registry URI to store the built image. + * + */ + public Optional imageUri() { + return Optional.ofNullable(this.imageUri); + } + /** + * @return (Output) + * The Cloud Build name of the latest successful deployment of the function. + * + */ + public Optional name() { + return Optional.ofNullable(this.name); + } + /** + * @return Service account to be used for building the container. The format of this field is `projects/{projectId}/serviceAccounts/{serviceAccountEmail}`. + * + */ + public Optional serviceAccount() { + return Optional.ofNullable(this.serviceAccount); + } + /** + * @return The Cloud Storage bucket URI where the function source code is located. + * + */ + public Optional sourceLocation() { + return Optional.ofNullable(this.sourceLocation); + } + /** + * @return Name of the Cloud Build Custom Worker Pool that should be used to build the Cloud Run function. The format of this field is `projects/{project}/locations/{region}/workerPools/{workerPool}` where {project} and {region} are the project id and region respectively where the worker pool is defined and {workerPool} is the short name of the worker pool. + * + */ + public Optional workerPool() { + return Optional.ofNullable(this.workerPool); + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(ServiceBuildConfig defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private @Nullable String baseImage; + private @Nullable Boolean enableAutomaticUpdates; + private @Nullable Map environmentVariables; + private @Nullable String functionTarget; + private @Nullable String imageUri; + private @Nullable String name; + private @Nullable String serviceAccount; + private @Nullable String sourceLocation; + private @Nullable String workerPool; + public Builder() {} + public Builder(ServiceBuildConfig defaults) { + Objects.requireNonNull(defaults); + this.baseImage = defaults.baseImage; + this.enableAutomaticUpdates = defaults.enableAutomaticUpdates; + this.environmentVariables = defaults.environmentVariables; + this.functionTarget = defaults.functionTarget; + this.imageUri = defaults.imageUri; + this.name = defaults.name; + this.serviceAccount = defaults.serviceAccount; + this.sourceLocation = defaults.sourceLocation; + this.workerPool = defaults.workerPool; + } + + @CustomType.Setter + public Builder baseImage(@Nullable String baseImage) { + + this.baseImage = baseImage; + return this; + } + @CustomType.Setter + public Builder enableAutomaticUpdates(@Nullable Boolean enableAutomaticUpdates) { + + this.enableAutomaticUpdates = enableAutomaticUpdates; + return this; + } + @CustomType.Setter + public Builder environmentVariables(@Nullable Map environmentVariables) { + + this.environmentVariables = environmentVariables; + return this; + } + @CustomType.Setter + public Builder functionTarget(@Nullable String functionTarget) { + + this.functionTarget = functionTarget; + return this; + } + @CustomType.Setter + public Builder imageUri(@Nullable String imageUri) { + + this.imageUri = imageUri; + return this; + } + @CustomType.Setter + public Builder name(@Nullable String name) { + + this.name = name; + return this; + } + @CustomType.Setter + public Builder serviceAccount(@Nullable String serviceAccount) { + + this.serviceAccount = serviceAccount; + return this; + } + @CustomType.Setter + public Builder sourceLocation(@Nullable String sourceLocation) { + + this.sourceLocation = sourceLocation; + return this; + } + @CustomType.Setter + public Builder workerPool(@Nullable String workerPool) { + + this.workerPool = workerPool; + return this; + } + public ServiceBuildConfig build() { + final var _resultValue = new ServiceBuildConfig(); + _resultValue.baseImage = baseImage; + _resultValue.enableAutomaticUpdates = enableAutomaticUpdates; + _resultValue.environmentVariables = environmentVariables; + _resultValue.functionTarget = functionTarget; + _resultValue.imageUri = imageUri; + _resultValue.name = name; + _resultValue.serviceAccount = serviceAccount; + _resultValue.sourceLocation = sourceLocation; + _resultValue.workerPool = workerPool; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/colab/ColabFunctions.java b/sdk/java/src/main/java/com/pulumi/gcp/colab/ColabFunctions.java new file mode 100644 index 0000000000..aa057988c2 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/colab/ColabFunctions.java @@ -0,0 +1,238 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.colab; + +import com.pulumi.core.Output; +import com.pulumi.core.TypeShape; +import com.pulumi.deployment.Deployment; +import com.pulumi.deployment.InvokeOptions; +import com.pulumi.deployment.InvokeOutputOptions; +import com.pulumi.gcp.Utilities; +import com.pulumi.gcp.colab.inputs.GetRuntimeTemplateIamPolicyArgs; +import com.pulumi.gcp.colab.inputs.GetRuntimeTemplateIamPolicyPlainArgs; +import com.pulumi.gcp.colab.outputs.GetRuntimeTemplateIamPolicyResult; +import java.util.concurrent.CompletableFuture; + +public final class ColabFunctions { + /** + * Retrieves the current IAM policy data for runtimetemplate + * + * ## example + * + * <!--Start PulumiCodeChooser --> + * 
+     * {@code
+     * package generated_program;
+     * 
+     * import com.pulumi.Context;
+     * import com.pulumi.Pulumi;
+     * import com.pulumi.core.Output;
+     * import com.pulumi.gcp.colab.ColabFunctions;
+     * import com.pulumi.gcp.colab.inputs.GetRuntimeTemplateIamPolicyArgs;
+     * import java.util.List;
+     * import java.util.ArrayList;
+     * import java.util.Map;
+     * import java.io.File;
+     * import java.nio.file.Files;
+     * import java.nio.file.Paths;
+     * 
+     * public class App {
+     *     public static void main(String[] args) {
+     *         Pulumi.run(App::stack);
+     *     }
+     * 
+     *     public static void stack(Context ctx) {
+     *         final var policy = ColabFunctions.getRuntimeTemplateIamPolicy(GetRuntimeTemplateIamPolicyArgs.builder()
+     *             .project(runtime_template.project())
+     *             .location(runtime_template.location())
+     *             .runtimeTemplate(runtime_template.name())
+     *             .build());
+     * 
+     *     }
+     * }
+     * }
+     *
+ * <!--End PulumiCodeChooser --> + * + */ + public static Output getRuntimeTemplateIamPolicy(GetRuntimeTemplateIamPolicyArgs args) { + return getRuntimeTemplateIamPolicy(args, InvokeOptions.Empty); + } + /** + * Retrieves the current IAM policy data for runtimetemplate + * + * ## example + * + * <!--Start PulumiCodeChooser --> + * 
+     * {@code
+     * package generated_program;
+     * 
+     * import com.pulumi.Context;
+     * import com.pulumi.Pulumi;
+     * import com.pulumi.core.Output;
+     * import com.pulumi.gcp.colab.ColabFunctions;
+     * import com.pulumi.gcp.colab.inputs.GetRuntimeTemplateIamPolicyArgs;
+     * import java.util.List;
+     * import java.util.ArrayList;
+     * import java.util.Map;
+     * import java.io.File;
+     * import java.nio.file.Files;
+     * import java.nio.file.Paths;
+     * 
+     * public class App {
+     *     public static void main(String[] args) {
+     *         Pulumi.run(App::stack);
+     *     }
+     * 
+     *     public static void stack(Context ctx) {
+     *         final var policy = ColabFunctions.getRuntimeTemplateIamPolicy(GetRuntimeTemplateIamPolicyArgs.builder()
+     *             .project(runtime_template.project())
+     *             .location(runtime_template.location())
+     *             .runtimeTemplate(runtime_template.name())
+     *             .build());
+     * 
+     *     }
+     * }
+     * }
+     *
+ * <!--End PulumiCodeChooser --> + * + */ + public static CompletableFuture getRuntimeTemplateIamPolicyPlain(GetRuntimeTemplateIamPolicyPlainArgs args) { + return getRuntimeTemplateIamPolicyPlain(args, InvokeOptions.Empty); + } + /** + * Retrieves the current IAM policy data for runtimetemplate + * + * ## example + * + * <!--Start PulumiCodeChooser --> + * 
+     * {@code
+     * package generated_program;
+     * 
+     * import com.pulumi.Context;
+     * import com.pulumi.Pulumi;
+     * import com.pulumi.core.Output;
+     * import com.pulumi.gcp.colab.ColabFunctions;
+     * import com.pulumi.gcp.colab.inputs.GetRuntimeTemplateIamPolicyArgs;
+     * import java.util.List;
+     * import java.util.ArrayList;
+     * import java.util.Map;
+     * import java.io.File;
+     * import java.nio.file.Files;
+     * import java.nio.file.Paths;
+     * 
+     * public class App {
+     *     public static void main(String[] args) {
+     *         Pulumi.run(App::stack);
+     *     }
+     * 
+     *     public static void stack(Context ctx) {
+     *         final var policy = ColabFunctions.getRuntimeTemplateIamPolicy(GetRuntimeTemplateIamPolicyArgs.builder()
+     *             .project(runtime_template.project())
+     *             .location(runtime_template.location())
+     *             .runtimeTemplate(runtime_template.name())
+     *             .build());
+     * 
+     *     }
+     * }
+     * }
+     *
+ * <!--End PulumiCodeChooser --> + * + */ + public static Output getRuntimeTemplateIamPolicy(GetRuntimeTemplateIamPolicyArgs args, InvokeOptions options) { + return Deployment.getInstance().invoke("gcp:colab/getRuntimeTemplateIamPolicy:getRuntimeTemplateIamPolicy", TypeShape.of(GetRuntimeTemplateIamPolicyResult.class), args, Utilities.withVersion(options)); + } + /** + * Retrieves the current IAM policy data for runtimetemplate + * + * ## example + * + * <!--Start PulumiCodeChooser --> + * 
+     * {@code
+     * package generated_program;
+     * 
+     * import com.pulumi.Context;
+     * import com.pulumi.Pulumi;
+     * import com.pulumi.core.Output;
+     * import com.pulumi.gcp.colab.ColabFunctions;
+     * import com.pulumi.gcp.colab.inputs.GetRuntimeTemplateIamPolicyArgs;
+     * import java.util.List;
+     * import java.util.ArrayList;
+     * import java.util.Map;
+     * import java.io.File;
+     * import java.nio.file.Files;
+     * import java.nio.file.Paths;
+     * 
+     * public class App {
+     *     public static void main(String[] args) {
+     *         Pulumi.run(App::stack);
+     *     }
+     * 
+     *     public static void stack(Context ctx) {
+     *         final var policy = ColabFunctions.getRuntimeTemplateIamPolicy(GetRuntimeTemplateIamPolicyArgs.builder()
+     *             .project(runtime_template.project())
+     *             .location(runtime_template.location())
+     *             .runtimeTemplate(runtime_template.name())
+     *             .build());
+     * 
+     *     }
+     * }
+     * }
+     *
+ * <!--End PulumiCodeChooser --> + * + */ + public static Output getRuntimeTemplateIamPolicy(GetRuntimeTemplateIamPolicyArgs args, InvokeOutputOptions options) { + return Deployment.getInstance().invoke("gcp:colab/getRuntimeTemplateIamPolicy:getRuntimeTemplateIamPolicy", TypeShape.of(GetRuntimeTemplateIamPolicyResult.class), args, Utilities.withVersion(options)); + } + /** + * Retrieves the current IAM policy data for runtimetemplate + * + * ## example + * + * <!--Start PulumiCodeChooser --> + * 
+     * {@code
+     * package generated_program;
+     * 
+     * import com.pulumi.Context;
+     * import com.pulumi.Pulumi;
+     * import com.pulumi.core.Output;
+     * import com.pulumi.gcp.colab.ColabFunctions;
+     * import com.pulumi.gcp.colab.inputs.GetRuntimeTemplateIamPolicyArgs;
+     * import java.util.List;
+     * import java.util.ArrayList;
+     * import java.util.Map;
+     * import java.io.File;
+     * import java.nio.file.Files;
+     * import java.nio.file.Paths;
+     * 
+     * public class App {
+     *     public static void main(String[] args) {
+     *         Pulumi.run(App::stack);
+     *     }
+     * 
+     *     public static void stack(Context ctx) {
+     *         final var policy = ColabFunctions.getRuntimeTemplateIamPolicy(GetRuntimeTemplateIamPolicyArgs.builder()
+     *             .project(runtime_template.project())
+     *             .location(runtime_template.location())
+     *             .runtimeTemplate(runtime_template.name())
+     *             .build());
+     * 
+     *     }
+     * }
+     * }
+     *
+ * <!--End PulumiCodeChooser --> + * + */ + public static CompletableFuture getRuntimeTemplateIamPolicyPlain(GetRuntimeTemplateIamPolicyPlainArgs args, InvokeOptions options) { + return Deployment.getInstance().invokeAsync("gcp:colab/getRuntimeTemplateIamPolicy:getRuntimeTemplateIamPolicy", TypeShape.of(GetRuntimeTemplateIamPolicyResult.class), args, Utilities.withVersion(options)); + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/colab/Runtime.java b/sdk/java/src/main/java/com/pulumi/gcp/colab/Runtime.java new file mode 100644 index 0000000000..7edf2166fb --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/colab/Runtime.java @@ -0,0 +1,368 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.colab; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Export; +import com.pulumi.core.annotations.ResourceType; +import com.pulumi.core.internal.Codegen; +import com.pulumi.gcp.Utilities; +import com.pulumi.gcp.colab.RuntimeArgs; +import com.pulumi.gcp.colab.inputs.RuntimeState; +import com.pulumi.gcp.colab.outputs.RuntimeNotebookRuntimeTemplateRef; +import java.lang.String; +import java.util.Optional; +import javax.annotation.Nullable; + +/** + * 'A runtime is a Google-provisioned virtual machine (VM) that can run the code in your notebook (IPYNB file).' + * + * To get more information about Runtime, see: + * + * * [API documentation](https://cloud.google.com/vertex-ai/docs/reference/rest/v1/projects.locations.notebookRuntimes) + * * How-to Guides + * * [Create a runtime](https://cloud.google.com/colab/docs/create-runtime) + * + * ## Example Usage + * + * ### Colab Runtime Basic + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.colab.RuntimeTemplate;
+ * import com.pulumi.gcp.colab.RuntimeTemplateArgs;
+ * import com.pulumi.gcp.colab.inputs.RuntimeTemplateMachineSpecArgs;
+ * import com.pulumi.gcp.colab.inputs.RuntimeTemplateNetworkSpecArgs;
+ * import com.pulumi.gcp.colab.Runtime;
+ * import com.pulumi.gcp.colab.RuntimeArgs;
+ * import com.pulumi.gcp.colab.inputs.RuntimeNotebookRuntimeTemplateRefArgs;
+ * import com.pulumi.resources.CustomResourceOptions;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App }{{@code
+ *     public static void main(String[] args) }{{@code
+ *         Pulumi.run(App::stack);
+ *     }}{@code
+ * 
+ *     public static void stack(Context ctx) }{{@code
+ *         var myTemplate = new RuntimeTemplate("myTemplate", RuntimeTemplateArgs.builder()
+ *             .name("colab-runtime")
+ *             .displayName("Runtime template basic")
+ *             .location("us-central1")
+ *             .machineSpec(RuntimeTemplateMachineSpecArgs.builder()
+ *                 .machineType("e2-standard-4")
+ *                 .build())
+ *             .networkSpec(RuntimeTemplateNetworkSpecArgs.builder()
+ *                 .enableInternetAccess(true)
+ *                 .build())
+ *             .build());
+ * 
+ *         var runtime = new Runtime("runtime", RuntimeArgs.builder()
+ *             .name("colab-runtime")
+ *             .location("us-central1")
+ *             .notebookRuntimeTemplateRef(RuntimeNotebookRuntimeTemplateRefArgs.builder()
+ *                 .notebookRuntimeTemplate(myTemplate.id())
+ *                 .build())
+ *             .displayName("Runtime basic")
+ *             .runtimeUser("gterraformtestuser}{@literal @}{@code gmail.com")
+ *             .build(), CustomResourceOptions.builder()
+ *                 .dependsOn(myTemplate)
+ *                 .build());
+ * 
+ *     }}{@code
+ * }}{@code
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * ### Colab Runtime Full + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.colab.RuntimeTemplate;
+ * import com.pulumi.gcp.colab.RuntimeTemplateArgs;
+ * import com.pulumi.gcp.colab.inputs.RuntimeTemplateMachineSpecArgs;
+ * import com.pulumi.gcp.colab.inputs.RuntimeTemplateDataPersistentDiskSpecArgs;
+ * import com.pulumi.gcp.colab.inputs.RuntimeTemplateNetworkSpecArgs;
+ * import com.pulumi.gcp.colab.inputs.RuntimeTemplateIdleShutdownConfigArgs;
+ * import com.pulumi.gcp.colab.inputs.RuntimeTemplateEucConfigArgs;
+ * import com.pulumi.gcp.colab.inputs.RuntimeTemplateShieldedVmConfigArgs;
+ * import com.pulumi.gcp.colab.inputs.RuntimeTemplateEncryptionSpecArgs;
+ * import com.pulumi.gcp.colab.Runtime;
+ * import com.pulumi.gcp.colab.RuntimeArgs;
+ * import com.pulumi.gcp.colab.inputs.RuntimeNotebookRuntimeTemplateRefArgs;
+ * import com.pulumi.resources.CustomResourceOptions;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App }{{@code
+ *     public static void main(String[] args) }{{@code
+ *         Pulumi.run(App::stack);
+ *     }}{@code
+ * 
+ *     public static void stack(Context ctx) }{{@code
+ *         var myTemplate = new RuntimeTemplate("myTemplate", RuntimeTemplateArgs.builder()
+ *             .name("colab-runtime")
+ *             .displayName("Runtime template full")
+ *             .location("us-central1")
+ *             .description("Full runtime template")
+ *             .machineSpec(RuntimeTemplateMachineSpecArgs.builder()
+ *                 .machineType("n1-standard-2")
+ *                 .acceleratorType("NVIDIA_TESLA_T4")
+ *                 .acceleratorCount("1")
+ *                 .build())
+ *             .dataPersistentDiskSpec(RuntimeTemplateDataPersistentDiskSpecArgs.builder()
+ *                 .diskType("pd-standard")
+ *                 .diskSizeGb(200)
+ *                 .build())
+ *             .networkSpec(RuntimeTemplateNetworkSpecArgs.builder()
+ *                 .enableInternetAccess(true)
+ *                 .build())
+ *             .labels(Map.of("k", "val"))
+ *             .idleShutdownConfig(RuntimeTemplateIdleShutdownConfigArgs.builder()
+ *                 .idleTimeout("3600s")
+ *                 .build())
+ *             .eucConfig(RuntimeTemplateEucConfigArgs.builder()
+ *                 .eucDisabled(true)
+ *                 .build())
+ *             .shieldedVmConfig(RuntimeTemplateShieldedVmConfigArgs.builder()
+ *                 .enableSecureBoot(true)
+ *                 .build())
+ *             .networkTags(            
+ *                 "abc",
+ *                 "def")
+ *             .encryptionSpec(RuntimeTemplateEncryptionSpecArgs.builder()
+ *                 .kmsKeyName("my-crypto-key")
+ *                 .build())
+ *             .build());
+ * 
+ *         var runtime = new Runtime("runtime", RuntimeArgs.builder()
+ *             .name("colab-runtime")
+ *             .location("us-central1")
+ *             .notebookRuntimeTemplateRef(RuntimeNotebookRuntimeTemplateRefArgs.builder()
+ *                 .notebookRuntimeTemplate(myTemplate.id())
+ *                 .build())
+ *             .displayName("Runtime full")
+ *             .runtimeUser("gterraformtestuser}{@literal @}{@code gmail.com")
+ *             .description("Full runtime")
+ *             .build(), CustomResourceOptions.builder()
+ *                 .dependsOn(myTemplate)
+ *                 .build());
+ * 
+ *     }}{@code
+ * }}{@code
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * ## Import + * + * Runtime can be imported using any of these accepted formats: + * + * * `projects/{{project}}/locations/{{location}}/notebookRuntimes/{{name}}` + * + * * `{{project}}/{{location}}/{{name}}` + * + * * `{{location}}/{{name}}` + * + * When using the `pulumi import` command, Runtime can be imported using one of the formats above. For example: + * + * ```sh + * $ pulumi import gcp:colab/runtime:Runtime default projects/{{project}}/locations/{{location}}/notebookRuntimes/{{name}} + * ``` + * + * ```sh + * $ pulumi import gcp:colab/runtime:Runtime default {{project}}/{{location}}/{{name}} + * ``` + * + * ```sh + * $ pulumi import gcp:colab/runtime:Runtime default {{location}}/{{name}} + * ``` + * + */ +@ResourceType(type="gcp:colab/runtime:Runtime") +public class Runtime extends com.pulumi.resources.CustomResource { + /** + * The description of the Runtime. + * + */ + @Export(name="description", refs={String.class}, tree="[0]") + private Output description; + + /** + * @return The description of the Runtime. + * + */ + public Output> description() { + return Codegen.optional(this.description); + } + /** + * Required. The display name of the Runtime. + * + */ + @Export(name="displayName", refs={String.class}, tree="[0]") + private Output displayName; + + /** + * @return Required. The display name of the Runtime. + * + */ + public Output displayName() { + return this.displayName; + } + /** + * The location for the resource: https://cloud.google.com/colab/docs/locations + * + * *** + * + */ + @Export(name="location", refs={String.class}, tree="[0]") + private Output location; + + /** + * @return The location for the resource: https://cloud.google.com/colab/docs/locations + * + * *** + * + */ + public Output location() { + return this.location; + } + /** + * The resource name of the Runtime + * + */ + @Export(name="name", refs={String.class}, tree="[0]") + private Output name; + + /** + * @return The resource name of the Runtime + * + */ + public Output name() { + return this.name; + } + /** + * 'Runtime specific information used for NotebookRuntime creation.' + * Structure is documented below. + * + */ + @Export(name="notebookRuntimeTemplateRef", refs={RuntimeNotebookRuntimeTemplateRef.class}, tree="[0]") + private Output notebookRuntimeTemplateRef; + + /** + * @return 'Runtime specific information used for NotebookRuntime creation.' + * Structure is documented below. + * + */ + public Output> notebookRuntimeTemplateRef() { + return Codegen.optional(this.notebookRuntimeTemplateRef); + } + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the provider project is used. + * + */ + @Export(name="project", refs={String.class}, tree="[0]") + private Output project; + + /** + * @return The ID of the project in which the resource belongs. + * If it is not provided, the provider project is used. + * + */ + public Output project() { + return this.project; + } + /** + * The user email of the NotebookRuntime. + * + */ + @Export(name="runtimeUser", refs={String.class}, tree="[0]") + private Output runtimeUser; + + /** + * @return The user email of the NotebookRuntime. + * + */ + public Output runtimeUser() { + return this.runtimeUser; + } + + /** + * + * @param name The _unique_ name of the resulting resource. + */ + public Runtime(java.lang.String name) { + this(name, RuntimeArgs.Empty); + } + /** + * + * @param name The _unique_ name of the resulting resource. + * @param args The arguments to use to populate this resource's properties. + */ + public Runtime(java.lang.String name, RuntimeArgs args) { + this(name, args, null); + } + /** + * + * @param name The _unique_ name of the resulting resource. + * @param args The arguments to use to populate this resource's properties. + * @param options A bag of options that control this resource's behavior. + */ + public Runtime(java.lang.String name, RuntimeArgs args, @Nullable com.pulumi.resources.CustomResourceOptions options) { + super("gcp:colab/runtime:Runtime", name, makeArgs(args, options), makeResourceOptions(options, Codegen.empty()), false); + } + + private Runtime(java.lang.String name, Output id, @Nullable RuntimeState state, @Nullable com.pulumi.resources.CustomResourceOptions options) { + super("gcp:colab/runtime:Runtime", name, state, makeResourceOptions(options, id), false); + } + + private static RuntimeArgs makeArgs(RuntimeArgs args, @Nullable com.pulumi.resources.CustomResourceOptions options) { + if (options != null && options.getUrn().isPresent()) { + return null; + } + return args == null ? RuntimeArgs.Empty : args; + } + + private static com.pulumi.resources.CustomResourceOptions makeResourceOptions(@Nullable com.pulumi.resources.CustomResourceOptions options, @Nullable Output id) { + var defaultOptions = com.pulumi.resources.CustomResourceOptions.builder() + .version(Utilities.getVersion()) + .build(); + return com.pulumi.resources.CustomResourceOptions.merge(defaultOptions, options, id); + } + + /** + * Get an existing Host resource's state with the given name, ID, and optional extra + * properties used to qualify the lookup. + * + * @param name The _unique_ name of the resulting resource. + * @param id The _unique_ provider ID of the resource to lookup. + * @param state + * @param options Optional settings to control the behavior of the CustomResource. + */ + public static Runtime get(java.lang.String name, Output id, @Nullable RuntimeState state, @Nullable com.pulumi.resources.CustomResourceOptions options) { + return new Runtime(name, id, state, options); + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/colab/RuntimeArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/colab/RuntimeArgs.java new file mode 100644 index 0000000000..2b72740113 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/colab/RuntimeArgs.java @@ -0,0 +1,332 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.colab; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import com.pulumi.gcp.colab.inputs.RuntimeNotebookRuntimeTemplateRefArgs; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class RuntimeArgs extends com.pulumi.resources.ResourceArgs { + + public static final RuntimeArgs Empty = new RuntimeArgs(); + + /** + * The description of the Runtime. + * + */ + @Import(name="description") + private @Nullable Output description; + + /** + * @return The description of the Runtime. + * + */ + public Optional> description() { + return Optional.ofNullable(this.description); + } + + /** + * Required. The display name of the Runtime. + * + */ + @Import(name="displayName", required=true) + private Output displayName; + + /** + * @return Required. The display name of the Runtime. + * + */ + public Output displayName() { + return this.displayName; + } + + /** + * The location for the resource: https://cloud.google.com/colab/docs/locations + * + * *** + * + */ + @Import(name="location", required=true) + private Output location; + + /** + * @return The location for the resource: https://cloud.google.com/colab/docs/locations + * + * *** + * + */ + public Output location() { + return this.location; + } + + /** + * The resource name of the Runtime + * + */ + @Import(name="name") + private @Nullable Output name; + + /** + * @return The resource name of the Runtime + * + */ + public Optional> name() { + return Optional.ofNullable(this.name); + } + + /** + * 'Runtime specific information used for NotebookRuntime creation.' + * Structure is documented below. + * + */ + @Import(name="notebookRuntimeTemplateRef") + private @Nullable Output notebookRuntimeTemplateRef; + + /** + * @return 'Runtime specific information used for NotebookRuntime creation.' + * Structure is documented below. + * + */ + public Optional> notebookRuntimeTemplateRef() { + return Optional.ofNullable(this.notebookRuntimeTemplateRef); + } + + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the provider project is used. + * + */ + @Import(name="project") + private @Nullable Output project; + + /** + * @return The ID of the project in which the resource belongs. + * If it is not provided, the provider project is used. + * + */ + public Optional> project() { + return Optional.ofNullable(this.project); + } + + /** + * The user email of the NotebookRuntime. + * + */ + @Import(name="runtimeUser", required=true) + private Output runtimeUser; + + /** + * @return The user email of the NotebookRuntime. + * + */ + public Output runtimeUser() { + return this.runtimeUser; + } + + private RuntimeArgs() {} + + private RuntimeArgs(RuntimeArgs $) { + this.description = $.description; + this.displayName = $.displayName; + this.location = $.location; + this.name = $.name; + this.notebookRuntimeTemplateRef = $.notebookRuntimeTemplateRef; + this.project = $.project; + this.runtimeUser = $.runtimeUser; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(RuntimeArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private RuntimeArgs $; + + public Builder() { + $ = new RuntimeArgs(); + } + + public Builder(RuntimeArgs defaults) { + $ = new RuntimeArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param description The description of the Runtime. + * + * @return builder + * + */ + public Builder description(@Nullable Output description) { + $.description = description; + return this; + } + + /** + * @param description The description of the Runtime. + * + * @return builder + * + */ + public Builder description(String description) { + return description(Output.of(description)); + } + + /** + * @param displayName Required. The display name of the Runtime. + * + * @return builder + * + */ + public Builder displayName(Output displayName) { + $.displayName = displayName; + return this; + } + + /** + * @param displayName Required. The display name of the Runtime. + * + * @return builder + * + */ + public Builder displayName(String displayName) { + return displayName(Output.of(displayName)); + } + + /** + * @param location The location for the resource: https://cloud.google.com/colab/docs/locations + * + * *** + * + * @return builder + * + */ + public Builder location(Output location) { + $.location = location; + return this; + } + + /** + * @param location The location for the resource: https://cloud.google.com/colab/docs/locations + * + * *** + * + * @return builder + * + */ + public Builder location(String location) { + return location(Output.of(location)); + } + + /** + * @param name The resource name of the Runtime + * + * @return builder + * + */ + public Builder name(@Nullable Output name) { + $.name = name; + return this; + } + + /** + * @param name The resource name of the Runtime + * + * @return builder + * + */ + public Builder name(String name) { + return name(Output.of(name)); + } + + /** + * @param notebookRuntimeTemplateRef 'Runtime specific information used for NotebookRuntime creation.' + * Structure is documented below. + * + * @return builder + * + */ + public Builder notebookRuntimeTemplateRef(@Nullable Output notebookRuntimeTemplateRef) { + $.notebookRuntimeTemplateRef = notebookRuntimeTemplateRef; + return this; + } + + /** + * @param notebookRuntimeTemplateRef 'Runtime specific information used for NotebookRuntime creation.' + * Structure is documented below. + * + * @return builder + * + */ + public Builder notebookRuntimeTemplateRef(RuntimeNotebookRuntimeTemplateRefArgs notebookRuntimeTemplateRef) { + return notebookRuntimeTemplateRef(Output.of(notebookRuntimeTemplateRef)); + } + + /** + * @param project The ID of the project in which the resource belongs. + * If it is not provided, the provider project is used. + * + * @return builder + * + */ + public Builder project(@Nullable Output project) { + $.project = project; + return this; + } + + /** + * @param project The ID of the project in which the resource belongs. + * If it is not provided, the provider project is used. + * + * @return builder + * + */ + public Builder project(String project) { + return project(Output.of(project)); + } + + /** + * @param runtimeUser The user email of the NotebookRuntime. + * + * @return builder + * + */ + public Builder runtimeUser(Output runtimeUser) { + $.runtimeUser = runtimeUser; + return this; + } + + /** + * @param runtimeUser The user email of the NotebookRuntime. + * + * @return builder + * + */ + public Builder runtimeUser(String runtimeUser) { + return runtimeUser(Output.of(runtimeUser)); + } + + public RuntimeArgs build() { + if ($.displayName == null) { + throw new MissingRequiredPropertyException("RuntimeArgs", "displayName"); + } + if ($.location == null) { + throw new MissingRequiredPropertyException("RuntimeArgs", "location"); + } + if ($.runtimeUser == null) { + throw new MissingRequiredPropertyException("RuntimeArgs", "runtimeUser"); + } + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/colab/RuntimeTemplateIamBinding.java b/sdk/java/src/main/java/com/pulumi/gcp/colab/RuntimeTemplateIamBinding.java new file mode 100644 index 0000000000..05a9be5f0f --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/colab/RuntimeTemplateIamBinding.java @@ -0,0 +1,520 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.colab; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Export; +import com.pulumi.core.annotations.ResourceType; +import com.pulumi.core.internal.Codegen; +import com.pulumi.gcp.Utilities; +import com.pulumi.gcp.colab.RuntimeTemplateIamBindingArgs; +import com.pulumi.gcp.colab.inputs.RuntimeTemplateIamBindingState; +import com.pulumi.gcp.colab.outputs.RuntimeTemplateIamBindingCondition; +import java.lang.String; +import java.util.List; +import java.util.Optional; +import javax.annotation.Nullable; + +/** + * Three different resources help you manage your IAM policy for Colab Enterprise RuntimeTemplate. Each of these resources serves a different use case: + * + * * `gcp.colab.RuntimeTemplateIamPolicy`: Authoritative. Sets the IAM policy for the runtimetemplate and replaces any existing policy already attached. + * * `gcp.colab.RuntimeTemplateIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the runtimetemplate are preserved. + * * `gcp.colab.RuntimeTemplateIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the runtimetemplate are preserved. + * + * A data source can be used to retrieve policy data in advent you do not need creation + * + * * `gcp.colab.RuntimeTemplateIamPolicy`: Retrieves the IAM policy for the runtimetemplate + * + * > **Note:** `gcp.colab.RuntimeTemplateIamPolicy` **cannot** be used in conjunction with `gcp.colab.RuntimeTemplateIamBinding` and `gcp.colab.RuntimeTemplateIamMember` or they will fight over what your policy should be. + * + * > **Note:** `gcp.colab.RuntimeTemplateIamBinding` resources **can be** used in conjunction with `gcp.colab.RuntimeTemplateIamMember` resources **only if** they do not grant privilege to the same role. + * + * ## gcp.colab.RuntimeTemplateIamPolicy + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.organizations.OrganizationsFunctions;
+ * import com.pulumi.gcp.organizations.inputs.GetIAMPolicyArgs;
+ * import com.pulumi.gcp.colab.RuntimeTemplateIamPolicy;
+ * import com.pulumi.gcp.colab.RuntimeTemplateIamPolicyArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App }{{@code
+ *     public static void main(String[] args) }{{@code
+ *         Pulumi.run(App::stack);
+ *     }}{@code
+ * 
+ *     public static void stack(Context ctx) }{{@code
+ *         final var admin = OrganizationsFunctions.getIAMPolicy(GetIAMPolicyArgs.builder()
+ *             .bindings(GetIAMPolicyBindingArgs.builder()
+ *                 .role("roles/viewer")
+ *                 .members("user:jane}{@literal @}{@code example.com")
+ *                 .build())
+ *             .build());
+ * 
+ *         var policy = new RuntimeTemplateIamPolicy("policy", RuntimeTemplateIamPolicyArgs.builder()
+ *             .project(runtime_template.project())
+ *             .location(runtime_template.location())
+ *             .runtimeTemplate(runtime_template.name())
+ *             .policyData(admin.applyValue(getIAMPolicyResult -> getIAMPolicyResult.policyData()))
+ *             .build());
+ * 
+ *     }}{@code
+ * }}{@code
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * ## gcp.colab.RuntimeTemplateIamBinding + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.colab.RuntimeTemplateIamBinding;
+ * import com.pulumi.gcp.colab.RuntimeTemplateIamBindingArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App }{{@code
+ *     public static void main(String[] args) }{{@code
+ *         Pulumi.run(App::stack);
+ *     }}{@code
+ * 
+ *     public static void stack(Context ctx) }{{@code
+ *         var binding = new RuntimeTemplateIamBinding("binding", RuntimeTemplateIamBindingArgs.builder()
+ *             .project(runtime_template.project())
+ *             .location(runtime_template.location())
+ *             .runtimeTemplate(runtime_template.name())
+ *             .role("roles/viewer")
+ *             .members("user:jane}{@literal @}{@code example.com")
+ *             .build());
+ * 
+ *     }}{@code
+ * }}{@code
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * ## gcp.colab.RuntimeTemplateIamMember + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.colab.RuntimeTemplateIamMember;
+ * import com.pulumi.gcp.colab.RuntimeTemplateIamMemberArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App }{{@code
+ *     public static void main(String[] args) }{{@code
+ *         Pulumi.run(App::stack);
+ *     }}{@code
+ * 
+ *     public static void stack(Context ctx) }{{@code
+ *         var member = new RuntimeTemplateIamMember("member", RuntimeTemplateIamMemberArgs.builder()
+ *             .project(runtime_template.project())
+ *             .location(runtime_template.location())
+ *             .runtimeTemplate(runtime_template.name())
+ *             .role("roles/viewer")
+ *             .member("user:jane}{@literal @}{@code example.com")
+ *             .build());
+ * 
+ *     }}{@code
+ * }}{@code
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * ## This resource supports User Project Overrides. + * + * - + * + * # IAM policy for Colab Enterprise RuntimeTemplate + * Three different resources help you manage your IAM policy for Colab Enterprise RuntimeTemplate. Each of these resources serves a different use case: + * + * * `gcp.colab.RuntimeTemplateIamPolicy`: Authoritative. Sets the IAM policy for the runtimetemplate and replaces any existing policy already attached. + * * `gcp.colab.RuntimeTemplateIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the runtimetemplate are preserved. + * * `gcp.colab.RuntimeTemplateIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the runtimetemplate are preserved. + * + * A data source can be used to retrieve policy data in advent you do not need creation + * + * * `gcp.colab.RuntimeTemplateIamPolicy`: Retrieves the IAM policy for the runtimetemplate + * + * > **Note:** `gcp.colab.RuntimeTemplateIamPolicy` **cannot** be used in conjunction with `gcp.colab.RuntimeTemplateIamBinding` and `gcp.colab.RuntimeTemplateIamMember` or they will fight over what your policy should be. + * + * > **Note:** `gcp.colab.RuntimeTemplateIamBinding` resources **can be** used in conjunction with `gcp.colab.RuntimeTemplateIamMember` resources **only if** they do not grant privilege to the same role. + * + * ## gcp.colab.RuntimeTemplateIamPolicy + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.organizations.OrganizationsFunctions;
+ * import com.pulumi.gcp.organizations.inputs.GetIAMPolicyArgs;
+ * import com.pulumi.gcp.colab.RuntimeTemplateIamPolicy;
+ * import com.pulumi.gcp.colab.RuntimeTemplateIamPolicyArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App }{{@code
+ *     public static void main(String[] args) }{{@code
+ *         Pulumi.run(App::stack);
+ *     }}{@code
+ * 
+ *     public static void stack(Context ctx) }{{@code
+ *         final var admin = OrganizationsFunctions.getIAMPolicy(GetIAMPolicyArgs.builder()
+ *             .bindings(GetIAMPolicyBindingArgs.builder()
+ *                 .role("roles/viewer")
+ *                 .members("user:jane}{@literal @}{@code example.com")
+ *                 .build())
+ *             .build());
+ * 
+ *         var policy = new RuntimeTemplateIamPolicy("policy", RuntimeTemplateIamPolicyArgs.builder()
+ *             .project(runtime_template.project())
+ *             .location(runtime_template.location())
+ *             .runtimeTemplate(runtime_template.name())
+ *             .policyData(admin.applyValue(getIAMPolicyResult -> getIAMPolicyResult.policyData()))
+ *             .build());
+ * 
+ *     }}{@code
+ * }}{@code
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * ## gcp.colab.RuntimeTemplateIamBinding + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.colab.RuntimeTemplateIamBinding;
+ * import com.pulumi.gcp.colab.RuntimeTemplateIamBindingArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App }{{@code
+ *     public static void main(String[] args) }{{@code
+ *         Pulumi.run(App::stack);
+ *     }}{@code
+ * 
+ *     public static void stack(Context ctx) }{{@code
+ *         var binding = new RuntimeTemplateIamBinding("binding", RuntimeTemplateIamBindingArgs.builder()
+ *             .project(runtime_template.project())
+ *             .location(runtime_template.location())
+ *             .runtimeTemplate(runtime_template.name())
+ *             .role("roles/viewer")
+ *             .members("user:jane}{@literal @}{@code example.com")
+ *             .build());
+ * 
+ *     }}{@code
+ * }}{@code
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * ## gcp.colab.RuntimeTemplateIamMember + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.colab.RuntimeTemplateIamMember;
+ * import com.pulumi.gcp.colab.RuntimeTemplateIamMemberArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App }{{@code
+ *     public static void main(String[] args) }{{@code
+ *         Pulumi.run(App::stack);
+ *     }}{@code
+ * 
+ *     public static void stack(Context ctx) }{{@code
+ *         var member = new RuntimeTemplateIamMember("member", RuntimeTemplateIamMemberArgs.builder()
+ *             .project(runtime_template.project())
+ *             .location(runtime_template.location())
+ *             .runtimeTemplate(runtime_template.name())
+ *             .role("roles/viewer")
+ *             .member("user:jane}{@literal @}{@code example.com")
+ *             .build());
+ * 
+ *     }}{@code
+ * }}{@code
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * ## Import + * + * For all import syntaxes, the "resource in question" can take any of the following forms: + * + * * projects/{{project}}/locations/{{location}}/notebookRuntimeTemplates/{{runtime_template}} + * + * * {{project}}/{{location}}/{{runtime_template}} + * + * * {{location}}/{{runtime_template}} + * + * * {{runtime_template}} + * + * Any variables not passed in the import command will be taken from the provider configuration. + * + * Colab Enterprise runtimetemplate IAM resources can be imported using the resource identifiers, role, and member. + * + * IAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g. + * + * ```sh + * $ pulumi import gcp:colab/runtimeTemplateIamBinding:RuntimeTemplateIamBinding editor "projects/{{project}}/locations/{{location}}/notebookRuntimeTemplates/{{runtime_template}} roles/viewer user:jane{@literal @}example.com" + * ``` + * + * IAM binding imports use space-delimited identifiers: the resource in question and the role, e.g. + * + * ```sh + * $ pulumi import gcp:colab/runtimeTemplateIamBinding:RuntimeTemplateIamBinding editor "projects/{{project}}/locations/{{location}}/notebookRuntimeTemplates/{{runtime_template}} roles/viewer" + * ``` + * + * IAM policy imports use the identifier of the resource in question, e.g. + * + * ```sh + * $ pulumi import gcp:colab/runtimeTemplateIamBinding:RuntimeTemplateIamBinding editor projects/{{project}}/locations/{{location}}/notebookRuntimeTemplates/{{runtime_template}} + * ``` + * + * -> **Custom Roles** If you're importing a IAM resource with a custom role, make sure to use the + * + * full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`. + * + */ +@ResourceType(type="gcp:colab/runtimeTemplateIamBinding:RuntimeTemplateIamBinding") +public class RuntimeTemplateIamBinding extends com.pulumi.resources.CustomResource { + @Export(name="condition", refs={RuntimeTemplateIamBindingCondition.class}, tree="[0]") + private Output condition; + + public Output> condition() { + return Codegen.optional(this.condition); + } + /** + * (Computed) The etag of the IAM policy. + * + */ + @Export(name="etag", refs={String.class}, tree="[0]") + private Output etag; + + /** + * @return (Computed) The etag of the IAM policy. + * + */ + public Output etag() { + return this.etag; + } + /** + * The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + * the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + * location is specified, it is taken from the provider configuration. + * + */ + @Export(name="location", refs={String.class}, tree="[0]") + private Output location; + + /** + * @return The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + * the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + * location is specified, it is taken from the provider configuration. + * + */ + public Output location() { + return this.location; + } + /** + * Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice{@literal @}gmail.com or joe{@literal @}example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app{@literal @}appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins{@literal @}example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + * + */ + @Export(name="members", refs={List.class,String.class}, tree="[0,1]") + private Output> members; + + /** + * @return Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice{@literal @}gmail.com or joe{@literal @}example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app{@literal @}appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins{@literal @}example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + * + */ + public Output> members() { + return this.members; + } + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + */ + @Export(name="project", refs={String.class}, tree="[0]") + private Output project; + + /** + * @return The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + */ + public Output project() { + return this.project; + } + /** + * The role that should be applied. Only one + * `gcp.colab.RuntimeTemplateIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + * + */ + @Export(name="role", refs={String.class}, tree="[0]") + private Output role; + + /** + * @return The role that should be applied. Only one + * `gcp.colab.RuntimeTemplateIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + * + */ + public Output role() { + return this.role; + } + /** + * Used to find the parent resource to bind the IAM policy to + * + */ + @Export(name="runtimeTemplate", refs={String.class}, tree="[0]") + private Output runtimeTemplate; + + /** + * @return Used to find the parent resource to bind the IAM policy to + * + */ + public Output runtimeTemplate() { + return this.runtimeTemplate; + } + + /** + * + * @param name The _unique_ name of the resulting resource. + */ + public RuntimeTemplateIamBinding(java.lang.String name) { + this(name, RuntimeTemplateIamBindingArgs.Empty); + } + /** + * + * @param name The _unique_ name of the resulting resource. + * @param args The arguments to use to populate this resource's properties. + */ + public RuntimeTemplateIamBinding(java.lang.String name, RuntimeTemplateIamBindingArgs args) { + this(name, args, null); + } + /** + * + * @param name The _unique_ name of the resulting resource. + * @param args The arguments to use to populate this resource's properties. + * @param options A bag of options that control this resource's behavior. + */ + public RuntimeTemplateIamBinding(java.lang.String name, RuntimeTemplateIamBindingArgs args, @Nullable com.pulumi.resources.CustomResourceOptions options) { + super("gcp:colab/runtimeTemplateIamBinding:RuntimeTemplateIamBinding", name, makeArgs(args, options), makeResourceOptions(options, Codegen.empty()), false); + } + + private RuntimeTemplateIamBinding(java.lang.String name, Output id, @Nullable RuntimeTemplateIamBindingState state, @Nullable com.pulumi.resources.CustomResourceOptions options) { + super("gcp:colab/runtimeTemplateIamBinding:RuntimeTemplateIamBinding", name, state, makeResourceOptions(options, id), false); + } + + private static RuntimeTemplateIamBindingArgs makeArgs(RuntimeTemplateIamBindingArgs args, @Nullable com.pulumi.resources.CustomResourceOptions options) { + if (options != null && options.getUrn().isPresent()) { + return null; + } + return args == null ? RuntimeTemplateIamBindingArgs.Empty : args; + } + + private static com.pulumi.resources.CustomResourceOptions makeResourceOptions(@Nullable com.pulumi.resources.CustomResourceOptions options, @Nullable Output id) { + var defaultOptions = com.pulumi.resources.CustomResourceOptions.builder() + .version(Utilities.getVersion()) + .build(); + return com.pulumi.resources.CustomResourceOptions.merge(defaultOptions, options, id); + } + + /** + * Get an existing Host resource's state with the given name, ID, and optional extra + * properties used to qualify the lookup. + * + * @param name The _unique_ name of the resulting resource. + * @param id The _unique_ provider ID of the resource to lookup. + * @param state + * @param options Optional settings to control the behavior of the CustomResource. + */ + public static RuntimeTemplateIamBinding get(java.lang.String name, Output id, @Nullable RuntimeTemplateIamBindingState state, @Nullable com.pulumi.resources.CustomResourceOptions options) { + return new RuntimeTemplateIamBinding(name, id, state, options); + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/colab/RuntimeTemplateIamBindingArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/colab/RuntimeTemplateIamBindingArgs.java new file mode 100644 index 0000000000..9ae4c545b0 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/colab/RuntimeTemplateIamBindingArgs.java @@ -0,0 +1,340 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.colab; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import com.pulumi.gcp.colab.inputs.RuntimeTemplateIamBindingConditionArgs; +import java.lang.String; +import java.util.List; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class RuntimeTemplateIamBindingArgs extends com.pulumi.resources.ResourceArgs { + + public static final RuntimeTemplateIamBindingArgs Empty = new RuntimeTemplateIamBindingArgs(); + + @Import(name="condition") + private @Nullable Output condition; + + public Optional> condition() { + return Optional.ofNullable(this.condition); + } + + /** + * The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + * the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + * location is specified, it is taken from the provider configuration. + * + */ + @Import(name="location") + private @Nullable Output location; + + /** + * @return The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + * the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + * location is specified, it is taken from the provider configuration. + * + */ + public Optional> location() { + return Optional.ofNullable(this.location); + } + + /** + * Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice{@literal @}gmail.com or joe{@literal @}example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app{@literal @}appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins{@literal @}example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + * + */ + @Import(name="members", required=true) + private Output> members; + + /** + * @return Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice{@literal @}gmail.com or joe{@literal @}example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app{@literal @}appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins{@literal @}example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + * + */ + public Output> members() { + return this.members; + } + + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + */ + @Import(name="project") + private @Nullable Output project; + + /** + * @return The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + */ + public Optional> project() { + return Optional.ofNullable(this.project); + } + + /** + * The role that should be applied. Only one + * `gcp.colab.RuntimeTemplateIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + * + */ + @Import(name="role", required=true) + private Output role; + + /** + * @return The role that should be applied. Only one + * `gcp.colab.RuntimeTemplateIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + * + */ + public Output role() { + return this.role; + } + + /** + * Used to find the parent resource to bind the IAM policy to + * + */ + @Import(name="runtimeTemplate", required=true) + private Output runtimeTemplate; + + /** + * @return Used to find the parent resource to bind the IAM policy to + * + */ + public Output runtimeTemplate() { + return this.runtimeTemplate; + } + + private RuntimeTemplateIamBindingArgs() {} + + private RuntimeTemplateIamBindingArgs(RuntimeTemplateIamBindingArgs $) { + this.condition = $.condition; + this.location = $.location; + this.members = $.members; + this.project = $.project; + this.role = $.role; + this.runtimeTemplate = $.runtimeTemplate; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(RuntimeTemplateIamBindingArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private RuntimeTemplateIamBindingArgs $; + + public Builder() { + $ = new RuntimeTemplateIamBindingArgs(); + } + + public Builder(RuntimeTemplateIamBindingArgs defaults) { + $ = new RuntimeTemplateIamBindingArgs(Objects.requireNonNull(defaults)); + } + + public Builder condition(@Nullable Output condition) { + $.condition = condition; + return this; + } + + public Builder condition(RuntimeTemplateIamBindingConditionArgs condition) { + return condition(Output.of(condition)); + } + + /** + * @param location The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + * the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + * location is specified, it is taken from the provider configuration. + * + * @return builder + * + */ + public Builder location(@Nullable Output location) { + $.location = location; + return this; + } + + /** + * @param location The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + * the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + * location is specified, it is taken from the provider configuration. + * + * @return builder + * + */ + public Builder location(String location) { + return location(Output.of(location)); + } + + /** + * @param members Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice{@literal @}gmail.com or joe{@literal @}example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app{@literal @}appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins{@literal @}example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + * + * @return builder + * + */ + public Builder members(Output> members) { + $.members = members; + return this; + } + + /** + * @param members Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice{@literal @}gmail.com or joe{@literal @}example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app{@literal @}appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins{@literal @}example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + * + * @return builder + * + */ + public Builder members(List members) { + return members(Output.of(members)); + } + + /** + * @param members Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice{@literal @}gmail.com or joe{@literal @}example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app{@literal @}appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins{@literal @}example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + * + * @return builder + * + */ + public Builder members(String... members) { + return members(List.of(members)); + } + + /** + * @param project The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + * @return builder + * + */ + public Builder project(@Nullable Output project) { + $.project = project; + return this; + } + + /** + * @param project The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + * @return builder + * + */ + public Builder project(String project) { + return project(Output.of(project)); + } + + /** + * @param role The role that should be applied. Only one + * `gcp.colab.RuntimeTemplateIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + * + * @return builder + * + */ + public Builder role(Output role) { + $.role = role; + return this; + } + + /** + * @param role The role that should be applied. Only one + * `gcp.colab.RuntimeTemplateIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + * + * @return builder + * + */ + public Builder role(String role) { + return role(Output.of(role)); + } + + /** + * @param runtimeTemplate Used to find the parent resource to bind the IAM policy to + * + * @return builder + * + */ + public Builder runtimeTemplate(Output runtimeTemplate) { + $.runtimeTemplate = runtimeTemplate; + return this; + } + + /** + * @param runtimeTemplate Used to find the parent resource to bind the IAM policy to + * + * @return builder + * + */ + public Builder runtimeTemplate(String runtimeTemplate) { + return runtimeTemplate(Output.of(runtimeTemplate)); + } + + public RuntimeTemplateIamBindingArgs build() { + if ($.members == null) { + throw new MissingRequiredPropertyException("RuntimeTemplateIamBindingArgs", "members"); + } + if ($.role == null) { + throw new MissingRequiredPropertyException("RuntimeTemplateIamBindingArgs", "role"); + } + if ($.runtimeTemplate == null) { + throw new MissingRequiredPropertyException("RuntimeTemplateIamBindingArgs", "runtimeTemplate"); + } + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/colab/RuntimeTemplateIamMember.java b/sdk/java/src/main/java/com/pulumi/gcp/colab/RuntimeTemplateIamMember.java new file mode 100644 index 0000000000..3bab42f975 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/colab/RuntimeTemplateIamMember.java @@ -0,0 +1,519 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.colab; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Export; +import com.pulumi.core.annotations.ResourceType; +import com.pulumi.core.internal.Codegen; +import com.pulumi.gcp.Utilities; +import com.pulumi.gcp.colab.RuntimeTemplateIamMemberArgs; +import com.pulumi.gcp.colab.inputs.RuntimeTemplateIamMemberState; +import com.pulumi.gcp.colab.outputs.RuntimeTemplateIamMemberCondition; +import java.lang.String; +import java.util.Optional; +import javax.annotation.Nullable; + +/** + * Three different resources help you manage your IAM policy for Colab Enterprise RuntimeTemplate. Each of these resources serves a different use case: + * + * * `gcp.colab.RuntimeTemplateIamPolicy`: Authoritative. Sets the IAM policy for the runtimetemplate and replaces any existing policy already attached. + * * `gcp.colab.RuntimeTemplateIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the runtimetemplate are preserved. + * * `gcp.colab.RuntimeTemplateIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the runtimetemplate are preserved. + * + * A data source can be used to retrieve policy data in advent you do not need creation + * + * * `gcp.colab.RuntimeTemplateIamPolicy`: Retrieves the IAM policy for the runtimetemplate + * + * > **Note:** `gcp.colab.RuntimeTemplateIamPolicy` **cannot** be used in conjunction with `gcp.colab.RuntimeTemplateIamBinding` and `gcp.colab.RuntimeTemplateIamMember` or they will fight over what your policy should be. + * + * > **Note:** `gcp.colab.RuntimeTemplateIamBinding` resources **can be** used in conjunction with `gcp.colab.RuntimeTemplateIamMember` resources **only if** they do not grant privilege to the same role. + * + * ## gcp.colab.RuntimeTemplateIamPolicy + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.organizations.OrganizationsFunctions;
+ * import com.pulumi.gcp.organizations.inputs.GetIAMPolicyArgs;
+ * import com.pulumi.gcp.colab.RuntimeTemplateIamPolicy;
+ * import com.pulumi.gcp.colab.RuntimeTemplateIamPolicyArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App }{{@code
+ *     public static void main(String[] args) }{{@code
+ *         Pulumi.run(App::stack);
+ *     }}{@code
+ * 
+ *     public static void stack(Context ctx) }{{@code
+ *         final var admin = OrganizationsFunctions.getIAMPolicy(GetIAMPolicyArgs.builder()
+ *             .bindings(GetIAMPolicyBindingArgs.builder()
+ *                 .role("roles/viewer")
+ *                 .members("user:jane}{@literal @}{@code example.com")
+ *                 .build())
+ *             .build());
+ * 
+ *         var policy = new RuntimeTemplateIamPolicy("policy", RuntimeTemplateIamPolicyArgs.builder()
+ *             .project(runtime_template.project())
+ *             .location(runtime_template.location())
+ *             .runtimeTemplate(runtime_template.name())
+ *             .policyData(admin.applyValue(getIAMPolicyResult -> getIAMPolicyResult.policyData()))
+ *             .build());
+ * 
+ *     }}{@code
+ * }}{@code
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * ## gcp.colab.RuntimeTemplateIamBinding + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.colab.RuntimeTemplateIamBinding;
+ * import com.pulumi.gcp.colab.RuntimeTemplateIamBindingArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App }{{@code
+ *     public static void main(String[] args) }{{@code
+ *         Pulumi.run(App::stack);
+ *     }}{@code
+ * 
+ *     public static void stack(Context ctx) }{{@code
+ *         var binding = new RuntimeTemplateIamBinding("binding", RuntimeTemplateIamBindingArgs.builder()
+ *             .project(runtime_template.project())
+ *             .location(runtime_template.location())
+ *             .runtimeTemplate(runtime_template.name())
+ *             .role("roles/viewer")
+ *             .members("user:jane}{@literal @}{@code example.com")
+ *             .build());
+ * 
+ *     }}{@code
+ * }}{@code
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * ## gcp.colab.RuntimeTemplateIamMember + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.colab.RuntimeTemplateIamMember;
+ * import com.pulumi.gcp.colab.RuntimeTemplateIamMemberArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App }{{@code
+ *     public static void main(String[] args) }{{@code
+ *         Pulumi.run(App::stack);
+ *     }}{@code
+ * 
+ *     public static void stack(Context ctx) }{{@code
+ *         var member = new RuntimeTemplateIamMember("member", RuntimeTemplateIamMemberArgs.builder()
+ *             .project(runtime_template.project())
+ *             .location(runtime_template.location())
+ *             .runtimeTemplate(runtime_template.name())
+ *             .role("roles/viewer")
+ *             .member("user:jane}{@literal @}{@code example.com")
+ *             .build());
+ * 
+ *     }}{@code
+ * }}{@code
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * ## This resource supports User Project Overrides. + * + * - + * + * # IAM policy for Colab Enterprise RuntimeTemplate + * Three different resources help you manage your IAM policy for Colab Enterprise RuntimeTemplate. Each of these resources serves a different use case: + * + * * `gcp.colab.RuntimeTemplateIamPolicy`: Authoritative. Sets the IAM policy for the runtimetemplate and replaces any existing policy already attached. + * * `gcp.colab.RuntimeTemplateIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the runtimetemplate are preserved. + * * `gcp.colab.RuntimeTemplateIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the runtimetemplate are preserved. + * + * A data source can be used to retrieve policy data in advent you do not need creation + * + * * `gcp.colab.RuntimeTemplateIamPolicy`: Retrieves the IAM policy for the runtimetemplate + * + * > **Note:** `gcp.colab.RuntimeTemplateIamPolicy` **cannot** be used in conjunction with `gcp.colab.RuntimeTemplateIamBinding` and `gcp.colab.RuntimeTemplateIamMember` or they will fight over what your policy should be. + * + * > **Note:** `gcp.colab.RuntimeTemplateIamBinding` resources **can be** used in conjunction with `gcp.colab.RuntimeTemplateIamMember` resources **only if** they do not grant privilege to the same role. + * + * ## gcp.colab.RuntimeTemplateIamPolicy + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.organizations.OrganizationsFunctions;
+ * import com.pulumi.gcp.organizations.inputs.GetIAMPolicyArgs;
+ * import com.pulumi.gcp.colab.RuntimeTemplateIamPolicy;
+ * import com.pulumi.gcp.colab.RuntimeTemplateIamPolicyArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App }{{@code
+ *     public static void main(String[] args) }{{@code
+ *         Pulumi.run(App::stack);
+ *     }}{@code
+ * 
+ *     public static void stack(Context ctx) }{{@code
+ *         final var admin = OrganizationsFunctions.getIAMPolicy(GetIAMPolicyArgs.builder()
+ *             .bindings(GetIAMPolicyBindingArgs.builder()
+ *                 .role("roles/viewer")
+ *                 .members("user:jane}{@literal @}{@code example.com")
+ *                 .build())
+ *             .build());
+ * 
+ *         var policy = new RuntimeTemplateIamPolicy("policy", RuntimeTemplateIamPolicyArgs.builder()
+ *             .project(runtime_template.project())
+ *             .location(runtime_template.location())
+ *             .runtimeTemplate(runtime_template.name())
+ *             .policyData(admin.applyValue(getIAMPolicyResult -> getIAMPolicyResult.policyData()))
+ *             .build());
+ * 
+ *     }}{@code
+ * }}{@code
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * ## gcp.colab.RuntimeTemplateIamBinding + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.colab.RuntimeTemplateIamBinding;
+ * import com.pulumi.gcp.colab.RuntimeTemplateIamBindingArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App }{{@code
+ *     public static void main(String[] args) }{{@code
+ *         Pulumi.run(App::stack);
+ *     }}{@code
+ * 
+ *     public static void stack(Context ctx) }{{@code
+ *         var binding = new RuntimeTemplateIamBinding("binding", RuntimeTemplateIamBindingArgs.builder()
+ *             .project(runtime_template.project())
+ *             .location(runtime_template.location())
+ *             .runtimeTemplate(runtime_template.name())
+ *             .role("roles/viewer")
+ *             .members("user:jane}{@literal @}{@code example.com")
+ *             .build());
+ * 
+ *     }}{@code
+ * }}{@code
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * ## gcp.colab.RuntimeTemplateIamMember + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.colab.RuntimeTemplateIamMember;
+ * import com.pulumi.gcp.colab.RuntimeTemplateIamMemberArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App }{{@code
+ *     public static void main(String[] args) }{{@code
+ *         Pulumi.run(App::stack);
+ *     }}{@code
+ * 
+ *     public static void stack(Context ctx) }{{@code
+ *         var member = new RuntimeTemplateIamMember("member", RuntimeTemplateIamMemberArgs.builder()
+ *             .project(runtime_template.project())
+ *             .location(runtime_template.location())
+ *             .runtimeTemplate(runtime_template.name())
+ *             .role("roles/viewer")
+ *             .member("user:jane}{@literal @}{@code example.com")
+ *             .build());
+ * 
+ *     }}{@code
+ * }}{@code
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * ## Import + * + * For all import syntaxes, the "resource in question" can take any of the following forms: + * + * * projects/{{project}}/locations/{{location}}/notebookRuntimeTemplates/{{runtime_template}} + * + * * {{project}}/{{location}}/{{runtime_template}} + * + * * {{location}}/{{runtime_template}} + * + * * {{runtime_template}} + * + * Any variables not passed in the import command will be taken from the provider configuration. + * + * Colab Enterprise runtimetemplate IAM resources can be imported using the resource identifiers, role, and member. + * + * IAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g. + * + * ```sh + * $ pulumi import gcp:colab/runtimeTemplateIamMember:RuntimeTemplateIamMember editor "projects/{{project}}/locations/{{location}}/notebookRuntimeTemplates/{{runtime_template}} roles/viewer user:jane{@literal @}example.com" + * ``` + * + * IAM binding imports use space-delimited identifiers: the resource in question and the role, e.g. + * + * ```sh + * $ pulumi import gcp:colab/runtimeTemplateIamMember:RuntimeTemplateIamMember editor "projects/{{project}}/locations/{{location}}/notebookRuntimeTemplates/{{runtime_template}} roles/viewer" + * ``` + * + * IAM policy imports use the identifier of the resource in question, e.g. + * + * ```sh + * $ pulumi import gcp:colab/runtimeTemplateIamMember:RuntimeTemplateIamMember editor projects/{{project}}/locations/{{location}}/notebookRuntimeTemplates/{{runtime_template}} + * ``` + * + * -> **Custom Roles** If you're importing a IAM resource with a custom role, make sure to use the + * + * full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`. + * + */ +@ResourceType(type="gcp:colab/runtimeTemplateIamMember:RuntimeTemplateIamMember") +public class RuntimeTemplateIamMember extends com.pulumi.resources.CustomResource { + @Export(name="condition", refs={RuntimeTemplateIamMemberCondition.class}, tree="[0]") + private Output condition; + + public Output> condition() { + return Codegen.optional(this.condition); + } + /** + * (Computed) The etag of the IAM policy. + * + */ + @Export(name="etag", refs={String.class}, tree="[0]") + private Output etag; + + /** + * @return (Computed) The etag of the IAM policy. + * + */ + public Output etag() { + return this.etag; + } + /** + * The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + * the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + * location is specified, it is taken from the provider configuration. + * + */ + @Export(name="location", refs={String.class}, tree="[0]") + private Output location; + + /** + * @return The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + * the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + * location is specified, it is taken from the provider configuration. + * + */ + public Output location() { + return this.location; + } + /** + * Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice{@literal @}gmail.com or joe{@literal @}example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app{@literal @}appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins{@literal @}example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + * + */ + @Export(name="member", refs={String.class}, tree="[0]") + private Output member; + + /** + * @return Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice{@literal @}gmail.com or joe{@literal @}example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app{@literal @}appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins{@literal @}example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + * + */ + public Output member() { + return this.member; + } + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + */ + @Export(name="project", refs={String.class}, tree="[0]") + private Output project; + + /** + * @return The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + */ + public Output project() { + return this.project; + } + /** + * The role that should be applied. Only one + * `gcp.colab.RuntimeTemplateIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + * + */ + @Export(name="role", refs={String.class}, tree="[0]") + private Output role; + + /** + * @return The role that should be applied. Only one + * `gcp.colab.RuntimeTemplateIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + * + */ + public Output role() { + return this.role; + } + /** + * Used to find the parent resource to bind the IAM policy to + * + */ + @Export(name="runtimeTemplate", refs={String.class}, tree="[0]") + private Output runtimeTemplate; + + /** + * @return Used to find the parent resource to bind the IAM policy to + * + */ + public Output runtimeTemplate() { + return this.runtimeTemplate; + } + + /** + * + * @param name The _unique_ name of the resulting resource. + */ + public RuntimeTemplateIamMember(java.lang.String name) { + this(name, RuntimeTemplateIamMemberArgs.Empty); + } + /** + * + * @param name The _unique_ name of the resulting resource. + * @param args The arguments to use to populate this resource's properties. + */ + public RuntimeTemplateIamMember(java.lang.String name, RuntimeTemplateIamMemberArgs args) { + this(name, args, null); + } + /** + * + * @param name The _unique_ name of the resulting resource. + * @param args The arguments to use to populate this resource's properties. + * @param options A bag of options that control this resource's behavior. + */ + public RuntimeTemplateIamMember(java.lang.String name, RuntimeTemplateIamMemberArgs args, @Nullable com.pulumi.resources.CustomResourceOptions options) { + super("gcp:colab/runtimeTemplateIamMember:RuntimeTemplateIamMember", name, makeArgs(args, options), makeResourceOptions(options, Codegen.empty()), false); + } + + private RuntimeTemplateIamMember(java.lang.String name, Output id, @Nullable RuntimeTemplateIamMemberState state, @Nullable com.pulumi.resources.CustomResourceOptions options) { + super("gcp:colab/runtimeTemplateIamMember:RuntimeTemplateIamMember", name, state, makeResourceOptions(options, id), false); + } + + private static RuntimeTemplateIamMemberArgs makeArgs(RuntimeTemplateIamMemberArgs args, @Nullable com.pulumi.resources.CustomResourceOptions options) { + if (options != null && options.getUrn().isPresent()) { + return null; + } + return args == null ? RuntimeTemplateIamMemberArgs.Empty : args; + } + + private static com.pulumi.resources.CustomResourceOptions makeResourceOptions(@Nullable com.pulumi.resources.CustomResourceOptions options, @Nullable Output id) { + var defaultOptions = com.pulumi.resources.CustomResourceOptions.builder() + .version(Utilities.getVersion()) + .build(); + return com.pulumi.resources.CustomResourceOptions.merge(defaultOptions, options, id); + } + + /** + * Get an existing Host resource's state with the given name, ID, and optional extra + * properties used to qualify the lookup. + * + * @param name The _unique_ name of the resulting resource. + * @param id The _unique_ provider ID of the resource to lookup. + * @param state + * @param options Optional settings to control the behavior of the CustomResource. + */ + public static RuntimeTemplateIamMember get(java.lang.String name, Output id, @Nullable RuntimeTemplateIamMemberState state, @Nullable com.pulumi.resources.CustomResourceOptions options) { + return new RuntimeTemplateIamMember(name, id, state, options); + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/colab/RuntimeTemplateIamMemberArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/colab/RuntimeTemplateIamMemberArgs.java new file mode 100644 index 0000000000..5bf65deba6 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/colab/RuntimeTemplateIamMemberArgs.java @@ -0,0 +1,319 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.colab; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import com.pulumi.gcp.colab.inputs.RuntimeTemplateIamMemberConditionArgs; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class RuntimeTemplateIamMemberArgs extends com.pulumi.resources.ResourceArgs { + + public static final RuntimeTemplateIamMemberArgs Empty = new RuntimeTemplateIamMemberArgs(); + + @Import(name="condition") + private @Nullable Output condition; + + public Optional> condition() { + return Optional.ofNullable(this.condition); + } + + /** + * The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + * the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + * location is specified, it is taken from the provider configuration. + * + */ + @Import(name="location") + private @Nullable Output location; + + /** + * @return The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + * the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + * location is specified, it is taken from the provider configuration. + * + */ + public Optional> location() { + return Optional.ofNullable(this.location); + } + + /** + * Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice{@literal @}gmail.com or joe{@literal @}example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app{@literal @}appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins{@literal @}example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + * + */ + @Import(name="member", required=true) + private Output member; + + /** + * @return Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice{@literal @}gmail.com or joe{@literal @}example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app{@literal @}appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins{@literal @}example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + * + */ + public Output member() { + return this.member; + } + + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + */ + @Import(name="project") + private @Nullable Output project; + + /** + * @return The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + */ + public Optional> project() { + return Optional.ofNullable(this.project); + } + + /** + * The role that should be applied. Only one + * `gcp.colab.RuntimeTemplateIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + * + */ + @Import(name="role", required=true) + private Output role; + + /** + * @return The role that should be applied. Only one + * `gcp.colab.RuntimeTemplateIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + * + */ + public Output role() { + return this.role; + } + + /** + * Used to find the parent resource to bind the IAM policy to + * + */ + @Import(name="runtimeTemplate", required=true) + private Output runtimeTemplate; + + /** + * @return Used to find the parent resource to bind the IAM policy to + * + */ + public Output runtimeTemplate() { + return this.runtimeTemplate; + } + + private RuntimeTemplateIamMemberArgs() {} + + private RuntimeTemplateIamMemberArgs(RuntimeTemplateIamMemberArgs $) { + this.condition = $.condition; + this.location = $.location; + this.member = $.member; + this.project = $.project; + this.role = $.role; + this.runtimeTemplate = $.runtimeTemplate; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(RuntimeTemplateIamMemberArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private RuntimeTemplateIamMemberArgs $; + + public Builder() { + $ = new RuntimeTemplateIamMemberArgs(); + } + + public Builder(RuntimeTemplateIamMemberArgs defaults) { + $ = new RuntimeTemplateIamMemberArgs(Objects.requireNonNull(defaults)); + } + + public Builder condition(@Nullable Output condition) { + $.condition = condition; + return this; + } + + public Builder condition(RuntimeTemplateIamMemberConditionArgs condition) { + return condition(Output.of(condition)); + } + + /** + * @param location The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + * the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + * location is specified, it is taken from the provider configuration. + * + * @return builder + * + */ + public Builder location(@Nullable Output location) { + $.location = location; + return this; + } + + /** + * @param location The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + * the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + * location is specified, it is taken from the provider configuration. + * + * @return builder + * + */ + public Builder location(String location) { + return location(Output.of(location)); + } + + /** + * @param member Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice{@literal @}gmail.com or joe{@literal @}example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app{@literal @}appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins{@literal @}example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + * + * @return builder + * + */ + public Builder member(Output member) { + $.member = member; + return this; + } + + /** + * @param member Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice{@literal @}gmail.com or joe{@literal @}example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app{@literal @}appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins{@literal @}example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + * + * @return builder + * + */ + public Builder member(String member) { + return member(Output.of(member)); + } + + /** + * @param project The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + * @return builder + * + */ + public Builder project(@Nullable Output project) { + $.project = project; + return this; + } + + /** + * @param project The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + * @return builder + * + */ + public Builder project(String project) { + return project(Output.of(project)); + } + + /** + * @param role The role that should be applied. Only one + * `gcp.colab.RuntimeTemplateIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + * + * @return builder + * + */ + public Builder role(Output role) { + $.role = role; + return this; + } + + /** + * @param role The role that should be applied. Only one + * `gcp.colab.RuntimeTemplateIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + * + * @return builder + * + */ + public Builder role(String role) { + return role(Output.of(role)); + } + + /** + * @param runtimeTemplate Used to find the parent resource to bind the IAM policy to + * + * @return builder + * + */ + public Builder runtimeTemplate(Output runtimeTemplate) { + $.runtimeTemplate = runtimeTemplate; + return this; + } + + /** + * @param runtimeTemplate Used to find the parent resource to bind the IAM policy to + * + * @return builder + * + */ + public Builder runtimeTemplate(String runtimeTemplate) { + return runtimeTemplate(Output.of(runtimeTemplate)); + } + + public RuntimeTemplateIamMemberArgs build() { + if ($.member == null) { + throw new MissingRequiredPropertyException("RuntimeTemplateIamMemberArgs", "member"); + } + if ($.role == null) { + throw new MissingRequiredPropertyException("RuntimeTemplateIamMemberArgs", "role"); + } + if ($.runtimeTemplate == null) { + throw new MissingRequiredPropertyException("RuntimeTemplateIamMemberArgs", "runtimeTemplate"); + } + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/colab/RuntimeTemplateIamPolicy.java b/sdk/java/src/main/java/com/pulumi/gcp/colab/RuntimeTemplateIamPolicy.java new file mode 100644 index 0000000000..bf5e6823b8 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/colab/RuntimeTemplateIamPolicy.java @@ -0,0 +1,475 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.colab; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Export; +import com.pulumi.core.annotations.ResourceType; +import com.pulumi.core.internal.Codegen; +import com.pulumi.gcp.Utilities; +import com.pulumi.gcp.colab.RuntimeTemplateIamPolicyArgs; +import com.pulumi.gcp.colab.inputs.RuntimeTemplateIamPolicyState; +import java.lang.String; +import javax.annotation.Nullable; + +/** + * Three different resources help you manage your IAM policy for Colab Enterprise RuntimeTemplate. Each of these resources serves a different use case: + * + * * `gcp.colab.RuntimeTemplateIamPolicy`: Authoritative. Sets the IAM policy for the runtimetemplate and replaces any existing policy already attached. + * * `gcp.colab.RuntimeTemplateIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the runtimetemplate are preserved. + * * `gcp.colab.RuntimeTemplateIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the runtimetemplate are preserved. + * + * A data source can be used to retrieve policy data in advent you do not need creation + * + * * `gcp.colab.RuntimeTemplateIamPolicy`: Retrieves the IAM policy for the runtimetemplate + * + * > **Note:** `gcp.colab.RuntimeTemplateIamPolicy` **cannot** be used in conjunction with `gcp.colab.RuntimeTemplateIamBinding` and `gcp.colab.RuntimeTemplateIamMember` or they will fight over what your policy should be. + * + * > **Note:** `gcp.colab.RuntimeTemplateIamBinding` resources **can be** used in conjunction with `gcp.colab.RuntimeTemplateIamMember` resources **only if** they do not grant privilege to the same role. + * + * ## gcp.colab.RuntimeTemplateIamPolicy + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.organizations.OrganizationsFunctions;
+ * import com.pulumi.gcp.organizations.inputs.GetIAMPolicyArgs;
+ * import com.pulumi.gcp.colab.RuntimeTemplateIamPolicy;
+ * import com.pulumi.gcp.colab.RuntimeTemplateIamPolicyArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App }{{@code
+ *     public static void main(String[] args) }{{@code
+ *         Pulumi.run(App::stack);
+ *     }}{@code
+ * 
+ *     public static void stack(Context ctx) }{{@code
+ *         final var admin = OrganizationsFunctions.getIAMPolicy(GetIAMPolicyArgs.builder()
+ *             .bindings(GetIAMPolicyBindingArgs.builder()
+ *                 .role("roles/viewer")
+ *                 .members("user:jane}{@literal @}{@code example.com")
+ *                 .build())
+ *             .build());
+ * 
+ *         var policy = new RuntimeTemplateIamPolicy("policy", RuntimeTemplateIamPolicyArgs.builder()
+ *             .project(runtime_template.project())
+ *             .location(runtime_template.location())
+ *             .runtimeTemplate(runtime_template.name())
+ *             .policyData(admin.applyValue(getIAMPolicyResult -> getIAMPolicyResult.policyData()))
+ *             .build());
+ * 
+ *     }}{@code
+ * }}{@code
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * ## gcp.colab.RuntimeTemplateIamBinding + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.colab.RuntimeTemplateIamBinding;
+ * import com.pulumi.gcp.colab.RuntimeTemplateIamBindingArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App }{{@code
+ *     public static void main(String[] args) }{{@code
+ *         Pulumi.run(App::stack);
+ *     }}{@code
+ * 
+ *     public static void stack(Context ctx) }{{@code
+ *         var binding = new RuntimeTemplateIamBinding("binding", RuntimeTemplateIamBindingArgs.builder()
+ *             .project(runtime_template.project())
+ *             .location(runtime_template.location())
+ *             .runtimeTemplate(runtime_template.name())
+ *             .role("roles/viewer")
+ *             .members("user:jane}{@literal @}{@code example.com")
+ *             .build());
+ * 
+ *     }}{@code
+ * }}{@code
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * ## gcp.colab.RuntimeTemplateIamMember + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.colab.RuntimeTemplateIamMember;
+ * import com.pulumi.gcp.colab.RuntimeTemplateIamMemberArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App }{{@code
+ *     public static void main(String[] args) }{{@code
+ *         Pulumi.run(App::stack);
+ *     }}{@code
+ * 
+ *     public static void stack(Context ctx) }{{@code
+ *         var member = new RuntimeTemplateIamMember("member", RuntimeTemplateIamMemberArgs.builder()
+ *             .project(runtime_template.project())
+ *             .location(runtime_template.location())
+ *             .runtimeTemplate(runtime_template.name())
+ *             .role("roles/viewer")
+ *             .member("user:jane}{@literal @}{@code example.com")
+ *             .build());
+ * 
+ *     }}{@code
+ * }}{@code
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * ## This resource supports User Project Overrides. + * + * - + * + * # IAM policy for Colab Enterprise RuntimeTemplate + * Three different resources help you manage your IAM policy for Colab Enterprise RuntimeTemplate. Each of these resources serves a different use case: + * + * * `gcp.colab.RuntimeTemplateIamPolicy`: Authoritative. Sets the IAM policy for the runtimetemplate and replaces any existing policy already attached. + * * `gcp.colab.RuntimeTemplateIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the runtimetemplate are preserved. + * * `gcp.colab.RuntimeTemplateIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the runtimetemplate are preserved. + * + * A data source can be used to retrieve policy data in advent you do not need creation + * + * * `gcp.colab.RuntimeTemplateIamPolicy`: Retrieves the IAM policy for the runtimetemplate + * + * > **Note:** `gcp.colab.RuntimeTemplateIamPolicy` **cannot** be used in conjunction with `gcp.colab.RuntimeTemplateIamBinding` and `gcp.colab.RuntimeTemplateIamMember` or they will fight over what your policy should be. + * + * > **Note:** `gcp.colab.RuntimeTemplateIamBinding` resources **can be** used in conjunction with `gcp.colab.RuntimeTemplateIamMember` resources **only if** they do not grant privilege to the same role. + * + * ## gcp.colab.RuntimeTemplateIamPolicy + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.organizations.OrganizationsFunctions;
+ * import com.pulumi.gcp.organizations.inputs.GetIAMPolicyArgs;
+ * import com.pulumi.gcp.colab.RuntimeTemplateIamPolicy;
+ * import com.pulumi.gcp.colab.RuntimeTemplateIamPolicyArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App }{{@code
+ *     public static void main(String[] args) }{{@code
+ *         Pulumi.run(App::stack);
+ *     }}{@code
+ * 
+ *     public static void stack(Context ctx) }{{@code
+ *         final var admin = OrganizationsFunctions.getIAMPolicy(GetIAMPolicyArgs.builder()
+ *             .bindings(GetIAMPolicyBindingArgs.builder()
+ *                 .role("roles/viewer")
+ *                 .members("user:jane}{@literal @}{@code example.com")
+ *                 .build())
+ *             .build());
+ * 
+ *         var policy = new RuntimeTemplateIamPolicy("policy", RuntimeTemplateIamPolicyArgs.builder()
+ *             .project(runtime_template.project())
+ *             .location(runtime_template.location())
+ *             .runtimeTemplate(runtime_template.name())
+ *             .policyData(admin.applyValue(getIAMPolicyResult -> getIAMPolicyResult.policyData()))
+ *             .build());
+ * 
+ *     }}{@code
+ * }}{@code
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * ## gcp.colab.RuntimeTemplateIamBinding + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.colab.RuntimeTemplateIamBinding;
+ * import com.pulumi.gcp.colab.RuntimeTemplateIamBindingArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App }{{@code
+ *     public static void main(String[] args) }{{@code
+ *         Pulumi.run(App::stack);
+ *     }}{@code
+ * 
+ *     public static void stack(Context ctx) }{{@code
+ *         var binding = new RuntimeTemplateIamBinding("binding", RuntimeTemplateIamBindingArgs.builder()
+ *             .project(runtime_template.project())
+ *             .location(runtime_template.location())
+ *             .runtimeTemplate(runtime_template.name())
+ *             .role("roles/viewer")
+ *             .members("user:jane}{@literal @}{@code example.com")
+ *             .build());
+ * 
+ *     }}{@code
+ * }}{@code
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * ## gcp.colab.RuntimeTemplateIamMember + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.colab.RuntimeTemplateIamMember;
+ * import com.pulumi.gcp.colab.RuntimeTemplateIamMemberArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App }{{@code
+ *     public static void main(String[] args) }{{@code
+ *         Pulumi.run(App::stack);
+ *     }}{@code
+ * 
+ *     public static void stack(Context ctx) }{{@code
+ *         var member = new RuntimeTemplateIamMember("member", RuntimeTemplateIamMemberArgs.builder()
+ *             .project(runtime_template.project())
+ *             .location(runtime_template.location())
+ *             .runtimeTemplate(runtime_template.name())
+ *             .role("roles/viewer")
+ *             .member("user:jane}{@literal @}{@code example.com")
+ *             .build());
+ * 
+ *     }}{@code
+ * }}{@code
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * ## Import + * + * For all import syntaxes, the "resource in question" can take any of the following forms: + * + * * projects/{{project}}/locations/{{location}}/notebookRuntimeTemplates/{{runtime_template}} + * + * * {{project}}/{{location}}/{{runtime_template}} + * + * * {{location}}/{{runtime_template}} + * + * * {{runtime_template}} + * + * Any variables not passed in the import command will be taken from the provider configuration. + * + * Colab Enterprise runtimetemplate IAM resources can be imported using the resource identifiers, role, and member. + * + * IAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g. + * + * ```sh + * $ pulumi import gcp:colab/runtimeTemplateIamPolicy:RuntimeTemplateIamPolicy editor "projects/{{project}}/locations/{{location}}/notebookRuntimeTemplates/{{runtime_template}} roles/viewer user:jane{@literal @}example.com" + * ``` + * + * IAM binding imports use space-delimited identifiers: the resource in question and the role, e.g. + * + * ```sh + * $ pulumi import gcp:colab/runtimeTemplateIamPolicy:RuntimeTemplateIamPolicy editor "projects/{{project}}/locations/{{location}}/notebookRuntimeTemplates/{{runtime_template}} roles/viewer" + * ``` + * + * IAM policy imports use the identifier of the resource in question, e.g. + * + * ```sh + * $ pulumi import gcp:colab/runtimeTemplateIamPolicy:RuntimeTemplateIamPolicy editor projects/{{project}}/locations/{{location}}/notebookRuntimeTemplates/{{runtime_template}} + * ``` + * + * -> **Custom Roles** If you're importing a IAM resource with a custom role, make sure to use the + * + * full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`. + * + */ +@ResourceType(type="gcp:colab/runtimeTemplateIamPolicy:RuntimeTemplateIamPolicy") +public class RuntimeTemplateIamPolicy extends com.pulumi.resources.CustomResource { + /** + * (Computed) The etag of the IAM policy. + * + */ + @Export(name="etag", refs={String.class}, tree="[0]") + private Output etag; + + /** + * @return (Computed) The etag of the IAM policy. + * + */ + public Output etag() { + return this.etag; + } + /** + * The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + * the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + * location is specified, it is taken from the provider configuration. + * + */ + @Export(name="location", refs={String.class}, tree="[0]") + private Output location; + + /** + * @return The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + * the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + * location is specified, it is taken from the provider configuration. + * + */ + public Output location() { + return this.location; + } + /** + * The policy data generated by + * a `gcp.organizations.getIAMPolicy` data source. + * + */ + @Export(name="policyData", refs={String.class}, tree="[0]") + private Output policyData; + + /** + * @return The policy data generated by + * a `gcp.organizations.getIAMPolicy` data source. + * + */ + public Output policyData() { + return this.policyData; + } + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + */ + @Export(name="project", refs={String.class}, tree="[0]") + private Output project; + + /** + * @return The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + */ + public Output project() { + return this.project; + } + /** + * Used to find the parent resource to bind the IAM policy to + * + */ + @Export(name="runtimeTemplate", refs={String.class}, tree="[0]") + private Output runtimeTemplate; + + /** + * @return Used to find the parent resource to bind the IAM policy to + * + */ + public Output runtimeTemplate() { + return this.runtimeTemplate; + } + + /** + * + * @param name The _unique_ name of the resulting resource. + */ + public RuntimeTemplateIamPolicy(java.lang.String name) { + this(name, RuntimeTemplateIamPolicyArgs.Empty); + } + /** + * + * @param name The _unique_ name of the resulting resource. + * @param args The arguments to use to populate this resource's properties. + */ + public RuntimeTemplateIamPolicy(java.lang.String name, RuntimeTemplateIamPolicyArgs args) { + this(name, args, null); + } + /** + * + * @param name The _unique_ name of the resulting resource. + * @param args The arguments to use to populate this resource's properties. + * @param options A bag of options that control this resource's behavior. + */ + public RuntimeTemplateIamPolicy(java.lang.String name, RuntimeTemplateIamPolicyArgs args, @Nullable com.pulumi.resources.CustomResourceOptions options) { + super("gcp:colab/runtimeTemplateIamPolicy:RuntimeTemplateIamPolicy", name, makeArgs(args, options), makeResourceOptions(options, Codegen.empty()), false); + } + + private RuntimeTemplateIamPolicy(java.lang.String name, Output id, @Nullable RuntimeTemplateIamPolicyState state, @Nullable com.pulumi.resources.CustomResourceOptions options) { + super("gcp:colab/runtimeTemplateIamPolicy:RuntimeTemplateIamPolicy", name, state, makeResourceOptions(options, id), false); + } + + private static RuntimeTemplateIamPolicyArgs makeArgs(RuntimeTemplateIamPolicyArgs args, @Nullable com.pulumi.resources.CustomResourceOptions options) { + if (options != null && options.getUrn().isPresent()) { + return null; + } + return args == null ? RuntimeTemplateIamPolicyArgs.Empty : args; + } + + private static com.pulumi.resources.CustomResourceOptions makeResourceOptions(@Nullable com.pulumi.resources.CustomResourceOptions options, @Nullable Output id) { + var defaultOptions = com.pulumi.resources.CustomResourceOptions.builder() + .version(Utilities.getVersion()) + .build(); + return com.pulumi.resources.CustomResourceOptions.merge(defaultOptions, options, id); + } + + /** + * Get an existing Host resource's state with the given name, ID, and optional extra + * properties used to qualify the lookup. + * + * @param name The _unique_ name of the resulting resource. + * @param id The _unique_ provider ID of the resource to lookup. + * @param state + * @param options Optional settings to control the behavior of the CustomResource. + */ + public static RuntimeTemplateIamPolicy get(java.lang.String name, Output id, @Nullable RuntimeTemplateIamPolicyState state, @Nullable com.pulumi.resources.CustomResourceOptions options) { + return new RuntimeTemplateIamPolicy(name, id, state, options); + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/colab/RuntimeTemplateIamPolicyArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/colab/RuntimeTemplateIamPolicyArgs.java new file mode 100644 index 0000000000..ded4ac10bd --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/colab/RuntimeTemplateIamPolicyArgs.java @@ -0,0 +1,217 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.colab; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class RuntimeTemplateIamPolicyArgs extends com.pulumi.resources.ResourceArgs { + + public static final RuntimeTemplateIamPolicyArgs Empty = new RuntimeTemplateIamPolicyArgs(); + + /** + * The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + * the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + * location is specified, it is taken from the provider configuration. + * + */ + @Import(name="location") + private @Nullable Output location; + + /** + * @return The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + * the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + * location is specified, it is taken from the provider configuration. + * + */ + public Optional> location() { + return Optional.ofNullable(this.location); + } + + /** + * The policy data generated by + * a `gcp.organizations.getIAMPolicy` data source. + * + */ + @Import(name="policyData", required=true) + private Output policyData; + + /** + * @return The policy data generated by + * a `gcp.organizations.getIAMPolicy` data source. + * + */ + public Output policyData() { + return this.policyData; + } + + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + */ + @Import(name="project") + private @Nullable Output project; + + /** + * @return The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + */ + public Optional> project() { + return Optional.ofNullable(this.project); + } + + /** + * Used to find the parent resource to bind the IAM policy to + * + */ + @Import(name="runtimeTemplate", required=true) + private Output runtimeTemplate; + + /** + * @return Used to find the parent resource to bind the IAM policy to + * + */ + public Output runtimeTemplate() { + return this.runtimeTemplate; + } + + private RuntimeTemplateIamPolicyArgs() {} + + private RuntimeTemplateIamPolicyArgs(RuntimeTemplateIamPolicyArgs $) { + this.location = $.location; + this.policyData = $.policyData; + this.project = $.project; + this.runtimeTemplate = $.runtimeTemplate; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(RuntimeTemplateIamPolicyArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private RuntimeTemplateIamPolicyArgs $; + + public Builder() { + $ = new RuntimeTemplateIamPolicyArgs(); + } + + public Builder(RuntimeTemplateIamPolicyArgs defaults) { + $ = new RuntimeTemplateIamPolicyArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param location The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + * the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + * location is specified, it is taken from the provider configuration. + * + * @return builder + * + */ + public Builder location(@Nullable Output location) { + $.location = location; + return this; + } + + /** + * @param location The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + * the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + * location is specified, it is taken from the provider configuration. + * + * @return builder + * + */ + public Builder location(String location) { + return location(Output.of(location)); + } + + /** + * @param policyData The policy data generated by + * a `gcp.organizations.getIAMPolicy` data source. + * + * @return builder + * + */ + public Builder policyData(Output policyData) { + $.policyData = policyData; + return this; + } + + /** + * @param policyData The policy data generated by + * a `gcp.organizations.getIAMPolicy` data source. + * + * @return builder + * + */ + public Builder policyData(String policyData) { + return policyData(Output.of(policyData)); + } + + /** + * @param project The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + * @return builder + * + */ + public Builder project(@Nullable Output project) { + $.project = project; + return this; + } + + /** + * @param project The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + * @return builder + * + */ + public Builder project(String project) { + return project(Output.of(project)); + } + + /** + * @param runtimeTemplate Used to find the parent resource to bind the IAM policy to + * + * @return builder + * + */ + public Builder runtimeTemplate(Output runtimeTemplate) { + $.runtimeTemplate = runtimeTemplate; + return this; + } + + /** + * @param runtimeTemplate Used to find the parent resource to bind the IAM policy to + * + * @return builder + * + */ + public Builder runtimeTemplate(String runtimeTemplate) { + return runtimeTemplate(Output.of(runtimeTemplate)); + } + + public RuntimeTemplateIamPolicyArgs build() { + if ($.policyData == null) { + throw new MissingRequiredPropertyException("RuntimeTemplateIamPolicyArgs", "policyData"); + } + if ($.runtimeTemplate == null) { + throw new MissingRequiredPropertyException("RuntimeTemplateIamPolicyArgs", "runtimeTemplate"); + } + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/colab/inputs/GetRuntimeTemplateIamPolicyArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/colab/inputs/GetRuntimeTemplateIamPolicyArgs.java new file mode 100644 index 0000000000..f0fe17b485 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/colab/inputs/GetRuntimeTemplateIamPolicyArgs.java @@ -0,0 +1,173 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.colab.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class GetRuntimeTemplateIamPolicyArgs extends com.pulumi.resources.InvokeArgs { + + public static final GetRuntimeTemplateIamPolicyArgs Empty = new GetRuntimeTemplateIamPolicyArgs(); + + /** + * The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + * the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + * location is specified, it is taken from the provider configuration. + * + */ + @Import(name="location") + private @Nullable Output location; + + /** + * @return The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + * the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + * location is specified, it is taken from the provider configuration. + * + */ + public Optional> location() { + return Optional.ofNullable(this.location); + } + + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + */ + @Import(name="project") + private @Nullable Output project; + + /** + * @return The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + */ + public Optional> project() { + return Optional.ofNullable(this.project); + } + + /** + * Used to find the parent resource to bind the IAM policy to + * + */ + @Import(name="runtimeTemplate", required=true) + private Output runtimeTemplate; + + /** + * @return Used to find the parent resource to bind the IAM policy to + * + */ + public Output runtimeTemplate() { + return this.runtimeTemplate; + } + + private GetRuntimeTemplateIamPolicyArgs() {} + + private GetRuntimeTemplateIamPolicyArgs(GetRuntimeTemplateIamPolicyArgs $) { + this.location = $.location; + this.project = $.project; + this.runtimeTemplate = $.runtimeTemplate; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(GetRuntimeTemplateIamPolicyArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private GetRuntimeTemplateIamPolicyArgs $; + + public Builder() { + $ = new GetRuntimeTemplateIamPolicyArgs(); + } + + public Builder(GetRuntimeTemplateIamPolicyArgs defaults) { + $ = new GetRuntimeTemplateIamPolicyArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param location The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + * the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + * location is specified, it is taken from the provider configuration. + * + * @return builder + * + */ + public Builder location(@Nullable Output location) { + $.location = location; + return this; + } + + /** + * @param location The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + * the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + * location is specified, it is taken from the provider configuration. + * + * @return builder + * + */ + public Builder location(String location) { + return location(Output.of(location)); + } + + /** + * @param project The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + * @return builder + * + */ + public Builder project(@Nullable Output project) { + $.project = project; + return this; + } + + /** + * @param project The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + * @return builder + * + */ + public Builder project(String project) { + return project(Output.of(project)); + } + + /** + * @param runtimeTemplate Used to find the parent resource to bind the IAM policy to + * + * @return builder + * + */ + public Builder runtimeTemplate(Output runtimeTemplate) { + $.runtimeTemplate = runtimeTemplate; + return this; + } + + /** + * @param runtimeTemplate Used to find the parent resource to bind the IAM policy to + * + * @return builder + * + */ + public Builder runtimeTemplate(String runtimeTemplate) { + return runtimeTemplate(Output.of(runtimeTemplate)); + } + + public GetRuntimeTemplateIamPolicyArgs build() { + if ($.runtimeTemplate == null) { + throw new MissingRequiredPropertyException("GetRuntimeTemplateIamPolicyArgs", "runtimeTemplate"); + } + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/colab/inputs/GetRuntimeTemplateIamPolicyPlainArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/colab/inputs/GetRuntimeTemplateIamPolicyPlainArgs.java new file mode 100644 index 0000000000..d160acf2af --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/colab/inputs/GetRuntimeTemplateIamPolicyPlainArgs.java @@ -0,0 +1,139 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.colab.inputs; + +import com.pulumi.core.annotations.Import; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class GetRuntimeTemplateIamPolicyPlainArgs extends com.pulumi.resources.InvokeArgs { + + public static final GetRuntimeTemplateIamPolicyPlainArgs Empty = new GetRuntimeTemplateIamPolicyPlainArgs(); + + /** + * The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + * the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + * location is specified, it is taken from the provider configuration. + * + */ + @Import(name="location") + private @Nullable String location; + + /** + * @return The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + * the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + * location is specified, it is taken from the provider configuration. + * + */ + public Optional location() { + return Optional.ofNullable(this.location); + } + + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + */ + @Import(name="project") + private @Nullable String project; + + /** + * @return The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + */ + public Optional project() { + return Optional.ofNullable(this.project); + } + + /** + * Used to find the parent resource to bind the IAM policy to + * + */ + @Import(name="runtimeTemplate", required=true) + private String runtimeTemplate; + + /** + * @return Used to find the parent resource to bind the IAM policy to + * + */ + public String runtimeTemplate() { + return this.runtimeTemplate; + } + + private GetRuntimeTemplateIamPolicyPlainArgs() {} + + private GetRuntimeTemplateIamPolicyPlainArgs(GetRuntimeTemplateIamPolicyPlainArgs $) { + this.location = $.location; + this.project = $.project; + this.runtimeTemplate = $.runtimeTemplate; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(GetRuntimeTemplateIamPolicyPlainArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private GetRuntimeTemplateIamPolicyPlainArgs $; + + public Builder() { + $ = new GetRuntimeTemplateIamPolicyPlainArgs(); + } + + public Builder(GetRuntimeTemplateIamPolicyPlainArgs defaults) { + $ = new GetRuntimeTemplateIamPolicyPlainArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param location The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + * the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + * location is specified, it is taken from the provider configuration. + * + * @return builder + * + */ + public Builder location(@Nullable String location) { + $.location = location; + return this; + } + + /** + * @param project The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + * @return builder + * + */ + public Builder project(@Nullable String project) { + $.project = project; + return this; + } + + /** + * @param runtimeTemplate Used to find the parent resource to bind the IAM policy to + * + * @return builder + * + */ + public Builder runtimeTemplate(String runtimeTemplate) { + $.runtimeTemplate = runtimeTemplate; + return this; + } + + public GetRuntimeTemplateIamPolicyPlainArgs build() { + if ($.runtimeTemplate == null) { + throw new MissingRequiredPropertyException("GetRuntimeTemplateIamPolicyPlainArgs", "runtimeTemplate"); + } + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/colab/inputs/RuntimeNotebookRuntimeTemplateRefArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/colab/inputs/RuntimeNotebookRuntimeTemplateRefArgs.java new file mode 100644 index 0000000000..d3c305ebcc --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/colab/inputs/RuntimeNotebookRuntimeTemplateRefArgs.java @@ -0,0 +1,85 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.colab.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.Objects; + + +public final class RuntimeNotebookRuntimeTemplateRefArgs extends com.pulumi.resources.ResourceArgs { + + public static final RuntimeNotebookRuntimeTemplateRefArgs Empty = new RuntimeNotebookRuntimeTemplateRefArgs(); + + /** + * The resource name of the NotebookRuntimeTemplate based on which a NotebookRuntime will be created. + * + */ + @Import(name="notebookRuntimeTemplate", required=true) + private Output notebookRuntimeTemplate; + + /** + * @return The resource name of the NotebookRuntimeTemplate based on which a NotebookRuntime will be created. + * + */ + public Output notebookRuntimeTemplate() { + return this.notebookRuntimeTemplate; + } + + private RuntimeNotebookRuntimeTemplateRefArgs() {} + + private RuntimeNotebookRuntimeTemplateRefArgs(RuntimeNotebookRuntimeTemplateRefArgs $) { + this.notebookRuntimeTemplate = $.notebookRuntimeTemplate; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(RuntimeNotebookRuntimeTemplateRefArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private RuntimeNotebookRuntimeTemplateRefArgs $; + + public Builder() { + $ = new RuntimeNotebookRuntimeTemplateRefArgs(); + } + + public Builder(RuntimeNotebookRuntimeTemplateRefArgs defaults) { + $ = new RuntimeNotebookRuntimeTemplateRefArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param notebookRuntimeTemplate The resource name of the NotebookRuntimeTemplate based on which a NotebookRuntime will be created. + * + * @return builder + * + */ + public Builder notebookRuntimeTemplate(Output notebookRuntimeTemplate) { + $.notebookRuntimeTemplate = notebookRuntimeTemplate; + return this; + } + + /** + * @param notebookRuntimeTemplate The resource name of the NotebookRuntimeTemplate based on which a NotebookRuntime will be created. + * + * @return builder + * + */ + public Builder notebookRuntimeTemplate(String notebookRuntimeTemplate) { + return notebookRuntimeTemplate(Output.of(notebookRuntimeTemplate)); + } + + public RuntimeNotebookRuntimeTemplateRefArgs build() { + if ($.notebookRuntimeTemplate == null) { + throw new MissingRequiredPropertyException("RuntimeNotebookRuntimeTemplateRefArgs", "notebookRuntimeTemplate"); + } + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/colab/inputs/RuntimeState.java b/sdk/java/src/main/java/com/pulumi/gcp/colab/inputs/RuntimeState.java new file mode 100644 index 0000000000..8e16cbf884 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/colab/inputs/RuntimeState.java @@ -0,0 +1,322 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.colab.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.gcp.colab.inputs.RuntimeNotebookRuntimeTemplateRefArgs; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class RuntimeState extends com.pulumi.resources.ResourceArgs { + + public static final RuntimeState Empty = new RuntimeState(); + + /** + * The description of the Runtime. + * + */ + @Import(name="description") + private @Nullable Output description; + + /** + * @return The description of the Runtime. + * + */ + public Optional> description() { + return Optional.ofNullable(this.description); + } + + /** + * Required. The display name of the Runtime. + * + */ + @Import(name="displayName") + private @Nullable Output displayName; + + /** + * @return Required. The display name of the Runtime. + * + */ + public Optional> displayName() { + return Optional.ofNullable(this.displayName); + } + + /** + * The location for the resource: https://cloud.google.com/colab/docs/locations + * + * *** + * + */ + @Import(name="location") + private @Nullable Output location; + + /** + * @return The location for the resource: https://cloud.google.com/colab/docs/locations + * + * *** + * + */ + public Optional> location() { + return Optional.ofNullable(this.location); + } + + /** + * The resource name of the Runtime + * + */ + @Import(name="name") + private @Nullable Output name; + + /** + * @return The resource name of the Runtime + * + */ + public Optional> name() { + return Optional.ofNullable(this.name); + } + + /** + * 'Runtime specific information used for NotebookRuntime creation.' + * Structure is documented below. + * + */ + @Import(name="notebookRuntimeTemplateRef") + private @Nullable Output notebookRuntimeTemplateRef; + + /** + * @return 'Runtime specific information used for NotebookRuntime creation.' + * Structure is documented below. + * + */ + public Optional> notebookRuntimeTemplateRef() { + return Optional.ofNullable(this.notebookRuntimeTemplateRef); + } + + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the provider project is used. + * + */ + @Import(name="project") + private @Nullable Output project; + + /** + * @return The ID of the project in which the resource belongs. + * If it is not provided, the provider project is used. + * + */ + public Optional> project() { + return Optional.ofNullable(this.project); + } + + /** + * The user email of the NotebookRuntime. + * + */ + @Import(name="runtimeUser") + private @Nullable Output runtimeUser; + + /** + * @return The user email of the NotebookRuntime. + * + */ + public Optional> runtimeUser() { + return Optional.ofNullable(this.runtimeUser); + } + + private RuntimeState() {} + + private RuntimeState(RuntimeState $) { + this.description = $.description; + this.displayName = $.displayName; + this.location = $.location; + this.name = $.name; + this.notebookRuntimeTemplateRef = $.notebookRuntimeTemplateRef; + this.project = $.project; + this.runtimeUser = $.runtimeUser; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(RuntimeState defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private RuntimeState $; + + public Builder() { + $ = new RuntimeState(); + } + + public Builder(RuntimeState defaults) { + $ = new RuntimeState(Objects.requireNonNull(defaults)); + } + + /** + * @param description The description of the Runtime. + * + * @return builder + * + */ + public Builder description(@Nullable Output description) { + $.description = description; + return this; + } + + /** + * @param description The description of the Runtime. + * + * @return builder + * + */ + public Builder description(String description) { + return description(Output.of(description)); + } + + /** + * @param displayName Required. The display name of the Runtime. + * + * @return builder + * + */ + public Builder displayName(@Nullable Output displayName) { + $.displayName = displayName; + return this; + } + + /** + * @param displayName Required. The display name of the Runtime. + * + * @return builder + * + */ + public Builder displayName(String displayName) { + return displayName(Output.of(displayName)); + } + + /** + * @param location The location for the resource: https://cloud.google.com/colab/docs/locations + * + * *** + * + * @return builder + * + */ + public Builder location(@Nullable Output location) { + $.location = location; + return this; + } + + /** + * @param location The location for the resource: https://cloud.google.com/colab/docs/locations + * + * *** + * + * @return builder + * + */ + public Builder location(String location) { + return location(Output.of(location)); + } + + /** + * @param name The resource name of the Runtime + * + * @return builder + * + */ + public Builder name(@Nullable Output name) { + $.name = name; + return this; + } + + /** + * @param name The resource name of the Runtime + * + * @return builder + * + */ + public Builder name(String name) { + return name(Output.of(name)); + } + + /** + * @param notebookRuntimeTemplateRef 'Runtime specific information used for NotebookRuntime creation.' + * Structure is documented below. + * + * @return builder + * + */ + public Builder notebookRuntimeTemplateRef(@Nullable Output notebookRuntimeTemplateRef) { + $.notebookRuntimeTemplateRef = notebookRuntimeTemplateRef; + return this; + } + + /** + * @param notebookRuntimeTemplateRef 'Runtime specific information used for NotebookRuntime creation.' + * Structure is documented below. + * + * @return builder + * + */ + public Builder notebookRuntimeTemplateRef(RuntimeNotebookRuntimeTemplateRefArgs notebookRuntimeTemplateRef) { + return notebookRuntimeTemplateRef(Output.of(notebookRuntimeTemplateRef)); + } + + /** + * @param project The ID of the project in which the resource belongs. + * If it is not provided, the provider project is used. + * + * @return builder + * + */ + public Builder project(@Nullable Output project) { + $.project = project; + return this; + } + + /** + * @param project The ID of the project in which the resource belongs. + * If it is not provided, the provider project is used. + * + * @return builder + * + */ + public Builder project(String project) { + return project(Output.of(project)); + } + + /** + * @param runtimeUser The user email of the NotebookRuntime. + * + * @return builder + * + */ + public Builder runtimeUser(@Nullable Output runtimeUser) { + $.runtimeUser = runtimeUser; + return this; + } + + /** + * @param runtimeUser The user email of the NotebookRuntime. + * + * @return builder + * + */ + public Builder runtimeUser(String runtimeUser) { + return runtimeUser(Output.of(runtimeUser)); + } + + public RuntimeState build() { + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/colab/inputs/RuntimeTemplateIamBindingConditionArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/colab/inputs/RuntimeTemplateIamBindingConditionArgs.java new file mode 100644 index 0000000000..357666f0d0 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/colab/inputs/RuntimeTemplateIamBindingConditionArgs.java @@ -0,0 +1,104 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.colab.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class RuntimeTemplateIamBindingConditionArgs extends com.pulumi.resources.ResourceArgs { + + public static final RuntimeTemplateIamBindingConditionArgs Empty = new RuntimeTemplateIamBindingConditionArgs(); + + @Import(name="description") + private @Nullable Output description; + + public Optional> description() { + return Optional.ofNullable(this.description); + } + + @Import(name="expression", required=true) + private Output expression; + + public Output expression() { + return this.expression; + } + + @Import(name="title", required=true) + private Output title; + + public Output title() { + return this.title; + } + + private RuntimeTemplateIamBindingConditionArgs() {} + + private RuntimeTemplateIamBindingConditionArgs(RuntimeTemplateIamBindingConditionArgs $) { + this.description = $.description; + this.expression = $.expression; + this.title = $.title; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(RuntimeTemplateIamBindingConditionArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private RuntimeTemplateIamBindingConditionArgs $; + + public Builder() { + $ = new RuntimeTemplateIamBindingConditionArgs(); + } + + public Builder(RuntimeTemplateIamBindingConditionArgs defaults) { + $ = new RuntimeTemplateIamBindingConditionArgs(Objects.requireNonNull(defaults)); + } + + public Builder description(@Nullable Output description) { + $.description = description; + return this; + } + + public Builder description(String description) { + return description(Output.of(description)); + } + + public Builder expression(Output expression) { + $.expression = expression; + return this; + } + + public Builder expression(String expression) { + return expression(Output.of(expression)); + } + + public Builder title(Output title) { + $.title = title; + return this; + } + + public Builder title(String title) { + return title(Output.of(title)); + } + + public RuntimeTemplateIamBindingConditionArgs build() { + if ($.expression == null) { + throw new MissingRequiredPropertyException("RuntimeTemplateIamBindingConditionArgs", "expression"); + } + if ($.title == null) { + throw new MissingRequiredPropertyException("RuntimeTemplateIamBindingConditionArgs", "title"); + } + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/colab/inputs/RuntimeTemplateIamBindingState.java b/sdk/java/src/main/java/com/pulumi/gcp/colab/inputs/RuntimeTemplateIamBindingState.java new file mode 100644 index 0000000000..5e5c4e403a --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/colab/inputs/RuntimeTemplateIamBindingState.java @@ -0,0 +1,367 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.colab.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.gcp.colab.inputs.RuntimeTemplateIamBindingConditionArgs; +import java.lang.String; +import java.util.List; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class RuntimeTemplateIamBindingState extends com.pulumi.resources.ResourceArgs { + + public static final RuntimeTemplateIamBindingState Empty = new RuntimeTemplateIamBindingState(); + + @Import(name="condition") + private @Nullable Output condition; + + public Optional> condition() { + return Optional.ofNullable(this.condition); + } + + /** + * (Computed) The etag of the IAM policy. + * + */ + @Import(name="etag") + private @Nullable Output etag; + + /** + * @return (Computed) The etag of the IAM policy. + * + */ + public Optional> etag() { + return Optional.ofNullable(this.etag); + } + + /** + * The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + * the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + * location is specified, it is taken from the provider configuration. + * + */ + @Import(name="location") + private @Nullable Output location; + + /** + * @return The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + * the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + * location is specified, it is taken from the provider configuration. + * + */ + public Optional> location() { + return Optional.ofNullable(this.location); + } + + /** + * Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice{@literal @}gmail.com or joe{@literal @}example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app{@literal @}appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins{@literal @}example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + * + */ + @Import(name="members") + private @Nullable Output> members; + + /** + * @return Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice{@literal @}gmail.com or joe{@literal @}example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app{@literal @}appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins{@literal @}example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + * + */ + public Optional>> members() { + return Optional.ofNullable(this.members); + } + + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + */ + @Import(name="project") + private @Nullable Output project; + + /** + * @return The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + */ + public Optional> project() { + return Optional.ofNullable(this.project); + } + + /** + * The role that should be applied. Only one + * `gcp.colab.RuntimeTemplateIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + * + */ + @Import(name="role") + private @Nullable Output role; + + /** + * @return The role that should be applied. Only one + * `gcp.colab.RuntimeTemplateIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + * + */ + public Optional> role() { + return Optional.ofNullable(this.role); + } + + /** + * Used to find the parent resource to bind the IAM policy to + * + */ + @Import(name="runtimeTemplate") + private @Nullable Output runtimeTemplate; + + /** + * @return Used to find the parent resource to bind the IAM policy to + * + */ + public Optional> runtimeTemplate() { + return Optional.ofNullable(this.runtimeTemplate); + } + + private RuntimeTemplateIamBindingState() {} + + private RuntimeTemplateIamBindingState(RuntimeTemplateIamBindingState $) { + this.condition = $.condition; + this.etag = $.etag; + this.location = $.location; + this.members = $.members; + this.project = $.project; + this.role = $.role; + this.runtimeTemplate = $.runtimeTemplate; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(RuntimeTemplateIamBindingState defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private RuntimeTemplateIamBindingState $; + + public Builder() { + $ = new RuntimeTemplateIamBindingState(); + } + + public Builder(RuntimeTemplateIamBindingState defaults) { + $ = new RuntimeTemplateIamBindingState(Objects.requireNonNull(defaults)); + } + + public Builder condition(@Nullable Output condition) { + $.condition = condition; + return this; + } + + public Builder condition(RuntimeTemplateIamBindingConditionArgs condition) { + return condition(Output.of(condition)); + } + + /** + * @param etag (Computed) The etag of the IAM policy. + * + * @return builder + * + */ + public Builder etag(@Nullable Output etag) { + $.etag = etag; + return this; + } + + /** + * @param etag (Computed) The etag of the IAM policy. + * + * @return builder + * + */ + public Builder etag(String etag) { + return etag(Output.of(etag)); + } + + /** + * @param location The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + * the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + * location is specified, it is taken from the provider configuration. + * + * @return builder + * + */ + public Builder location(@Nullable Output location) { + $.location = location; + return this; + } + + /** + * @param location The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + * the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + * location is specified, it is taken from the provider configuration. + * + * @return builder + * + */ + public Builder location(String location) { + return location(Output.of(location)); + } + + /** + * @param members Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice{@literal @}gmail.com or joe{@literal @}example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app{@literal @}appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins{@literal @}example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + * + * @return builder + * + */ + public Builder members(@Nullable Output> members) { + $.members = members; + return this; + } + + /** + * @param members Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice{@literal @}gmail.com or joe{@literal @}example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app{@literal @}appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins{@literal @}example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + * + * @return builder + * + */ + public Builder members(List members) { + return members(Output.of(members)); + } + + /** + * @param members Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice{@literal @}gmail.com or joe{@literal @}example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app{@literal @}appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins{@literal @}example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + * + * @return builder + * + */ + public Builder members(String... members) { + return members(List.of(members)); + } + + /** + * @param project The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + * @return builder + * + */ + public Builder project(@Nullable Output project) { + $.project = project; + return this; + } + + /** + * @param project The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + * @return builder + * + */ + public Builder project(String project) { + return project(Output.of(project)); + } + + /** + * @param role The role that should be applied. Only one + * `gcp.colab.RuntimeTemplateIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + * + * @return builder + * + */ + public Builder role(@Nullable Output role) { + $.role = role; + return this; + } + + /** + * @param role The role that should be applied. Only one + * `gcp.colab.RuntimeTemplateIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + * + * @return builder + * + */ + public Builder role(String role) { + return role(Output.of(role)); + } + + /** + * @param runtimeTemplate Used to find the parent resource to bind the IAM policy to + * + * @return builder + * + */ + public Builder runtimeTemplate(@Nullable Output runtimeTemplate) { + $.runtimeTemplate = runtimeTemplate; + return this; + } + + /** + * @param runtimeTemplate Used to find the parent resource to bind the IAM policy to + * + * @return builder + * + */ + public Builder runtimeTemplate(String runtimeTemplate) { + return runtimeTemplate(Output.of(runtimeTemplate)); + } + + public RuntimeTemplateIamBindingState build() { + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/colab/inputs/RuntimeTemplateIamMemberConditionArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/colab/inputs/RuntimeTemplateIamMemberConditionArgs.java new file mode 100644 index 0000000000..8f1fa3a130 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/colab/inputs/RuntimeTemplateIamMemberConditionArgs.java @@ -0,0 +1,104 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.colab.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class RuntimeTemplateIamMemberConditionArgs extends com.pulumi.resources.ResourceArgs { + + public static final RuntimeTemplateIamMemberConditionArgs Empty = new RuntimeTemplateIamMemberConditionArgs(); + + @Import(name="description") + private @Nullable Output description; + + public Optional> description() { + return Optional.ofNullable(this.description); + } + + @Import(name="expression", required=true) + private Output expression; + + public Output expression() { + return this.expression; + } + + @Import(name="title", required=true) + private Output title; + + public Output title() { + return this.title; + } + + private RuntimeTemplateIamMemberConditionArgs() {} + + private RuntimeTemplateIamMemberConditionArgs(RuntimeTemplateIamMemberConditionArgs $) { + this.description = $.description; + this.expression = $.expression; + this.title = $.title; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(RuntimeTemplateIamMemberConditionArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private RuntimeTemplateIamMemberConditionArgs $; + + public Builder() { + $ = new RuntimeTemplateIamMemberConditionArgs(); + } + + public Builder(RuntimeTemplateIamMemberConditionArgs defaults) { + $ = new RuntimeTemplateIamMemberConditionArgs(Objects.requireNonNull(defaults)); + } + + public Builder description(@Nullable Output description) { + $.description = description; + return this; + } + + public Builder description(String description) { + return description(Output.of(description)); + } + + public Builder expression(Output expression) { + $.expression = expression; + return this; + } + + public Builder expression(String expression) { + return expression(Output.of(expression)); + } + + public Builder title(Output title) { + $.title = title; + return this; + } + + public Builder title(String title) { + return title(Output.of(title)); + } + + public RuntimeTemplateIamMemberConditionArgs build() { + if ($.expression == null) { + throw new MissingRequiredPropertyException("RuntimeTemplateIamMemberConditionArgs", "expression"); + } + if ($.title == null) { + throw new MissingRequiredPropertyException("RuntimeTemplateIamMemberConditionArgs", "title"); + } + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/colab/inputs/RuntimeTemplateIamMemberState.java b/sdk/java/src/main/java/com/pulumi/gcp/colab/inputs/RuntimeTemplateIamMemberState.java new file mode 100644 index 0000000000..6eb4e67054 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/colab/inputs/RuntimeTemplateIamMemberState.java @@ -0,0 +1,346 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.colab.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.gcp.colab.inputs.RuntimeTemplateIamMemberConditionArgs; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class RuntimeTemplateIamMemberState extends com.pulumi.resources.ResourceArgs { + + public static final RuntimeTemplateIamMemberState Empty = new RuntimeTemplateIamMemberState(); + + @Import(name="condition") + private @Nullable Output condition; + + public Optional> condition() { + return Optional.ofNullable(this.condition); + } + + /** + * (Computed) The etag of the IAM policy. + * + */ + @Import(name="etag") + private @Nullable Output etag; + + /** + * @return (Computed) The etag of the IAM policy. + * + */ + public Optional> etag() { + return Optional.ofNullable(this.etag); + } + + /** + * The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + * the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + * location is specified, it is taken from the provider configuration. + * + */ + @Import(name="location") + private @Nullable Output location; + + /** + * @return The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + * the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + * location is specified, it is taken from the provider configuration. + * + */ + public Optional> location() { + return Optional.ofNullable(this.location); + } + + /** + * Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice{@literal @}gmail.com or joe{@literal @}example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app{@literal @}appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins{@literal @}example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + * + */ + @Import(name="member") + private @Nullable Output member; + + /** + * @return Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice{@literal @}gmail.com or joe{@literal @}example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app{@literal @}appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins{@literal @}example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + * + */ + public Optional> member() { + return Optional.ofNullable(this.member); + } + + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + */ + @Import(name="project") + private @Nullable Output project; + + /** + * @return The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + */ + public Optional> project() { + return Optional.ofNullable(this.project); + } + + /** + * The role that should be applied. Only one + * `gcp.colab.RuntimeTemplateIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + * + */ + @Import(name="role") + private @Nullable Output role; + + /** + * @return The role that should be applied. Only one + * `gcp.colab.RuntimeTemplateIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + * + */ + public Optional> role() { + return Optional.ofNullable(this.role); + } + + /** + * Used to find the parent resource to bind the IAM policy to + * + */ + @Import(name="runtimeTemplate") + private @Nullable Output runtimeTemplate; + + /** + * @return Used to find the parent resource to bind the IAM policy to + * + */ + public Optional> runtimeTemplate() { + return Optional.ofNullable(this.runtimeTemplate); + } + + private RuntimeTemplateIamMemberState() {} + + private RuntimeTemplateIamMemberState(RuntimeTemplateIamMemberState $) { + this.condition = $.condition; + this.etag = $.etag; + this.location = $.location; + this.member = $.member; + this.project = $.project; + this.role = $.role; + this.runtimeTemplate = $.runtimeTemplate; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(RuntimeTemplateIamMemberState defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private RuntimeTemplateIamMemberState $; + + public Builder() { + $ = new RuntimeTemplateIamMemberState(); + } + + public Builder(RuntimeTemplateIamMemberState defaults) { + $ = new RuntimeTemplateIamMemberState(Objects.requireNonNull(defaults)); + } + + public Builder condition(@Nullable Output condition) { + $.condition = condition; + return this; + } + + public Builder condition(RuntimeTemplateIamMemberConditionArgs condition) { + return condition(Output.of(condition)); + } + + /** + * @param etag (Computed) The etag of the IAM policy. + * + * @return builder + * + */ + public Builder etag(@Nullable Output etag) { + $.etag = etag; + return this; + } + + /** + * @param etag (Computed) The etag of the IAM policy. + * + * @return builder + * + */ + public Builder etag(String etag) { + return etag(Output.of(etag)); + } + + /** + * @param location The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + * the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + * location is specified, it is taken from the provider configuration. + * + * @return builder + * + */ + public Builder location(@Nullable Output location) { + $.location = location; + return this; + } + + /** + * @param location The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + * the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + * location is specified, it is taken from the provider configuration. + * + * @return builder + * + */ + public Builder location(String location) { + return location(Output.of(location)); + } + + /** + * @param member Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice{@literal @}gmail.com or joe{@literal @}example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app{@literal @}appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins{@literal @}example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + * + * @return builder + * + */ + public Builder member(@Nullable Output member) { + $.member = member; + return this; + } + + /** + * @param member Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice{@literal @}gmail.com or joe{@literal @}example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app{@literal @}appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins{@literal @}example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + * + * @return builder + * + */ + public Builder member(String member) { + return member(Output.of(member)); + } + + /** + * @param project The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + * @return builder + * + */ + public Builder project(@Nullable Output project) { + $.project = project; + return this; + } + + /** + * @param project The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + * @return builder + * + */ + public Builder project(String project) { + return project(Output.of(project)); + } + + /** + * @param role The role that should be applied. Only one + * `gcp.colab.RuntimeTemplateIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + * + * @return builder + * + */ + public Builder role(@Nullable Output role) { + $.role = role; + return this; + } + + /** + * @param role The role that should be applied. Only one + * `gcp.colab.RuntimeTemplateIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + * + * @return builder + * + */ + public Builder role(String role) { + return role(Output.of(role)); + } + + /** + * @param runtimeTemplate Used to find the parent resource to bind the IAM policy to + * + * @return builder + * + */ + public Builder runtimeTemplate(@Nullable Output runtimeTemplate) { + $.runtimeTemplate = runtimeTemplate; + return this; + } + + /** + * @param runtimeTemplate Used to find the parent resource to bind the IAM policy to + * + * @return builder + * + */ + public Builder runtimeTemplate(String runtimeTemplate) { + return runtimeTemplate(Output.of(runtimeTemplate)); + } + + public RuntimeTemplateIamMemberState build() { + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/colab/inputs/RuntimeTemplateIamPolicyState.java b/sdk/java/src/main/java/com/pulumi/gcp/colab/inputs/RuntimeTemplateIamPolicyState.java new file mode 100644 index 0000000000..0dd7494800 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/colab/inputs/RuntimeTemplateIamPolicyState.java @@ -0,0 +1,247 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.colab.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class RuntimeTemplateIamPolicyState extends com.pulumi.resources.ResourceArgs { + + public static final RuntimeTemplateIamPolicyState Empty = new RuntimeTemplateIamPolicyState(); + + /** + * (Computed) The etag of the IAM policy. + * + */ + @Import(name="etag") + private @Nullable Output etag; + + /** + * @return (Computed) The etag of the IAM policy. + * + */ + public Optional> etag() { + return Optional.ofNullable(this.etag); + } + + /** + * The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + * the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + * location is specified, it is taken from the provider configuration. + * + */ + @Import(name="location") + private @Nullable Output location; + + /** + * @return The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + * the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + * location is specified, it is taken from the provider configuration. + * + */ + public Optional> location() { + return Optional.ofNullable(this.location); + } + + /** + * The policy data generated by + * a `gcp.organizations.getIAMPolicy` data source. + * + */ + @Import(name="policyData") + private @Nullable Output policyData; + + /** + * @return The policy data generated by + * a `gcp.organizations.getIAMPolicy` data source. + * + */ + public Optional> policyData() { + return Optional.ofNullable(this.policyData); + } + + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + */ + @Import(name="project") + private @Nullable Output project; + + /** + * @return The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + */ + public Optional> project() { + return Optional.ofNullable(this.project); + } + + /** + * Used to find the parent resource to bind the IAM policy to + * + */ + @Import(name="runtimeTemplate") + private @Nullable Output runtimeTemplate; + + /** + * @return Used to find the parent resource to bind the IAM policy to + * + */ + public Optional> runtimeTemplate() { + return Optional.ofNullable(this.runtimeTemplate); + } + + private RuntimeTemplateIamPolicyState() {} + + private RuntimeTemplateIamPolicyState(RuntimeTemplateIamPolicyState $) { + this.etag = $.etag; + this.location = $.location; + this.policyData = $.policyData; + this.project = $.project; + this.runtimeTemplate = $.runtimeTemplate; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(RuntimeTemplateIamPolicyState defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private RuntimeTemplateIamPolicyState $; + + public Builder() { + $ = new RuntimeTemplateIamPolicyState(); + } + + public Builder(RuntimeTemplateIamPolicyState defaults) { + $ = new RuntimeTemplateIamPolicyState(Objects.requireNonNull(defaults)); + } + + /** + * @param etag (Computed) The etag of the IAM policy. + * + * @return builder + * + */ + public Builder etag(@Nullable Output etag) { + $.etag = etag; + return this; + } + + /** + * @param etag (Computed) The etag of the IAM policy. + * + * @return builder + * + */ + public Builder etag(String etag) { + return etag(Output.of(etag)); + } + + /** + * @param location The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + * the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + * location is specified, it is taken from the provider configuration. + * + * @return builder + * + */ + public Builder location(@Nullable Output location) { + $.location = location; + return this; + } + + /** + * @param location The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + * the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + * location is specified, it is taken from the provider configuration. + * + * @return builder + * + */ + public Builder location(String location) { + return location(Output.of(location)); + } + + /** + * @param policyData The policy data generated by + * a `gcp.organizations.getIAMPolicy` data source. + * + * @return builder + * + */ + public Builder policyData(@Nullable Output policyData) { + $.policyData = policyData; + return this; + } + + /** + * @param policyData The policy data generated by + * a `gcp.organizations.getIAMPolicy` data source. + * + * @return builder + * + */ + public Builder policyData(String policyData) { + return policyData(Output.of(policyData)); + } + + /** + * @param project The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + * @return builder + * + */ + public Builder project(@Nullable Output project) { + $.project = project; + return this; + } + + /** + * @param project The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + * @return builder + * + */ + public Builder project(String project) { + return project(Output.of(project)); + } + + /** + * @param runtimeTemplate Used to find the parent resource to bind the IAM policy to + * + * @return builder + * + */ + public Builder runtimeTemplate(@Nullable Output runtimeTemplate) { + $.runtimeTemplate = runtimeTemplate; + return this; + } + + /** + * @param runtimeTemplate Used to find the parent resource to bind the IAM policy to + * + * @return builder + * + */ + public Builder runtimeTemplate(String runtimeTemplate) { + return runtimeTemplate(Output.of(runtimeTemplate)); + } + + public RuntimeTemplateIamPolicyState build() { + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/colab/outputs/GetRuntimeTemplateIamPolicyResult.java b/sdk/java/src/main/java/com/pulumi/gcp/colab/outputs/GetRuntimeTemplateIamPolicyResult.java new file mode 100644 index 0000000000..cc91322bc5 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/colab/outputs/GetRuntimeTemplateIamPolicyResult.java @@ -0,0 +1,151 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.colab.outputs; + +import com.pulumi.core.annotations.CustomType; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.Objects; + +@CustomType +public final class GetRuntimeTemplateIamPolicyResult { + /** + * @return (Computed) The etag of the IAM policy. + * + */ + private String etag; + /** + * @return The provider-assigned unique ID for this managed resource. + * + */ + private String id; + private String location; + /** + * @return (Required only by `gcp.colab.RuntimeTemplateIamPolicy`) The policy data generated by + * a `gcp.organizations.getIAMPolicy` data source. + * + */ + private String policyData; + private String project; + private String runtimeTemplate; + + private GetRuntimeTemplateIamPolicyResult() {} + /** + * @return (Computed) The etag of the IAM policy. + * + */ + public String etag() { + return this.etag; + } + /** + * @return The provider-assigned unique ID for this managed resource. + * + */ + public String id() { + return this.id; + } + public String location() { + return this.location; + } + /** + * @return (Required only by `gcp.colab.RuntimeTemplateIamPolicy`) The policy data generated by + * a `gcp.organizations.getIAMPolicy` data source. + * + */ + public String policyData() { + return this.policyData; + } + public String project() { + return this.project; + } + public String runtimeTemplate() { + return this.runtimeTemplate; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(GetRuntimeTemplateIamPolicyResult defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private String etag; + private String id; + private String location; + private String policyData; + private String project; + private String runtimeTemplate; + public Builder() {} + public Builder(GetRuntimeTemplateIamPolicyResult defaults) { + Objects.requireNonNull(defaults); + this.etag = defaults.etag; + this.id = defaults.id; + this.location = defaults.location; + this.policyData = defaults.policyData; + this.project = defaults.project; + this.runtimeTemplate = defaults.runtimeTemplate; + } + + @CustomType.Setter + public Builder etag(String etag) { + if (etag == null) { + throw new MissingRequiredPropertyException("GetRuntimeTemplateIamPolicyResult", "etag"); + } + this.etag = etag; + return this; + } + @CustomType.Setter + public Builder id(String id) { + if (id == null) { + throw new MissingRequiredPropertyException("GetRuntimeTemplateIamPolicyResult", "id"); + } + this.id = id; + return this; + } + @CustomType.Setter + public Builder location(String location) { + if (location == null) { + throw new MissingRequiredPropertyException("GetRuntimeTemplateIamPolicyResult", "location"); + } + this.location = location; + return this; + } + @CustomType.Setter + public Builder policyData(String policyData) { + if (policyData == null) { + throw new MissingRequiredPropertyException("GetRuntimeTemplateIamPolicyResult", "policyData"); + } + this.policyData = policyData; + return this; + } + @CustomType.Setter + public Builder project(String project) { + if (project == null) { + throw new MissingRequiredPropertyException("GetRuntimeTemplateIamPolicyResult", "project"); + } + this.project = project; + return this; + } + @CustomType.Setter + public Builder runtimeTemplate(String runtimeTemplate) { + if (runtimeTemplate == null) { + throw new MissingRequiredPropertyException("GetRuntimeTemplateIamPolicyResult", "runtimeTemplate"); + } + this.runtimeTemplate = runtimeTemplate; + return this; + } + public GetRuntimeTemplateIamPolicyResult build() { + final var _resultValue = new GetRuntimeTemplateIamPolicyResult(); + _resultValue.etag = etag; + _resultValue.id = id; + _resultValue.location = location; + _resultValue.policyData = policyData; + _resultValue.project = project; + _resultValue.runtimeTemplate = runtimeTemplate; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/colab/outputs/RuntimeNotebookRuntimeTemplateRef.java b/sdk/java/src/main/java/com/pulumi/gcp/colab/outputs/RuntimeNotebookRuntimeTemplateRef.java new file mode 100644 index 0000000000..1bb8822152 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/colab/outputs/RuntimeNotebookRuntimeTemplateRef.java @@ -0,0 +1,58 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.colab.outputs; + +import com.pulumi.core.annotations.CustomType; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.Objects; + +@CustomType +public final class RuntimeNotebookRuntimeTemplateRef { + /** + * @return The resource name of the NotebookRuntimeTemplate based on which a NotebookRuntime will be created. + * + */ + private String notebookRuntimeTemplate; + + private RuntimeNotebookRuntimeTemplateRef() {} + /** + * @return The resource name of the NotebookRuntimeTemplate based on which a NotebookRuntime will be created. + * + */ + public String notebookRuntimeTemplate() { + return this.notebookRuntimeTemplate; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(RuntimeNotebookRuntimeTemplateRef defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private String notebookRuntimeTemplate; + public Builder() {} + public Builder(RuntimeNotebookRuntimeTemplateRef defaults) { + Objects.requireNonNull(defaults); + this.notebookRuntimeTemplate = defaults.notebookRuntimeTemplate; + } + + @CustomType.Setter + public Builder notebookRuntimeTemplate(String notebookRuntimeTemplate) { + if (notebookRuntimeTemplate == null) { + throw new MissingRequiredPropertyException("RuntimeNotebookRuntimeTemplateRef", "notebookRuntimeTemplate"); + } + this.notebookRuntimeTemplate = notebookRuntimeTemplate; + return this; + } + public RuntimeNotebookRuntimeTemplateRef build() { + final var _resultValue = new RuntimeNotebookRuntimeTemplateRef(); + _resultValue.notebookRuntimeTemplate = notebookRuntimeTemplate; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/colab/outputs/RuntimeTemplateIamBindingCondition.java b/sdk/java/src/main/java/com/pulumi/gcp/colab/outputs/RuntimeTemplateIamBindingCondition.java new file mode 100644 index 0000000000..b25eb8b9c0 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/colab/outputs/RuntimeTemplateIamBindingCondition.java @@ -0,0 +1,80 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.colab.outputs; + +import com.pulumi.core.annotations.CustomType; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + +@CustomType +public final class RuntimeTemplateIamBindingCondition { + private @Nullable String description; + private String expression; + private String title; + + private RuntimeTemplateIamBindingCondition() {} + public Optional description() { + return Optional.ofNullable(this.description); + } + public String expression() { + return this.expression; + } + public String title() { + return this.title; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(RuntimeTemplateIamBindingCondition defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private @Nullable String description; + private String expression; + private String title; + public Builder() {} + public Builder(RuntimeTemplateIamBindingCondition defaults) { + Objects.requireNonNull(defaults); + this.description = defaults.description; + this.expression = defaults.expression; + this.title = defaults.title; + } + + @CustomType.Setter + public Builder description(@Nullable String description) { + + this.description = description; + return this; + } + @CustomType.Setter + public Builder expression(String expression) { + if (expression == null) { + throw new MissingRequiredPropertyException("RuntimeTemplateIamBindingCondition", "expression"); + } + this.expression = expression; + return this; + } + @CustomType.Setter + public Builder title(String title) { + if (title == null) { + throw new MissingRequiredPropertyException("RuntimeTemplateIamBindingCondition", "title"); + } + this.title = title; + return this; + } + public RuntimeTemplateIamBindingCondition build() { + final var _resultValue = new RuntimeTemplateIamBindingCondition(); + _resultValue.description = description; + _resultValue.expression = expression; + _resultValue.title = title; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/colab/outputs/RuntimeTemplateIamMemberCondition.java b/sdk/java/src/main/java/com/pulumi/gcp/colab/outputs/RuntimeTemplateIamMemberCondition.java new file mode 100644 index 0000000000..c4c259a65f --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/colab/outputs/RuntimeTemplateIamMemberCondition.java @@ -0,0 +1,80 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.colab.outputs; + +import com.pulumi.core.annotations.CustomType; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + +@CustomType +public final class RuntimeTemplateIamMemberCondition { + private @Nullable String description; + private String expression; + private String title; + + private RuntimeTemplateIamMemberCondition() {} + public Optional description() { + return Optional.ofNullable(this.description); + } + public String expression() { + return this.expression; + } + public String title() { + return this.title; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(RuntimeTemplateIamMemberCondition defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private @Nullable String description; + private String expression; + private String title; + public Builder() {} + public Builder(RuntimeTemplateIamMemberCondition defaults) { + Objects.requireNonNull(defaults); + this.description = defaults.description; + this.expression = defaults.expression; + this.title = defaults.title; + } + + @CustomType.Setter + public Builder description(@Nullable String description) { + + this.description = description; + return this; + } + @CustomType.Setter + public Builder expression(String expression) { + if (expression == null) { + throw new MissingRequiredPropertyException("RuntimeTemplateIamMemberCondition", "expression"); + } + this.expression = expression; + return this; + } + @CustomType.Setter + public Builder title(String title) { + if (title == null) { + throw new MissingRequiredPropertyException("RuntimeTemplateIamMemberCondition", "title"); + } + this.title = title; + return this; + } + public RuntimeTemplateIamMemberCondition build() { + final var _resultValue = new RuntimeTemplateIamMemberCondition(); + _resultValue.description = description; + _resultValue.expression = expression; + _resultValue.title = title; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/ComputeFunctions.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/ComputeFunctions.java index 515baf42df..92958f1261 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/compute/ComputeFunctions.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/ComputeFunctions.java @@ -58,6 +58,8 @@ import com.pulumi.gcp.compute.inputs.GetInstanceSerialPortArgs; import com.pulumi.gcp.compute.inputs.GetInstanceSerialPortPlainArgs; import com.pulumi.gcp.compute.inputs.GetInstanceTemplateArgs; +import com.pulumi.gcp.compute.inputs.GetInstanceTemplateIamPolicyArgs; +import com.pulumi.gcp.compute.inputs.GetInstanceTemplateIamPolicyPlainArgs; import com.pulumi.gcp.compute.inputs.GetInstanceTemplatePlainArgs; import com.pulumi.gcp.compute.inputs.GetMachineImageIamPolicyArgs; import com.pulumi.gcp.compute.inputs.GetMachineImageIamPolicyPlainArgs; @@ -147,6 +149,7 @@ import com.pulumi.gcp.compute.outputs.GetInstanceIamPolicyResult; import com.pulumi.gcp.compute.outputs.GetInstanceResult; import com.pulumi.gcp.compute.outputs.GetInstanceSerialPortResult; +import com.pulumi.gcp.compute.outputs.GetInstanceTemplateIamPolicyResult; import com.pulumi.gcp.compute.outputs.GetInstanceTemplateResult; import com.pulumi.gcp.compute.outputs.GetLBIPRangesResult; import com.pulumi.gcp.compute.outputs.GetMachineImageIamPolicyResult; @@ -6797,6 +6800,221 @@ public static Output getInstanceTemplate(GetInstanceT public static CompletableFuture getInstanceTemplatePlain(GetInstanceTemplatePlainArgs args, InvokeOptions options) { return Deployment.getInstance().invokeAsync("gcp:compute/getInstanceTemplate:getInstanceTemplate", TypeShape.of(GetInstanceTemplateResult.class), args, Utilities.withVersion(options)); } + /** + * Retrieves the current IAM policy data for instancetemplate + * + * ## example + * + * <!--Start PulumiCodeChooser --> + * 
+     * {@code
+     * package generated_program;
+     * 
+     * import com.pulumi.Context;
+     * import com.pulumi.Pulumi;
+     * import com.pulumi.core.Output;
+     * import com.pulumi.gcp.compute.ComputeFunctions;
+     * import com.pulumi.gcp.compute.inputs.GetInstanceTemplateIamPolicyArgs;
+     * import java.util.List;
+     * import java.util.ArrayList;
+     * import java.util.Map;
+     * import java.io.File;
+     * import java.nio.file.Files;
+     * import java.nio.file.Paths;
+     * 
+     * public class App {
+     *     public static void main(String[] args) {
+     *         Pulumi.run(App::stack);
+     *     }
+     * 
+     *     public static void stack(Context ctx) {
+     *         final var policy = ComputeFunctions.getInstanceTemplateIamPolicy(GetInstanceTemplateIamPolicyArgs.builder()
+     *             .project(default_.project())
+     *             .name(default_.name())
+     *             .build());
+     * 
+     *     }
+     * }
+     * }
+     *
+ * <!--End PulumiCodeChooser --> + * + */ + public static Output getInstanceTemplateIamPolicy(GetInstanceTemplateIamPolicyArgs args) { + return getInstanceTemplateIamPolicy(args, InvokeOptions.Empty); + } + /** + * Retrieves the current IAM policy data for instancetemplate + * + * ## example + * + * <!--Start PulumiCodeChooser --> + * 
+     * {@code
+     * package generated_program;
+     * 
+     * import com.pulumi.Context;
+     * import com.pulumi.Pulumi;
+     * import com.pulumi.core.Output;
+     * import com.pulumi.gcp.compute.ComputeFunctions;
+     * import com.pulumi.gcp.compute.inputs.GetInstanceTemplateIamPolicyArgs;
+     * import java.util.List;
+     * import java.util.ArrayList;
+     * import java.util.Map;
+     * import java.io.File;
+     * import java.nio.file.Files;
+     * import java.nio.file.Paths;
+     * 
+     * public class App {
+     *     public static void main(String[] args) {
+     *         Pulumi.run(App::stack);
+     *     }
+     * 
+     *     public static void stack(Context ctx) {
+     *         final var policy = ComputeFunctions.getInstanceTemplateIamPolicy(GetInstanceTemplateIamPolicyArgs.builder()
+     *             .project(default_.project())
+     *             .name(default_.name())
+     *             .build());
+     * 
+     *     }
+     * }
+     * }
+     *
+ * <!--End PulumiCodeChooser --> + * + */ + public static CompletableFuture getInstanceTemplateIamPolicyPlain(GetInstanceTemplateIamPolicyPlainArgs args) { + return getInstanceTemplateIamPolicyPlain(args, InvokeOptions.Empty); + } + /** + * Retrieves the current IAM policy data for instancetemplate + * + * ## example + * + * <!--Start PulumiCodeChooser --> + * 
+     * {@code
+     * package generated_program;
+     * 
+     * import com.pulumi.Context;
+     * import com.pulumi.Pulumi;
+     * import com.pulumi.core.Output;
+     * import com.pulumi.gcp.compute.ComputeFunctions;
+     * import com.pulumi.gcp.compute.inputs.GetInstanceTemplateIamPolicyArgs;
+     * import java.util.List;
+     * import java.util.ArrayList;
+     * import java.util.Map;
+     * import java.io.File;
+     * import java.nio.file.Files;
+     * import java.nio.file.Paths;
+     * 
+     * public class App {
+     *     public static void main(String[] args) {
+     *         Pulumi.run(App::stack);
+     *     }
+     * 
+     *     public static void stack(Context ctx) {
+     *         final var policy = ComputeFunctions.getInstanceTemplateIamPolicy(GetInstanceTemplateIamPolicyArgs.builder()
+     *             .project(default_.project())
+     *             .name(default_.name())
+     *             .build());
+     * 
+     *     }
+     * }
+     * }
+     *
+ * <!--End PulumiCodeChooser --> + * + */ + public static Output getInstanceTemplateIamPolicy(GetInstanceTemplateIamPolicyArgs args, InvokeOptions options) { + return Deployment.getInstance().invoke("gcp:compute/getInstanceTemplateIamPolicy:getInstanceTemplateIamPolicy", TypeShape.of(GetInstanceTemplateIamPolicyResult.class), args, Utilities.withVersion(options)); + } + /** + * Retrieves the current IAM policy data for instancetemplate + * + * ## example + * + * <!--Start PulumiCodeChooser --> + * 
+     * {@code
+     * package generated_program;
+     * 
+     * import com.pulumi.Context;
+     * import com.pulumi.Pulumi;
+     * import com.pulumi.core.Output;
+     * import com.pulumi.gcp.compute.ComputeFunctions;
+     * import com.pulumi.gcp.compute.inputs.GetInstanceTemplateIamPolicyArgs;
+     * import java.util.List;
+     * import java.util.ArrayList;
+     * import java.util.Map;
+     * import java.io.File;
+     * import java.nio.file.Files;
+     * import java.nio.file.Paths;
+     * 
+     * public class App {
+     *     public static void main(String[] args) {
+     *         Pulumi.run(App::stack);
+     *     }
+     * 
+     *     public static void stack(Context ctx) {
+     *         final var policy = ComputeFunctions.getInstanceTemplateIamPolicy(GetInstanceTemplateIamPolicyArgs.builder()
+     *             .project(default_.project())
+     *             .name(default_.name())
+     *             .build());
+     * 
+     *     }
+     * }
+     * }
+     *
+ * <!--End PulumiCodeChooser --> + * + */ + public static Output getInstanceTemplateIamPolicy(GetInstanceTemplateIamPolicyArgs args, InvokeOutputOptions options) { + return Deployment.getInstance().invoke("gcp:compute/getInstanceTemplateIamPolicy:getInstanceTemplateIamPolicy", TypeShape.of(GetInstanceTemplateIamPolicyResult.class), args, Utilities.withVersion(options)); + } + /** + * Retrieves the current IAM policy data for instancetemplate + * + * ## example + * + * <!--Start PulumiCodeChooser --> + * 
+     * {@code
+     * package generated_program;
+     * 
+     * import com.pulumi.Context;
+     * import com.pulumi.Pulumi;
+     * import com.pulumi.core.Output;
+     * import com.pulumi.gcp.compute.ComputeFunctions;
+     * import com.pulumi.gcp.compute.inputs.GetInstanceTemplateIamPolicyArgs;
+     * import java.util.List;
+     * import java.util.ArrayList;
+     * import java.util.Map;
+     * import java.io.File;
+     * import java.nio.file.Files;
+     * import java.nio.file.Paths;
+     * 
+     * public class App {
+     *     public static void main(String[] args) {
+     *         Pulumi.run(App::stack);
+     *     }
+     * 
+     *     public static void stack(Context ctx) {
+     *         final var policy = ComputeFunctions.getInstanceTemplateIamPolicy(GetInstanceTemplateIamPolicyArgs.builder()
+     *             .project(default_.project())
+     *             .name(default_.name())
+     *             .build());
+     * 
+     *     }
+     * }
+     * }
+     *
+ * <!--End PulumiCodeChooser --> + * + */ + public static CompletableFuture getInstanceTemplateIamPolicyPlain(GetInstanceTemplateIamPolicyPlainArgs args, InvokeOptions options) { + return Deployment.getInstance().invokeAsync("gcp:compute/getInstanceTemplateIamPolicy:getInstanceTemplateIamPolicy", TypeShape.of(GetInstanceTemplateIamPolicyResult.class), args, Utilities.withVersion(options)); + } /** * Use this data source to access IP ranges in your firewall rules. * diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/FirewallPolicyRule.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/FirewallPolicyRule.java index 06dc2e8f02..05512b3f4c 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/compute/FirewallPolicyRule.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/FirewallPolicyRule.java @@ -60,7 +60,7 @@ * * public static void stack(Context ctx) }{{@code * var basicGlobalNetworksecurityAddressGroup = new AddressGroup("basicGlobalNetworksecurityAddressGroup", AddressGroupArgs.builder() - * .name("address") + * .name("address-group") * .parent("organizations/123456789") * .description("Sample global networksecurity_address_group") * .location("global") @@ -77,11 +77,11 @@ * * var default_ = new FirewallPolicy("default", FirewallPolicyArgs.builder() * .parent(folder.id()) - * .shortName("policy") + * .shortName("fw-policy") * .description("Resource created for Terraform acceptance testing") * .build()); * - * var policyRule = new FirewallPolicyRule("policyRule", FirewallPolicyRuleArgs.builder() + * var primary = new FirewallPolicyRule("primary", FirewallPolicyRuleArgs.builder() * .firewallPolicy(default_.name()) * .description("Resource created for Terraform acceptance testing") * .priority(9000) @@ -89,7 +89,15 @@ * .action("allow") * .direction("EGRESS") * .disabled(false) + * .targetServiceAccounts("my}{@literal @}{@code service-account.com") * .match(FirewallPolicyRuleMatchArgs.builder() + * .destIpRanges("11.100.0.1/32") + * .destFqdns() + * .destRegionCodes("US") + * .destThreatIntelligences("iplist-known-malicious-ips") + * .srcAddressGroups() + * .destAddressGroups(basicGlobalNetworksecurityAddressGroup.id()) + * .destNetworkScope("INTERNET") * .layer4Configs( * FirewallPolicyRuleMatchLayer4ConfigArgs.builder() * .ipProtocol("tcp") @@ -99,14 +107,7 @@ * .ipProtocol("udp") * .ports(22) * .build()) - * .destIpRanges("11.100.0.1/32") - * .destFqdns() - * .destRegionCodes("US") - * .destThreatIntelligences("iplist-known-malicious-ips") - * .srcAddressGroups() - * .destAddressGroups(basicGlobalNetworksecurityAddressGroup.id()) * .build()) - * .targetServiceAccounts("my}{@literal @}{@code service-account.com") * .build()); * * }}{@code @@ -114,6 +115,83 @@ * } * * <!--End PulumiCodeChooser --> + * ### Firewall Policy Rule Network Scope + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.organizations.Folder;
+ * import com.pulumi.gcp.organizations.FolderArgs;
+ * import com.pulumi.gcp.compute.FirewallPolicy;
+ * import com.pulumi.gcp.compute.FirewallPolicyArgs;
+ * import com.pulumi.gcp.compute.Network;
+ * import com.pulumi.gcp.compute.NetworkArgs;
+ * import com.pulumi.gcp.compute.FirewallPolicyRule;
+ * import com.pulumi.gcp.compute.FirewallPolicyRuleArgs;
+ * import com.pulumi.gcp.compute.inputs.FirewallPolicyRuleMatchArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App {
+ *     public static void main(String[] args) {
+ *         Pulumi.run(App::stack);
+ *     }
+ * 
+ *     public static void stack(Context ctx) {
+ *         var folder = new Folder("folder", FolderArgs.builder()
+ *             .displayName("folder")
+ *             .parent("organizations/123456789")
+ *             .deletionProtection(false)
+ *             .build());
+ * 
+ *         var default_ = new FirewallPolicy("default", FirewallPolicyArgs.builder()
+ *             .parent(folder.id())
+ *             .shortName("fw-policy")
+ *             .description("Firewall policy")
+ *             .build());
+ * 
+ *         var network = new Network("network", NetworkArgs.builder()
+ *             .name("network")
+ *             .autoCreateSubnetworks(false)
+ *             .build());
+ * 
+ *         var primary = new FirewallPolicyRule("primary", FirewallPolicyRuleArgs.builder()
+ *             .firewallPolicy(default_.name())
+ *             .description("Firewall policy rule with network scope")
+ *             .priority(9000)
+ *             .action("allow")
+ *             .direction("INGRESS")
+ *             .disabled(false)
+ *             .match(FirewallPolicyRuleMatchArgs.builder()
+ *                 .srcIpRanges("11.100.0.1/32")
+ *                 .srcNetworkScope("VPC_NETWORKS")
+ *                 .srcNetworks(network.id())
+ *                 .layer4Configs(                
+ *                     FirewallPolicyRuleMatchLayer4ConfigArgs.builder()
+ *                         .ipProtocol("tcp")
+ *                         .ports(8080)
+ *                         .build(),
+ *                     FirewallPolicyRuleMatchLayer4ConfigArgs.builder()
+ *                         .ipProtocol("udp")
+ *                         .ports(22)
+ *                         .build())
+ *                 .build())
+ *             .build());
+ * 
+ *     }
+ * }
+ * }
+ *
+ * <!--End PulumiCodeChooser --> * * ## Import * diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/FirewallPolicyWithRules.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/FirewallPolicyWithRules.java index 5313806159..fe2a448b45 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/compute/FirewallPolicyWithRules.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/FirewallPolicyWithRules.java @@ -39,6 +39,8 @@ * import com.pulumi.gcp.networksecurity.SecurityProfileArgs; * import com.pulumi.gcp.networksecurity.SecurityProfileGroup; * import com.pulumi.gcp.networksecurity.SecurityProfileGroupArgs; + * import com.pulumi.gcp.compute.Network; + * import com.pulumi.gcp.compute.NetworkArgs; * import com.pulumi.gcp.compute.FirewallPolicyWithRules; * import com.pulumi.gcp.compute.FirewallPolicyWithRulesArgs; * import com.pulumi.gcp.compute.inputs.FirewallPolicyWithRulesRuleArgs; @@ -59,7 +61,7 @@ * final var project = OrganizationsFunctions.getProject(); * * var addressGroup1 = new AddressGroup("addressGroup1", AddressGroupArgs.builder() - * .name("tf-address-group") + * .name("address-group") * .parent("organizations/123456789") * .description("Global address group") * .location("global") @@ -69,21 +71,26 @@ * .build()); * * var securityProfile1 = new SecurityProfile("securityProfile1", SecurityProfileArgs.builder() - * .name("tf-security-profile") + * .name("sp") * .type("THREAT_PREVENTION") * .parent("organizations/123456789") * .location("global") * .build()); * * var securityProfileGroup1 = new SecurityProfileGroup("securityProfileGroup1", SecurityProfileGroupArgs.builder() - * .name("tf-security-profile-group") + * .name("spg") * .parent("organizations/123456789") * .description("my description") * .threatPreventionProfile(securityProfile1.id()) * .build()); * - * var firewall_policy_with_rules = new FirewallPolicyWithRules("firewall-policy-with-rules", FirewallPolicyWithRulesArgs.builder() - * .shortName("tf-fw-org-policy-with-rules") + * var network = new Network("network", NetworkArgs.builder() + * .name("network") + * .autoCreateSubnetworks(false) + * .build()); + * + * var primary = new FirewallPolicyWithRules("primary", FirewallPolicyWithRulesArgs.builder() + * .shortName("fw-policy") * .description("Terraform test") * .parent("organizations/123456789") * .rules( @@ -93,13 +100,8 @@ * .enableLogging(true) * .action("allow") * .direction("EGRESS") + * .targetResources(String.format("https://www.googleapis.com/compute/beta/projects/%s/global/networks/default", project.applyValue(getProjectResult -> getProjectResult.name()))) * .match(FirewallPolicyWithRulesRuleMatchArgs.builder() - * .layer4Configs(FirewallPolicyWithRulesRuleMatchLayer4ConfigArgs.builder() - * .ipProtocol("tcp") - * .ports( - * 8080, - * 7070) - * .build()) * .destIpRanges("11.100.0.1/32") * .destFqdns( * "www.yyy.com", @@ -111,8 +113,13 @@ * "iplist-search-engines-crawlers", * "iplist-tor-exit-nodes") * .destAddressGroups(addressGroup1.id()) + * .layer4Configs(FirewallPolicyWithRulesRuleMatchLayer4ConfigArgs.builder() + * .ipProtocol("tcp") + * .ports( + * 8080, + * 7070) + * .build()) * .build()) - * .targetResources(String.format("https://www.googleapis.com/compute/beta/projects/%s/global/networks/default", project.applyValue(getProjectResult -> getProjectResult.name()))) * .build(), * FirewallPolicyWithRulesRuleArgs.builder() * .description("udp rule") @@ -120,10 +127,8 @@ * .enableLogging(false) * .action("deny") * .direction("INGRESS") + * .disabled(true) * .match(FirewallPolicyWithRulesRuleMatchArgs.builder() - * .layer4Configs(FirewallPolicyWithRulesRuleMatchLayer4ConfigArgs.builder() - * .ipProtocol("udp") - * .build()) * .srcIpRanges("0.0.0.0/0") * .srcFqdns( * "www.abc.com", @@ -135,8 +140,10 @@ * "iplist-known-malicious-ips", * "iplist-public-clouds") * .srcAddressGroups(addressGroup1.id()) + * .layer4Configs(FirewallPolicyWithRulesRuleMatchLayer4ConfigArgs.builder() + * .ipProtocol("udp") + * .build()) * .build()) - * .disabled(true) * .build(), * FirewallPolicyWithRulesRuleArgs.builder() * .description("security profile group rule") @@ -145,15 +152,48 @@ * .enableLogging(false) * .action("apply_security_profile_group") * .direction("INGRESS") + * .targetServiceAccounts("test}{@literal @}{@code google.com") + * .securityProfileGroup(securityProfileGroup1.id().applyValue(id -> String.format("//networksecurity.googleapis.com/%s", id))) + * .tlsInspect(true) + * .match(FirewallPolicyWithRulesRuleMatchArgs.builder() + * .srcIpRanges("0.0.0.0/0") + * .layer4Configs(FirewallPolicyWithRulesRuleMatchLayer4ConfigArgs.builder() + * .ipProtocol("tcp") + * .build()) + * .build()) + * .build(), + * FirewallPolicyWithRulesRuleArgs.builder() + * .description("network scope rule 1") + * .ruleName("network scope 1") + * .priority(4000) + * .enableLogging(false) + * .action("allow") + * .direction("INGRESS") * .match(FirewallPolicyWithRulesRuleMatchArgs.builder() + * .srcIpRanges("11.100.0.1/32") + * .srcNetworkScope("VPC_NETWORKS") + * .srcNetworks(network.id()) * .layer4Configs(FirewallPolicyWithRulesRuleMatchLayer4ConfigArgs.builder() * .ipProtocol("tcp") + * .ports(8080) + * .build()) + * .build()) + * .build(), + * FirewallPolicyWithRulesRuleArgs.builder() + * .description("network scope rule 2") + * .ruleName("network scope 2") + * .priority(5000) + * .enableLogging(false) + * .action("allow") + * .direction("EGRESS") + * .match(FirewallPolicyWithRulesRuleMatchArgs.builder() + * .destIpRanges("0.0.0.0/0") + * .destNetworkScope("INTERNET") + * .layer4Configs(FirewallPolicyWithRulesRuleMatchLayer4ConfigArgs.builder() + * .ipProtocol("tcp") + * .ports(8080) * .build()) - * .srcIpRanges("0.0.0.0/0") * .build()) - * .targetServiceAccounts("test}{@literal @}{@code google.com") - * .securityProfileGroup(securityProfileGroup1.id().applyValue(id -> String.format("//networksecurity.googleapis.com/%s", id))) - * .tlsInspect(true) * .build()) * .build()); * diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/InstanceTemplateIamBinding.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/InstanceTemplateIamBinding.java new file mode 100644 index 0000000000..eaa129ea70 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/InstanceTemplateIamBinding.java @@ -0,0 +1,782 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.compute; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Export; +import com.pulumi.core.annotations.ResourceType; +import com.pulumi.core.internal.Codegen; +import com.pulumi.gcp.Utilities; +import com.pulumi.gcp.compute.InstanceTemplateIamBindingArgs; +import com.pulumi.gcp.compute.inputs.InstanceTemplateIamBindingState; +import com.pulumi.gcp.compute.outputs.InstanceTemplateIamBindingCondition; +import java.lang.String; +import java.util.List; +import java.util.Optional; +import javax.annotation.Nullable; + +/** + * Three different resources help you manage your IAM policy for Compute Engine InstanceTemplate. Each of these resources serves a different use case: + * + * * `gcp.compute.InstanceTemplateIamPolicy`: Authoritative. Sets the IAM policy for the instancetemplate and replaces any existing policy already attached. + * * `gcp.compute.InstanceTemplateIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the instancetemplate are preserved. + * * `gcp.compute.InstanceTemplateIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the instancetemplate are preserved. + * + * A data source can be used to retrieve policy data in advent you do not need creation + * + * * `gcp.compute.InstanceTemplateIamPolicy`: Retrieves the IAM policy for the instancetemplate + * + * > **Note:** `gcp.compute.InstanceTemplateIamPolicy` **cannot** be used in conjunction with `gcp.compute.InstanceTemplateIamBinding` and `gcp.compute.InstanceTemplateIamMember` or they will fight over what your policy should be. + * + * > **Note:** `gcp.compute.InstanceTemplateIamBinding` resources **can be** used in conjunction with `gcp.compute.InstanceTemplateIamMember` resources **only if** they do not grant privilege to the same role. + * + * > **Note:** This resource supports IAM Conditions but they have some known limitations which can be found [here](https://cloud.google.com/iam/docs/conditions-overview#limitations). Please review this article if you are having issues with IAM Conditions. + * + * ## gcp.compute.InstanceTemplateIamPolicy + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.organizations.OrganizationsFunctions;
+ * import com.pulumi.gcp.organizations.inputs.GetIAMPolicyArgs;
+ * import com.pulumi.gcp.compute.InstanceTemplateIamPolicy;
+ * import com.pulumi.gcp.compute.InstanceTemplateIamPolicyArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App }{{@code
+ *     public static void main(String[] args) }{{@code
+ *         Pulumi.run(App::stack);
+ *     }}{@code
+ * 
+ *     public static void stack(Context ctx) }{{@code
+ *         final var admin = OrganizationsFunctions.getIAMPolicy(GetIAMPolicyArgs.builder()
+ *             .bindings(GetIAMPolicyBindingArgs.builder()
+ *                 .role("roles/compute.instanceAdmin")
+ *                 .members("user:jane}{@literal @}{@code example.com")
+ *                 .build())
+ *             .build());
+ * 
+ *         var policy = new InstanceTemplateIamPolicy("policy", InstanceTemplateIamPolicyArgs.builder()
+ *             .project(default_.project())
+ *             .name(default_.name())
+ *             .policyData(admin.applyValue(getIAMPolicyResult -> getIAMPolicyResult.policyData()))
+ *             .build());
+ * 
+ *     }}{@code
+ * }}{@code
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * With IAM Conditions: + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.organizations.OrganizationsFunctions;
+ * import com.pulumi.gcp.organizations.inputs.GetIAMPolicyArgs;
+ * import com.pulumi.gcp.compute.InstanceTemplateIamPolicy;
+ * import com.pulumi.gcp.compute.InstanceTemplateIamPolicyArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App }{{@code
+ *     public static void main(String[] args) }{{@code
+ *         Pulumi.run(App::stack);
+ *     }}{@code
+ * 
+ *     public static void stack(Context ctx) }{{@code
+ *         final var admin = OrganizationsFunctions.getIAMPolicy(GetIAMPolicyArgs.builder()
+ *             .bindings(GetIAMPolicyBindingArgs.builder()
+ *                 .role("roles/compute.instanceAdmin")
+ *                 .members("user:jane}{@literal @}{@code example.com")
+ *                 .condition(GetIAMPolicyBindingConditionArgs.builder()
+ *                     .title("expires_after_2019_12_31")
+ *                     .description("Expiring at midnight of 2019-12-31")
+ *                     .expression("request.time < timestamp(\"2020-01-01T00:00:00Z\")")
+ *                     .build())
+ *                 .build())
+ *             .build());
+ * 
+ *         var policy = new InstanceTemplateIamPolicy("policy", InstanceTemplateIamPolicyArgs.builder()
+ *             .project(default_.project())
+ *             .name(default_.name())
+ *             .policyData(admin.applyValue(getIAMPolicyResult -> getIAMPolicyResult.policyData()))
+ *             .build());
+ * 
+ *     }}{@code
+ * }}{@code
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * ## gcp.compute.InstanceTemplateIamBinding + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.compute.InstanceTemplateIamBinding;
+ * import com.pulumi.gcp.compute.InstanceTemplateIamBindingArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App }{{@code
+ *     public static void main(String[] args) }{{@code
+ *         Pulumi.run(App::stack);
+ *     }}{@code
+ * 
+ *     public static void stack(Context ctx) }{{@code
+ *         var binding = new InstanceTemplateIamBinding("binding", InstanceTemplateIamBindingArgs.builder()
+ *             .project(default_.project())
+ *             .name(default_.name())
+ *             .role("roles/compute.instanceAdmin")
+ *             .members("user:jane}{@literal @}{@code example.com")
+ *             .build());
+ * 
+ *     }}{@code
+ * }}{@code
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * With IAM Conditions: + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.compute.InstanceTemplateIamBinding;
+ * import com.pulumi.gcp.compute.InstanceTemplateIamBindingArgs;
+ * import com.pulumi.gcp.compute.inputs.InstanceTemplateIamBindingConditionArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App }{{@code
+ *     public static void main(String[] args) }{{@code
+ *         Pulumi.run(App::stack);
+ *     }}{@code
+ * 
+ *     public static void stack(Context ctx) }{{@code
+ *         var binding = new InstanceTemplateIamBinding("binding", InstanceTemplateIamBindingArgs.builder()
+ *             .project(default_.project())
+ *             .name(default_.name())
+ *             .role("roles/compute.instanceAdmin")
+ *             .members("user:jane}{@literal @}{@code example.com")
+ *             .condition(InstanceTemplateIamBindingConditionArgs.builder()
+ *                 .title("expires_after_2019_12_31")
+ *                 .description("Expiring at midnight of 2019-12-31")
+ *                 .expression("request.time < timestamp(\"2020-01-01T00:00:00Z\")")
+ *                 .build())
+ *             .build());
+ * 
+ *     }}{@code
+ * }}{@code
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * ## gcp.compute.InstanceTemplateIamMember + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.compute.InstanceTemplateIamMember;
+ * import com.pulumi.gcp.compute.InstanceTemplateIamMemberArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App }{{@code
+ *     public static void main(String[] args) }{{@code
+ *         Pulumi.run(App::stack);
+ *     }}{@code
+ * 
+ *     public static void stack(Context ctx) }{{@code
+ *         var member = new InstanceTemplateIamMember("member", InstanceTemplateIamMemberArgs.builder()
+ *             .project(default_.project())
+ *             .name(default_.name())
+ *             .role("roles/compute.instanceAdmin")
+ *             .member("user:jane}{@literal @}{@code example.com")
+ *             .build());
+ * 
+ *     }}{@code
+ * }}{@code
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * With IAM Conditions: + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.compute.InstanceTemplateIamMember;
+ * import com.pulumi.gcp.compute.InstanceTemplateIamMemberArgs;
+ * import com.pulumi.gcp.compute.inputs.InstanceTemplateIamMemberConditionArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App }{{@code
+ *     public static void main(String[] args) }{{@code
+ *         Pulumi.run(App::stack);
+ *     }}{@code
+ * 
+ *     public static void stack(Context ctx) }{{@code
+ *         var member = new InstanceTemplateIamMember("member", InstanceTemplateIamMemberArgs.builder()
+ *             .project(default_.project())
+ *             .name(default_.name())
+ *             .role("roles/compute.instanceAdmin")
+ *             .member("user:jane}{@literal @}{@code example.com")
+ *             .condition(InstanceTemplateIamMemberConditionArgs.builder()
+ *                 .title("expires_after_2019_12_31")
+ *                 .description("Expiring at midnight of 2019-12-31")
+ *                 .expression("request.time < timestamp(\"2020-01-01T00:00:00Z\")")
+ *                 .build())
+ *             .build());
+ * 
+ *     }}{@code
+ * }}{@code
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * ## This resource supports User Project Overrides. + * + * - + * + * # IAM policy for Compute Engine InstanceTemplate + * Three different resources help you manage your IAM policy for Compute Engine InstanceTemplate. Each of these resources serves a different use case: + * + * * `gcp.compute.InstanceTemplateIamPolicy`: Authoritative. Sets the IAM policy for the instancetemplate and replaces any existing policy already attached. + * * `gcp.compute.InstanceTemplateIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the instancetemplate are preserved. + * * `gcp.compute.InstanceTemplateIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the instancetemplate are preserved. + * + * A data source can be used to retrieve policy data in advent you do not need creation + * + * * `gcp.compute.InstanceTemplateIamPolicy`: Retrieves the IAM policy for the instancetemplate + * + * > **Note:** `gcp.compute.InstanceTemplateIamPolicy` **cannot** be used in conjunction with `gcp.compute.InstanceTemplateIamBinding` and `gcp.compute.InstanceTemplateIamMember` or they will fight over what your policy should be. + * + * > **Note:** `gcp.compute.InstanceTemplateIamBinding` resources **can be** used in conjunction with `gcp.compute.InstanceTemplateIamMember` resources **only if** they do not grant privilege to the same role. + * + * > **Note:** This resource supports IAM Conditions but they have some known limitations which can be found [here](https://cloud.google.com/iam/docs/conditions-overview#limitations). Please review this article if you are having issues with IAM Conditions. + * + * ## gcp.compute.InstanceTemplateIamPolicy + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.organizations.OrganizationsFunctions;
+ * import com.pulumi.gcp.organizations.inputs.GetIAMPolicyArgs;
+ * import com.pulumi.gcp.compute.InstanceTemplateIamPolicy;
+ * import com.pulumi.gcp.compute.InstanceTemplateIamPolicyArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App }{{@code
+ *     public static void main(String[] args) }{{@code
+ *         Pulumi.run(App::stack);
+ *     }}{@code
+ * 
+ *     public static void stack(Context ctx) }{{@code
+ *         final var admin = OrganizationsFunctions.getIAMPolicy(GetIAMPolicyArgs.builder()
+ *             .bindings(GetIAMPolicyBindingArgs.builder()
+ *                 .role("roles/compute.instanceAdmin")
+ *                 .members("user:jane}{@literal @}{@code example.com")
+ *                 .build())
+ *             .build());
+ * 
+ *         var policy = new InstanceTemplateIamPolicy("policy", InstanceTemplateIamPolicyArgs.builder()
+ *             .project(default_.project())
+ *             .name(default_.name())
+ *             .policyData(admin.applyValue(getIAMPolicyResult -> getIAMPolicyResult.policyData()))
+ *             .build());
+ * 
+ *     }}{@code
+ * }}{@code
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * With IAM Conditions: + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.organizations.OrganizationsFunctions;
+ * import com.pulumi.gcp.organizations.inputs.GetIAMPolicyArgs;
+ * import com.pulumi.gcp.compute.InstanceTemplateIamPolicy;
+ * import com.pulumi.gcp.compute.InstanceTemplateIamPolicyArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App }{{@code
+ *     public static void main(String[] args) }{{@code
+ *         Pulumi.run(App::stack);
+ *     }}{@code
+ * 
+ *     public static void stack(Context ctx) }{{@code
+ *         final var admin = OrganizationsFunctions.getIAMPolicy(GetIAMPolicyArgs.builder()
+ *             .bindings(GetIAMPolicyBindingArgs.builder()
+ *                 .role("roles/compute.instanceAdmin")
+ *                 .members("user:jane}{@literal @}{@code example.com")
+ *                 .condition(GetIAMPolicyBindingConditionArgs.builder()
+ *                     .title("expires_after_2019_12_31")
+ *                     .description("Expiring at midnight of 2019-12-31")
+ *                     .expression("request.time < timestamp(\"2020-01-01T00:00:00Z\")")
+ *                     .build())
+ *                 .build())
+ *             .build());
+ * 
+ *         var policy = new InstanceTemplateIamPolicy("policy", InstanceTemplateIamPolicyArgs.builder()
+ *             .project(default_.project())
+ *             .name(default_.name())
+ *             .policyData(admin.applyValue(getIAMPolicyResult -> getIAMPolicyResult.policyData()))
+ *             .build());
+ * 
+ *     }}{@code
+ * }}{@code
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * ## gcp.compute.InstanceTemplateIamBinding + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.compute.InstanceTemplateIamBinding;
+ * import com.pulumi.gcp.compute.InstanceTemplateIamBindingArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App }{{@code
+ *     public static void main(String[] args) }{{@code
+ *         Pulumi.run(App::stack);
+ *     }}{@code
+ * 
+ *     public static void stack(Context ctx) }{{@code
+ *         var binding = new InstanceTemplateIamBinding("binding", InstanceTemplateIamBindingArgs.builder()
+ *             .project(default_.project())
+ *             .name(default_.name())
+ *             .role("roles/compute.instanceAdmin")
+ *             .members("user:jane}{@literal @}{@code example.com")
+ *             .build());
+ * 
+ *     }}{@code
+ * }}{@code
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * With IAM Conditions: + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.compute.InstanceTemplateIamBinding;
+ * import com.pulumi.gcp.compute.InstanceTemplateIamBindingArgs;
+ * import com.pulumi.gcp.compute.inputs.InstanceTemplateIamBindingConditionArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App }{{@code
+ *     public static void main(String[] args) }{{@code
+ *         Pulumi.run(App::stack);
+ *     }}{@code
+ * 
+ *     public static void stack(Context ctx) }{{@code
+ *         var binding = new InstanceTemplateIamBinding("binding", InstanceTemplateIamBindingArgs.builder()
+ *             .project(default_.project())
+ *             .name(default_.name())
+ *             .role("roles/compute.instanceAdmin")
+ *             .members("user:jane}{@literal @}{@code example.com")
+ *             .condition(InstanceTemplateIamBindingConditionArgs.builder()
+ *                 .title("expires_after_2019_12_31")
+ *                 .description("Expiring at midnight of 2019-12-31")
+ *                 .expression("request.time < timestamp(\"2020-01-01T00:00:00Z\")")
+ *                 .build())
+ *             .build());
+ * 
+ *     }}{@code
+ * }}{@code
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * ## gcp.compute.InstanceTemplateIamMember + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.compute.InstanceTemplateIamMember;
+ * import com.pulumi.gcp.compute.InstanceTemplateIamMemberArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App }{{@code
+ *     public static void main(String[] args) }{{@code
+ *         Pulumi.run(App::stack);
+ *     }}{@code
+ * 
+ *     public static void stack(Context ctx) }{{@code
+ *         var member = new InstanceTemplateIamMember("member", InstanceTemplateIamMemberArgs.builder()
+ *             .project(default_.project())
+ *             .name(default_.name())
+ *             .role("roles/compute.instanceAdmin")
+ *             .member("user:jane}{@literal @}{@code example.com")
+ *             .build());
+ * 
+ *     }}{@code
+ * }}{@code
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * With IAM Conditions: + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.compute.InstanceTemplateIamMember;
+ * import com.pulumi.gcp.compute.InstanceTemplateIamMemberArgs;
+ * import com.pulumi.gcp.compute.inputs.InstanceTemplateIamMemberConditionArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App }{{@code
+ *     public static void main(String[] args) }{{@code
+ *         Pulumi.run(App::stack);
+ *     }}{@code
+ * 
+ *     public static void stack(Context ctx) }{{@code
+ *         var member = new InstanceTemplateIamMember("member", InstanceTemplateIamMemberArgs.builder()
+ *             .project(default_.project())
+ *             .name(default_.name())
+ *             .role("roles/compute.instanceAdmin")
+ *             .member("user:jane}{@literal @}{@code example.com")
+ *             .condition(InstanceTemplateIamMemberConditionArgs.builder()
+ *                 .title("expires_after_2019_12_31")
+ *                 .description("Expiring at midnight of 2019-12-31")
+ *                 .expression("request.time < timestamp(\"2020-01-01T00:00:00Z\")")
+ *                 .build())
+ *             .build());
+ * 
+ *     }}{@code
+ * }}{@code
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * ## Import + * + * For all import syntaxes, the "resource in question" can take any of the following forms: + * + * * projects/{{project}}/global/instanceTemplates/{{name}} + * + * * {{project}}/{{name}} + * + * * {{name}} + * + * Any variables not passed in the import command will be taken from the provider configuration. + * + * Compute Engine instancetemplate IAM resources can be imported using the resource identifiers, role, and member. + * + * IAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g. + * + * ```sh + * $ pulumi import gcp:compute/instanceTemplateIamBinding:InstanceTemplateIamBinding editor "projects/{{project}}/global/instanceTemplates/{{instance_template}} roles/compute.instanceAdmin user:jane{@literal @}example.com" + * ``` + * + * IAM binding imports use space-delimited identifiers: the resource in question and the role, e.g. + * + * ```sh + * $ pulumi import gcp:compute/instanceTemplateIamBinding:InstanceTemplateIamBinding editor "projects/{{project}}/global/instanceTemplates/{{instance_template}} roles/compute.instanceAdmin" + * ``` + * + * IAM policy imports use the identifier of the resource in question, e.g. + * + * ```sh + * $ pulumi import gcp:compute/instanceTemplateIamBinding:InstanceTemplateIamBinding editor projects/{{project}}/global/instanceTemplates/{{instance_template}} + * ``` + * + * -> **Custom Roles** If you're importing a IAM resource with a custom role, make sure to use the + * + * full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`. + * + */ +@ResourceType(type="gcp:compute/instanceTemplateIamBinding:InstanceTemplateIamBinding") +public class InstanceTemplateIamBinding extends com.pulumi.resources.CustomResource { + /** + * An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding. + * Structure is documented below. + * + */ + @Export(name="condition", refs={InstanceTemplateIamBindingCondition.class}, tree="[0]") + private Output condition; + + /** + * @return An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding. + * Structure is documented below. + * + */ + public Output> condition() { + return Codegen.optional(this.condition); + } + /** + * (Computed) The etag of the IAM policy. + * + */ + @Export(name="etag", refs={String.class}, tree="[0]") + private Output etag; + + /** + * @return (Computed) The etag of the IAM policy. + * + */ + public Output etag() { + return this.etag; + } + /** + * Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice{@literal @}gmail.com or joe{@literal @}example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app{@literal @}appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins{@literal @}example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + * + */ + @Export(name="members", refs={List.class,String.class}, tree="[0,1]") + private Output> members; + + /** + * @return Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice{@literal @}gmail.com or joe{@literal @}example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app{@literal @}appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins{@literal @}example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + * + */ + public Output> members() { + return this.members; + } + /** + * Used to find the parent resource to bind the IAM policy to + * + */ + @Export(name="name", refs={String.class}, tree="[0]") + private Output name; + + /** + * @return Used to find the parent resource to bind the IAM policy to + * + */ + public Output name() { + return this.name; + } + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + */ + @Export(name="project", refs={String.class}, tree="[0]") + private Output project; + + /** + * @return The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + */ + public Output project() { + return this.project; + } + /** + * The role that should be applied. Only one + * `gcp.compute.InstanceTemplateIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + * + */ + @Export(name="role", refs={String.class}, tree="[0]") + private Output role; + + /** + * @return The role that should be applied. Only one + * `gcp.compute.InstanceTemplateIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + * + */ + public Output role() { + return this.role; + } + + /** + * + * @param name The _unique_ name of the resulting resource. + */ + public InstanceTemplateIamBinding(java.lang.String name) { + this(name, InstanceTemplateIamBindingArgs.Empty); + } + /** + * + * @param name The _unique_ name of the resulting resource. + * @param args The arguments to use to populate this resource's properties. + */ + public InstanceTemplateIamBinding(java.lang.String name, InstanceTemplateIamBindingArgs args) { + this(name, args, null); + } + /** + * + * @param name The _unique_ name of the resulting resource. + * @param args The arguments to use to populate this resource's properties. + * @param options A bag of options that control this resource's behavior. + */ + public InstanceTemplateIamBinding(java.lang.String name, InstanceTemplateIamBindingArgs args, @Nullable com.pulumi.resources.CustomResourceOptions options) { + super("gcp:compute/instanceTemplateIamBinding:InstanceTemplateIamBinding", name, makeArgs(args, options), makeResourceOptions(options, Codegen.empty()), false); + } + + private InstanceTemplateIamBinding(java.lang.String name, Output id, @Nullable InstanceTemplateIamBindingState state, @Nullable com.pulumi.resources.CustomResourceOptions options) { + super("gcp:compute/instanceTemplateIamBinding:InstanceTemplateIamBinding", name, state, makeResourceOptions(options, id), false); + } + + private static InstanceTemplateIamBindingArgs makeArgs(InstanceTemplateIamBindingArgs args, @Nullable com.pulumi.resources.CustomResourceOptions options) { + if (options != null && options.getUrn().isPresent()) { + return null; + } + return args == null ? InstanceTemplateIamBindingArgs.Empty : args; + } + + private static com.pulumi.resources.CustomResourceOptions makeResourceOptions(@Nullable com.pulumi.resources.CustomResourceOptions options, @Nullable Output id) { + var defaultOptions = com.pulumi.resources.CustomResourceOptions.builder() + .version(Utilities.getVersion()) + .build(); + return com.pulumi.resources.CustomResourceOptions.merge(defaultOptions, options, id); + } + + /** + * Get an existing Host resource's state with the given name, ID, and optional extra + * properties used to qualify the lookup. + * + * @param name The _unique_ name of the resulting resource. + * @param id The _unique_ provider ID of the resource to lookup. + * @param state + * @param options Optional settings to control the behavior of the CustomResource. + */ + public static InstanceTemplateIamBinding get(java.lang.String name, Output id, @Nullable InstanceTemplateIamBindingState state, @Nullable com.pulumi.resources.CustomResourceOptions options) { + return new InstanceTemplateIamBinding(name, id, state, options); + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/InstanceTemplateIamBindingArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/InstanceTemplateIamBindingArgs.java new file mode 100644 index 0000000000..d4e5f97cb0 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/InstanceTemplateIamBindingArgs.java @@ -0,0 +1,316 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.compute; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import com.pulumi.gcp.compute.inputs.InstanceTemplateIamBindingConditionArgs; +import java.lang.String; +import java.util.List; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class InstanceTemplateIamBindingArgs extends com.pulumi.resources.ResourceArgs { + + public static final InstanceTemplateIamBindingArgs Empty = new InstanceTemplateIamBindingArgs(); + + /** + * An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding. + * Structure is documented below. + * + */ + @Import(name="condition") + private @Nullable Output condition; + + /** + * @return An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding. + * Structure is documented below. + * + */ + public Optional> condition() { + return Optional.ofNullable(this.condition); + } + + /** + * Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice{@literal @}gmail.com or joe{@literal @}example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app{@literal @}appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins{@literal @}example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + * + */ + @Import(name="members", required=true) + private Output> members; + + /** + * @return Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice{@literal @}gmail.com or joe{@literal @}example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app{@literal @}appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins{@literal @}example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + * + */ + public Output> members() { + return this.members; + } + + /** + * Used to find the parent resource to bind the IAM policy to + * + */ + @Import(name="name") + private @Nullable Output name; + + /** + * @return Used to find the parent resource to bind the IAM policy to + * + */ + public Optional> name() { + return Optional.ofNullable(this.name); + } + + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + */ + @Import(name="project") + private @Nullable Output project; + + /** + * @return The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + */ + public Optional> project() { + return Optional.ofNullable(this.project); + } + + /** + * The role that should be applied. Only one + * `gcp.compute.InstanceTemplateIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + * + */ + @Import(name="role", required=true) + private Output role; + + /** + * @return The role that should be applied. Only one + * `gcp.compute.InstanceTemplateIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + * + */ + public Output role() { + return this.role; + } + + private InstanceTemplateIamBindingArgs() {} + + private InstanceTemplateIamBindingArgs(InstanceTemplateIamBindingArgs $) { + this.condition = $.condition; + this.members = $.members; + this.name = $.name; + this.project = $.project; + this.role = $.role; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(InstanceTemplateIamBindingArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private InstanceTemplateIamBindingArgs $; + + public Builder() { + $ = new InstanceTemplateIamBindingArgs(); + } + + public Builder(InstanceTemplateIamBindingArgs defaults) { + $ = new InstanceTemplateIamBindingArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param condition An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding. + * Structure is documented below. + * + * @return builder + * + */ + public Builder condition(@Nullable Output condition) { + $.condition = condition; + return this; + } + + /** + * @param condition An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding. + * Structure is documented below. + * + * @return builder + * + */ + public Builder condition(InstanceTemplateIamBindingConditionArgs condition) { + return condition(Output.of(condition)); + } + + /** + * @param members Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice{@literal @}gmail.com or joe{@literal @}example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app{@literal @}appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins{@literal @}example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + * + * @return builder + * + */ + public Builder members(Output> members) { + $.members = members; + return this; + } + + /** + * @param members Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice{@literal @}gmail.com or joe{@literal @}example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app{@literal @}appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins{@literal @}example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + * + * @return builder + * + */ + public Builder members(List members) { + return members(Output.of(members)); + } + + /** + * @param members Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice{@literal @}gmail.com or joe{@literal @}example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app{@literal @}appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins{@literal @}example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + * + * @return builder + * + */ + public Builder members(String... members) { + return members(List.of(members)); + } + + /** + * @param name Used to find the parent resource to bind the IAM policy to + * + * @return builder + * + */ + public Builder name(@Nullable Output name) { + $.name = name; + return this; + } + + /** + * @param name Used to find the parent resource to bind the IAM policy to + * + * @return builder + * + */ + public Builder name(String name) { + return name(Output.of(name)); + } + + /** + * @param project The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + * @return builder + * + */ + public Builder project(@Nullable Output project) { + $.project = project; + return this; + } + + /** + * @param project The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + * @return builder + * + */ + public Builder project(String project) { + return project(Output.of(project)); + } + + /** + * @param role The role that should be applied. Only one + * `gcp.compute.InstanceTemplateIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + * + * @return builder + * + */ + public Builder role(Output role) { + $.role = role; + return this; + } + + /** + * @param role The role that should be applied. Only one + * `gcp.compute.InstanceTemplateIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + * + * @return builder + * + */ + public Builder role(String role) { + return role(Output.of(role)); + } + + public InstanceTemplateIamBindingArgs build() { + if ($.members == null) { + throw new MissingRequiredPropertyException("InstanceTemplateIamBindingArgs", "members"); + } + if ($.role == null) { + throw new MissingRequiredPropertyException("InstanceTemplateIamBindingArgs", "role"); + } + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/InstanceTemplateIamMember.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/InstanceTemplateIamMember.java new file mode 100644 index 0000000000..7c7ef45bae --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/InstanceTemplateIamMember.java @@ -0,0 +1,781 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.compute; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Export; +import com.pulumi.core.annotations.ResourceType; +import com.pulumi.core.internal.Codegen; +import com.pulumi.gcp.Utilities; +import com.pulumi.gcp.compute.InstanceTemplateIamMemberArgs; +import com.pulumi.gcp.compute.inputs.InstanceTemplateIamMemberState; +import com.pulumi.gcp.compute.outputs.InstanceTemplateIamMemberCondition; +import java.lang.String; +import java.util.Optional; +import javax.annotation.Nullable; + +/** + * Three different resources help you manage your IAM policy for Compute Engine InstanceTemplate. Each of these resources serves a different use case: + * + * * `gcp.compute.InstanceTemplateIamPolicy`: Authoritative. Sets the IAM policy for the instancetemplate and replaces any existing policy already attached. + * * `gcp.compute.InstanceTemplateIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the instancetemplate are preserved. + * * `gcp.compute.InstanceTemplateIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the instancetemplate are preserved. + * + * A data source can be used to retrieve policy data in advent you do not need creation + * + * * `gcp.compute.InstanceTemplateIamPolicy`: Retrieves the IAM policy for the instancetemplate + * + * > **Note:** `gcp.compute.InstanceTemplateIamPolicy` **cannot** be used in conjunction with `gcp.compute.InstanceTemplateIamBinding` and `gcp.compute.InstanceTemplateIamMember` or they will fight over what your policy should be. + * + * > **Note:** `gcp.compute.InstanceTemplateIamBinding` resources **can be** used in conjunction with `gcp.compute.InstanceTemplateIamMember` resources **only if** they do not grant privilege to the same role. + * + * > **Note:** This resource supports IAM Conditions but they have some known limitations which can be found [here](https://cloud.google.com/iam/docs/conditions-overview#limitations). Please review this article if you are having issues with IAM Conditions. + * + * ## gcp.compute.InstanceTemplateIamPolicy + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.organizations.OrganizationsFunctions;
+ * import com.pulumi.gcp.organizations.inputs.GetIAMPolicyArgs;
+ * import com.pulumi.gcp.compute.InstanceTemplateIamPolicy;
+ * import com.pulumi.gcp.compute.InstanceTemplateIamPolicyArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App }{{@code
+ *     public static void main(String[] args) }{{@code
+ *         Pulumi.run(App::stack);
+ *     }}{@code
+ * 
+ *     public static void stack(Context ctx) }{{@code
+ *         final var admin = OrganizationsFunctions.getIAMPolicy(GetIAMPolicyArgs.builder()
+ *             .bindings(GetIAMPolicyBindingArgs.builder()
+ *                 .role("roles/compute.instanceAdmin")
+ *                 .members("user:jane}{@literal @}{@code example.com")
+ *                 .build())
+ *             .build());
+ * 
+ *         var policy = new InstanceTemplateIamPolicy("policy", InstanceTemplateIamPolicyArgs.builder()
+ *             .project(default_.project())
+ *             .name(default_.name())
+ *             .policyData(admin.applyValue(getIAMPolicyResult -> getIAMPolicyResult.policyData()))
+ *             .build());
+ * 
+ *     }}{@code
+ * }}{@code
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * With IAM Conditions: + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.organizations.OrganizationsFunctions;
+ * import com.pulumi.gcp.organizations.inputs.GetIAMPolicyArgs;
+ * import com.pulumi.gcp.compute.InstanceTemplateIamPolicy;
+ * import com.pulumi.gcp.compute.InstanceTemplateIamPolicyArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App }{{@code
+ *     public static void main(String[] args) }{{@code
+ *         Pulumi.run(App::stack);
+ *     }}{@code
+ * 
+ *     public static void stack(Context ctx) }{{@code
+ *         final var admin = OrganizationsFunctions.getIAMPolicy(GetIAMPolicyArgs.builder()
+ *             .bindings(GetIAMPolicyBindingArgs.builder()
+ *                 .role("roles/compute.instanceAdmin")
+ *                 .members("user:jane}{@literal @}{@code example.com")
+ *                 .condition(GetIAMPolicyBindingConditionArgs.builder()
+ *                     .title("expires_after_2019_12_31")
+ *                     .description("Expiring at midnight of 2019-12-31")
+ *                     .expression("request.time < timestamp(\"2020-01-01T00:00:00Z\")")
+ *                     .build())
+ *                 .build())
+ *             .build());
+ * 
+ *         var policy = new InstanceTemplateIamPolicy("policy", InstanceTemplateIamPolicyArgs.builder()
+ *             .project(default_.project())
+ *             .name(default_.name())
+ *             .policyData(admin.applyValue(getIAMPolicyResult -> getIAMPolicyResult.policyData()))
+ *             .build());
+ * 
+ *     }}{@code
+ * }}{@code
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * ## gcp.compute.InstanceTemplateIamBinding + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.compute.InstanceTemplateIamBinding;
+ * import com.pulumi.gcp.compute.InstanceTemplateIamBindingArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App }{{@code
+ *     public static void main(String[] args) }{{@code
+ *         Pulumi.run(App::stack);
+ *     }}{@code
+ * 
+ *     public static void stack(Context ctx) }{{@code
+ *         var binding = new InstanceTemplateIamBinding("binding", InstanceTemplateIamBindingArgs.builder()
+ *             .project(default_.project())
+ *             .name(default_.name())
+ *             .role("roles/compute.instanceAdmin")
+ *             .members("user:jane}{@literal @}{@code example.com")
+ *             .build());
+ * 
+ *     }}{@code
+ * }}{@code
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * With IAM Conditions: + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.compute.InstanceTemplateIamBinding;
+ * import com.pulumi.gcp.compute.InstanceTemplateIamBindingArgs;
+ * import com.pulumi.gcp.compute.inputs.InstanceTemplateIamBindingConditionArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App }{{@code
+ *     public static void main(String[] args) }{{@code
+ *         Pulumi.run(App::stack);
+ *     }}{@code
+ * 
+ *     public static void stack(Context ctx) }{{@code
+ *         var binding = new InstanceTemplateIamBinding("binding", InstanceTemplateIamBindingArgs.builder()
+ *             .project(default_.project())
+ *             .name(default_.name())
+ *             .role("roles/compute.instanceAdmin")
+ *             .members("user:jane}{@literal @}{@code example.com")
+ *             .condition(InstanceTemplateIamBindingConditionArgs.builder()
+ *                 .title("expires_after_2019_12_31")
+ *                 .description("Expiring at midnight of 2019-12-31")
+ *                 .expression("request.time < timestamp(\"2020-01-01T00:00:00Z\")")
+ *                 .build())
+ *             .build());
+ * 
+ *     }}{@code
+ * }}{@code
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * ## gcp.compute.InstanceTemplateIamMember + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.compute.InstanceTemplateIamMember;
+ * import com.pulumi.gcp.compute.InstanceTemplateIamMemberArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App }{{@code
+ *     public static void main(String[] args) }{{@code
+ *         Pulumi.run(App::stack);
+ *     }}{@code
+ * 
+ *     public static void stack(Context ctx) }{{@code
+ *         var member = new InstanceTemplateIamMember("member", InstanceTemplateIamMemberArgs.builder()
+ *             .project(default_.project())
+ *             .name(default_.name())
+ *             .role("roles/compute.instanceAdmin")
+ *             .member("user:jane}{@literal @}{@code example.com")
+ *             .build());
+ * 
+ *     }}{@code
+ * }}{@code
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * With IAM Conditions: + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.compute.InstanceTemplateIamMember;
+ * import com.pulumi.gcp.compute.InstanceTemplateIamMemberArgs;
+ * import com.pulumi.gcp.compute.inputs.InstanceTemplateIamMemberConditionArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App }{{@code
+ *     public static void main(String[] args) }{{@code
+ *         Pulumi.run(App::stack);
+ *     }}{@code
+ * 
+ *     public static void stack(Context ctx) }{{@code
+ *         var member = new InstanceTemplateIamMember("member", InstanceTemplateIamMemberArgs.builder()
+ *             .project(default_.project())
+ *             .name(default_.name())
+ *             .role("roles/compute.instanceAdmin")
+ *             .member("user:jane}{@literal @}{@code example.com")
+ *             .condition(InstanceTemplateIamMemberConditionArgs.builder()
+ *                 .title("expires_after_2019_12_31")
+ *                 .description("Expiring at midnight of 2019-12-31")
+ *                 .expression("request.time < timestamp(\"2020-01-01T00:00:00Z\")")
+ *                 .build())
+ *             .build());
+ * 
+ *     }}{@code
+ * }}{@code
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * ## This resource supports User Project Overrides. + * + * - + * + * # IAM policy for Compute Engine InstanceTemplate + * Three different resources help you manage your IAM policy for Compute Engine InstanceTemplate. Each of these resources serves a different use case: + * + * * `gcp.compute.InstanceTemplateIamPolicy`: Authoritative. Sets the IAM policy for the instancetemplate and replaces any existing policy already attached. + * * `gcp.compute.InstanceTemplateIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the instancetemplate are preserved. + * * `gcp.compute.InstanceTemplateIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the instancetemplate are preserved. + * + * A data source can be used to retrieve policy data in advent you do not need creation + * + * * `gcp.compute.InstanceTemplateIamPolicy`: Retrieves the IAM policy for the instancetemplate + * + * > **Note:** `gcp.compute.InstanceTemplateIamPolicy` **cannot** be used in conjunction with `gcp.compute.InstanceTemplateIamBinding` and `gcp.compute.InstanceTemplateIamMember` or they will fight over what your policy should be. + * + * > **Note:** `gcp.compute.InstanceTemplateIamBinding` resources **can be** used in conjunction with `gcp.compute.InstanceTemplateIamMember` resources **only if** they do not grant privilege to the same role. + * + * > **Note:** This resource supports IAM Conditions but they have some known limitations which can be found [here](https://cloud.google.com/iam/docs/conditions-overview#limitations). Please review this article if you are having issues with IAM Conditions. + * + * ## gcp.compute.InstanceTemplateIamPolicy + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.organizations.OrganizationsFunctions;
+ * import com.pulumi.gcp.organizations.inputs.GetIAMPolicyArgs;
+ * import com.pulumi.gcp.compute.InstanceTemplateIamPolicy;
+ * import com.pulumi.gcp.compute.InstanceTemplateIamPolicyArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App }{{@code
+ *     public static void main(String[] args) }{{@code
+ *         Pulumi.run(App::stack);
+ *     }}{@code
+ * 
+ *     public static void stack(Context ctx) }{{@code
+ *         final var admin = OrganizationsFunctions.getIAMPolicy(GetIAMPolicyArgs.builder()
+ *             .bindings(GetIAMPolicyBindingArgs.builder()
+ *                 .role("roles/compute.instanceAdmin")
+ *                 .members("user:jane}{@literal @}{@code example.com")
+ *                 .build())
+ *             .build());
+ * 
+ *         var policy = new InstanceTemplateIamPolicy("policy", InstanceTemplateIamPolicyArgs.builder()
+ *             .project(default_.project())
+ *             .name(default_.name())
+ *             .policyData(admin.applyValue(getIAMPolicyResult -> getIAMPolicyResult.policyData()))
+ *             .build());
+ * 
+ *     }}{@code
+ * }}{@code
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * With IAM Conditions: + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.organizations.OrganizationsFunctions;
+ * import com.pulumi.gcp.organizations.inputs.GetIAMPolicyArgs;
+ * import com.pulumi.gcp.compute.InstanceTemplateIamPolicy;
+ * import com.pulumi.gcp.compute.InstanceTemplateIamPolicyArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App }{{@code
+ *     public static void main(String[] args) }{{@code
+ *         Pulumi.run(App::stack);
+ *     }}{@code
+ * 
+ *     public static void stack(Context ctx) }{{@code
+ *         final var admin = OrganizationsFunctions.getIAMPolicy(GetIAMPolicyArgs.builder()
+ *             .bindings(GetIAMPolicyBindingArgs.builder()
+ *                 .role("roles/compute.instanceAdmin")
+ *                 .members("user:jane}{@literal @}{@code example.com")
+ *                 .condition(GetIAMPolicyBindingConditionArgs.builder()
+ *                     .title("expires_after_2019_12_31")
+ *                     .description("Expiring at midnight of 2019-12-31")
+ *                     .expression("request.time < timestamp(\"2020-01-01T00:00:00Z\")")
+ *                     .build())
+ *                 .build())
+ *             .build());
+ * 
+ *         var policy = new InstanceTemplateIamPolicy("policy", InstanceTemplateIamPolicyArgs.builder()
+ *             .project(default_.project())
+ *             .name(default_.name())
+ *             .policyData(admin.applyValue(getIAMPolicyResult -> getIAMPolicyResult.policyData()))
+ *             .build());
+ * 
+ *     }}{@code
+ * }}{@code
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * ## gcp.compute.InstanceTemplateIamBinding + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.compute.InstanceTemplateIamBinding;
+ * import com.pulumi.gcp.compute.InstanceTemplateIamBindingArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App }{{@code
+ *     public static void main(String[] args) }{{@code
+ *         Pulumi.run(App::stack);
+ *     }}{@code
+ * 
+ *     public static void stack(Context ctx) }{{@code
+ *         var binding = new InstanceTemplateIamBinding("binding", InstanceTemplateIamBindingArgs.builder()
+ *             .project(default_.project())
+ *             .name(default_.name())
+ *             .role("roles/compute.instanceAdmin")
+ *             .members("user:jane}{@literal @}{@code example.com")
+ *             .build());
+ * 
+ *     }}{@code
+ * }}{@code
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * With IAM Conditions: + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.compute.InstanceTemplateIamBinding;
+ * import com.pulumi.gcp.compute.InstanceTemplateIamBindingArgs;
+ * import com.pulumi.gcp.compute.inputs.InstanceTemplateIamBindingConditionArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App }{{@code
+ *     public static void main(String[] args) }{{@code
+ *         Pulumi.run(App::stack);
+ *     }}{@code
+ * 
+ *     public static void stack(Context ctx) }{{@code
+ *         var binding = new InstanceTemplateIamBinding("binding", InstanceTemplateIamBindingArgs.builder()
+ *             .project(default_.project())
+ *             .name(default_.name())
+ *             .role("roles/compute.instanceAdmin")
+ *             .members("user:jane}{@literal @}{@code example.com")
+ *             .condition(InstanceTemplateIamBindingConditionArgs.builder()
+ *                 .title("expires_after_2019_12_31")
+ *                 .description("Expiring at midnight of 2019-12-31")
+ *                 .expression("request.time < timestamp(\"2020-01-01T00:00:00Z\")")
+ *                 .build())
+ *             .build());
+ * 
+ *     }}{@code
+ * }}{@code
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * ## gcp.compute.InstanceTemplateIamMember + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.compute.InstanceTemplateIamMember;
+ * import com.pulumi.gcp.compute.InstanceTemplateIamMemberArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App }{{@code
+ *     public static void main(String[] args) }{{@code
+ *         Pulumi.run(App::stack);
+ *     }}{@code
+ * 
+ *     public static void stack(Context ctx) }{{@code
+ *         var member = new InstanceTemplateIamMember("member", InstanceTemplateIamMemberArgs.builder()
+ *             .project(default_.project())
+ *             .name(default_.name())
+ *             .role("roles/compute.instanceAdmin")
+ *             .member("user:jane}{@literal @}{@code example.com")
+ *             .build());
+ * 
+ *     }}{@code
+ * }}{@code
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * With IAM Conditions: + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.compute.InstanceTemplateIamMember;
+ * import com.pulumi.gcp.compute.InstanceTemplateIamMemberArgs;
+ * import com.pulumi.gcp.compute.inputs.InstanceTemplateIamMemberConditionArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App }{{@code
+ *     public static void main(String[] args) }{{@code
+ *         Pulumi.run(App::stack);
+ *     }}{@code
+ * 
+ *     public static void stack(Context ctx) }{{@code
+ *         var member = new InstanceTemplateIamMember("member", InstanceTemplateIamMemberArgs.builder()
+ *             .project(default_.project())
+ *             .name(default_.name())
+ *             .role("roles/compute.instanceAdmin")
+ *             .member("user:jane}{@literal @}{@code example.com")
+ *             .condition(InstanceTemplateIamMemberConditionArgs.builder()
+ *                 .title("expires_after_2019_12_31")
+ *                 .description("Expiring at midnight of 2019-12-31")
+ *                 .expression("request.time < timestamp(\"2020-01-01T00:00:00Z\")")
+ *                 .build())
+ *             .build());
+ * 
+ *     }}{@code
+ * }}{@code
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * ## Import + * + * For all import syntaxes, the "resource in question" can take any of the following forms: + * + * * projects/{{project}}/global/instanceTemplates/{{name}} + * + * * {{project}}/{{name}} + * + * * {{name}} + * + * Any variables not passed in the import command will be taken from the provider configuration. + * + * Compute Engine instancetemplate IAM resources can be imported using the resource identifiers, role, and member. + * + * IAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g. + * + * ```sh + * $ pulumi import gcp:compute/instanceTemplateIamMember:InstanceTemplateIamMember editor "projects/{{project}}/global/instanceTemplates/{{instance_template}} roles/compute.instanceAdmin user:jane{@literal @}example.com" + * ``` + * + * IAM binding imports use space-delimited identifiers: the resource in question and the role, e.g. + * + * ```sh + * $ pulumi import gcp:compute/instanceTemplateIamMember:InstanceTemplateIamMember editor "projects/{{project}}/global/instanceTemplates/{{instance_template}} roles/compute.instanceAdmin" + * ``` + * + * IAM policy imports use the identifier of the resource in question, e.g. + * + * ```sh + * $ pulumi import gcp:compute/instanceTemplateIamMember:InstanceTemplateIamMember editor projects/{{project}}/global/instanceTemplates/{{instance_template}} + * ``` + * + * -> **Custom Roles** If you're importing a IAM resource with a custom role, make sure to use the + * + * full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`. + * + */ +@ResourceType(type="gcp:compute/instanceTemplateIamMember:InstanceTemplateIamMember") +public class InstanceTemplateIamMember extends com.pulumi.resources.CustomResource { + /** + * An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding. + * Structure is documented below. + * + */ + @Export(name="condition", refs={InstanceTemplateIamMemberCondition.class}, tree="[0]") + private Output condition; + + /** + * @return An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding. + * Structure is documented below. + * + */ + public Output> condition() { + return Codegen.optional(this.condition); + } + /** + * (Computed) The etag of the IAM policy. + * + */ + @Export(name="etag", refs={String.class}, tree="[0]") + private Output etag; + + /** + * @return (Computed) The etag of the IAM policy. + * + */ + public Output etag() { + return this.etag; + } + /** + * Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice{@literal @}gmail.com or joe{@literal @}example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app{@literal @}appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins{@literal @}example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + * + */ + @Export(name="member", refs={String.class}, tree="[0]") + private Output member; + + /** + * @return Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice{@literal @}gmail.com or joe{@literal @}example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app{@literal @}appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins{@literal @}example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + * + */ + public Output member() { + return this.member; + } + /** + * Used to find the parent resource to bind the IAM policy to + * + */ + @Export(name="name", refs={String.class}, tree="[0]") + private Output name; + + /** + * @return Used to find the parent resource to bind the IAM policy to + * + */ + public Output name() { + return this.name; + } + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + */ + @Export(name="project", refs={String.class}, tree="[0]") + private Output project; + + /** + * @return The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + */ + public Output project() { + return this.project; + } + /** + * The role that should be applied. Only one + * `gcp.compute.InstanceTemplateIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + * + */ + @Export(name="role", refs={String.class}, tree="[0]") + private Output role; + + /** + * @return The role that should be applied. Only one + * `gcp.compute.InstanceTemplateIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + * + */ + public Output role() { + return this.role; + } + + /** + * + * @param name The _unique_ name of the resulting resource. + */ + public InstanceTemplateIamMember(java.lang.String name) { + this(name, InstanceTemplateIamMemberArgs.Empty); + } + /** + * + * @param name The _unique_ name of the resulting resource. + * @param args The arguments to use to populate this resource's properties. + */ + public InstanceTemplateIamMember(java.lang.String name, InstanceTemplateIamMemberArgs args) { + this(name, args, null); + } + /** + * + * @param name The _unique_ name of the resulting resource. + * @param args The arguments to use to populate this resource's properties. + * @param options A bag of options that control this resource's behavior. + */ + public InstanceTemplateIamMember(java.lang.String name, InstanceTemplateIamMemberArgs args, @Nullable com.pulumi.resources.CustomResourceOptions options) { + super("gcp:compute/instanceTemplateIamMember:InstanceTemplateIamMember", name, makeArgs(args, options), makeResourceOptions(options, Codegen.empty()), false); + } + + private InstanceTemplateIamMember(java.lang.String name, Output id, @Nullable InstanceTemplateIamMemberState state, @Nullable com.pulumi.resources.CustomResourceOptions options) { + super("gcp:compute/instanceTemplateIamMember:InstanceTemplateIamMember", name, state, makeResourceOptions(options, id), false); + } + + private static InstanceTemplateIamMemberArgs makeArgs(InstanceTemplateIamMemberArgs args, @Nullable com.pulumi.resources.CustomResourceOptions options) { + if (options != null && options.getUrn().isPresent()) { + return null; + } + return args == null ? InstanceTemplateIamMemberArgs.Empty : args; + } + + private static com.pulumi.resources.CustomResourceOptions makeResourceOptions(@Nullable com.pulumi.resources.CustomResourceOptions options, @Nullable Output id) { + var defaultOptions = com.pulumi.resources.CustomResourceOptions.builder() + .version(Utilities.getVersion()) + .build(); + return com.pulumi.resources.CustomResourceOptions.merge(defaultOptions, options, id); + } + + /** + * Get an existing Host resource's state with the given name, ID, and optional extra + * properties used to qualify the lookup. + * + * @param name The _unique_ name of the resulting resource. + * @param id The _unique_ provider ID of the resource to lookup. + * @param state + * @param options Optional settings to control the behavior of the CustomResource. + */ + public static InstanceTemplateIamMember get(java.lang.String name, Output id, @Nullable InstanceTemplateIamMemberState state, @Nullable com.pulumi.resources.CustomResourceOptions options) { + return new InstanceTemplateIamMember(name, id, state, options); + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/InstanceTemplateIamMemberArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/InstanceTemplateIamMemberArgs.java new file mode 100644 index 0000000000..91635a4332 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/InstanceTemplateIamMemberArgs.java @@ -0,0 +1,295 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.compute; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import com.pulumi.gcp.compute.inputs.InstanceTemplateIamMemberConditionArgs; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class InstanceTemplateIamMemberArgs extends com.pulumi.resources.ResourceArgs { + + public static final InstanceTemplateIamMemberArgs Empty = new InstanceTemplateIamMemberArgs(); + + /** + * An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding. + * Structure is documented below. + * + */ + @Import(name="condition") + private @Nullable Output condition; + + /** + * @return An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding. + * Structure is documented below. + * + */ + public Optional> condition() { + return Optional.ofNullable(this.condition); + } + + /** + * Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice{@literal @}gmail.com or joe{@literal @}example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app{@literal @}appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins{@literal @}example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + * + */ + @Import(name="member", required=true) + private Output member; + + /** + * @return Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice{@literal @}gmail.com or joe{@literal @}example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app{@literal @}appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins{@literal @}example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + * + */ + public Output member() { + return this.member; + } + + /** + * Used to find the parent resource to bind the IAM policy to + * + */ + @Import(name="name") + private @Nullable Output name; + + /** + * @return Used to find the parent resource to bind the IAM policy to + * + */ + public Optional> name() { + return Optional.ofNullable(this.name); + } + + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + */ + @Import(name="project") + private @Nullable Output project; + + /** + * @return The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + */ + public Optional> project() { + return Optional.ofNullable(this.project); + } + + /** + * The role that should be applied. Only one + * `gcp.compute.InstanceTemplateIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + * + */ + @Import(name="role", required=true) + private Output role; + + /** + * @return The role that should be applied. Only one + * `gcp.compute.InstanceTemplateIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + * + */ + public Output role() { + return this.role; + } + + private InstanceTemplateIamMemberArgs() {} + + private InstanceTemplateIamMemberArgs(InstanceTemplateIamMemberArgs $) { + this.condition = $.condition; + this.member = $.member; + this.name = $.name; + this.project = $.project; + this.role = $.role; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(InstanceTemplateIamMemberArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private InstanceTemplateIamMemberArgs $; + + public Builder() { + $ = new InstanceTemplateIamMemberArgs(); + } + + public Builder(InstanceTemplateIamMemberArgs defaults) { + $ = new InstanceTemplateIamMemberArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param condition An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding. + * Structure is documented below. + * + * @return builder + * + */ + public Builder condition(@Nullable Output condition) { + $.condition = condition; + return this; + } + + /** + * @param condition An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding. + * Structure is documented below. + * + * @return builder + * + */ + public Builder condition(InstanceTemplateIamMemberConditionArgs condition) { + return condition(Output.of(condition)); + } + + /** + * @param member Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice{@literal @}gmail.com or joe{@literal @}example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app{@literal @}appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins{@literal @}example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + * + * @return builder + * + */ + public Builder member(Output member) { + $.member = member; + return this; + } + + /** + * @param member Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice{@literal @}gmail.com or joe{@literal @}example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app{@literal @}appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins{@literal @}example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + * + * @return builder + * + */ + public Builder member(String member) { + return member(Output.of(member)); + } + + /** + * @param name Used to find the parent resource to bind the IAM policy to + * + * @return builder + * + */ + public Builder name(@Nullable Output name) { + $.name = name; + return this; + } + + /** + * @param name Used to find the parent resource to bind the IAM policy to + * + * @return builder + * + */ + public Builder name(String name) { + return name(Output.of(name)); + } + + /** + * @param project The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + * @return builder + * + */ + public Builder project(@Nullable Output project) { + $.project = project; + return this; + } + + /** + * @param project The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + * @return builder + * + */ + public Builder project(String project) { + return project(Output.of(project)); + } + + /** + * @param role The role that should be applied. Only one + * `gcp.compute.InstanceTemplateIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + * + * @return builder + * + */ + public Builder role(Output role) { + $.role = role; + return this; + } + + /** + * @param role The role that should be applied. Only one + * `gcp.compute.InstanceTemplateIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + * + * @return builder + * + */ + public Builder role(String role) { + return role(Output.of(role)); + } + + public InstanceTemplateIamMemberArgs build() { + if ($.member == null) { + throw new MissingRequiredPropertyException("InstanceTemplateIamMemberArgs", "member"); + } + if ($.role == null) { + throw new MissingRequiredPropertyException("InstanceTemplateIamMemberArgs", "role"); + } + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/InstanceTemplateIamPolicy.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/InstanceTemplateIamPolicy.java new file mode 100644 index 0000000000..8877573f7d --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/InstanceTemplateIamPolicy.java @@ -0,0 +1,727 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.compute; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Export; +import com.pulumi.core.annotations.ResourceType; +import com.pulumi.core.internal.Codegen; +import com.pulumi.gcp.Utilities; +import com.pulumi.gcp.compute.InstanceTemplateIamPolicyArgs; +import com.pulumi.gcp.compute.inputs.InstanceTemplateIamPolicyState; +import java.lang.String; +import javax.annotation.Nullable; + +/** + * Three different resources help you manage your IAM policy for Compute Engine InstanceTemplate. Each of these resources serves a different use case: + * + * * `gcp.compute.InstanceTemplateIamPolicy`: Authoritative. Sets the IAM policy for the instancetemplate and replaces any existing policy already attached. + * * `gcp.compute.InstanceTemplateIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the instancetemplate are preserved. + * * `gcp.compute.InstanceTemplateIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the instancetemplate are preserved. + * + * A data source can be used to retrieve policy data in advent you do not need creation + * + * * `gcp.compute.InstanceTemplateIamPolicy`: Retrieves the IAM policy for the instancetemplate + * + * > **Note:** `gcp.compute.InstanceTemplateIamPolicy` **cannot** be used in conjunction with `gcp.compute.InstanceTemplateIamBinding` and `gcp.compute.InstanceTemplateIamMember` or they will fight over what your policy should be. + * + * > **Note:** `gcp.compute.InstanceTemplateIamBinding` resources **can be** used in conjunction with `gcp.compute.InstanceTemplateIamMember` resources **only if** they do not grant privilege to the same role. + * + * > **Note:** This resource supports IAM Conditions but they have some known limitations which can be found [here](https://cloud.google.com/iam/docs/conditions-overview#limitations). Please review this article if you are having issues with IAM Conditions. + * + * ## gcp.compute.InstanceTemplateIamPolicy + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.organizations.OrganizationsFunctions;
+ * import com.pulumi.gcp.organizations.inputs.GetIAMPolicyArgs;
+ * import com.pulumi.gcp.compute.InstanceTemplateIamPolicy;
+ * import com.pulumi.gcp.compute.InstanceTemplateIamPolicyArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App }{{@code
+ *     public static void main(String[] args) }{{@code
+ *         Pulumi.run(App::stack);
+ *     }}{@code
+ * 
+ *     public static void stack(Context ctx) }{{@code
+ *         final var admin = OrganizationsFunctions.getIAMPolicy(GetIAMPolicyArgs.builder()
+ *             .bindings(GetIAMPolicyBindingArgs.builder()
+ *                 .role("roles/compute.instanceAdmin")
+ *                 .members("user:jane}{@literal @}{@code example.com")
+ *                 .build())
+ *             .build());
+ * 
+ *         var policy = new InstanceTemplateIamPolicy("policy", InstanceTemplateIamPolicyArgs.builder()
+ *             .project(default_.project())
+ *             .name(default_.name())
+ *             .policyData(admin.applyValue(getIAMPolicyResult -> getIAMPolicyResult.policyData()))
+ *             .build());
+ * 
+ *     }}{@code
+ * }}{@code
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * With IAM Conditions: + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.organizations.OrganizationsFunctions;
+ * import com.pulumi.gcp.organizations.inputs.GetIAMPolicyArgs;
+ * import com.pulumi.gcp.compute.InstanceTemplateIamPolicy;
+ * import com.pulumi.gcp.compute.InstanceTemplateIamPolicyArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App }{{@code
+ *     public static void main(String[] args) }{{@code
+ *         Pulumi.run(App::stack);
+ *     }}{@code
+ * 
+ *     public static void stack(Context ctx) }{{@code
+ *         final var admin = OrganizationsFunctions.getIAMPolicy(GetIAMPolicyArgs.builder()
+ *             .bindings(GetIAMPolicyBindingArgs.builder()
+ *                 .role("roles/compute.instanceAdmin")
+ *                 .members("user:jane}{@literal @}{@code example.com")
+ *                 .condition(GetIAMPolicyBindingConditionArgs.builder()
+ *                     .title("expires_after_2019_12_31")
+ *                     .description("Expiring at midnight of 2019-12-31")
+ *                     .expression("request.time < timestamp(\"2020-01-01T00:00:00Z\")")
+ *                     .build())
+ *                 .build())
+ *             .build());
+ * 
+ *         var policy = new InstanceTemplateIamPolicy("policy", InstanceTemplateIamPolicyArgs.builder()
+ *             .project(default_.project())
+ *             .name(default_.name())
+ *             .policyData(admin.applyValue(getIAMPolicyResult -> getIAMPolicyResult.policyData()))
+ *             .build());
+ * 
+ *     }}{@code
+ * }}{@code
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * ## gcp.compute.InstanceTemplateIamBinding + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.compute.InstanceTemplateIamBinding;
+ * import com.pulumi.gcp.compute.InstanceTemplateIamBindingArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App }{{@code
+ *     public static void main(String[] args) }{{@code
+ *         Pulumi.run(App::stack);
+ *     }}{@code
+ * 
+ *     public static void stack(Context ctx) }{{@code
+ *         var binding = new InstanceTemplateIamBinding("binding", InstanceTemplateIamBindingArgs.builder()
+ *             .project(default_.project())
+ *             .name(default_.name())
+ *             .role("roles/compute.instanceAdmin")
+ *             .members("user:jane}{@literal @}{@code example.com")
+ *             .build());
+ * 
+ *     }}{@code
+ * }}{@code
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * With IAM Conditions: + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.compute.InstanceTemplateIamBinding;
+ * import com.pulumi.gcp.compute.InstanceTemplateIamBindingArgs;
+ * import com.pulumi.gcp.compute.inputs.InstanceTemplateIamBindingConditionArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App }{{@code
+ *     public static void main(String[] args) }{{@code
+ *         Pulumi.run(App::stack);
+ *     }}{@code
+ * 
+ *     public static void stack(Context ctx) }{{@code
+ *         var binding = new InstanceTemplateIamBinding("binding", InstanceTemplateIamBindingArgs.builder()
+ *             .project(default_.project())
+ *             .name(default_.name())
+ *             .role("roles/compute.instanceAdmin")
+ *             .members("user:jane}{@literal @}{@code example.com")
+ *             .condition(InstanceTemplateIamBindingConditionArgs.builder()
+ *                 .title("expires_after_2019_12_31")
+ *                 .description("Expiring at midnight of 2019-12-31")
+ *                 .expression("request.time < timestamp(\"2020-01-01T00:00:00Z\")")
+ *                 .build())
+ *             .build());
+ * 
+ *     }}{@code
+ * }}{@code
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * ## gcp.compute.InstanceTemplateIamMember + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.compute.InstanceTemplateIamMember;
+ * import com.pulumi.gcp.compute.InstanceTemplateIamMemberArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App }{{@code
+ *     public static void main(String[] args) }{{@code
+ *         Pulumi.run(App::stack);
+ *     }}{@code
+ * 
+ *     public static void stack(Context ctx) }{{@code
+ *         var member = new InstanceTemplateIamMember("member", InstanceTemplateIamMemberArgs.builder()
+ *             .project(default_.project())
+ *             .name(default_.name())
+ *             .role("roles/compute.instanceAdmin")
+ *             .member("user:jane}{@literal @}{@code example.com")
+ *             .build());
+ * 
+ *     }}{@code
+ * }}{@code
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * With IAM Conditions: + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.compute.InstanceTemplateIamMember;
+ * import com.pulumi.gcp.compute.InstanceTemplateIamMemberArgs;
+ * import com.pulumi.gcp.compute.inputs.InstanceTemplateIamMemberConditionArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App }{{@code
+ *     public static void main(String[] args) }{{@code
+ *         Pulumi.run(App::stack);
+ *     }}{@code
+ * 
+ *     public static void stack(Context ctx) }{{@code
+ *         var member = new InstanceTemplateIamMember("member", InstanceTemplateIamMemberArgs.builder()
+ *             .project(default_.project())
+ *             .name(default_.name())
+ *             .role("roles/compute.instanceAdmin")
+ *             .member("user:jane}{@literal @}{@code example.com")
+ *             .condition(InstanceTemplateIamMemberConditionArgs.builder()
+ *                 .title("expires_after_2019_12_31")
+ *                 .description("Expiring at midnight of 2019-12-31")
+ *                 .expression("request.time < timestamp(\"2020-01-01T00:00:00Z\")")
+ *                 .build())
+ *             .build());
+ * 
+ *     }}{@code
+ * }}{@code
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * ## This resource supports User Project Overrides. + * + * - + * + * # IAM policy for Compute Engine InstanceTemplate + * Three different resources help you manage your IAM policy for Compute Engine InstanceTemplate. Each of these resources serves a different use case: + * + * * `gcp.compute.InstanceTemplateIamPolicy`: Authoritative. Sets the IAM policy for the instancetemplate and replaces any existing policy already attached. + * * `gcp.compute.InstanceTemplateIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the instancetemplate are preserved. + * * `gcp.compute.InstanceTemplateIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the instancetemplate are preserved. + * + * A data source can be used to retrieve policy data in advent you do not need creation + * + * * `gcp.compute.InstanceTemplateIamPolicy`: Retrieves the IAM policy for the instancetemplate + * + * > **Note:** `gcp.compute.InstanceTemplateIamPolicy` **cannot** be used in conjunction with `gcp.compute.InstanceTemplateIamBinding` and `gcp.compute.InstanceTemplateIamMember` or they will fight over what your policy should be. + * + * > **Note:** `gcp.compute.InstanceTemplateIamBinding` resources **can be** used in conjunction with `gcp.compute.InstanceTemplateIamMember` resources **only if** they do not grant privilege to the same role. + * + * > **Note:** This resource supports IAM Conditions but they have some known limitations which can be found [here](https://cloud.google.com/iam/docs/conditions-overview#limitations). Please review this article if you are having issues with IAM Conditions. + * + * ## gcp.compute.InstanceTemplateIamPolicy + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.organizations.OrganizationsFunctions;
+ * import com.pulumi.gcp.organizations.inputs.GetIAMPolicyArgs;
+ * import com.pulumi.gcp.compute.InstanceTemplateIamPolicy;
+ * import com.pulumi.gcp.compute.InstanceTemplateIamPolicyArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App }{{@code
+ *     public static void main(String[] args) }{{@code
+ *         Pulumi.run(App::stack);
+ *     }}{@code
+ * 
+ *     public static void stack(Context ctx) }{{@code
+ *         final var admin = OrganizationsFunctions.getIAMPolicy(GetIAMPolicyArgs.builder()
+ *             .bindings(GetIAMPolicyBindingArgs.builder()
+ *                 .role("roles/compute.instanceAdmin")
+ *                 .members("user:jane}{@literal @}{@code example.com")
+ *                 .build())
+ *             .build());
+ * 
+ *         var policy = new InstanceTemplateIamPolicy("policy", InstanceTemplateIamPolicyArgs.builder()
+ *             .project(default_.project())
+ *             .name(default_.name())
+ *             .policyData(admin.applyValue(getIAMPolicyResult -> getIAMPolicyResult.policyData()))
+ *             .build());
+ * 
+ *     }}{@code
+ * }}{@code
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * With IAM Conditions: + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.organizations.OrganizationsFunctions;
+ * import com.pulumi.gcp.organizations.inputs.GetIAMPolicyArgs;
+ * import com.pulumi.gcp.compute.InstanceTemplateIamPolicy;
+ * import com.pulumi.gcp.compute.InstanceTemplateIamPolicyArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App }{{@code
+ *     public static void main(String[] args) }{{@code
+ *         Pulumi.run(App::stack);
+ *     }}{@code
+ * 
+ *     public static void stack(Context ctx) }{{@code
+ *         final var admin = OrganizationsFunctions.getIAMPolicy(GetIAMPolicyArgs.builder()
+ *             .bindings(GetIAMPolicyBindingArgs.builder()
+ *                 .role("roles/compute.instanceAdmin")
+ *                 .members("user:jane}{@literal @}{@code example.com")
+ *                 .condition(GetIAMPolicyBindingConditionArgs.builder()
+ *                     .title("expires_after_2019_12_31")
+ *                     .description("Expiring at midnight of 2019-12-31")
+ *                     .expression("request.time < timestamp(\"2020-01-01T00:00:00Z\")")
+ *                     .build())
+ *                 .build())
+ *             .build());
+ * 
+ *         var policy = new InstanceTemplateIamPolicy("policy", InstanceTemplateIamPolicyArgs.builder()
+ *             .project(default_.project())
+ *             .name(default_.name())
+ *             .policyData(admin.applyValue(getIAMPolicyResult -> getIAMPolicyResult.policyData()))
+ *             .build());
+ * 
+ *     }}{@code
+ * }}{@code
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * ## gcp.compute.InstanceTemplateIamBinding + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.compute.InstanceTemplateIamBinding;
+ * import com.pulumi.gcp.compute.InstanceTemplateIamBindingArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App }{{@code
+ *     public static void main(String[] args) }{{@code
+ *         Pulumi.run(App::stack);
+ *     }}{@code
+ * 
+ *     public static void stack(Context ctx) }{{@code
+ *         var binding = new InstanceTemplateIamBinding("binding", InstanceTemplateIamBindingArgs.builder()
+ *             .project(default_.project())
+ *             .name(default_.name())
+ *             .role("roles/compute.instanceAdmin")
+ *             .members("user:jane}{@literal @}{@code example.com")
+ *             .build());
+ * 
+ *     }}{@code
+ * }}{@code
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * With IAM Conditions: + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.compute.InstanceTemplateIamBinding;
+ * import com.pulumi.gcp.compute.InstanceTemplateIamBindingArgs;
+ * import com.pulumi.gcp.compute.inputs.InstanceTemplateIamBindingConditionArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App }{{@code
+ *     public static void main(String[] args) }{{@code
+ *         Pulumi.run(App::stack);
+ *     }}{@code
+ * 
+ *     public static void stack(Context ctx) }{{@code
+ *         var binding = new InstanceTemplateIamBinding("binding", InstanceTemplateIamBindingArgs.builder()
+ *             .project(default_.project())
+ *             .name(default_.name())
+ *             .role("roles/compute.instanceAdmin")
+ *             .members("user:jane}{@literal @}{@code example.com")
+ *             .condition(InstanceTemplateIamBindingConditionArgs.builder()
+ *                 .title("expires_after_2019_12_31")
+ *                 .description("Expiring at midnight of 2019-12-31")
+ *                 .expression("request.time < timestamp(\"2020-01-01T00:00:00Z\")")
+ *                 .build())
+ *             .build());
+ * 
+ *     }}{@code
+ * }}{@code
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * ## gcp.compute.InstanceTemplateIamMember + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.compute.InstanceTemplateIamMember;
+ * import com.pulumi.gcp.compute.InstanceTemplateIamMemberArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App }{{@code
+ *     public static void main(String[] args) }{{@code
+ *         Pulumi.run(App::stack);
+ *     }}{@code
+ * 
+ *     public static void stack(Context ctx) }{{@code
+ *         var member = new InstanceTemplateIamMember("member", InstanceTemplateIamMemberArgs.builder()
+ *             .project(default_.project())
+ *             .name(default_.name())
+ *             .role("roles/compute.instanceAdmin")
+ *             .member("user:jane}{@literal @}{@code example.com")
+ *             .build());
+ * 
+ *     }}{@code
+ * }}{@code
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * With IAM Conditions: + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.compute.InstanceTemplateIamMember;
+ * import com.pulumi.gcp.compute.InstanceTemplateIamMemberArgs;
+ * import com.pulumi.gcp.compute.inputs.InstanceTemplateIamMemberConditionArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App }{{@code
+ *     public static void main(String[] args) }{{@code
+ *         Pulumi.run(App::stack);
+ *     }}{@code
+ * 
+ *     public static void stack(Context ctx) }{{@code
+ *         var member = new InstanceTemplateIamMember("member", InstanceTemplateIamMemberArgs.builder()
+ *             .project(default_.project())
+ *             .name(default_.name())
+ *             .role("roles/compute.instanceAdmin")
+ *             .member("user:jane}{@literal @}{@code example.com")
+ *             .condition(InstanceTemplateIamMemberConditionArgs.builder()
+ *                 .title("expires_after_2019_12_31")
+ *                 .description("Expiring at midnight of 2019-12-31")
+ *                 .expression("request.time < timestamp(\"2020-01-01T00:00:00Z\")")
+ *                 .build())
+ *             .build());
+ * 
+ *     }}{@code
+ * }}{@code
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * ## Import + * + * For all import syntaxes, the "resource in question" can take any of the following forms: + * + * * projects/{{project}}/global/instanceTemplates/{{name}} + * + * * {{project}}/{{name}} + * + * * {{name}} + * + * Any variables not passed in the import command will be taken from the provider configuration. + * + * Compute Engine instancetemplate IAM resources can be imported using the resource identifiers, role, and member. + * + * IAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g. + * + * ```sh + * $ pulumi import gcp:compute/instanceTemplateIamPolicy:InstanceTemplateIamPolicy editor "projects/{{project}}/global/instanceTemplates/{{instance_template}} roles/compute.instanceAdmin user:jane{@literal @}example.com" + * ``` + * + * IAM binding imports use space-delimited identifiers: the resource in question and the role, e.g. + * + * ```sh + * $ pulumi import gcp:compute/instanceTemplateIamPolicy:InstanceTemplateIamPolicy editor "projects/{{project}}/global/instanceTemplates/{{instance_template}} roles/compute.instanceAdmin" + * ``` + * + * IAM policy imports use the identifier of the resource in question, e.g. + * + * ```sh + * $ pulumi import gcp:compute/instanceTemplateIamPolicy:InstanceTemplateIamPolicy editor projects/{{project}}/global/instanceTemplates/{{instance_template}} + * ``` + * + * -> **Custom Roles** If you're importing a IAM resource with a custom role, make sure to use the + * + * full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`. + * + */ +@ResourceType(type="gcp:compute/instanceTemplateIamPolicy:InstanceTemplateIamPolicy") +public class InstanceTemplateIamPolicy extends com.pulumi.resources.CustomResource { + /** + * (Computed) The etag of the IAM policy. + * + */ + @Export(name="etag", refs={String.class}, tree="[0]") + private Output etag; + + /** + * @return (Computed) The etag of the IAM policy. + * + */ + public Output etag() { + return this.etag; + } + /** + * Used to find the parent resource to bind the IAM policy to + * + */ + @Export(name="name", refs={String.class}, tree="[0]") + private Output name; + + /** + * @return Used to find the parent resource to bind the IAM policy to + * + */ + public Output name() { + return this.name; + } + /** + * The policy data generated by + * a `gcp.organizations.getIAMPolicy` data source. + * + */ + @Export(name="policyData", refs={String.class}, tree="[0]") + private Output policyData; + + /** + * @return The policy data generated by + * a `gcp.organizations.getIAMPolicy` data source. + * + */ + public Output policyData() { + return this.policyData; + } + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + */ + @Export(name="project", refs={String.class}, tree="[0]") + private Output project; + + /** + * @return The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + */ + public Output project() { + return this.project; + } + + /** + * + * @param name The _unique_ name of the resulting resource. + */ + public InstanceTemplateIamPolicy(java.lang.String name) { + this(name, InstanceTemplateIamPolicyArgs.Empty); + } + /** + * + * @param name The _unique_ name of the resulting resource. + * @param args The arguments to use to populate this resource's properties. + */ + public InstanceTemplateIamPolicy(java.lang.String name, InstanceTemplateIamPolicyArgs args) { + this(name, args, null); + } + /** + * + * @param name The _unique_ name of the resulting resource. + * @param args The arguments to use to populate this resource's properties. + * @param options A bag of options that control this resource's behavior. + */ + public InstanceTemplateIamPolicy(java.lang.String name, InstanceTemplateIamPolicyArgs args, @Nullable com.pulumi.resources.CustomResourceOptions options) { + super("gcp:compute/instanceTemplateIamPolicy:InstanceTemplateIamPolicy", name, makeArgs(args, options), makeResourceOptions(options, Codegen.empty()), false); + } + + private InstanceTemplateIamPolicy(java.lang.String name, Output id, @Nullable InstanceTemplateIamPolicyState state, @Nullable com.pulumi.resources.CustomResourceOptions options) { + super("gcp:compute/instanceTemplateIamPolicy:InstanceTemplateIamPolicy", name, state, makeResourceOptions(options, id), false); + } + + private static InstanceTemplateIamPolicyArgs makeArgs(InstanceTemplateIamPolicyArgs args, @Nullable com.pulumi.resources.CustomResourceOptions options) { + if (options != null && options.getUrn().isPresent()) { + return null; + } + return args == null ? InstanceTemplateIamPolicyArgs.Empty : args; + } + + private static com.pulumi.resources.CustomResourceOptions makeResourceOptions(@Nullable com.pulumi.resources.CustomResourceOptions options, @Nullable Output id) { + var defaultOptions = com.pulumi.resources.CustomResourceOptions.builder() + .version(Utilities.getVersion()) + .build(); + return com.pulumi.resources.CustomResourceOptions.merge(defaultOptions, options, id); + } + + /** + * Get an existing Host resource's state with the given name, ID, and optional extra + * properties used to qualify the lookup. + * + * @param name The _unique_ name of the resulting resource. + * @param id The _unique_ provider ID of the resource to lookup. + * @param state + * @param options Optional settings to control the behavior of the CustomResource. + */ + public static InstanceTemplateIamPolicy get(java.lang.String name, Output id, @Nullable InstanceTemplateIamPolicyState state, @Nullable com.pulumi.resources.CustomResourceOptions options) { + return new InstanceTemplateIamPolicy(name, id, state, options); + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/InstanceTemplateIamPolicyArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/InstanceTemplateIamPolicyArgs.java new file mode 100644 index 0000000000..710d7801cb --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/InstanceTemplateIamPolicyArgs.java @@ -0,0 +1,169 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.compute; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class InstanceTemplateIamPolicyArgs extends com.pulumi.resources.ResourceArgs { + + public static final InstanceTemplateIamPolicyArgs Empty = new InstanceTemplateIamPolicyArgs(); + + /** + * Used to find the parent resource to bind the IAM policy to + * + */ + @Import(name="name") + private @Nullable Output name; + + /** + * @return Used to find the parent resource to bind the IAM policy to + * + */ + public Optional> name() { + return Optional.ofNullable(this.name); + } + + /** + * The policy data generated by + * a `gcp.organizations.getIAMPolicy` data source. + * + */ + @Import(name="policyData", required=true) + private Output policyData; + + /** + * @return The policy data generated by + * a `gcp.organizations.getIAMPolicy` data source. + * + */ + public Output policyData() { + return this.policyData; + } + + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + */ + @Import(name="project") + private @Nullable Output project; + + /** + * @return The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + */ + public Optional> project() { + return Optional.ofNullable(this.project); + } + + private InstanceTemplateIamPolicyArgs() {} + + private InstanceTemplateIamPolicyArgs(InstanceTemplateIamPolicyArgs $) { + this.name = $.name; + this.policyData = $.policyData; + this.project = $.project; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(InstanceTemplateIamPolicyArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private InstanceTemplateIamPolicyArgs $; + + public Builder() { + $ = new InstanceTemplateIamPolicyArgs(); + } + + public Builder(InstanceTemplateIamPolicyArgs defaults) { + $ = new InstanceTemplateIamPolicyArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param name Used to find the parent resource to bind the IAM policy to + * + * @return builder + * + */ + public Builder name(@Nullable Output name) { + $.name = name; + return this; + } + + /** + * @param name Used to find the parent resource to bind the IAM policy to + * + * @return builder + * + */ + public Builder name(String name) { + return name(Output.of(name)); + } + + /** + * @param policyData The policy data generated by + * a `gcp.organizations.getIAMPolicy` data source. + * + * @return builder + * + */ + public Builder policyData(Output policyData) { + $.policyData = policyData; + return this; + } + + /** + * @param policyData The policy data generated by + * a `gcp.organizations.getIAMPolicy` data source. + * + * @return builder + * + */ + public Builder policyData(String policyData) { + return policyData(Output.of(policyData)); + } + + /** + * @param project The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + * @return builder + * + */ + public Builder project(@Nullable Output project) { + $.project = project; + return this; + } + + /** + * @param project The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + * @return builder + * + */ + public Builder project(String project) { + return project(Output.of(project)); + } + + public InstanceTemplateIamPolicyArgs build() { + if ($.policyData == null) { + throw new MissingRequiredPropertyException("InstanceTemplateIamPolicyArgs", "policyData"); + } + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/InterconnectAttachment.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/InterconnectAttachment.java index c9a153e73d..a04ab05c48 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/compute/InterconnectAttachment.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/InterconnectAttachment.java @@ -15,6 +15,7 @@ import java.lang.Integer; import java.lang.String; import java.util.List; +import java.util.Map; import java.util.Optional; import javax.annotation.Nullable; @@ -73,6 +74,7 @@ * .type("PARTNER") * .router(foobar.id()) * .mtu(1500) + * .labels(Map.of("mykey", "myvalue")) * .build()); * * } @@ -365,6 +367,20 @@ public Output> description() { public Output edgeAvailabilityDomain() { return this.edgeAvailabilityDomain; } + /** + * All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. + * + */ + @Export(name="effectiveLabels", refs={Map.class,String.class}, tree="[0,1,1]") + private Output> effectiveLabels; + + /** + * @return All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. + * + */ + public Output> effectiveLabels() { + return this.effectiveLabels; + } /** * Indicates the user-supplied encryption option of this interconnect * attachment. Can only be specified at attachment creation for PARTNER or @@ -479,6 +495,50 @@ public Output> interconnect() { public Output>> ipsecInternalAddresses() { return Codegen.optional(this.ipsecInternalAddresses); } + /** + * A fingerprint for the labels being applied to this Interconnect, which is essentially a hash + * of the labels set used for optimistic locking. The fingerprint is initially generated by + * Compute Engine and changes after every request to modify or update labels. + * You must always provide an up-to-date fingerprint hash in order to update or change labels, + * otherwise the request will fail with error 412 conditionNotMet. + * + */ + @Export(name="labelFingerprint", refs={String.class}, tree="[0]") + private Output labelFingerprint; + + /** + * @return A fingerprint for the labels being applied to this Interconnect, which is essentially a hash + * of the labels set used for optimistic locking. The fingerprint is initially generated by + * Compute Engine and changes after every request to modify or update labels. + * You must always provide an up-to-date fingerprint hash in order to update or change labels, + * otherwise the request will fail with error 412 conditionNotMet. + * + */ + public Output labelFingerprint() { + return this.labelFingerprint; + } + /** + * Labels for this resource. These can only be added or modified by the setLabels + * method. Each label key/value pair must comply with RFC1035. Label values may be empty. + * + * **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. + * Please refer to the field `effective_labels` for all of the labels present on the resource. + * + */ + @Export(name="labels", refs={Map.class,String.class}, tree="[0,1,1]") + private Output> labels; + + /** + * @return Labels for this resource. These can only be added or modified by the setLabels + * method. Each label key/value pair must comply with RFC1035. Label values may be empty. + * + * **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. + * Please refer to the field `effective_labels` for all of the labels present on the resource. + * + */ + public Output>> labels() { + return Codegen.optional(this.labels); + } /** * Maximum Transmission Unit (MTU), in bytes, of packets passing through * this interconnect attachment. Currently, only 1440 and 1500 are allowed. If not specified, the value will default to 1440. @@ -593,6 +653,22 @@ public Output> privateInterc public Output project() { return this.project; } + /** + * The combination of labels configured directly on the resource + * and default labels configured on the provider. + * + */ + @Export(name="pulumiLabels", refs={Map.class,String.class}, tree="[0,1,1]") + private Output> pulumiLabels; + + /** + * @return The combination of labels configured directly on the resource + * and default labels configured on the provider. + * + */ + public Output> pulumiLabels() { + return this.pulumiLabels; + } /** * Region where the regional interconnect attachment resides. * @@ -775,6 +851,10 @@ private static InterconnectAttachmentArgs makeArgs(InterconnectAttachmentArgs ar private static com.pulumi.resources.CustomResourceOptions makeResourceOptions(@Nullable com.pulumi.resources.CustomResourceOptions options, @Nullable Output id) { var defaultOptions = com.pulumi.resources.CustomResourceOptions.builder() .version(Utilities.getVersion()) + .additionalSecretOutputs(List.of( + "effectiveLabels", + "pulumiLabels" + )) .build(); return com.pulumi.resources.CustomResourceOptions.merge(defaultOptions, options, id); } diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/InterconnectAttachmentArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/InterconnectAttachmentArgs.java index 8c21bd68f7..1d98669e59 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/compute/InterconnectAttachmentArgs.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/InterconnectAttachmentArgs.java @@ -10,6 +10,7 @@ import java.lang.Integer; import java.lang.String; import java.util.List; +import java.util.Map; import java.util.Objects; import java.util.Optional; import javax.annotation.Nullable; @@ -229,6 +230,29 @@ public Optional>> ipsecInternalAddresses() { return Optional.ofNullable(this.ipsecInternalAddresses); } + /** + * Labels for this resource. These can only be added or modified by the setLabels + * method. Each label key/value pair must comply with RFC1035. Label values may be empty. + * + * **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. + * Please refer to the field `effective_labels` for all of the labels present on the resource. + * + */ + @Import(name="labels") + private @Nullable Output> labels; + + /** + * @return Labels for this resource. These can only be added or modified by the setLabels + * method. Each label key/value pair must comply with RFC1035. Label values may be empty. + * + * **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. + * Please refer to the field `effective_labels` for all of the labels present on the resource. + * + */ + public Optional>> labels() { + return Optional.ofNullable(this.labels); + } + /** * Maximum Transmission Unit (MTU), in bytes, of packets passing through * this interconnect attachment. Currently, only 1440 and 1500 are allowed. If not specified, the value will default to 1440. @@ -423,6 +447,7 @@ private InterconnectAttachmentArgs(InterconnectAttachmentArgs $) { this.encryption = $.encryption; this.interconnect = $.interconnect; this.ipsecInternalAddresses = $.ipsecInternalAddresses; + this.labels = $.labels; this.mtu = $.mtu; this.name = $.name; this.project = $.project; @@ -750,6 +775,35 @@ public Builder ipsecInternalAddresses(String... ipsecInternalAddresses) { return ipsecInternalAddresses(List.of(ipsecInternalAddresses)); } + /** + * @param labels Labels for this resource. These can only be added or modified by the setLabels + * method. Each label key/value pair must comply with RFC1035. Label values may be empty. + * + * **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. + * Please refer to the field `effective_labels` for all of the labels present on the resource. + * + * @return builder + * + */ + public Builder labels(@Nullable Output> labels) { + $.labels = labels; + return this; + } + + /** + * @param labels Labels for this resource. These can only be added or modified by the setLabels + * method. Each label key/value pair must comply with RFC1035. Label values may be empty. + * + * **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. + * Please refer to the field `effective_labels` for all of the labels present on the resource. + * + * @return builder + * + */ + public Builder labels(Map labels) { + return labels(Output.of(labels)); + } + /** * @param mtu Maximum Transmission Unit (MTU), in bytes, of packets passing through * this interconnect attachment. Currently, only 1440 and 1500 are allowed. If not specified, the value will default to 1440. diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/NetworkFirewallPolicyRule.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/NetworkFirewallPolicyRule.java index 75815e1aec..19806a8177 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/compute/NetworkFirewallPolicyRule.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/NetworkFirewallPolicyRule.java @@ -65,7 +65,7 @@ * * public static void stack(Context ctx) }{{@code * var basicGlobalNetworksecurityAddressGroup = new AddressGroup("basicGlobalNetworksecurityAddressGroup", AddressGroupArgs.builder() - * .name("address") + * .name("address-group") * .parent("projects/my-project-name") * .description("Sample global networksecurity_address_group") * .location("global") @@ -75,7 +75,7 @@ * .build()); * * var basicNetworkFirewallPolicy = new NetworkFirewallPolicy("basicNetworkFirewallPolicy", NetworkFirewallPolicyArgs.builder() - * .name("policy") + * .name("fw-policy") * .description("Sample global network firewall policy") * .project("my-project-name") * .build()); @@ -88,14 +88,14 @@ * .description("For keyname resources.") * .parent("organizations/123456789") * .purpose("GCE_FIREWALL") - * .shortName("tagkey") + * .shortName("tag-key") * .purposeData(Map.of("network", basicNetwork.name().applyValue(name -> String.format("my-project-name/%s", name)))) * .build()); * * var basicValue = new TagValue("basicValue", TagValueArgs.builder() * .description("For valuename resources.") * .parent(basicKey.id()) - * .shortName("tagvalue") + * .shortName("tag-value") * .build()); * * var primary = new NetworkFirewallPolicyRule("primary", NetworkFirewallPolicyRuleArgs.builder() @@ -109,6 +109,7 @@ * .ruleName("test-rule") * .targetServiceAccounts("my}{@literal @}{@code service-account.com") * .match(NetworkFirewallPolicyRuleMatchArgs.builder() + * .srcAddressGroups(basicGlobalNetworksecurityAddressGroup.id()) * .srcIpRanges("10.100.0.1/32") * .srcFqdns("google.com") * .srcRegionCodes("US") @@ -119,7 +120,6 @@ * .layer4Configs(NetworkFirewallPolicyRuleMatchLayer4ConfigArgs.builder() * .ipProtocol("all") * .build()) - * .srcAddressGroups(basicGlobalNetworksecurityAddressGroup.id()) * .build()) * .build()); * @@ -128,6 +128,127 @@ * } * * <!--End PulumiCodeChooser --> + * ### Network Firewall Policy Rule Network Scope Egress + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.compute.NetworkFirewallPolicy;
+ * import com.pulumi.gcp.compute.NetworkFirewallPolicyArgs;
+ * import com.pulumi.gcp.compute.NetworkFirewallPolicyRule;
+ * import com.pulumi.gcp.compute.NetworkFirewallPolicyRuleArgs;
+ * import com.pulumi.gcp.compute.inputs.NetworkFirewallPolicyRuleMatchArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App {
+ *     public static void main(String[] args) {
+ *         Pulumi.run(App::stack);
+ *     }
+ * 
+ *     public static void stack(Context ctx) {
+ *         var basicNetworkFirewallPolicy = new NetworkFirewallPolicy("basicNetworkFirewallPolicy", NetworkFirewallPolicyArgs.builder()
+ *             .name("fw-policy")
+ *             .description("Sample global network firewall policy")
+ *             .project("my-project-name")
+ *             .build());
+ * 
+ *         var primary = new NetworkFirewallPolicyRule("primary", NetworkFirewallPolicyRuleArgs.builder()
+ *             .action("allow")
+ *             .description("This is a simple rule description")
+ *             .direction("EGRESS")
+ *             .disabled(false)
+ *             .enableLogging(true)
+ *             .firewallPolicy(basicNetworkFirewallPolicy.name())
+ *             .priority(1000)
+ *             .ruleName("test-rule")
+ *             .match(NetworkFirewallPolicyRuleMatchArgs.builder()
+ *                 .destIpRanges("10.100.0.1/32")
+ *                 .destNetworkScope("INTERNET")
+ *                 .layer4Configs(NetworkFirewallPolicyRuleMatchLayer4ConfigArgs.builder()
+ *                     .ipProtocol("all")
+ *                     .build())
+ *                 .build())
+ *             .build());
+ * 
+ *     }
+ * }
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * ### Network Firewall Policy Rule Network Scope Ingress + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.compute.NetworkFirewallPolicy;
+ * import com.pulumi.gcp.compute.NetworkFirewallPolicyArgs;
+ * import com.pulumi.gcp.compute.Network;
+ * import com.pulumi.gcp.compute.NetworkArgs;
+ * import com.pulumi.gcp.compute.NetworkFirewallPolicyRule;
+ * import com.pulumi.gcp.compute.NetworkFirewallPolicyRuleArgs;
+ * import com.pulumi.gcp.compute.inputs.NetworkFirewallPolicyRuleMatchArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App {
+ *     public static void main(String[] args) {
+ *         Pulumi.run(App::stack);
+ *     }
+ * 
+ *     public static void stack(Context ctx) {
+ *         var basicNetworkFirewallPolicy = new NetworkFirewallPolicy("basicNetworkFirewallPolicy", NetworkFirewallPolicyArgs.builder()
+ *             .name("fw-policy")
+ *             .description("Sample global network firewall policy")
+ *             .project("my-project-name")
+ *             .build());
+ * 
+ *         var network = new Network("network", NetworkArgs.builder()
+ *             .name("network")
+ *             .build());
+ * 
+ *         var primary = new NetworkFirewallPolicyRule("primary", NetworkFirewallPolicyRuleArgs.builder()
+ *             .action("allow")
+ *             .description("This is a simple rule description")
+ *             .direction("INGRESS")
+ *             .disabled(false)
+ *             .enableLogging(true)
+ *             .firewallPolicy(basicNetworkFirewallPolicy.name())
+ *             .priority(1000)
+ *             .ruleName("test-rule")
+ *             .match(NetworkFirewallPolicyRuleMatchArgs.builder()
+ *                 .srcIpRanges("11.100.0.1/32")
+ *                 .srcNetworkScope("VPC_NETWORKS")
+ *                 .srcNetworks(network.id())
+ *                 .layer4Configs(NetworkFirewallPolicyRuleMatchLayer4ConfigArgs.builder()
+ *                     .ipProtocol("all")
+ *                     .build())
+ *                 .build())
+ *             .build());
+ * 
+ *     }
+ * }
+ * }
+ *
+ * <!--End PulumiCodeChooser --> * * ## Import * diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/NetworkFirewallPolicyWithRules.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/NetworkFirewallPolicyWithRules.java index 81292e4c5f..792a55d860 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/compute/NetworkFirewallPolicyWithRules.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/NetworkFirewallPolicyWithRules.java @@ -43,6 +43,8 @@ * import com.pulumi.gcp.networksecurity.SecurityProfileArgs; * import com.pulumi.gcp.networksecurity.SecurityProfileGroup; * import com.pulumi.gcp.networksecurity.SecurityProfileGroupArgs; + * import com.pulumi.gcp.compute.Network; + * import com.pulumi.gcp.compute.NetworkArgs; * import com.pulumi.gcp.compute.NetworkFirewallPolicyWithRules; * import com.pulumi.gcp.compute.NetworkFirewallPolicyWithRulesArgs; * import com.pulumi.gcp.compute.inputs.NetworkFirewallPolicyWithRulesRuleArgs; @@ -63,7 +65,7 @@ * final var project = OrganizationsFunctions.getProject(); * * var addressGroup1 = new AddressGroup("addressGroup1", AddressGroupArgs.builder() - * .name("tf-address-group") + * .name("address-group") * .parent(project.applyValue(getProjectResult -> getProjectResult.id())) * .description("Global address group") * .location("global") @@ -76,32 +78,37 @@ * .description("Tag key") * .parent(project.applyValue(getProjectResult -> getProjectResult.id())) * .purpose("GCE_FIREWALL") - * .shortName("tf-tag-key") + * .shortName("tag-key") * .purposeData(Map.of("network", String.format("%s/default", project.applyValue(getProjectResult -> getProjectResult.name())))) * .build()); * * var secureTagValue1 = new TagValue("secureTagValue1", TagValueArgs.builder() * .description("Tag value") * .parent(secureTagKey1.id()) - * .shortName("tf-tag-value") + * .shortName("tag-value") * .build()); * * var securityProfile1 = new SecurityProfile("securityProfile1", SecurityProfileArgs.builder() - * .name("tf-security-profile") + * .name("sp") * .type("THREAT_PREVENTION") * .parent("organizations/123456789") * .location("global") * .build()); * * var securityProfileGroup1 = new SecurityProfileGroup("securityProfileGroup1", SecurityProfileGroupArgs.builder() - * .name("tf-security-profile-group") + * .name("spg") * .parent("organizations/123456789") * .description("my description") * .threatPreventionProfile(securityProfile1.id()) * .build()); * - * var network_firewall_policy_with_rules = new NetworkFirewallPolicyWithRules("network-firewall-policy-with-rules", NetworkFirewallPolicyWithRulesArgs.builder() - * .name("tf-fw-policy-with-rules") + * var network = new Network("network", NetworkArgs.builder() + * .name("network") + * .autoCreateSubnetworks(false) + * .build()); + * + * var primary = new NetworkFirewallPolicyWithRules("primary", NetworkFirewallPolicyWithRulesArgs.builder() + * .name("fw-policy") * .description("Terraform test") * .rules( * NetworkFirewallPolicyWithRulesRuleArgs.builder() @@ -111,12 +118,6 @@ * .action("allow") * .direction("EGRESS") * .match(NetworkFirewallPolicyWithRulesRuleMatchArgs.builder() - * .layer4Configs(NetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArgs.builder() - * .ipProtocol("tcp") - * .ports( - * 8080, - * 7070) - * .build()) * .destIpRanges("11.100.0.1/32") * .destFqdns( * "www.yyy.com", @@ -128,6 +129,12 @@ * "iplist-search-engines-crawlers", * "iplist-tor-exit-nodes") * .destAddressGroups(addressGroup1.id()) + * .layer4Configs(NetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArgs.builder() + * .ipProtocol("tcp") + * .ports( + * 8080, + * 7070) + * .build()) * .build()) * .targetSecureTags(NetworkFirewallPolicyWithRulesRuleTargetSecureTagArgs.builder() * .name(secureTagValue1.id()) @@ -139,10 +146,8 @@ * .enableLogging(false) * .action("deny") * .direction("INGRESS") + * .disabled(true) * .match(NetworkFirewallPolicyWithRulesRuleMatchArgs.builder() - * .layer4Configs(NetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArgs.builder() - * .ipProtocol("udp") - * .build()) * .srcIpRanges("0.0.0.0/0") * .srcFqdns( * "www.abc.com", @@ -157,8 +162,10 @@ * .srcSecureTags(NetworkFirewallPolicyWithRulesRuleMatchSrcSecureTagArgs.builder() * .name(secureTagValue1.id()) * .build()) + * .layer4Configs(NetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArgs.builder() + * .ipProtocol("udp") + * .build()) * .build()) - * .disabled(true) * .build(), * NetworkFirewallPolicyWithRulesRuleArgs.builder() * .description("security profile group rule") @@ -167,15 +174,48 @@ * .enableLogging(false) * .action("apply_security_profile_group") * .direction("INGRESS") + * .targetServiceAccounts("test}{@literal @}{@code google.com") + * .securityProfileGroup(securityProfileGroup1.id().applyValue(id -> String.format("//networksecurity.googleapis.com/%s", id))) + * .tlsInspect(true) + * .match(NetworkFirewallPolicyWithRulesRuleMatchArgs.builder() + * .srcIpRanges("0.0.0.0/0") + * .layer4Configs(NetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArgs.builder() + * .ipProtocol("tcp") + * .build()) + * .build()) + * .build(), + * NetworkFirewallPolicyWithRulesRuleArgs.builder() + * .description("network scope rule 1") + * .ruleName("network scope 1") + * .priority(4000) + * .enableLogging(false) + * .action("allow") + * .direction("INGRESS") * .match(NetworkFirewallPolicyWithRulesRuleMatchArgs.builder() + * .srcIpRanges("11.100.0.1/32") + * .srcNetworkScope("VPC_NETWORKS") + * .srcNetworks(network.id()) * .layer4Configs(NetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArgs.builder() * .ipProtocol("tcp") + * .ports(8080) + * .build()) + * .build()) + * .build(), + * NetworkFirewallPolicyWithRulesRuleArgs.builder() + * .description("network scope rule 2") + * .ruleName("network scope 2") + * .priority(5000) + * .enableLogging(false) + * .action("allow") + * .direction("EGRESS") + * .match(NetworkFirewallPolicyWithRulesRuleMatchArgs.builder() + * .destIpRanges("0.0.0.0/0") + * .destNetworkScope("INTERNET") + * .layer4Configs(NetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArgs.builder() + * .ipProtocol("tcp") + * .ports(8080) * .build()) - * .srcIpRanges("0.0.0.0/0") * .build()) - * .targetServiceAccounts("test}{@literal @}{@code google.com") - * .securityProfileGroup(securityProfileGroup1.id().applyValue(id -> String.format("//networksecurity.googleapis.com/%s", id))) - * .tlsInspect(true) * .build()) * .build()); * diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/ProjectMetadataItem.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/ProjectMetadataItem.java index a18118cbad..df37d3b23a 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/compute/ProjectMetadataItem.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/ProjectMetadataItem.java @@ -61,12 +61,18 @@ * * * `{{key}}` * + * * `projects/{{project}}/meta-data/{{key}}` + * * When using the `pulumi import` command, project metadata items can be imported using one of the formats above. For example: * * ```sh * $ pulumi import gcp:compute/projectMetadataItem:ProjectMetadataItem default {{key}} * ``` * + * ```sh + * $ pulumi import gcp:compute/projectMetadataItem:ProjectMetadataItem default projects/{{project}}/meta-data/{{key}} + * ``` + * */ @ResourceType(type="gcp:compute/projectMetadataItem:ProjectMetadataItem") public class ProjectMetadataItem extends com.pulumi.resources.CustomResource { diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/PublicAdvertisedPrefix.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/PublicAdvertisedPrefix.java index 0280468be6..683cfad9cf 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/compute/PublicAdvertisedPrefix.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/PublicAdvertisedPrefix.java @@ -62,6 +62,44 @@ * } * * <!--End PulumiCodeChooser --> + * ### Public Advertised Prefixes Pdp Scope + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.compute.PublicAdvertisedPrefix;
+ * import com.pulumi.gcp.compute.PublicAdvertisedPrefixArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App {
+ *     public static void main(String[] args) {
+ *         Pulumi.run(App::stack);
+ *     }
+ * 
+ *     public static void stack(Context ctx) {
+ *         var prefixes = new PublicAdvertisedPrefix("prefixes", PublicAdvertisedPrefixArgs.builder()
+ *             .name("my-pap")
+ *             .description("description")
+ *             .dnsVerificationIp("127.127.0.0")
+ *             .ipCidrRange("127.127.0.0/16")
+ *             .pdpScope("REGIONAL")
+ *             .build());
+ * 
+ *     }
+ * }
+ * }
+ *
+ * <!--End PulumiCodeChooser --> * * ## Import * @@ -160,6 +198,24 @@ public Output ipCidrRange() { public Output name() { return this.name; } + /** + * Specifies how child public delegated prefix will be scoped. pdpScope + * must be one of: GLOBAL, REGIONAL + * Possible values are: `GLOBAL`, `REGIONAL`. + * + */ + @Export(name="pdpScope", refs={String.class}, tree="[0]") + private Output pdpScope; + + /** + * @return Specifies how child public delegated prefix will be scoped. pdpScope + * must be one of: GLOBAL, REGIONAL + * Possible values are: `GLOBAL`, `REGIONAL`. + * + */ + public Output> pdpScope() { + return Codegen.optional(this.pdpScope); + } /** * The ID of the project in which the resource belongs. * If it is not provided, the provider project is used. diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/PublicAdvertisedPrefixArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/PublicAdvertisedPrefixArgs.java index 7f4f6ef005..df2c3bc5e7 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/compute/PublicAdvertisedPrefixArgs.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/PublicAdvertisedPrefixArgs.java @@ -90,6 +90,25 @@ public Optional> name() { return Optional.ofNullable(this.name); } + /** + * Specifies how child public delegated prefix will be scoped. pdpScope + * must be one of: GLOBAL, REGIONAL + * Possible values are: `GLOBAL`, `REGIONAL`. + * + */ + @Import(name="pdpScope") + private @Nullable Output pdpScope; + + /** + * @return Specifies how child public delegated prefix will be scoped. pdpScope + * must be one of: GLOBAL, REGIONAL + * Possible values are: `GLOBAL`, `REGIONAL`. + * + */ + public Optional> pdpScope() { + return Optional.ofNullable(this.pdpScope); + } + /** * The ID of the project in which the resource belongs. * If it is not provided, the provider project is used. @@ -114,6 +133,7 @@ private PublicAdvertisedPrefixArgs(PublicAdvertisedPrefixArgs $) { this.dnsVerificationIp = $.dnsVerificationIp; this.ipCidrRange = $.ipCidrRange; this.name = $.name; + this.pdpScope = $.pdpScope; this.project = $.project; } @@ -233,6 +253,31 @@ public Builder name(String name) { return name(Output.of(name)); } + /** + * @param pdpScope Specifies how child public delegated prefix will be scoped. pdpScope + * must be one of: GLOBAL, REGIONAL + * Possible values are: `GLOBAL`, `REGIONAL`. + * + * @return builder + * + */ + public Builder pdpScope(@Nullable Output pdpScope) { + $.pdpScope = pdpScope; + return this; + } + + /** + * @param pdpScope Specifies how child public delegated prefix will be scoped. pdpScope + * must be one of: GLOBAL, REGIONAL + * Possible values are: `GLOBAL`, `REGIONAL`. + * + * @return builder + * + */ + public Builder pdpScope(String pdpScope) { + return pdpScope(Output.of(pdpScope)); + } + /** * @param project The ID of the project in which the resource belongs. * If it is not provided, the provider project is used. diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/RegionNetworkFirewallPolicyRule.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/RegionNetworkFirewallPolicyRule.java index f488fd5939..d5452fe73a 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/compute/RegionNetworkFirewallPolicyRule.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/RegionNetworkFirewallPolicyRule.java @@ -65,7 +65,7 @@ * * public static void stack(Context ctx) }{{@code * var basicRegionalNetworksecurityAddressGroup = new AddressGroup("basicRegionalNetworksecurityAddressGroup", AddressGroupArgs.builder() - * .name("address") + * .name("address-group") * .parent("projects/my-project-name") * .description("Sample regional networksecurity_address_group") * .location("us-west1") @@ -75,7 +75,7 @@ * .build()); * * var basicRegionalNetworkFirewallPolicy = new RegionNetworkFirewallPolicy("basicRegionalNetworkFirewallPolicy", RegionNetworkFirewallPolicyArgs.builder() - * .name("policy") + * .name("fw-policy") * .description("Sample regional network firewall policy") * .project("my-project-name") * .region("us-west1") @@ -89,14 +89,14 @@ * .description("For keyname resources.") * .parent("organizations/123456789") * .purpose("GCE_FIREWALL") - * .shortName("tagkey") + * .shortName("tag-key") * .purposeData(Map.of("network", basicNetwork.name().applyValue(name -> String.format("my-project-name/%s", name)))) * .build()); * * var basicValue = new TagValue("basicValue", TagValueArgs.builder() * .description("For valuename resources.") * .parent(basicKey.id()) - * .shortName("tagvalue") + * .shortName("tag-value") * .build()); * * var primary = new RegionNetworkFirewallPolicyRule("primary", RegionNetworkFirewallPolicyRuleArgs.builder() @@ -111,6 +111,7 @@ * .ruleName("test-rule") * .targetServiceAccounts("my}{@literal @}{@code service-account.com") * .match(RegionNetworkFirewallPolicyRuleMatchArgs.builder() + * .srcAddressGroups(basicRegionalNetworksecurityAddressGroup.id()) * .srcIpRanges("10.100.0.1/32") * .srcFqdns("example.com") * .srcRegionCodes("US") @@ -121,7 +122,6 @@ * .srcSecureTags(RegionNetworkFirewallPolicyRuleMatchSrcSecureTagArgs.builder() * .name(basicValue.id()) * .build()) - * .srcAddressGroups(basicRegionalNetworksecurityAddressGroup.id()) * .build()) * .build()); * @@ -130,6 +130,131 @@ * } * * <!--End PulumiCodeChooser --> + * ### Region Network Firewall Policy Rule Network Scope Egress + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.compute.RegionNetworkFirewallPolicy;
+ * import com.pulumi.gcp.compute.RegionNetworkFirewallPolicyArgs;
+ * import com.pulumi.gcp.compute.RegionNetworkFirewallPolicyRule;
+ * import com.pulumi.gcp.compute.RegionNetworkFirewallPolicyRuleArgs;
+ * import com.pulumi.gcp.compute.inputs.RegionNetworkFirewallPolicyRuleMatchArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App {
+ *     public static void main(String[] args) {
+ *         Pulumi.run(App::stack);
+ *     }
+ * 
+ *     public static void stack(Context ctx) {
+ *         var basicRegionalNetworkFirewallPolicy = new RegionNetworkFirewallPolicy("basicRegionalNetworkFirewallPolicy", RegionNetworkFirewallPolicyArgs.builder()
+ *             .name("fw-policy")
+ *             .description("Sample regional network firewall policy")
+ *             .project("my-project-name")
+ *             .region("us-west1")
+ *             .build());
+ * 
+ *         var primary = new RegionNetworkFirewallPolicyRule("primary", RegionNetworkFirewallPolicyRuleArgs.builder()
+ *             .action("allow")
+ *             .description("This is a simple rule description")
+ *             .direction("EGRESS")
+ *             .disabled(false)
+ *             .enableLogging(true)
+ *             .firewallPolicy(basicRegionalNetworkFirewallPolicy.name())
+ *             .priority(1000)
+ *             .region("us-west1")
+ *             .ruleName("test-rule")
+ *             .match(RegionNetworkFirewallPolicyRuleMatchArgs.builder()
+ *                 .destIpRanges("10.100.0.1/32")
+ *                 .destNetworkScope("INTERNET")
+ *                 .layer4Configs(RegionNetworkFirewallPolicyRuleMatchLayer4ConfigArgs.builder()
+ *                     .ipProtocol("all")
+ *                     .build())
+ *                 .build())
+ *             .build());
+ * 
+ *     }
+ * }
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * ### Region Network Firewall Policy Rule Network Scope Ingress + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.compute.RegionNetworkFirewallPolicy;
+ * import com.pulumi.gcp.compute.RegionNetworkFirewallPolicyArgs;
+ * import com.pulumi.gcp.compute.Network;
+ * import com.pulumi.gcp.compute.NetworkArgs;
+ * import com.pulumi.gcp.compute.RegionNetworkFirewallPolicyRule;
+ * import com.pulumi.gcp.compute.RegionNetworkFirewallPolicyRuleArgs;
+ * import com.pulumi.gcp.compute.inputs.RegionNetworkFirewallPolicyRuleMatchArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App {
+ *     public static void main(String[] args) {
+ *         Pulumi.run(App::stack);
+ *     }
+ * 
+ *     public static void stack(Context ctx) {
+ *         var basicRegionalNetworkFirewallPolicy = new RegionNetworkFirewallPolicy("basicRegionalNetworkFirewallPolicy", RegionNetworkFirewallPolicyArgs.builder()
+ *             .name("fw-policy")
+ *             .description("Sample regional network firewall policy")
+ *             .project("my-project-name")
+ *             .region("us-west1")
+ *             .build());
+ * 
+ *         var network = new Network("network", NetworkArgs.builder()
+ *             .name("network")
+ *             .build());
+ * 
+ *         var primary = new RegionNetworkFirewallPolicyRule("primary", RegionNetworkFirewallPolicyRuleArgs.builder()
+ *             .action("allow")
+ *             .description("This is a simple rule description")
+ *             .direction("INGRESS")
+ *             .disabled(false)
+ *             .enableLogging(true)
+ *             .firewallPolicy(basicRegionalNetworkFirewallPolicy.name())
+ *             .priority(1000)
+ *             .region("us-west1")
+ *             .ruleName("test-rule")
+ *             .match(RegionNetworkFirewallPolicyRuleMatchArgs.builder()
+ *                 .srcIpRanges("10.100.0.1/32")
+ *                 .srcNetworkScope("VPC_NETWORKS")
+ *                 .srcNetworks(network.id())
+ *                 .layer4Configs(RegionNetworkFirewallPolicyRuleMatchLayer4ConfigArgs.builder()
+ *                     .ipProtocol("all")
+ *                     .build())
+ *                 .build())
+ *             .build());
+ * 
+ *     }
+ * }
+ * }
+ *
+ * <!--End PulumiCodeChooser --> * * ## Import * diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/RegionNetworkFirewallPolicyWithRules.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/RegionNetworkFirewallPolicyWithRules.java index 9bde8df7ce..ab15f6e9ca 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/compute/RegionNetworkFirewallPolicyWithRules.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/RegionNetworkFirewallPolicyWithRules.java @@ -39,6 +39,8 @@ * import com.pulumi.gcp.tags.TagKeyArgs; * import com.pulumi.gcp.tags.TagValue; * import com.pulumi.gcp.tags.TagValueArgs; + * import com.pulumi.gcp.compute.Network; + * import com.pulumi.gcp.compute.NetworkArgs; * import com.pulumi.gcp.compute.RegionNetworkFirewallPolicyWithRules; * import com.pulumi.gcp.compute.RegionNetworkFirewallPolicyWithRulesArgs; * import com.pulumi.gcp.compute.inputs.RegionNetworkFirewallPolicyWithRulesRuleArgs; @@ -59,7 +61,7 @@ * final var project = OrganizationsFunctions.getProject(); * * var addressGroup1 = new AddressGroup("addressGroup1", AddressGroupArgs.builder() - * .name("tf-address-group") + * .name("address-group") * .parent(project.applyValue(getProjectResult -> getProjectResult.id())) * .description("Regional address group") * .location("us-west2") @@ -72,18 +74,23 @@ * .description("Tag key") * .parent(project.applyValue(getProjectResult -> getProjectResult.id())) * .purpose("GCE_FIREWALL") - * .shortName("tf-tag-key") + * .shortName("tag-key") * .purposeData(Map.of("network", String.format("%s/default", project.applyValue(getProjectResult -> getProjectResult.name())))) * .build()); * * var secureTagValue1 = new TagValue("secureTagValue1", TagValueArgs.builder() * .description("Tag value") * .parent(secureTagKey1.id()) - * .shortName("tf-tag-value") + * .shortName("tag-value") * .build()); * - * var region_network_firewall_policy_with_rules = new RegionNetworkFirewallPolicyWithRules("region-network-firewall-policy-with-rules", RegionNetworkFirewallPolicyWithRulesArgs.builder() - * .name("tf-region-fw-policy-with-rules") + * var network = new Network("network", NetworkArgs.builder() + * .name("network") + * .autoCreateSubnetworks(false) + * .build()); + * + * var primary = new RegionNetworkFirewallPolicyWithRules("primary", RegionNetworkFirewallPolicyWithRulesArgs.builder() + * .name("fw-policy") * .region("us-west2") * .description("Terraform test") * .rules( @@ -94,12 +101,6 @@ * .action("allow") * .direction("EGRESS") * .match(RegionNetworkFirewallPolicyWithRulesRuleMatchArgs.builder() - * .layer4Configs(RegionNetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArgs.builder() - * .ipProtocol("tcp") - * .ports( - * 8080, - * 7070) - * .build()) * .destIpRanges("11.100.0.1/32") * .destFqdns( * "www.yyy.com", @@ -111,6 +112,12 @@ * "iplist-search-engines-crawlers", * "iplist-tor-exit-nodes") * .destAddressGroups(addressGroup1.id()) + * .layer4Configs(RegionNetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArgs.builder() + * .ipProtocol("tcp") + * .ports( + * 8080, + * 7070) + * .build()) * .build()) * .targetSecureTags(RegionNetworkFirewallPolicyWithRulesRuleTargetSecureTagArgs.builder() * .name(secureTagValue1.id()) @@ -123,10 +130,8 @@ * .enableLogging(false) * .action("deny") * .direction("INGRESS") + * .disabled(true) * .match(RegionNetworkFirewallPolicyWithRulesRuleMatchArgs.builder() - * .layer4Configs(RegionNetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArgs.builder() - * .ipProtocol("udp") - * .build()) * .srcIpRanges("0.0.0.0/0") * .srcFqdns( * "www.abc.com", @@ -141,8 +146,43 @@ * .srcSecureTags(RegionNetworkFirewallPolicyWithRulesRuleMatchSrcSecureTagArgs.builder() * .name(secureTagValue1.id()) * .build()) + * .layer4Configs(RegionNetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArgs.builder() + * .ipProtocol("udp") + * .build()) + * .build()) + * .build(), + * RegionNetworkFirewallPolicyWithRulesRuleArgs.builder() + * .description("network scope rule 1") + * .ruleName("network scope 1") + * .priority(4000) + * .enableLogging(false) + * .action("allow") + * .direction("INGRESS") + * .match(RegionNetworkFirewallPolicyWithRulesRuleMatchArgs.builder() + * .srcIpRanges("11.100.0.1/32") + * .srcNetworkScope("VPC_NETWORKS") + * .srcNetworks(network.id()) + * .layer4Configs(RegionNetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArgs.builder() + * .ipProtocol("tcp") + * .ports(8080) + * .build()) + * .build()) + * .build(), + * RegionNetworkFirewallPolicyWithRulesRuleArgs.builder() + * .description("network scope rule 2") + * .ruleName("network scope 2") + * .priority(5000) + * .enableLogging(false) + * .action("allow") + * .direction("EGRESS") + * .match(RegionNetworkFirewallPolicyWithRulesRuleMatchArgs.builder() + * .destIpRanges("0.0.0.0/0") + * .destNetworkScope("NON_INTERNET") + * .layer4Configs(RegionNetworkFirewallPolicyWithRulesRuleMatchLayer4ConfigArgs.builder() + * .ipProtocol("tcp") + * .ports(8080) + * .build()) * .build()) - * .disabled(true) * .build()) * .build()); * diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/RouterPeer.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/RouterPeer.java index 38ff1d6ff0..c172e9e577 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/compute/RouterPeer.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/RouterPeer.java @@ -162,6 +162,46 @@ * } * * <!--End PulumiCodeChooser --> + * ### Router Zero Custom Learend Route Priority + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.compute.RouterPeer;
+ * import com.pulumi.gcp.compute.RouterPeerArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App {
+ *     public static void main(String[] args) {
+ *         Pulumi.run(App::stack);
+ *     }
+ * 
+ *     public static void stack(Context ctx) {
+ *         var peer = new RouterPeer("peer", RouterPeerArgs.builder()
+ *             .name("my-router-peer")
+ *             .router("my-router")
+ *             .region("us-central1")
+ *             .interface_("interface-1")
+ *             .peerAsn(65513)
+ *             .customLearnedRoutePriority(0)
+ *             .zeroCustomLearnedRoutePriority(true)
+ *             .build());
+ * 
+ *     }
+ * }
+ * }
+ *
+ * <!--End PulumiCodeChooser --> * ### Router Peer Router Appliance * * <!--Start PulumiCodeChooser --> @@ -866,6 +906,20 @@ public Output ipv4NexthopAddress() { public Output ipv6NexthopAddress() { return this.ipv6NexthopAddress; } + /** + * An internal boolean field for provider use. + * + */ + @Export(name="isCustomLearnedPrioritySet", refs={Boolean.class}, tree="[0]") + private Output isCustomLearnedPrioritySet; + + /** + * @return An internal boolean field for provider use. + * + */ + public Output isCustomLearnedPrioritySet() { + return this.isCustomLearnedPrioritySet; + } /** * The resource that configures and manages this BGP peer. * * `MANAGED_BY_USER` is the default value and can be managed by @@ -1072,6 +1126,22 @@ public Output router() { public Output> routerApplianceInstance() { return Codegen.optional(this.routerApplianceInstance); } + /** + * The user-defined zero-custom-learned-route-priority for a custom-learned-route-priority in BGP session. + * This value has to be set true to force the custom_learned_route_priority to be 0. + * + */ + @Export(name="zeroCustomLearnedRoutePriority", refs={Boolean.class}, tree="[0]") + private Output zeroCustomLearnedRoutePriority; + + /** + * @return The user-defined zero-custom-learned-route-priority for a custom-learned-route-priority in BGP session. + * This value has to be set true to force the custom_learned_route_priority to be 0. + * + */ + public Output> zeroCustomLearnedRoutePriority() { + return Codegen.optional(this.zeroCustomLearnedRoutePriority); + } /** * diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/RouterPeerArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/RouterPeerArgs.java index d6e6682f8e..07f4fff970 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/compute/RouterPeerArgs.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/RouterPeerArgs.java @@ -519,6 +519,23 @@ public Optional> routerApplianceInstance() { return Optional.ofNullable(this.routerApplianceInstance); } + /** + * The user-defined zero-custom-learned-route-priority for a custom-learned-route-priority in BGP session. + * This value has to be set true to force the custom_learned_route_priority to be 0. + * + */ + @Import(name="zeroCustomLearnedRoutePriority") + private @Nullable Output zeroCustomLearnedRoutePriority; + + /** + * @return The user-defined zero-custom-learned-route-priority for a custom-learned-route-priority in BGP session. + * This value has to be set true to force the custom_learned_route_priority to be 0. + * + */ + public Optional> zeroCustomLearnedRoutePriority() { + return Optional.ofNullable(this.zeroCustomLearnedRoutePriority); + } + private RouterPeerArgs() {} private RouterPeerArgs(RouterPeerArgs $) { @@ -548,6 +565,7 @@ private RouterPeerArgs(RouterPeerArgs $) { this.region = $.region; this.router = $.router; this.routerApplianceInstance = $.routerApplianceInstance; + this.zeroCustomLearnedRoutePriority = $.zeroCustomLearnedRoutePriority; } public static Builder builder() { @@ -1289,6 +1307,29 @@ public Builder routerApplianceInstance(String routerApplianceInstance) { return routerApplianceInstance(Output.of(routerApplianceInstance)); } + /** + * @param zeroCustomLearnedRoutePriority The user-defined zero-custom-learned-route-priority for a custom-learned-route-priority in BGP session. + * This value has to be set true to force the custom_learned_route_priority to be 0. + * + * @return builder + * + */ + public Builder zeroCustomLearnedRoutePriority(@Nullable Output zeroCustomLearnedRoutePriority) { + $.zeroCustomLearnedRoutePriority = zeroCustomLearnedRoutePriority; + return this; + } + + /** + * @param zeroCustomLearnedRoutePriority The user-defined zero-custom-learned-route-priority for a custom-learned-route-priority in BGP session. + * This value has to be set true to force the custom_learned_route_priority to be 0. + * + * @return builder + * + */ + public Builder zeroCustomLearnedRoutePriority(Boolean zeroCustomLearnedRoutePriority) { + return zeroCustomLearnedRoutePriority(Output.of(zeroCustomLearnedRoutePriority)); + } + public RouterPeerArgs build() { if ($.interface_ == null) { throw new MissingRequiredPropertyException("RouterPeerArgs", "interface_"); diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/FirewallPolicyRuleMatchArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/FirewallPolicyRuleMatchArgs.java index 2bf9205391..ee76a694eb 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/FirewallPolicyRuleMatchArgs.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/FirewallPolicyRuleMatchArgs.java @@ -63,6 +63,23 @@ public Optional>> destIpRanges() { return Optional.ofNullable(this.destIpRanges); } + /** + * Network scope of the traffic destination. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + * + */ + @Import(name="destNetworkScope") + private @Nullable Output destNetworkScope; + + /** + * @return Network scope of the traffic destination. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + * + */ + public Optional> destNetworkScope() { + return Optional.ofNullable(this.destNetworkScope); + } + /** * Region codes whose IP addresses will be used to match for destination of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of dest region codes allowed is 5000. * @@ -155,6 +172,38 @@ public Optional>> srcIpRanges() { return Optional.ofNullable(this.srcIpRanges); } + /** + * Network scope of the traffic source. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + * + */ + @Import(name="srcNetworkScope") + private @Nullable Output srcNetworkScope; + + /** + * @return Network scope of the traffic source. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + * + */ + public Optional> srcNetworkScope() { + return Optional.ofNullable(this.srcNetworkScope); + } + + /** + * Networks of the traffic source. It can be either a full or partial url. + * + */ + @Import(name="srcNetworks") + private @Nullable Output> srcNetworks; + + /** + * @return Networks of the traffic source. It can be either a full or partial url. + * + */ + public Optional>> srcNetworks() { + return Optional.ofNullable(this.srcNetworks); + } + /** * Region codes whose IP addresses will be used to match for source of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of source region codes allowed is 5000. * @@ -195,12 +244,15 @@ private FirewallPolicyRuleMatchArgs(FirewallPolicyRuleMatchArgs $) { this.destAddressGroups = $.destAddressGroups; this.destFqdns = $.destFqdns; this.destIpRanges = $.destIpRanges; + this.destNetworkScope = $.destNetworkScope; this.destRegionCodes = $.destRegionCodes; this.destThreatIntelligences = $.destThreatIntelligences; this.layer4Configs = $.layer4Configs; this.srcAddressGroups = $.srcAddressGroups; this.srcFqdns = $.srcFqdns; this.srcIpRanges = $.srcIpRanges; + this.srcNetworkScope = $.srcNetworkScope; + this.srcNetworks = $.srcNetworks; this.srcRegionCodes = $.srcRegionCodes; this.srcThreatIntelligences = $.srcThreatIntelligences; } @@ -316,6 +368,29 @@ public Builder destIpRanges(String... destIpRanges) { return destIpRanges(List.of(destIpRanges)); } + /** + * @param destNetworkScope Network scope of the traffic destination. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + * + * @return builder + * + */ + public Builder destNetworkScope(@Nullable Output destNetworkScope) { + $.destNetworkScope = destNetworkScope; + return this; + } + + /** + * @param destNetworkScope Network scope of the traffic destination. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + * + * @return builder + * + */ + public Builder destNetworkScope(String destNetworkScope) { + return destNetworkScope(Output.of(destNetworkScope)); + } + /** * @param destRegionCodes Region codes whose IP addresses will be used to match for destination of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of dest region codes allowed is 5000. * @@ -505,6 +580,60 @@ public Builder srcIpRanges(String... srcIpRanges) { return srcIpRanges(List.of(srcIpRanges)); } + /** + * @param srcNetworkScope Network scope of the traffic source. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + * + * @return builder + * + */ + public Builder srcNetworkScope(@Nullable Output srcNetworkScope) { + $.srcNetworkScope = srcNetworkScope; + return this; + } + + /** + * @param srcNetworkScope Network scope of the traffic source. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + * + * @return builder + * + */ + public Builder srcNetworkScope(String srcNetworkScope) { + return srcNetworkScope(Output.of(srcNetworkScope)); + } + + /** + * @param srcNetworks Networks of the traffic source. It can be either a full or partial url. + * + * @return builder + * + */ + public Builder srcNetworks(@Nullable Output> srcNetworks) { + $.srcNetworks = srcNetworks; + return this; + } + + /** + * @param srcNetworks Networks of the traffic source. It can be either a full or partial url. + * + * @return builder + * + */ + public Builder srcNetworks(List srcNetworks) { + return srcNetworks(Output.of(srcNetworks)); + } + + /** + * @param srcNetworks Networks of the traffic source. It can be either a full or partial url. + * + * @return builder + * + */ + public Builder srcNetworks(String... srcNetworks) { + return srcNetworks(List.of(srcNetworks)); + } + /** * @param srcRegionCodes Region codes whose IP addresses will be used to match for source of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of source region codes allowed is 5000. * diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/FirewallPolicyWithRulesRuleMatchArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/FirewallPolicyWithRulesRuleMatchArgs.java index be1cac3b5f..9744580301 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/FirewallPolicyWithRulesRuleMatchArgs.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/FirewallPolicyWithRulesRuleMatchArgs.java @@ -69,6 +69,23 @@ public Optional>> destIpRanges() { return Optional.ofNullable(this.destIpRanges); } + /** + * Network scope of the traffic destination. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + * + */ + @Import(name="destNetworkScope") + private @Nullable Output destNetworkScope; + + /** + * @return Network scope of the traffic destination. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + * + */ + public Optional> destNetworkScope() { + return Optional.ofNullable(this.destNetworkScope); + } + /** * Region codes whose IP addresses will be used to match for destination * of traffic. Should be specified as 2 letter country code defined as per @@ -179,6 +196,38 @@ public Optional>> srcIpRanges() { return Optional.ofNullable(this.srcIpRanges); } + /** + * Network scope of the traffic source. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + * + */ + @Import(name="srcNetworkScope") + private @Nullable Output srcNetworkScope; + + /** + * @return Network scope of the traffic source. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + * + */ + public Optional> srcNetworkScope() { + return Optional.ofNullable(this.srcNetworkScope); + } + + /** + * Networks of the traffic source. It can be either a full or partial url. + * + */ + @Import(name="srcNetworks") + private @Nullable Output> srcNetworks; + + /** + * @return Networks of the traffic source. It can be either a full or partial url. + * + */ + public Optional>> srcNetworks() { + return Optional.ofNullable(this.srcNetworks); + } + /** * Region codes whose IP addresses will be used to match for source * of traffic. Should be specified as 2 letter country code defined as per @@ -223,12 +272,15 @@ private FirewallPolicyWithRulesRuleMatchArgs(FirewallPolicyWithRulesRuleMatchArg this.destAddressGroups = $.destAddressGroups; this.destFqdns = $.destFqdns; this.destIpRanges = $.destIpRanges; + this.destNetworkScope = $.destNetworkScope; this.destRegionCodes = $.destRegionCodes; this.destThreatIntelligences = $.destThreatIntelligences; this.layer4Configs = $.layer4Configs; this.srcAddressGroups = $.srcAddressGroups; this.srcFqdns = $.srcFqdns; this.srcIpRanges = $.srcIpRanges; + this.srcNetworkScope = $.srcNetworkScope; + this.srcNetworks = $.srcNetworks; this.srcRegionCodes = $.srcRegionCodes; this.srcThreatIntelligences = $.srcThreatIntelligences; } @@ -353,6 +405,29 @@ public Builder destIpRanges(String... destIpRanges) { return destIpRanges(List.of(destIpRanges)); } + /** + * @param destNetworkScope Network scope of the traffic destination. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + * + * @return builder + * + */ + public Builder destNetworkScope(@Nullable Output destNetworkScope) { + $.destNetworkScope = destNetworkScope; + return this; + } + + /** + * @param destNetworkScope Network scope of the traffic destination. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + * + * @return builder + * + */ + public Builder destNetworkScope(String destNetworkScope) { + return destNetworkScope(Output.of(destNetworkScope)); + } + /** * @param destRegionCodes Region codes whose IP addresses will be used to match for destination * of traffic. Should be specified as 2 letter country code defined as per @@ -569,6 +644,60 @@ public Builder srcIpRanges(String... srcIpRanges) { return srcIpRanges(List.of(srcIpRanges)); } + /** + * @param srcNetworkScope Network scope of the traffic source. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + * + * @return builder + * + */ + public Builder srcNetworkScope(@Nullable Output srcNetworkScope) { + $.srcNetworkScope = srcNetworkScope; + return this; + } + + /** + * @param srcNetworkScope Network scope of the traffic source. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + * + * @return builder + * + */ + public Builder srcNetworkScope(String srcNetworkScope) { + return srcNetworkScope(Output.of(srcNetworkScope)); + } + + /** + * @param srcNetworks Networks of the traffic source. It can be either a full or partial url. + * + * @return builder + * + */ + public Builder srcNetworks(@Nullable Output> srcNetworks) { + $.srcNetworks = srcNetworks; + return this; + } + + /** + * @param srcNetworks Networks of the traffic source. It can be either a full or partial url. + * + * @return builder + * + */ + public Builder srcNetworks(List srcNetworks) { + return srcNetworks(Output.of(srcNetworks)); + } + + /** + * @param srcNetworks Networks of the traffic source. It can be either a full or partial url. + * + * @return builder + * + */ + public Builder srcNetworks(String... srcNetworks) { + return srcNetworks(List.of(srcNetworks)); + } + /** * @param srcRegionCodes Region codes whose IP addresses will be used to match for source * of traffic. Should be specified as 2 letter country code defined as per diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/GetInstanceTemplateIamPolicyArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/GetInstanceTemplateIamPolicyArgs.java new file mode 100644 index 0000000000..bdd9259433 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/GetInstanceTemplateIamPolicyArgs.java @@ -0,0 +1,128 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.compute.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class GetInstanceTemplateIamPolicyArgs extends com.pulumi.resources.InvokeArgs { + + public static final GetInstanceTemplateIamPolicyArgs Empty = new GetInstanceTemplateIamPolicyArgs(); + + /** + * Used to find the parent resource to bind the IAM policy to + * + */ + @Import(name="name", required=true) + private Output name; + + /** + * @return Used to find the parent resource to bind the IAM policy to + * + */ + public Output name() { + return this.name; + } + + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + */ + @Import(name="project") + private @Nullable Output project; + + /** + * @return The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + */ + public Optional> project() { + return Optional.ofNullable(this.project); + } + + private GetInstanceTemplateIamPolicyArgs() {} + + private GetInstanceTemplateIamPolicyArgs(GetInstanceTemplateIamPolicyArgs $) { + this.name = $.name; + this.project = $.project; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(GetInstanceTemplateIamPolicyArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private GetInstanceTemplateIamPolicyArgs $; + + public Builder() { + $ = new GetInstanceTemplateIamPolicyArgs(); + } + + public Builder(GetInstanceTemplateIamPolicyArgs defaults) { + $ = new GetInstanceTemplateIamPolicyArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param name Used to find the parent resource to bind the IAM policy to + * + * @return builder + * + */ + public Builder name(Output name) { + $.name = name; + return this; + } + + /** + * @param name Used to find the parent resource to bind the IAM policy to + * + * @return builder + * + */ + public Builder name(String name) { + return name(Output.of(name)); + } + + /** + * @param project The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + * @return builder + * + */ + public Builder project(@Nullable Output project) { + $.project = project; + return this; + } + + /** + * @param project The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + * @return builder + * + */ + public Builder project(String project) { + return project(Output.of(project)); + } + + public GetInstanceTemplateIamPolicyArgs build() { + if ($.name == null) { + throw new MissingRequiredPropertyException("GetInstanceTemplateIamPolicyArgs", "name"); + } + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/GetInstanceTemplateIamPolicyPlainArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/GetInstanceTemplateIamPolicyPlainArgs.java new file mode 100644 index 0000000000..d8d9cf6b31 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/GetInstanceTemplateIamPolicyPlainArgs.java @@ -0,0 +1,106 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.compute.inputs; + +import com.pulumi.core.annotations.Import; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class GetInstanceTemplateIamPolicyPlainArgs extends com.pulumi.resources.InvokeArgs { + + public static final GetInstanceTemplateIamPolicyPlainArgs Empty = new GetInstanceTemplateIamPolicyPlainArgs(); + + /** + * Used to find the parent resource to bind the IAM policy to + * + */ + @Import(name="name", required=true) + private String name; + + /** + * @return Used to find the parent resource to bind the IAM policy to + * + */ + public String name() { + return this.name; + } + + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + */ + @Import(name="project") + private @Nullable String project; + + /** + * @return The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + */ + public Optional project() { + return Optional.ofNullable(this.project); + } + + private GetInstanceTemplateIamPolicyPlainArgs() {} + + private GetInstanceTemplateIamPolicyPlainArgs(GetInstanceTemplateIamPolicyPlainArgs $) { + this.name = $.name; + this.project = $.project; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(GetInstanceTemplateIamPolicyPlainArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private GetInstanceTemplateIamPolicyPlainArgs $; + + public Builder() { + $ = new GetInstanceTemplateIamPolicyPlainArgs(); + } + + public Builder(GetInstanceTemplateIamPolicyPlainArgs defaults) { + $ = new GetInstanceTemplateIamPolicyPlainArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param name Used to find the parent resource to bind the IAM policy to + * + * @return builder + * + */ + public Builder name(String name) { + $.name = name; + return this; + } + + /** + * @param project The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + * @return builder + * + */ + public Builder project(@Nullable String project) { + $.project = project; + return this; + } + + public GetInstanceTemplateIamPolicyPlainArgs build() { + if ($.name == null) { + throw new MissingRequiredPropertyException("GetInstanceTemplateIamPolicyPlainArgs", "name"); + } + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/InstanceTemplateIamBindingConditionArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/InstanceTemplateIamBindingConditionArgs.java new file mode 100644 index 0000000000..3796212cc1 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/InstanceTemplateIamBindingConditionArgs.java @@ -0,0 +1,144 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.compute.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class InstanceTemplateIamBindingConditionArgs extends com.pulumi.resources.ResourceArgs { + + public static final InstanceTemplateIamBindingConditionArgs Empty = new InstanceTemplateIamBindingConditionArgs(); + + @Import(name="description") + private @Nullable Output description; + + public Optional> description() { + return Optional.ofNullable(this.description); + } + + /** + * Textual representation of an expression in Common Expression Language syntax. + * + */ + @Import(name="expression", required=true) + private Output expression; + + /** + * @return Textual representation of an expression in Common Expression Language syntax. + * + */ + public Output expression() { + return this.expression; + } + + /** + * A title for the expression, i.e. a short string describing its purpose. + * + */ + @Import(name="title", required=true) + private Output title; + + /** + * @return A title for the expression, i.e. a short string describing its purpose. + * + */ + public Output title() { + return this.title; + } + + private InstanceTemplateIamBindingConditionArgs() {} + + private InstanceTemplateIamBindingConditionArgs(InstanceTemplateIamBindingConditionArgs $) { + this.description = $.description; + this.expression = $.expression; + this.title = $.title; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(InstanceTemplateIamBindingConditionArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private InstanceTemplateIamBindingConditionArgs $; + + public Builder() { + $ = new InstanceTemplateIamBindingConditionArgs(); + } + + public Builder(InstanceTemplateIamBindingConditionArgs defaults) { + $ = new InstanceTemplateIamBindingConditionArgs(Objects.requireNonNull(defaults)); + } + + public Builder description(@Nullable Output description) { + $.description = description; + return this; + } + + public Builder description(String description) { + return description(Output.of(description)); + } + + /** + * @param expression Textual representation of an expression in Common Expression Language syntax. + * + * @return builder + * + */ + public Builder expression(Output expression) { + $.expression = expression; + return this; + } + + /** + * @param expression Textual representation of an expression in Common Expression Language syntax. + * + * @return builder + * + */ + public Builder expression(String expression) { + return expression(Output.of(expression)); + } + + /** + * @param title A title for the expression, i.e. a short string describing its purpose. + * + * @return builder + * + */ + public Builder title(Output title) { + $.title = title; + return this; + } + + /** + * @param title A title for the expression, i.e. a short string describing its purpose. + * + * @return builder + * + */ + public Builder title(String title) { + return title(Output.of(title)); + } + + public InstanceTemplateIamBindingConditionArgs build() { + if ($.expression == null) { + throw new MissingRequiredPropertyException("InstanceTemplateIamBindingConditionArgs", "expression"); + } + if ($.title == null) { + throw new MissingRequiredPropertyException("InstanceTemplateIamBindingConditionArgs", "title"); + } + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/InstanceTemplateIamBindingState.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/InstanceTemplateIamBindingState.java new file mode 100644 index 0000000000..2a4f3cd338 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/InstanceTemplateIamBindingState.java @@ -0,0 +1,346 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.compute.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.gcp.compute.inputs.InstanceTemplateIamBindingConditionArgs; +import java.lang.String; +import java.util.List; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class InstanceTemplateIamBindingState extends com.pulumi.resources.ResourceArgs { + + public static final InstanceTemplateIamBindingState Empty = new InstanceTemplateIamBindingState(); + + /** + * An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding. + * Structure is documented below. + * + */ + @Import(name="condition") + private @Nullable Output condition; + + /** + * @return An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding. + * Structure is documented below. + * + */ + public Optional> condition() { + return Optional.ofNullable(this.condition); + } + + /** + * (Computed) The etag of the IAM policy. + * + */ + @Import(name="etag") + private @Nullable Output etag; + + /** + * @return (Computed) The etag of the IAM policy. + * + */ + public Optional> etag() { + return Optional.ofNullable(this.etag); + } + + /** + * Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice{@literal @}gmail.com or joe{@literal @}example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app{@literal @}appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins{@literal @}example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + * + */ + @Import(name="members") + private @Nullable Output> members; + + /** + * @return Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice{@literal @}gmail.com or joe{@literal @}example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app{@literal @}appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins{@literal @}example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + * + */ + public Optional>> members() { + return Optional.ofNullable(this.members); + } + + /** + * Used to find the parent resource to bind the IAM policy to + * + */ + @Import(name="name") + private @Nullable Output name; + + /** + * @return Used to find the parent resource to bind the IAM policy to + * + */ + public Optional> name() { + return Optional.ofNullable(this.name); + } + + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + */ + @Import(name="project") + private @Nullable Output project; + + /** + * @return The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + */ + public Optional> project() { + return Optional.ofNullable(this.project); + } + + /** + * The role that should be applied. Only one + * `gcp.compute.InstanceTemplateIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + * + */ + @Import(name="role") + private @Nullable Output role; + + /** + * @return The role that should be applied. Only one + * `gcp.compute.InstanceTemplateIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + * + */ + public Optional> role() { + return Optional.ofNullable(this.role); + } + + private InstanceTemplateIamBindingState() {} + + private InstanceTemplateIamBindingState(InstanceTemplateIamBindingState $) { + this.condition = $.condition; + this.etag = $.etag; + this.members = $.members; + this.name = $.name; + this.project = $.project; + this.role = $.role; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(InstanceTemplateIamBindingState defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private InstanceTemplateIamBindingState $; + + public Builder() { + $ = new InstanceTemplateIamBindingState(); + } + + public Builder(InstanceTemplateIamBindingState defaults) { + $ = new InstanceTemplateIamBindingState(Objects.requireNonNull(defaults)); + } + + /** + * @param condition An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding. + * Structure is documented below. + * + * @return builder + * + */ + public Builder condition(@Nullable Output condition) { + $.condition = condition; + return this; + } + + /** + * @param condition An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding. + * Structure is documented below. + * + * @return builder + * + */ + public Builder condition(InstanceTemplateIamBindingConditionArgs condition) { + return condition(Output.of(condition)); + } + + /** + * @param etag (Computed) The etag of the IAM policy. + * + * @return builder + * + */ + public Builder etag(@Nullable Output etag) { + $.etag = etag; + return this; + } + + /** + * @param etag (Computed) The etag of the IAM policy. + * + * @return builder + * + */ + public Builder etag(String etag) { + return etag(Output.of(etag)); + } + + /** + * @param members Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice{@literal @}gmail.com or joe{@literal @}example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app{@literal @}appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins{@literal @}example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + * + * @return builder + * + */ + public Builder members(@Nullable Output> members) { + $.members = members; + return this; + } + + /** + * @param members Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice{@literal @}gmail.com or joe{@literal @}example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app{@literal @}appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins{@literal @}example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + * + * @return builder + * + */ + public Builder members(List members) { + return members(Output.of(members)); + } + + /** + * @param members Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice{@literal @}gmail.com or joe{@literal @}example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app{@literal @}appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins{@literal @}example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + * + * @return builder + * + */ + public Builder members(String... members) { + return members(List.of(members)); + } + + /** + * @param name Used to find the parent resource to bind the IAM policy to + * + * @return builder + * + */ + public Builder name(@Nullable Output name) { + $.name = name; + return this; + } + + /** + * @param name Used to find the parent resource to bind the IAM policy to + * + * @return builder + * + */ + public Builder name(String name) { + return name(Output.of(name)); + } + + /** + * @param project The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + * @return builder + * + */ + public Builder project(@Nullable Output project) { + $.project = project; + return this; + } + + /** + * @param project The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + * @return builder + * + */ + public Builder project(String project) { + return project(Output.of(project)); + } + + /** + * @param role The role that should be applied. Only one + * `gcp.compute.InstanceTemplateIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + * + * @return builder + * + */ + public Builder role(@Nullable Output role) { + $.role = role; + return this; + } + + /** + * @param role The role that should be applied. Only one + * `gcp.compute.InstanceTemplateIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + * + * @return builder + * + */ + public Builder role(String role) { + return role(Output.of(role)); + } + + public InstanceTemplateIamBindingState build() { + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/InstanceTemplateIamMemberConditionArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/InstanceTemplateIamMemberConditionArgs.java new file mode 100644 index 0000000000..3d2faf6e6d --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/InstanceTemplateIamMemberConditionArgs.java @@ -0,0 +1,144 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.compute.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class InstanceTemplateIamMemberConditionArgs extends com.pulumi.resources.ResourceArgs { + + public static final InstanceTemplateIamMemberConditionArgs Empty = new InstanceTemplateIamMemberConditionArgs(); + + @Import(name="description") + private @Nullable Output description; + + public Optional> description() { + return Optional.ofNullable(this.description); + } + + /** + * Textual representation of an expression in Common Expression Language syntax. + * + */ + @Import(name="expression", required=true) + private Output expression; + + /** + * @return Textual representation of an expression in Common Expression Language syntax. + * + */ + public Output expression() { + return this.expression; + } + + /** + * A title for the expression, i.e. a short string describing its purpose. + * + */ + @Import(name="title", required=true) + private Output title; + + /** + * @return A title for the expression, i.e. a short string describing its purpose. + * + */ + public Output title() { + return this.title; + } + + private InstanceTemplateIamMemberConditionArgs() {} + + private InstanceTemplateIamMemberConditionArgs(InstanceTemplateIamMemberConditionArgs $) { + this.description = $.description; + this.expression = $.expression; + this.title = $.title; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(InstanceTemplateIamMemberConditionArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private InstanceTemplateIamMemberConditionArgs $; + + public Builder() { + $ = new InstanceTemplateIamMemberConditionArgs(); + } + + public Builder(InstanceTemplateIamMemberConditionArgs defaults) { + $ = new InstanceTemplateIamMemberConditionArgs(Objects.requireNonNull(defaults)); + } + + public Builder description(@Nullable Output description) { + $.description = description; + return this; + } + + public Builder description(String description) { + return description(Output.of(description)); + } + + /** + * @param expression Textual representation of an expression in Common Expression Language syntax. + * + * @return builder + * + */ + public Builder expression(Output expression) { + $.expression = expression; + return this; + } + + /** + * @param expression Textual representation of an expression in Common Expression Language syntax. + * + * @return builder + * + */ + public Builder expression(String expression) { + return expression(Output.of(expression)); + } + + /** + * @param title A title for the expression, i.e. a short string describing its purpose. + * + * @return builder + * + */ + public Builder title(Output title) { + $.title = title; + return this; + } + + /** + * @param title A title for the expression, i.e. a short string describing its purpose. + * + * @return builder + * + */ + public Builder title(String title) { + return title(Output.of(title)); + } + + public InstanceTemplateIamMemberConditionArgs build() { + if ($.expression == null) { + throw new MissingRequiredPropertyException("InstanceTemplateIamMemberConditionArgs", "expression"); + } + if ($.title == null) { + throw new MissingRequiredPropertyException("InstanceTemplateIamMemberConditionArgs", "title"); + } + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/InstanceTemplateIamMemberState.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/InstanceTemplateIamMemberState.java new file mode 100644 index 0000000000..6282d5e17a --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/InstanceTemplateIamMemberState.java @@ -0,0 +1,325 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.compute.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.gcp.compute.inputs.InstanceTemplateIamMemberConditionArgs; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class InstanceTemplateIamMemberState extends com.pulumi.resources.ResourceArgs { + + public static final InstanceTemplateIamMemberState Empty = new InstanceTemplateIamMemberState(); + + /** + * An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding. + * Structure is documented below. + * + */ + @Import(name="condition") + private @Nullable Output condition; + + /** + * @return An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding. + * Structure is documented below. + * + */ + public Optional> condition() { + return Optional.ofNullable(this.condition); + } + + /** + * (Computed) The etag of the IAM policy. + * + */ + @Import(name="etag") + private @Nullable Output etag; + + /** + * @return (Computed) The etag of the IAM policy. + * + */ + public Optional> etag() { + return Optional.ofNullable(this.etag); + } + + /** + * Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice{@literal @}gmail.com or joe{@literal @}example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app{@literal @}appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins{@literal @}example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + * + */ + @Import(name="member") + private @Nullable Output member; + + /** + * @return Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice{@literal @}gmail.com or joe{@literal @}example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app{@literal @}appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins{@literal @}example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + * + */ + public Optional> member() { + return Optional.ofNullable(this.member); + } + + /** + * Used to find the parent resource to bind the IAM policy to + * + */ + @Import(name="name") + private @Nullable Output name; + + /** + * @return Used to find the parent resource to bind the IAM policy to + * + */ + public Optional> name() { + return Optional.ofNullable(this.name); + } + + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + */ + @Import(name="project") + private @Nullable Output project; + + /** + * @return The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + */ + public Optional> project() { + return Optional.ofNullable(this.project); + } + + /** + * The role that should be applied. Only one + * `gcp.compute.InstanceTemplateIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + * + */ + @Import(name="role") + private @Nullable Output role; + + /** + * @return The role that should be applied. Only one + * `gcp.compute.InstanceTemplateIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + * + */ + public Optional> role() { + return Optional.ofNullable(this.role); + } + + private InstanceTemplateIamMemberState() {} + + private InstanceTemplateIamMemberState(InstanceTemplateIamMemberState $) { + this.condition = $.condition; + this.etag = $.etag; + this.member = $.member; + this.name = $.name; + this.project = $.project; + this.role = $.role; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(InstanceTemplateIamMemberState defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private InstanceTemplateIamMemberState $; + + public Builder() { + $ = new InstanceTemplateIamMemberState(); + } + + public Builder(InstanceTemplateIamMemberState defaults) { + $ = new InstanceTemplateIamMemberState(Objects.requireNonNull(defaults)); + } + + /** + * @param condition An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding. + * Structure is documented below. + * + * @return builder + * + */ + public Builder condition(@Nullable Output condition) { + $.condition = condition; + return this; + } + + /** + * @param condition An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding. + * Structure is documented below. + * + * @return builder + * + */ + public Builder condition(InstanceTemplateIamMemberConditionArgs condition) { + return condition(Output.of(condition)); + } + + /** + * @param etag (Computed) The etag of the IAM policy. + * + * @return builder + * + */ + public Builder etag(@Nullable Output etag) { + $.etag = etag; + return this; + } + + /** + * @param etag (Computed) The etag of the IAM policy. + * + * @return builder + * + */ + public Builder etag(String etag) { + return etag(Output.of(etag)); + } + + /** + * @param member Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice{@literal @}gmail.com or joe{@literal @}example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app{@literal @}appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins{@literal @}example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + * + * @return builder + * + */ + public Builder member(@Nullable Output member) { + $.member = member; + return this; + } + + /** + * @param member Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice{@literal @}gmail.com or joe{@literal @}example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app{@literal @}appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins{@literal @}example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + * + * @return builder + * + */ + public Builder member(String member) { + return member(Output.of(member)); + } + + /** + * @param name Used to find the parent resource to bind the IAM policy to + * + * @return builder + * + */ + public Builder name(@Nullable Output name) { + $.name = name; + return this; + } + + /** + * @param name Used to find the parent resource to bind the IAM policy to + * + * @return builder + * + */ + public Builder name(String name) { + return name(Output.of(name)); + } + + /** + * @param project The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + * @return builder + * + */ + public Builder project(@Nullable Output project) { + $.project = project; + return this; + } + + /** + * @param project The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + * @return builder + * + */ + public Builder project(String project) { + return project(Output.of(project)); + } + + /** + * @param role The role that should be applied. Only one + * `gcp.compute.InstanceTemplateIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + * + * @return builder + * + */ + public Builder role(@Nullable Output role) { + $.role = role; + return this; + } + + /** + * @param role The role that should be applied. Only one + * `gcp.compute.InstanceTemplateIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + * + * @return builder + * + */ + public Builder role(String role) { + return role(Output.of(role)); + } + + public InstanceTemplateIamMemberState build() { + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/InstanceTemplateIamPolicyState.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/InstanceTemplateIamPolicyState.java new file mode 100644 index 0000000000..79f5d4ce58 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/InstanceTemplateIamPolicyState.java @@ -0,0 +1,202 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.compute.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class InstanceTemplateIamPolicyState extends com.pulumi.resources.ResourceArgs { + + public static final InstanceTemplateIamPolicyState Empty = new InstanceTemplateIamPolicyState(); + + /** + * (Computed) The etag of the IAM policy. + * + */ + @Import(name="etag") + private @Nullable Output etag; + + /** + * @return (Computed) The etag of the IAM policy. + * + */ + public Optional> etag() { + return Optional.ofNullable(this.etag); + } + + /** + * Used to find the parent resource to bind the IAM policy to + * + */ + @Import(name="name") + private @Nullable Output name; + + /** + * @return Used to find the parent resource to bind the IAM policy to + * + */ + public Optional> name() { + return Optional.ofNullable(this.name); + } + + /** + * The policy data generated by + * a `gcp.organizations.getIAMPolicy` data source. + * + */ + @Import(name="policyData") + private @Nullable Output policyData; + + /** + * @return The policy data generated by + * a `gcp.organizations.getIAMPolicy` data source. + * + */ + public Optional> policyData() { + return Optional.ofNullable(this.policyData); + } + + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + */ + @Import(name="project") + private @Nullable Output project; + + /** + * @return The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + */ + public Optional> project() { + return Optional.ofNullable(this.project); + } + + private InstanceTemplateIamPolicyState() {} + + private InstanceTemplateIamPolicyState(InstanceTemplateIamPolicyState $) { + this.etag = $.etag; + this.name = $.name; + this.policyData = $.policyData; + this.project = $.project; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(InstanceTemplateIamPolicyState defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private InstanceTemplateIamPolicyState $; + + public Builder() { + $ = new InstanceTemplateIamPolicyState(); + } + + public Builder(InstanceTemplateIamPolicyState defaults) { + $ = new InstanceTemplateIamPolicyState(Objects.requireNonNull(defaults)); + } + + /** + * @param etag (Computed) The etag of the IAM policy. + * + * @return builder + * + */ + public Builder etag(@Nullable Output etag) { + $.etag = etag; + return this; + } + + /** + * @param etag (Computed) The etag of the IAM policy. + * + * @return builder + * + */ + public Builder etag(String etag) { + return etag(Output.of(etag)); + } + + /** + * @param name Used to find the parent resource to bind the IAM policy to + * + * @return builder + * + */ + public Builder name(@Nullable Output name) { + $.name = name; + return this; + } + + /** + * @param name Used to find the parent resource to bind the IAM policy to + * + * @return builder + * + */ + public Builder name(String name) { + return name(Output.of(name)); + } + + /** + * @param policyData The policy data generated by + * a `gcp.organizations.getIAMPolicy` data source. + * + * @return builder + * + */ + public Builder policyData(@Nullable Output policyData) { + $.policyData = policyData; + return this; + } + + /** + * @param policyData The policy data generated by + * a `gcp.organizations.getIAMPolicy` data source. + * + * @return builder + * + */ + public Builder policyData(String policyData) { + return policyData(Output.of(policyData)); + } + + /** + * @param project The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + * @return builder + * + */ + public Builder project(@Nullable Output project) { + $.project = project; + return this; + } + + /** + * @param project The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + * @return builder + * + */ + public Builder project(String project) { + return project(Output.of(project)); + } + + public InstanceTemplateIamPolicyState build() { + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/InterconnectAttachmentState.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/InterconnectAttachmentState.java index 2d6cc46226..cb66533a21 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/InterconnectAttachmentState.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/InterconnectAttachmentState.java @@ -10,6 +10,7 @@ import java.lang.Integer; import java.lang.String; import java.util.List; +import java.util.Map; import java.util.Objects; import java.util.Optional; import javax.annotation.Nullable; @@ -211,6 +212,21 @@ public Optional> edgeAvailabilityDomain() { return Optional.ofNullable(this.edgeAvailabilityDomain); } + /** + * All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. + * + */ + @Import(name="effectiveLabels") + private @Nullable Output> effectiveLabels; + + /** + * @return All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. + * + */ + public Optional>> effectiveLabels() { + return Optional.ofNullable(this.effectiveLabels); + } + /** * Indicates the user-supplied encryption option of this interconnect * attachment. Can only be specified at attachment creation for PARTNER or @@ -329,6 +345,52 @@ public Optional>> ipsecInternalAddresses() { return Optional.ofNullable(this.ipsecInternalAddresses); } + /** + * A fingerprint for the labels being applied to this Interconnect, which is essentially a hash + * of the labels set used for optimistic locking. The fingerprint is initially generated by + * Compute Engine and changes after every request to modify or update labels. + * You must always provide an up-to-date fingerprint hash in order to update or change labels, + * otherwise the request will fail with error 412 conditionNotMet. + * + */ + @Import(name="labelFingerprint") + private @Nullable Output labelFingerprint; + + /** + * @return A fingerprint for the labels being applied to this Interconnect, which is essentially a hash + * of the labels set used for optimistic locking. The fingerprint is initially generated by + * Compute Engine and changes after every request to modify or update labels. + * You must always provide an up-to-date fingerprint hash in order to update or change labels, + * otherwise the request will fail with error 412 conditionNotMet. + * + */ + public Optional> labelFingerprint() { + return Optional.ofNullable(this.labelFingerprint); + } + + /** + * Labels for this resource. These can only be added or modified by the setLabels + * method. Each label key/value pair must comply with RFC1035. Label values may be empty. + * + * **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. + * Please refer to the field `effective_labels` for all of the labels present on the resource. + * + */ + @Import(name="labels") + private @Nullable Output> labels; + + /** + * @return Labels for this resource. These can only be added or modified by the setLabels + * method. Each label key/value pair must comply with RFC1035. Label values may be empty. + * + * **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. + * Please refer to the field `effective_labels` for all of the labels present on the resource. + * + */ + public Optional>> labels() { + return Optional.ofNullable(this.labels); + } + /** * Maximum Transmission Unit (MTU), in bytes, of packets passing through * this interconnect attachment. Currently, only 1440 and 1500 are allowed. If not specified, the value will default to 1440. @@ -449,6 +511,23 @@ public Optional> project() { return Optional.ofNullable(this.project); } + /** + * The combination of labels configured directly on the resource + * and default labels configured on the provider. + * + */ + @Import(name="pulumiLabels") + private @Nullable Output> pulumiLabels; + + /** + * @return The combination of labels configured directly on the resource + * and default labels configured on the provider. + * + */ + public Optional>> pulumiLabels() { + return Optional.ofNullable(this.pulumiLabels); + } + /** * Region where the regional interconnect attachment resides. * @@ -612,16 +691,20 @@ private InterconnectAttachmentState(InterconnectAttachmentState $) { this.customerRouterIpv6Address = $.customerRouterIpv6Address; this.description = $.description; this.edgeAvailabilityDomain = $.edgeAvailabilityDomain; + this.effectiveLabels = $.effectiveLabels; this.encryption = $.encryption; this.googleReferenceId = $.googleReferenceId; this.interconnect = $.interconnect; this.ipsecInternalAddresses = $.ipsecInternalAddresses; + this.labelFingerprint = $.labelFingerprint; + this.labels = $.labels; this.mtu = $.mtu; this.name = $.name; this.pairingKey = $.pairingKey; this.partnerAsn = $.partnerAsn; this.privateInterconnectInfos = $.privateInterconnectInfos; this.project = $.project; + this.pulumiLabels = $.pulumiLabels; this.region = $.region; this.router = $.router; this.selfLink = $.selfLink; @@ -918,6 +1001,27 @@ public Builder edgeAvailabilityDomain(String edgeAvailabilityDomain) { return edgeAvailabilityDomain(Output.of(edgeAvailabilityDomain)); } + /** + * @param effectiveLabels All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. + * + * @return builder + * + */ + public Builder effectiveLabels(@Nullable Output> effectiveLabels) { + $.effectiveLabels = effectiveLabels; + return this; + } + + /** + * @param effectiveLabels All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. + * + * @return builder + * + */ + public Builder effectiveLabels(Map effectiveLabels) { + return effectiveLabels(Output.of(effectiveLabels)); + } + /** * @param encryption Indicates the user-supplied encryption option of this interconnect * attachment. Can only be specified at attachment creation for PARTNER or @@ -1084,6 +1188,64 @@ public Builder ipsecInternalAddresses(String... ipsecInternalAddresses) { return ipsecInternalAddresses(List.of(ipsecInternalAddresses)); } + /** + * @param labelFingerprint A fingerprint for the labels being applied to this Interconnect, which is essentially a hash + * of the labels set used for optimistic locking. The fingerprint is initially generated by + * Compute Engine and changes after every request to modify or update labels. + * You must always provide an up-to-date fingerprint hash in order to update or change labels, + * otherwise the request will fail with error 412 conditionNotMet. + * + * @return builder + * + */ + public Builder labelFingerprint(@Nullable Output labelFingerprint) { + $.labelFingerprint = labelFingerprint; + return this; + } + + /** + * @param labelFingerprint A fingerprint for the labels being applied to this Interconnect, which is essentially a hash + * of the labels set used for optimistic locking. The fingerprint is initially generated by + * Compute Engine and changes after every request to modify or update labels. + * You must always provide an up-to-date fingerprint hash in order to update or change labels, + * otherwise the request will fail with error 412 conditionNotMet. + * + * @return builder + * + */ + public Builder labelFingerprint(String labelFingerprint) { + return labelFingerprint(Output.of(labelFingerprint)); + } + + /** + * @param labels Labels for this resource. These can only be added or modified by the setLabels + * method. Each label key/value pair must comply with RFC1035. Label values may be empty. + * + * **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. + * Please refer to the field `effective_labels` for all of the labels present on the resource. + * + * @return builder + * + */ + public Builder labels(@Nullable Output> labels) { + $.labels = labels; + return this; + } + + /** + * @param labels Labels for this resource. These can only be added or modified by the setLabels + * method. Each label key/value pair must comply with RFC1035. Label values may be empty. + * + * **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. + * Please refer to the field `effective_labels` for all of the labels present on the resource. + * + * @return builder + * + */ + public Builder labels(Map labels) { + return labels(Output.of(labels)); + } + /** * @param mtu Maximum Transmission Unit (MTU), in bytes, of packets passing through * this interconnect attachment. Currently, only 1440 and 1500 are allowed. If not specified, the value will default to 1440. @@ -1252,6 +1414,29 @@ public Builder project(String project) { return project(Output.of(project)); } + /** + * @param pulumiLabels The combination of labels configured directly on the resource + * and default labels configured on the provider. + * + * @return builder + * + */ + public Builder pulumiLabels(@Nullable Output> pulumiLabels) { + $.pulumiLabels = pulumiLabels; + return this; + } + + /** + * @param pulumiLabels The combination of labels configured directly on the resource + * and default labels configured on the provider. + * + * @return builder + * + */ + public Builder pulumiLabels(Map pulumiLabels) { + return pulumiLabels(Output.of(pulumiLabels)); + } + /** * @param region Region where the regional interconnect attachment resides. * diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/NetworkFirewallPolicyRuleMatchArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/NetworkFirewallPolicyRuleMatchArgs.java index 207ad11105..f1fb00ec17 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/NetworkFirewallPolicyRuleMatchArgs.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/NetworkFirewallPolicyRuleMatchArgs.java @@ -64,6 +64,23 @@ public Optional>> destIpRanges() { return Optional.ofNullable(this.destIpRanges); } + /** + * Network scope of the traffic destination. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + * + */ + @Import(name="destNetworkScope") + private @Nullable Output destNetworkScope; + + /** + * @return Network scope of the traffic destination. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + * + */ + public Optional> destNetworkScope() { + return Optional.ofNullable(this.destNetworkScope); + } + /** * Region codes whose IP addresses will be used to match for destination of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of dest region codes allowed is 5000. * @@ -156,6 +173,38 @@ public Optional>> srcIpRanges() { return Optional.ofNullable(this.srcIpRanges); } + /** + * Network scope of the traffic source. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + * + */ + @Import(name="srcNetworkScope") + private @Nullable Output srcNetworkScope; + + /** + * @return Network scope of the traffic source. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + * + */ + public Optional> srcNetworkScope() { + return Optional.ofNullable(this.srcNetworkScope); + } + + /** + * Networks of the traffic source. It can be either a full or partial url. + * + */ + @Import(name="srcNetworks") + private @Nullable Output> srcNetworks; + + /** + * @return Networks of the traffic source. It can be either a full or partial url. + * + */ + public Optional>> srcNetworks() { + return Optional.ofNullable(this.srcNetworks); + } + /** * Region codes whose IP addresses will be used to match for source of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of source region codes allowed is 5000. * @@ -213,12 +262,15 @@ private NetworkFirewallPolicyRuleMatchArgs(NetworkFirewallPolicyRuleMatchArgs $) this.destAddressGroups = $.destAddressGroups; this.destFqdns = $.destFqdns; this.destIpRanges = $.destIpRanges; + this.destNetworkScope = $.destNetworkScope; this.destRegionCodes = $.destRegionCodes; this.destThreatIntelligences = $.destThreatIntelligences; this.layer4Configs = $.layer4Configs; this.srcAddressGroups = $.srcAddressGroups; this.srcFqdns = $.srcFqdns; this.srcIpRanges = $.srcIpRanges; + this.srcNetworkScope = $.srcNetworkScope; + this.srcNetworks = $.srcNetworks; this.srcRegionCodes = $.srcRegionCodes; this.srcSecureTags = $.srcSecureTags; this.srcThreatIntelligences = $.srcThreatIntelligences; @@ -335,6 +387,29 @@ public Builder destIpRanges(String... destIpRanges) { return destIpRanges(List.of(destIpRanges)); } + /** + * @param destNetworkScope Network scope of the traffic destination. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + * + * @return builder + * + */ + public Builder destNetworkScope(@Nullable Output destNetworkScope) { + $.destNetworkScope = destNetworkScope; + return this; + } + + /** + * @param destNetworkScope Network scope of the traffic destination. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + * + * @return builder + * + */ + public Builder destNetworkScope(String destNetworkScope) { + return destNetworkScope(Output.of(destNetworkScope)); + } + /** * @param destRegionCodes Region codes whose IP addresses will be used to match for destination of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of dest region codes allowed is 5000. * @@ -524,6 +599,60 @@ public Builder srcIpRanges(String... srcIpRanges) { return srcIpRanges(List.of(srcIpRanges)); } + /** + * @param srcNetworkScope Network scope of the traffic source. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + * + * @return builder + * + */ + public Builder srcNetworkScope(@Nullable Output srcNetworkScope) { + $.srcNetworkScope = srcNetworkScope; + return this; + } + + /** + * @param srcNetworkScope Network scope of the traffic source. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + * + * @return builder + * + */ + public Builder srcNetworkScope(String srcNetworkScope) { + return srcNetworkScope(Output.of(srcNetworkScope)); + } + + /** + * @param srcNetworks Networks of the traffic source. It can be either a full or partial url. + * + * @return builder + * + */ + public Builder srcNetworks(@Nullable Output> srcNetworks) { + $.srcNetworks = srcNetworks; + return this; + } + + /** + * @param srcNetworks Networks of the traffic source. It can be either a full or partial url. + * + * @return builder + * + */ + public Builder srcNetworks(List srcNetworks) { + return srcNetworks(Output.of(srcNetworks)); + } + + /** + * @param srcNetworks Networks of the traffic source. It can be either a full or partial url. + * + * @return builder + * + */ + public Builder srcNetworks(String... srcNetworks) { + return srcNetworks(List.of(srcNetworks)); + } + /** * @param srcRegionCodes Region codes whose IP addresses will be used to match for source of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of source region codes allowed is 5000. * diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/NetworkFirewallPolicyWithRulesRuleMatchArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/NetworkFirewallPolicyWithRulesRuleMatchArgs.java index 234c205e01..65290a548f 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/NetworkFirewallPolicyWithRulesRuleMatchArgs.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/NetworkFirewallPolicyWithRulesRuleMatchArgs.java @@ -70,6 +70,23 @@ public Optional>> destIpRanges() { return Optional.ofNullable(this.destIpRanges); } + /** + * Network scope of the traffic destination. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + * + */ + @Import(name="destNetworkScope") + private @Nullable Output destNetworkScope; + + /** + * @return Network scope of the traffic destination. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + * + */ + public Optional> destNetworkScope() { + return Optional.ofNullable(this.destNetworkScope); + } + /** * Region codes whose IP addresses will be used to match for destination * of traffic. Should be specified as 2 letter country code defined as per @@ -176,6 +193,38 @@ public Optional>> srcIpRanges() { return Optional.ofNullable(this.srcIpRanges); } + /** + * Network scope of the traffic source. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + * + */ + @Import(name="srcNetworkScope") + private @Nullable Output srcNetworkScope; + + /** + * @return Network scope of the traffic source. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + * + */ + public Optional> srcNetworkScope() { + return Optional.ofNullable(this.srcNetworkScope); + } + + /** + * Networks of the traffic source. It can be either a full or partial url. + * + */ + @Import(name="srcNetworks") + private @Nullable Output> srcNetworks; + + /** + * @return Networks of the traffic source. It can be either a full or partial url. + * + */ + public Optional>> srcNetworks() { + return Optional.ofNullable(this.srcNetworks); + } + /** * Region codes whose IP addresses will be used to match for source * of traffic. Should be specified as 2 letter country code defined as per @@ -249,12 +298,15 @@ private NetworkFirewallPolicyWithRulesRuleMatchArgs(NetworkFirewallPolicyWithRul this.destAddressGroups = $.destAddressGroups; this.destFqdns = $.destFqdns; this.destIpRanges = $.destIpRanges; + this.destNetworkScope = $.destNetworkScope; this.destRegionCodes = $.destRegionCodes; this.destThreatIntelligences = $.destThreatIntelligences; this.layer4Configs = $.layer4Configs; this.srcAddressGroups = $.srcAddressGroups; this.srcFqdns = $.srcFqdns; this.srcIpRanges = $.srcIpRanges; + this.srcNetworkScope = $.srcNetworkScope; + this.srcNetworks = $.srcNetworks; this.srcRegionCodes = $.srcRegionCodes; this.srcSecureTags = $.srcSecureTags; this.srcThreatIntelligences = $.srcThreatIntelligences; @@ -380,6 +432,29 @@ public Builder destIpRanges(String... destIpRanges) { return destIpRanges(List.of(destIpRanges)); } + /** + * @param destNetworkScope Network scope of the traffic destination. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + * + * @return builder + * + */ + public Builder destNetworkScope(@Nullable Output destNetworkScope) { + $.destNetworkScope = destNetworkScope; + return this; + } + + /** + * @param destNetworkScope Network scope of the traffic destination. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + * + * @return builder + * + */ + public Builder destNetworkScope(String destNetworkScope) { + return destNetworkScope(Output.of(destNetworkScope)); + } + /** * @param destRegionCodes Region codes whose IP addresses will be used to match for destination * of traffic. Should be specified as 2 letter country code defined as per @@ -590,6 +665,60 @@ public Builder srcIpRanges(String... srcIpRanges) { return srcIpRanges(List.of(srcIpRanges)); } + /** + * @param srcNetworkScope Network scope of the traffic source. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + * + * @return builder + * + */ + public Builder srcNetworkScope(@Nullable Output srcNetworkScope) { + $.srcNetworkScope = srcNetworkScope; + return this; + } + + /** + * @param srcNetworkScope Network scope of the traffic source. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + * + * @return builder + * + */ + public Builder srcNetworkScope(String srcNetworkScope) { + return srcNetworkScope(Output.of(srcNetworkScope)); + } + + /** + * @param srcNetworks Networks of the traffic source. It can be either a full or partial url. + * + * @return builder + * + */ + public Builder srcNetworks(@Nullable Output> srcNetworks) { + $.srcNetworks = srcNetworks; + return this; + } + + /** + * @param srcNetworks Networks of the traffic source. It can be either a full or partial url. + * + * @return builder + * + */ + public Builder srcNetworks(List srcNetworks) { + return srcNetworks(Output.of(srcNetworks)); + } + + /** + * @param srcNetworks Networks of the traffic source. It can be either a full or partial url. + * + * @return builder + * + */ + public Builder srcNetworks(String... srcNetworks) { + return srcNetworks(List.of(srcNetworks)); + } + /** * @param srcRegionCodes Region codes whose IP addresses will be used to match for source * of traffic. Should be specified as 2 letter country code defined as per diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/PublicAdvertisedPrefixState.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/PublicAdvertisedPrefixState.java index 7805d23426..2c136ab85d 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/PublicAdvertisedPrefixState.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/PublicAdvertisedPrefixState.java @@ -89,6 +89,25 @@ public Optional> name() { return Optional.ofNullable(this.name); } + /** + * Specifies how child public delegated prefix will be scoped. pdpScope + * must be one of: GLOBAL, REGIONAL + * Possible values are: `GLOBAL`, `REGIONAL`. + * + */ + @Import(name="pdpScope") + private @Nullable Output pdpScope; + + /** + * @return Specifies how child public delegated prefix will be scoped. pdpScope + * must be one of: GLOBAL, REGIONAL + * Possible values are: `GLOBAL`, `REGIONAL`. + * + */ + public Optional> pdpScope() { + return Optional.ofNullable(this.pdpScope); + } + /** * The ID of the project in which the resource belongs. * If it is not provided, the provider project is used. @@ -143,6 +162,7 @@ private PublicAdvertisedPrefixState(PublicAdvertisedPrefixState $) { this.dnsVerificationIp = $.dnsVerificationIp; this.ipCidrRange = $.ipCidrRange; this.name = $.name; + this.pdpScope = $.pdpScope; this.project = $.project; this.selfLink = $.selfLink; this.sharedSecret = $.sharedSecret; @@ -264,6 +284,31 @@ public Builder name(String name) { return name(Output.of(name)); } + /** + * @param pdpScope Specifies how child public delegated prefix will be scoped. pdpScope + * must be one of: GLOBAL, REGIONAL + * Possible values are: `GLOBAL`, `REGIONAL`. + * + * @return builder + * + */ + public Builder pdpScope(@Nullable Output pdpScope) { + $.pdpScope = pdpScope; + return this; + } + + /** + * @param pdpScope Specifies how child public delegated prefix will be scoped. pdpScope + * must be one of: GLOBAL, REGIONAL + * Possible values are: `GLOBAL`, `REGIONAL`. + * + * @return builder + * + */ + public Builder pdpScope(String pdpScope) { + return pdpScope(Output.of(pdpScope)); + } + /** * @param project The ID of the project in which the resource belongs. * If it is not provided, the provider project is used. diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/RegionNetworkFirewallPolicyRuleMatchArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/RegionNetworkFirewallPolicyRuleMatchArgs.java index 1bda30fb46..1d4603d0c9 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/RegionNetworkFirewallPolicyRuleMatchArgs.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/RegionNetworkFirewallPolicyRuleMatchArgs.java @@ -64,6 +64,23 @@ public Optional>> destIpRanges() { return Optional.ofNullable(this.destIpRanges); } + /** + * Network scope of the traffic destination. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + * + */ + @Import(name="destNetworkScope") + private @Nullable Output destNetworkScope; + + /** + * @return Network scope of the traffic destination. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + * + */ + public Optional> destNetworkScope() { + return Optional.ofNullable(this.destNetworkScope); + } + /** * Region codes whose IP addresses will be used to match for destination of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of dest region codes allowed is 5000. * @@ -156,6 +173,38 @@ public Optional>> srcIpRanges() { return Optional.ofNullable(this.srcIpRanges); } + /** + * Network scope of the traffic source. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + * + */ + @Import(name="srcNetworkScope") + private @Nullable Output srcNetworkScope; + + /** + * @return Network scope of the traffic source. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + * + */ + public Optional> srcNetworkScope() { + return Optional.ofNullable(this.srcNetworkScope); + } + + /** + * Networks of the traffic source. It can be either a full or partial url. + * + */ + @Import(name="srcNetworks") + private @Nullable Output> srcNetworks; + + /** + * @return Networks of the traffic source. It can be either a full or partial url. + * + */ + public Optional>> srcNetworks() { + return Optional.ofNullable(this.srcNetworks); + } + /** * Region codes whose IP addresses will be used to match for source of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of source region codes allowed is 5000. * @@ -213,12 +262,15 @@ private RegionNetworkFirewallPolicyRuleMatchArgs(RegionNetworkFirewallPolicyRule this.destAddressGroups = $.destAddressGroups; this.destFqdns = $.destFqdns; this.destIpRanges = $.destIpRanges; + this.destNetworkScope = $.destNetworkScope; this.destRegionCodes = $.destRegionCodes; this.destThreatIntelligences = $.destThreatIntelligences; this.layer4Configs = $.layer4Configs; this.srcAddressGroups = $.srcAddressGroups; this.srcFqdns = $.srcFqdns; this.srcIpRanges = $.srcIpRanges; + this.srcNetworkScope = $.srcNetworkScope; + this.srcNetworks = $.srcNetworks; this.srcRegionCodes = $.srcRegionCodes; this.srcSecureTags = $.srcSecureTags; this.srcThreatIntelligences = $.srcThreatIntelligences; @@ -335,6 +387,29 @@ public Builder destIpRanges(String... destIpRanges) { return destIpRanges(List.of(destIpRanges)); } + /** + * @param destNetworkScope Network scope of the traffic destination. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + * + * @return builder + * + */ + public Builder destNetworkScope(@Nullable Output destNetworkScope) { + $.destNetworkScope = destNetworkScope; + return this; + } + + /** + * @param destNetworkScope Network scope of the traffic destination. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + * + * @return builder + * + */ + public Builder destNetworkScope(String destNetworkScope) { + return destNetworkScope(Output.of(destNetworkScope)); + } + /** * @param destRegionCodes Region codes whose IP addresses will be used to match for destination of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of dest region codes allowed is 5000. * @@ -524,6 +599,60 @@ public Builder srcIpRanges(String... srcIpRanges) { return srcIpRanges(List.of(srcIpRanges)); } + /** + * @param srcNetworkScope Network scope of the traffic source. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + * + * @return builder + * + */ + public Builder srcNetworkScope(@Nullable Output srcNetworkScope) { + $.srcNetworkScope = srcNetworkScope; + return this; + } + + /** + * @param srcNetworkScope Network scope of the traffic source. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + * + * @return builder + * + */ + public Builder srcNetworkScope(String srcNetworkScope) { + return srcNetworkScope(Output.of(srcNetworkScope)); + } + + /** + * @param srcNetworks Networks of the traffic source. It can be either a full or partial url. + * + * @return builder + * + */ + public Builder srcNetworks(@Nullable Output> srcNetworks) { + $.srcNetworks = srcNetworks; + return this; + } + + /** + * @param srcNetworks Networks of the traffic source. It can be either a full or partial url. + * + * @return builder + * + */ + public Builder srcNetworks(List srcNetworks) { + return srcNetworks(Output.of(srcNetworks)); + } + + /** + * @param srcNetworks Networks of the traffic source. It can be either a full or partial url. + * + * @return builder + * + */ + public Builder srcNetworks(String... srcNetworks) { + return srcNetworks(List.of(srcNetworks)); + } + /** * @param srcRegionCodes Region codes whose IP addresses will be used to match for source of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of source region codes allowed is 5000. * diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/RegionNetworkFirewallPolicyWithRulesRuleMatchArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/RegionNetworkFirewallPolicyWithRulesRuleMatchArgs.java index 76f40da97f..f97e7253a6 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/RegionNetworkFirewallPolicyWithRulesRuleMatchArgs.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/RegionNetworkFirewallPolicyWithRulesRuleMatchArgs.java @@ -70,6 +70,23 @@ public Optional>> destIpRanges() { return Optional.ofNullable(this.destIpRanges); } + /** + * Network scope of the traffic destination. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + * + */ + @Import(name="destNetworkScope") + private @Nullable Output destNetworkScope; + + /** + * @return Network scope of the traffic destination. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + * + */ + public Optional> destNetworkScope() { + return Optional.ofNullable(this.destNetworkScope); + } + /** * Region codes whose IP addresses will be used to match for destination * of traffic. Should be specified as 2 letter country code defined as per @@ -176,6 +193,38 @@ public Optional>> srcIpRanges() { return Optional.ofNullable(this.srcIpRanges); } + /** + * Network scope of the traffic source. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + * + */ + @Import(name="srcNetworkScope") + private @Nullable Output srcNetworkScope; + + /** + * @return Network scope of the traffic source. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + * + */ + public Optional> srcNetworkScope() { + return Optional.ofNullable(this.srcNetworkScope); + } + + /** + * Networks of the traffic source. It can be either a full or partial url. + * + */ + @Import(name="srcNetworks") + private @Nullable Output> srcNetworks; + + /** + * @return Networks of the traffic source. It can be either a full or partial url. + * + */ + public Optional>> srcNetworks() { + return Optional.ofNullable(this.srcNetworks); + } + /** * Region codes whose IP addresses will be used to match for source * of traffic. Should be specified as 2 letter country code defined as per @@ -249,12 +298,15 @@ private RegionNetworkFirewallPolicyWithRulesRuleMatchArgs(RegionNetworkFirewallP this.destAddressGroups = $.destAddressGroups; this.destFqdns = $.destFqdns; this.destIpRanges = $.destIpRanges; + this.destNetworkScope = $.destNetworkScope; this.destRegionCodes = $.destRegionCodes; this.destThreatIntelligences = $.destThreatIntelligences; this.layer4Configs = $.layer4Configs; this.srcAddressGroups = $.srcAddressGroups; this.srcFqdns = $.srcFqdns; this.srcIpRanges = $.srcIpRanges; + this.srcNetworkScope = $.srcNetworkScope; + this.srcNetworks = $.srcNetworks; this.srcRegionCodes = $.srcRegionCodes; this.srcSecureTags = $.srcSecureTags; this.srcThreatIntelligences = $.srcThreatIntelligences; @@ -380,6 +432,29 @@ public Builder destIpRanges(String... destIpRanges) { return destIpRanges(List.of(destIpRanges)); } + /** + * @param destNetworkScope Network scope of the traffic destination. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + * + * @return builder + * + */ + public Builder destNetworkScope(@Nullable Output destNetworkScope) { + $.destNetworkScope = destNetworkScope; + return this; + } + + /** + * @param destNetworkScope Network scope of the traffic destination. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + * + * @return builder + * + */ + public Builder destNetworkScope(String destNetworkScope) { + return destNetworkScope(Output.of(destNetworkScope)); + } + /** * @param destRegionCodes Region codes whose IP addresses will be used to match for destination * of traffic. Should be specified as 2 letter country code defined as per @@ -590,6 +665,60 @@ public Builder srcIpRanges(String... srcIpRanges) { return srcIpRanges(List.of(srcIpRanges)); } + /** + * @param srcNetworkScope Network scope of the traffic source. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + * + * @return builder + * + */ + public Builder srcNetworkScope(@Nullable Output srcNetworkScope) { + $.srcNetworkScope = srcNetworkScope; + return this; + } + + /** + * @param srcNetworkScope Network scope of the traffic source. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + * + * @return builder + * + */ + public Builder srcNetworkScope(String srcNetworkScope) { + return srcNetworkScope(Output.of(srcNetworkScope)); + } + + /** + * @param srcNetworks Networks of the traffic source. It can be either a full or partial url. + * + * @return builder + * + */ + public Builder srcNetworks(@Nullable Output> srcNetworks) { + $.srcNetworks = srcNetworks; + return this; + } + + /** + * @param srcNetworks Networks of the traffic source. It can be either a full or partial url. + * + * @return builder + * + */ + public Builder srcNetworks(List srcNetworks) { + return srcNetworks(Output.of(srcNetworks)); + } + + /** + * @param srcNetworks Networks of the traffic source. It can be either a full or partial url. + * + * @return builder + * + */ + public Builder srcNetworks(String... srcNetworks) { + return srcNetworks(List.of(srcNetworks)); + } + /** * @param srcRegionCodes Region codes whose IP addresses will be used to match for source * of traffic. Should be specified as 2 letter country code defined as per diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/RouterPeerState.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/RouterPeerState.java index 9d202edffb..c0e614b4bf 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/RouterPeerState.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/RouterPeerState.java @@ -332,6 +332,21 @@ public Optional> ipv6NexthopAddress() { return Optional.ofNullable(this.ipv6NexthopAddress); } + /** + * An internal boolean field for provider use. + * + */ + @Import(name="isCustomLearnedPrioritySet") + private @Nullable Output isCustomLearnedPrioritySet; + + /** + * @return An internal boolean field for provider use. + * + */ + public Optional> isCustomLearnedPrioritySet() { + return Optional.ofNullable(this.isCustomLearnedPrioritySet); + } + /** * The resource that configures and manages this BGP peer. * * `MANAGED_BY_USER` is the default value and can be managed by @@ -549,6 +564,23 @@ public Optional> routerApplianceInstance() { return Optional.ofNullable(this.routerApplianceInstance); } + /** + * The user-defined zero-custom-learned-route-priority for a custom-learned-route-priority in BGP session. + * This value has to be set true to force the custom_learned_route_priority to be 0. + * + */ + @Import(name="zeroCustomLearnedRoutePriority") + private @Nullable Output zeroCustomLearnedRoutePriority; + + /** + * @return The user-defined zero-custom-learned-route-priority for a custom-learned-route-priority in BGP session. + * This value has to be set true to force the custom_learned_route_priority to be 0. + * + */ + public Optional> zeroCustomLearnedRoutePriority() { + return Optional.ofNullable(this.zeroCustomLearnedRoutePriority); + } + private RouterPeerState() {} private RouterPeerState(RouterPeerState $) { @@ -568,6 +600,7 @@ private RouterPeerState(RouterPeerState $) { this.ipAddress = $.ipAddress; this.ipv4NexthopAddress = $.ipv4NexthopAddress; this.ipv6NexthopAddress = $.ipv6NexthopAddress; + this.isCustomLearnedPrioritySet = $.isCustomLearnedPrioritySet; this.managementType = $.managementType; this.md5AuthenticationKey = $.md5AuthenticationKey; this.name = $.name; @@ -579,6 +612,7 @@ private RouterPeerState(RouterPeerState $) { this.region = $.region; this.router = $.router; this.routerApplianceInstance = $.routerApplianceInstance; + this.zeroCustomLearnedRoutePriority = $.zeroCustomLearnedRoutePriority; } public static Builder builder() { @@ -1074,6 +1108,27 @@ public Builder ipv6NexthopAddress(String ipv6NexthopAddress) { return ipv6NexthopAddress(Output.of(ipv6NexthopAddress)); } + /** + * @param isCustomLearnedPrioritySet An internal boolean field for provider use. + * + * @return builder + * + */ + public Builder isCustomLearnedPrioritySet(@Nullable Output isCustomLearnedPrioritySet) { + $.isCustomLearnedPrioritySet = isCustomLearnedPrioritySet; + return this; + } + + /** + * @param isCustomLearnedPrioritySet An internal boolean field for provider use. + * + * @return builder + * + */ + public Builder isCustomLearnedPrioritySet(Boolean isCustomLearnedPrioritySet) { + return isCustomLearnedPrioritySet(Output.of(isCustomLearnedPrioritySet)); + } + /** * @param managementType The resource that configures and manages this BGP peer. * * `MANAGED_BY_USER` is the default value and can be managed by @@ -1357,6 +1412,29 @@ public Builder routerApplianceInstance(String routerApplianceInstance) { return routerApplianceInstance(Output.of(routerApplianceInstance)); } + /** + * @param zeroCustomLearnedRoutePriority The user-defined zero-custom-learned-route-priority for a custom-learned-route-priority in BGP session. + * This value has to be set true to force the custom_learned_route_priority to be 0. + * + * @return builder + * + */ + public Builder zeroCustomLearnedRoutePriority(@Nullable Output zeroCustomLearnedRoutePriority) { + $.zeroCustomLearnedRoutePriority = zeroCustomLearnedRoutePriority; + return this; + } + + /** + * @param zeroCustomLearnedRoutePriority The user-defined zero-custom-learned-route-priority for a custom-learned-route-priority in BGP session. + * This value has to be set true to force the custom_learned_route_priority to be 0. + * + * @return builder + * + */ + public Builder zeroCustomLearnedRoutePriority(Boolean zeroCustomLearnedRoutePriority) { + return zeroCustomLearnedRoutePriority(Output.of(zeroCustomLearnedRoutePriority)); + } + public RouterPeerState build() { return $; } diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/FirewallPolicyRuleMatch.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/FirewallPolicyRuleMatch.java index 477ce6041e..12d913c6f7 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/FirewallPolicyRuleMatch.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/FirewallPolicyRuleMatch.java @@ -9,6 +9,7 @@ import java.lang.String; import java.util.List; import java.util.Objects; +import java.util.Optional; import javax.annotation.Nullable; @CustomType @@ -28,6 +29,12 @@ public final class FirewallPolicyRuleMatch { * */ private @Nullable List destIpRanges; + /** + * @return Network scope of the traffic destination. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + * + */ + private @Nullable String destNetworkScope; /** * @return Region codes whose IP addresses will be used to match for destination of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of dest region codes allowed is 5000. * @@ -59,6 +66,17 @@ public final class FirewallPolicyRuleMatch { * */ private @Nullable List srcIpRanges; + /** + * @return Network scope of the traffic source. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + * + */ + private @Nullable String srcNetworkScope; + /** + * @return Networks of the traffic source. It can be either a full or partial url. + * + */ + private @Nullable List srcNetworks; /** * @return Region codes whose IP addresses will be used to match for source of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of source region codes allowed is 5000. * @@ -94,6 +112,14 @@ public List destFqdns() { public List destIpRanges() { return this.destIpRanges == null ? List.of() : this.destIpRanges; } + /** + * @return Network scope of the traffic destination. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + * + */ + public Optional destNetworkScope() { + return Optional.ofNullable(this.destNetworkScope); + } /** * @return Region codes whose IP addresses will be used to match for destination of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of dest region codes allowed is 5000. * @@ -137,6 +163,21 @@ public List srcFqdns() { public List srcIpRanges() { return this.srcIpRanges == null ? List.of() : this.srcIpRanges; } + /** + * @return Network scope of the traffic source. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + * + */ + public Optional srcNetworkScope() { + return Optional.ofNullable(this.srcNetworkScope); + } + /** + * @return Networks of the traffic source. It can be either a full or partial url. + * + */ + public List srcNetworks() { + return this.srcNetworks == null ? List.of() : this.srcNetworks; + } /** * @return Region codes whose IP addresses will be used to match for source of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of source region codes allowed is 5000. * @@ -166,12 +207,15 @@ public static final class Builder { private @Nullable List destAddressGroups; private @Nullable List destFqdns; private @Nullable List destIpRanges; + private @Nullable String destNetworkScope; private @Nullable List destRegionCodes; private @Nullable List destThreatIntelligences; private List layer4Configs; private @Nullable List srcAddressGroups; private @Nullable List srcFqdns; private @Nullable List srcIpRanges; + private @Nullable String srcNetworkScope; + private @Nullable List srcNetworks; private @Nullable List srcRegionCodes; private @Nullable List srcThreatIntelligences; public Builder() {} @@ -180,12 +224,15 @@ public Builder(FirewallPolicyRuleMatch defaults) { this.destAddressGroups = defaults.destAddressGroups; this.destFqdns = defaults.destFqdns; this.destIpRanges = defaults.destIpRanges; + this.destNetworkScope = defaults.destNetworkScope; this.destRegionCodes = defaults.destRegionCodes; this.destThreatIntelligences = defaults.destThreatIntelligences; this.layer4Configs = defaults.layer4Configs; this.srcAddressGroups = defaults.srcAddressGroups; this.srcFqdns = defaults.srcFqdns; this.srcIpRanges = defaults.srcIpRanges; + this.srcNetworkScope = defaults.srcNetworkScope; + this.srcNetworks = defaults.srcNetworks; this.srcRegionCodes = defaults.srcRegionCodes; this.srcThreatIntelligences = defaults.srcThreatIntelligences; } @@ -218,6 +265,12 @@ public Builder destIpRanges(String... destIpRanges) { return destIpRanges(List.of(destIpRanges)); } @CustomType.Setter + public Builder destNetworkScope(@Nullable String destNetworkScope) { + + this.destNetworkScope = destNetworkScope; + return this; + } + @CustomType.Setter public Builder destRegionCodes(@Nullable List destRegionCodes) { this.destRegionCodes = destRegionCodes; @@ -274,6 +327,21 @@ public Builder srcIpRanges(String... srcIpRanges) { return srcIpRanges(List.of(srcIpRanges)); } @CustomType.Setter + public Builder srcNetworkScope(@Nullable String srcNetworkScope) { + + this.srcNetworkScope = srcNetworkScope; + return this; + } + @CustomType.Setter + public Builder srcNetworks(@Nullable List srcNetworks) { + + this.srcNetworks = srcNetworks; + return this; + } + public Builder srcNetworks(String... srcNetworks) { + return srcNetworks(List.of(srcNetworks)); + } + @CustomType.Setter public Builder srcRegionCodes(@Nullable List srcRegionCodes) { this.srcRegionCodes = srcRegionCodes; @@ -296,12 +364,15 @@ public FirewallPolicyRuleMatch build() { _resultValue.destAddressGroups = destAddressGroups; _resultValue.destFqdns = destFqdns; _resultValue.destIpRanges = destIpRanges; + _resultValue.destNetworkScope = destNetworkScope; _resultValue.destRegionCodes = destRegionCodes; _resultValue.destThreatIntelligences = destThreatIntelligences; _resultValue.layer4Configs = layer4Configs; _resultValue.srcAddressGroups = srcAddressGroups; _resultValue.srcFqdns = srcFqdns; _resultValue.srcIpRanges = srcIpRanges; + _resultValue.srcNetworkScope = srcNetworkScope; + _resultValue.srcNetworks = srcNetworks; _resultValue.srcRegionCodes = srcRegionCodes; _resultValue.srcThreatIntelligences = srcThreatIntelligences; return _resultValue; diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/FirewallPolicyWithRulesRuleMatch.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/FirewallPolicyWithRulesRuleMatch.java index 6c7da999c6..88754c923e 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/FirewallPolicyWithRulesRuleMatch.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/FirewallPolicyWithRulesRuleMatch.java @@ -9,6 +9,7 @@ import java.lang.String; import java.util.List; import java.util.Objects; +import java.util.Optional; import javax.annotation.Nullable; @CustomType @@ -31,6 +32,12 @@ public final class FirewallPolicyWithRulesRuleMatch { * */ private @Nullable List destIpRanges; + /** + * @return Network scope of the traffic destination. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + * + */ + private @Nullable String destNetworkScope; /** * @return Region codes whose IP addresses will be used to match for destination * of traffic. Should be specified as 2 letter country code defined as per @@ -71,6 +78,17 @@ public final class FirewallPolicyWithRulesRuleMatch { * */ private @Nullable List srcIpRanges; + /** + * @return Network scope of the traffic source. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + * + */ + private @Nullable String srcNetworkScope; + /** + * @return Networks of the traffic source. It can be either a full or partial url. + * + */ + private @Nullable List srcNetworks; /** * @return Region codes whose IP addresses will be used to match for source * of traffic. Should be specified as 2 letter country code defined as per @@ -111,6 +129,14 @@ public List destFqdns() { public List destIpRanges() { return this.destIpRanges == null ? List.of() : this.destIpRanges; } + /** + * @return Network scope of the traffic destination. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + * + */ + public Optional destNetworkScope() { + return Optional.ofNullable(this.destNetworkScope); + } /** * @return Region codes whose IP addresses will be used to match for destination * of traffic. Should be specified as 2 letter country code defined as per @@ -163,6 +189,21 @@ public List srcFqdns() { public List srcIpRanges() { return this.srcIpRanges == null ? List.of() : this.srcIpRanges; } + /** + * @return Network scope of the traffic source. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + * + */ + public Optional srcNetworkScope() { + return Optional.ofNullable(this.srcNetworkScope); + } + /** + * @return Networks of the traffic source. It can be either a full or partial url. + * + */ + public List srcNetworks() { + return this.srcNetworks == null ? List.of() : this.srcNetworks; + } /** * @return Region codes whose IP addresses will be used to match for source * of traffic. Should be specified as 2 letter country code defined as per @@ -194,12 +235,15 @@ public static final class Builder { private @Nullable List destAddressGroups; private @Nullable List destFqdns; private @Nullable List destIpRanges; + private @Nullable String destNetworkScope; private @Nullable List destRegionCodes; private @Nullable List destThreatIntelligences; private List layer4Configs; private @Nullable List srcAddressGroups; private @Nullable List srcFqdns; private @Nullable List srcIpRanges; + private @Nullable String srcNetworkScope; + private @Nullable List srcNetworks; private @Nullable List srcRegionCodes; private @Nullable List srcThreatIntelligences; public Builder() {} @@ -208,12 +252,15 @@ public Builder(FirewallPolicyWithRulesRuleMatch defaults) { this.destAddressGroups = defaults.destAddressGroups; this.destFqdns = defaults.destFqdns; this.destIpRanges = defaults.destIpRanges; + this.destNetworkScope = defaults.destNetworkScope; this.destRegionCodes = defaults.destRegionCodes; this.destThreatIntelligences = defaults.destThreatIntelligences; this.layer4Configs = defaults.layer4Configs; this.srcAddressGroups = defaults.srcAddressGroups; this.srcFqdns = defaults.srcFqdns; this.srcIpRanges = defaults.srcIpRanges; + this.srcNetworkScope = defaults.srcNetworkScope; + this.srcNetworks = defaults.srcNetworks; this.srcRegionCodes = defaults.srcRegionCodes; this.srcThreatIntelligences = defaults.srcThreatIntelligences; } @@ -246,6 +293,12 @@ public Builder destIpRanges(String... destIpRanges) { return destIpRanges(List.of(destIpRanges)); } @CustomType.Setter + public Builder destNetworkScope(@Nullable String destNetworkScope) { + + this.destNetworkScope = destNetworkScope; + return this; + } + @CustomType.Setter public Builder destRegionCodes(@Nullable List destRegionCodes) { this.destRegionCodes = destRegionCodes; @@ -302,6 +355,21 @@ public Builder srcIpRanges(String... srcIpRanges) { return srcIpRanges(List.of(srcIpRanges)); } @CustomType.Setter + public Builder srcNetworkScope(@Nullable String srcNetworkScope) { + + this.srcNetworkScope = srcNetworkScope; + return this; + } + @CustomType.Setter + public Builder srcNetworks(@Nullable List srcNetworks) { + + this.srcNetworks = srcNetworks; + return this; + } + public Builder srcNetworks(String... srcNetworks) { + return srcNetworks(List.of(srcNetworks)); + } + @CustomType.Setter public Builder srcRegionCodes(@Nullable List srcRegionCodes) { this.srcRegionCodes = srcRegionCodes; @@ -324,12 +392,15 @@ public FirewallPolicyWithRulesRuleMatch build() { _resultValue.destAddressGroups = destAddressGroups; _resultValue.destFqdns = destFqdns; _resultValue.destIpRanges = destIpRanges; + _resultValue.destNetworkScope = destNetworkScope; _resultValue.destRegionCodes = destRegionCodes; _resultValue.destThreatIntelligences = destThreatIntelligences; _resultValue.layer4Configs = layer4Configs; _resultValue.srcAddressGroups = srcAddressGroups; _resultValue.srcFqdns = srcFqdns; _resultValue.srcIpRanges = srcIpRanges; + _resultValue.srcNetworkScope = srcNetworkScope; + _resultValue.srcNetworks = srcNetworks; _resultValue.srcRegionCodes = srcRegionCodes; _resultValue.srcThreatIntelligences = srcThreatIntelligences; return _resultValue; diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/GetInstanceTemplateIamPolicyResult.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/GetInstanceTemplateIamPolicyResult.java new file mode 100644 index 0000000000..ce49ab5247 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/GetInstanceTemplateIamPolicyResult.java @@ -0,0 +1,136 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.compute.outputs; + +import com.pulumi.core.annotations.CustomType; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.Objects; + +@CustomType +public final class GetInstanceTemplateIamPolicyResult { + /** + * @return (Computed) The etag of the IAM policy. + * + */ + private String etag; + /** + * @return The provider-assigned unique ID for this managed resource. + * + */ + private String id; + private String name; + /** + * @return (Required only by `gcp.compute.InstanceTemplateIamPolicy`) The policy data generated by + * a `gcp.organizations.getIAMPolicy` data source. + * + */ + private String policyData; + private String project; + + private GetInstanceTemplateIamPolicyResult() {} + /** + * @return (Computed) The etag of the IAM policy. + * + */ + public String etag() { + return this.etag; + } + /** + * @return The provider-assigned unique ID for this managed resource. + * + */ + public String id() { + return this.id; + } + public String name() { + return this.name; + } + /** + * @return (Required only by `gcp.compute.InstanceTemplateIamPolicy`) The policy data generated by + * a `gcp.organizations.getIAMPolicy` data source. + * + */ + public String policyData() { + return this.policyData; + } + public String project() { + return this.project; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(GetInstanceTemplateIamPolicyResult defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private String etag; + private String id; + private String name; + private String policyData; + private String project; + public Builder() {} + public Builder(GetInstanceTemplateIamPolicyResult defaults) { + Objects.requireNonNull(defaults); + this.etag = defaults.etag; + this.id = defaults.id; + this.name = defaults.name; + this.policyData = defaults.policyData; + this.project = defaults.project; + } + + @CustomType.Setter + public Builder etag(String etag) { + if (etag == null) { + throw new MissingRequiredPropertyException("GetInstanceTemplateIamPolicyResult", "etag"); + } + this.etag = etag; + return this; + } + @CustomType.Setter + public Builder id(String id) { + if (id == null) { + throw new MissingRequiredPropertyException("GetInstanceTemplateIamPolicyResult", "id"); + } + this.id = id; + return this; + } + @CustomType.Setter + public Builder name(String name) { + if (name == null) { + throw new MissingRequiredPropertyException("GetInstanceTemplateIamPolicyResult", "name"); + } + this.name = name; + return this; + } + @CustomType.Setter + public Builder policyData(String policyData) { + if (policyData == null) { + throw new MissingRequiredPropertyException("GetInstanceTemplateIamPolicyResult", "policyData"); + } + this.policyData = policyData; + return this; + } + @CustomType.Setter + public Builder project(String project) { + if (project == null) { + throw new MissingRequiredPropertyException("GetInstanceTemplateIamPolicyResult", "project"); + } + this.project = project; + return this; + } + public GetInstanceTemplateIamPolicyResult build() { + final var _resultValue = new GetInstanceTemplateIamPolicyResult(); + _resultValue.etag = etag; + _resultValue.id = id; + _resultValue.name = name; + _resultValue.policyData = policyData; + _resultValue.project = project; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/InstanceTemplateIamBindingCondition.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/InstanceTemplateIamBindingCondition.java new file mode 100644 index 0000000000..23910f947c --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/InstanceTemplateIamBindingCondition.java @@ -0,0 +1,96 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.compute.outputs; + +import com.pulumi.core.annotations.CustomType; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + +@CustomType +public final class InstanceTemplateIamBindingCondition { + private @Nullable String description; + /** + * @return Textual representation of an expression in Common Expression Language syntax. + * + */ + private String expression; + /** + * @return A title for the expression, i.e. a short string describing its purpose. + * + */ + private String title; + + private InstanceTemplateIamBindingCondition() {} + public Optional description() { + return Optional.ofNullable(this.description); + } + /** + * @return Textual representation of an expression in Common Expression Language syntax. + * + */ + public String expression() { + return this.expression; + } + /** + * @return A title for the expression, i.e. a short string describing its purpose. + * + */ + public String title() { + return this.title; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(InstanceTemplateIamBindingCondition defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private @Nullable String description; + private String expression; + private String title; + public Builder() {} + public Builder(InstanceTemplateIamBindingCondition defaults) { + Objects.requireNonNull(defaults); + this.description = defaults.description; + this.expression = defaults.expression; + this.title = defaults.title; + } + + @CustomType.Setter + public Builder description(@Nullable String description) { + + this.description = description; + return this; + } + @CustomType.Setter + public Builder expression(String expression) { + if (expression == null) { + throw new MissingRequiredPropertyException("InstanceTemplateIamBindingCondition", "expression"); + } + this.expression = expression; + return this; + } + @CustomType.Setter + public Builder title(String title) { + if (title == null) { + throw new MissingRequiredPropertyException("InstanceTemplateIamBindingCondition", "title"); + } + this.title = title; + return this; + } + public InstanceTemplateIamBindingCondition build() { + final var _resultValue = new InstanceTemplateIamBindingCondition(); + _resultValue.description = description; + _resultValue.expression = expression; + _resultValue.title = title; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/InstanceTemplateIamMemberCondition.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/InstanceTemplateIamMemberCondition.java new file mode 100644 index 0000000000..4e03c2bb69 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/InstanceTemplateIamMemberCondition.java @@ -0,0 +1,96 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.compute.outputs; + +import com.pulumi.core.annotations.CustomType; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + +@CustomType +public final class InstanceTemplateIamMemberCondition { + private @Nullable String description; + /** + * @return Textual representation of an expression in Common Expression Language syntax. + * + */ + private String expression; + /** + * @return A title for the expression, i.e. a short string describing its purpose. + * + */ + private String title; + + private InstanceTemplateIamMemberCondition() {} + public Optional description() { + return Optional.ofNullable(this.description); + } + /** + * @return Textual representation of an expression in Common Expression Language syntax. + * + */ + public String expression() { + return this.expression; + } + /** + * @return A title for the expression, i.e. a short string describing its purpose. + * + */ + public String title() { + return this.title; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(InstanceTemplateIamMemberCondition defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private @Nullable String description; + private String expression; + private String title; + public Builder() {} + public Builder(InstanceTemplateIamMemberCondition defaults) { + Objects.requireNonNull(defaults); + this.description = defaults.description; + this.expression = defaults.expression; + this.title = defaults.title; + } + + @CustomType.Setter + public Builder description(@Nullable String description) { + + this.description = description; + return this; + } + @CustomType.Setter + public Builder expression(String expression) { + if (expression == null) { + throw new MissingRequiredPropertyException("InstanceTemplateIamMemberCondition", "expression"); + } + this.expression = expression; + return this; + } + @CustomType.Setter + public Builder title(String title) { + if (title == null) { + throw new MissingRequiredPropertyException("InstanceTemplateIamMemberCondition", "title"); + } + this.title = title; + return this; + } + public InstanceTemplateIamMemberCondition build() { + final var _resultValue = new InstanceTemplateIamMemberCondition(); + _resultValue.description = description; + _resultValue.expression = expression; + _resultValue.title = title; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/NetworkFirewallPolicyRuleMatch.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/NetworkFirewallPolicyRuleMatch.java index 9dd96f7d7f..85c811bf5e 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/NetworkFirewallPolicyRuleMatch.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/NetworkFirewallPolicyRuleMatch.java @@ -10,6 +10,7 @@ import java.lang.String; import java.util.List; import java.util.Objects; +import java.util.Optional; import javax.annotation.Nullable; @CustomType @@ -29,6 +30,12 @@ public final class NetworkFirewallPolicyRuleMatch { * */ private @Nullable List destIpRanges; + /** + * @return Network scope of the traffic destination. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + * + */ + private @Nullable String destNetworkScope; /** * @return Region codes whose IP addresses will be used to match for destination of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of dest region codes allowed is 5000. * @@ -60,6 +67,17 @@ public final class NetworkFirewallPolicyRuleMatch { * */ private @Nullable List srcIpRanges; + /** + * @return Network scope of the traffic source. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + * + */ + private @Nullable String srcNetworkScope; + /** + * @return Networks of the traffic source. It can be either a full or partial url. + * + */ + private @Nullable List srcNetworks; /** * @return Region codes whose IP addresses will be used to match for source of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of source region codes allowed is 5000. * @@ -101,6 +119,14 @@ public List destFqdns() { public List destIpRanges() { return this.destIpRanges == null ? List.of() : this.destIpRanges; } + /** + * @return Network scope of the traffic destination. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + * + */ + public Optional destNetworkScope() { + return Optional.ofNullable(this.destNetworkScope); + } /** * @return Region codes whose IP addresses will be used to match for destination of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of dest region codes allowed is 5000. * @@ -144,6 +170,21 @@ public List srcFqdns() { public List srcIpRanges() { return this.srcIpRanges == null ? List.of() : this.srcIpRanges; } + /** + * @return Network scope of the traffic source. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + * + */ + public Optional srcNetworkScope() { + return Optional.ofNullable(this.srcNetworkScope); + } + /** + * @return Networks of the traffic source. It can be either a full or partial url. + * + */ + public List srcNetworks() { + return this.srcNetworks == null ? List.of() : this.srcNetworks; + } /** * @return Region codes whose IP addresses will be used to match for source of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of source region codes allowed is 5000. * @@ -181,12 +222,15 @@ public static final class Builder { private @Nullable List destAddressGroups; private @Nullable List destFqdns; private @Nullable List destIpRanges; + private @Nullable String destNetworkScope; private @Nullable List destRegionCodes; private @Nullable List destThreatIntelligences; private List layer4Configs; private @Nullable List srcAddressGroups; private @Nullable List srcFqdns; private @Nullable List srcIpRanges; + private @Nullable String srcNetworkScope; + private @Nullable List srcNetworks; private @Nullable List srcRegionCodes; private @Nullable List srcSecureTags; private @Nullable List srcThreatIntelligences; @@ -196,12 +240,15 @@ public Builder(NetworkFirewallPolicyRuleMatch defaults) { this.destAddressGroups = defaults.destAddressGroups; this.destFqdns = defaults.destFqdns; this.destIpRanges = defaults.destIpRanges; + this.destNetworkScope = defaults.destNetworkScope; this.destRegionCodes = defaults.destRegionCodes; this.destThreatIntelligences = defaults.destThreatIntelligences; this.layer4Configs = defaults.layer4Configs; this.srcAddressGroups = defaults.srcAddressGroups; this.srcFqdns = defaults.srcFqdns; this.srcIpRanges = defaults.srcIpRanges; + this.srcNetworkScope = defaults.srcNetworkScope; + this.srcNetworks = defaults.srcNetworks; this.srcRegionCodes = defaults.srcRegionCodes; this.srcSecureTags = defaults.srcSecureTags; this.srcThreatIntelligences = defaults.srcThreatIntelligences; @@ -235,6 +282,12 @@ public Builder destIpRanges(String... destIpRanges) { return destIpRanges(List.of(destIpRanges)); } @CustomType.Setter + public Builder destNetworkScope(@Nullable String destNetworkScope) { + + this.destNetworkScope = destNetworkScope; + return this; + } + @CustomType.Setter public Builder destRegionCodes(@Nullable List destRegionCodes) { this.destRegionCodes = destRegionCodes; @@ -291,6 +344,21 @@ public Builder srcIpRanges(String... srcIpRanges) { return srcIpRanges(List.of(srcIpRanges)); } @CustomType.Setter + public Builder srcNetworkScope(@Nullable String srcNetworkScope) { + + this.srcNetworkScope = srcNetworkScope; + return this; + } + @CustomType.Setter + public Builder srcNetworks(@Nullable List srcNetworks) { + + this.srcNetworks = srcNetworks; + return this; + } + public Builder srcNetworks(String... srcNetworks) { + return srcNetworks(List.of(srcNetworks)); + } + @CustomType.Setter public Builder srcRegionCodes(@Nullable List srcRegionCodes) { this.srcRegionCodes = srcRegionCodes; @@ -322,12 +390,15 @@ public NetworkFirewallPolicyRuleMatch build() { _resultValue.destAddressGroups = destAddressGroups; _resultValue.destFqdns = destFqdns; _resultValue.destIpRanges = destIpRanges; + _resultValue.destNetworkScope = destNetworkScope; _resultValue.destRegionCodes = destRegionCodes; _resultValue.destThreatIntelligences = destThreatIntelligences; _resultValue.layer4Configs = layer4Configs; _resultValue.srcAddressGroups = srcAddressGroups; _resultValue.srcFqdns = srcFqdns; _resultValue.srcIpRanges = srcIpRanges; + _resultValue.srcNetworkScope = srcNetworkScope; + _resultValue.srcNetworks = srcNetworks; _resultValue.srcRegionCodes = srcRegionCodes; _resultValue.srcSecureTags = srcSecureTags; _resultValue.srcThreatIntelligences = srcThreatIntelligences; diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/NetworkFirewallPolicyWithRulesRuleMatch.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/NetworkFirewallPolicyWithRulesRuleMatch.java index 2775994b0a..ef16d13d80 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/NetworkFirewallPolicyWithRulesRuleMatch.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/NetworkFirewallPolicyWithRulesRuleMatch.java @@ -10,6 +10,7 @@ import java.lang.String; import java.util.List; import java.util.Objects; +import java.util.Optional; import javax.annotation.Nullable; @CustomType @@ -32,6 +33,12 @@ public final class NetworkFirewallPolicyWithRulesRuleMatch { * */ private @Nullable List destIpRanges; + /** + * @return Network scope of the traffic destination. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + * + */ + private @Nullable String destNetworkScope; /** * @return Region codes whose IP addresses will be used to match for destination * of traffic. Should be specified as 2 letter country code defined as per @@ -70,6 +77,17 @@ public final class NetworkFirewallPolicyWithRulesRuleMatch { * */ private @Nullable List srcIpRanges; + /** + * @return Network scope of the traffic source. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + * + */ + private @Nullable String srcNetworkScope; + /** + * @return Networks of the traffic source. It can be either a full or partial url. + * + */ + private @Nullable List srcNetworks; /** * @return Region codes whose IP addresses will be used to match for source * of traffic. Should be specified as 2 letter country code defined as per @@ -122,6 +140,14 @@ public List destFqdns() { public List destIpRanges() { return this.destIpRanges == null ? List.of() : this.destIpRanges; } + /** + * @return Network scope of the traffic destination. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + * + */ + public Optional destNetworkScope() { + return Optional.ofNullable(this.destNetworkScope); + } /** * @return Region codes whose IP addresses will be used to match for destination * of traffic. Should be specified as 2 letter country code defined as per @@ -172,6 +198,21 @@ public List srcFqdns() { public List srcIpRanges() { return this.srcIpRanges == null ? List.of() : this.srcIpRanges; } + /** + * @return Network scope of the traffic source. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + * + */ + public Optional srcNetworkScope() { + return Optional.ofNullable(this.srcNetworkScope); + } + /** + * @return Networks of the traffic source. It can be either a full or partial url. + * + */ + public List srcNetworks() { + return this.srcNetworks == null ? List.of() : this.srcNetworks; + } /** * @return Region codes whose IP addresses will be used to match for source * of traffic. Should be specified as 2 letter country code defined as per @@ -217,12 +258,15 @@ public static final class Builder { private @Nullable List destAddressGroups; private @Nullable List destFqdns; private @Nullable List destIpRanges; + private @Nullable String destNetworkScope; private @Nullable List destRegionCodes; private @Nullable List destThreatIntelligences; private List layer4Configs; private @Nullable List srcAddressGroups; private @Nullable List srcFqdns; private @Nullable List srcIpRanges; + private @Nullable String srcNetworkScope; + private @Nullable List srcNetworks; private @Nullable List srcRegionCodes; private @Nullable List srcSecureTags; private @Nullable List srcThreatIntelligences; @@ -232,12 +276,15 @@ public Builder(NetworkFirewallPolicyWithRulesRuleMatch defaults) { this.destAddressGroups = defaults.destAddressGroups; this.destFqdns = defaults.destFqdns; this.destIpRanges = defaults.destIpRanges; + this.destNetworkScope = defaults.destNetworkScope; this.destRegionCodes = defaults.destRegionCodes; this.destThreatIntelligences = defaults.destThreatIntelligences; this.layer4Configs = defaults.layer4Configs; this.srcAddressGroups = defaults.srcAddressGroups; this.srcFqdns = defaults.srcFqdns; this.srcIpRanges = defaults.srcIpRanges; + this.srcNetworkScope = defaults.srcNetworkScope; + this.srcNetworks = defaults.srcNetworks; this.srcRegionCodes = defaults.srcRegionCodes; this.srcSecureTags = defaults.srcSecureTags; this.srcThreatIntelligences = defaults.srcThreatIntelligences; @@ -271,6 +318,12 @@ public Builder destIpRanges(String... destIpRanges) { return destIpRanges(List.of(destIpRanges)); } @CustomType.Setter + public Builder destNetworkScope(@Nullable String destNetworkScope) { + + this.destNetworkScope = destNetworkScope; + return this; + } + @CustomType.Setter public Builder destRegionCodes(@Nullable List destRegionCodes) { this.destRegionCodes = destRegionCodes; @@ -327,6 +380,21 @@ public Builder srcIpRanges(String... srcIpRanges) { return srcIpRanges(List.of(srcIpRanges)); } @CustomType.Setter + public Builder srcNetworkScope(@Nullable String srcNetworkScope) { + + this.srcNetworkScope = srcNetworkScope; + return this; + } + @CustomType.Setter + public Builder srcNetworks(@Nullable List srcNetworks) { + + this.srcNetworks = srcNetworks; + return this; + } + public Builder srcNetworks(String... srcNetworks) { + return srcNetworks(List.of(srcNetworks)); + } + @CustomType.Setter public Builder srcRegionCodes(@Nullable List srcRegionCodes) { this.srcRegionCodes = srcRegionCodes; @@ -358,12 +426,15 @@ public NetworkFirewallPolicyWithRulesRuleMatch build() { _resultValue.destAddressGroups = destAddressGroups; _resultValue.destFqdns = destFqdns; _resultValue.destIpRanges = destIpRanges; + _resultValue.destNetworkScope = destNetworkScope; _resultValue.destRegionCodes = destRegionCodes; _resultValue.destThreatIntelligences = destThreatIntelligences; _resultValue.layer4Configs = layer4Configs; _resultValue.srcAddressGroups = srcAddressGroups; _resultValue.srcFqdns = srcFqdns; _resultValue.srcIpRanges = srcIpRanges; + _resultValue.srcNetworkScope = srcNetworkScope; + _resultValue.srcNetworks = srcNetworks; _resultValue.srcRegionCodes = srcRegionCodes; _resultValue.srcSecureTags = srcSecureTags; _resultValue.srcThreatIntelligences = srcThreatIntelligences; diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/RegionNetworkFirewallPolicyRuleMatch.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/RegionNetworkFirewallPolicyRuleMatch.java index 50e1aadffd..47c8468ce0 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/RegionNetworkFirewallPolicyRuleMatch.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/RegionNetworkFirewallPolicyRuleMatch.java @@ -10,6 +10,7 @@ import java.lang.String; import java.util.List; import java.util.Objects; +import java.util.Optional; import javax.annotation.Nullable; @CustomType @@ -29,6 +30,12 @@ public final class RegionNetworkFirewallPolicyRuleMatch { * */ private @Nullable List destIpRanges; + /** + * @return Network scope of the traffic destination. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + * + */ + private @Nullable String destNetworkScope; /** * @return Region codes whose IP addresses will be used to match for destination of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of dest region codes allowed is 5000. * @@ -60,6 +67,17 @@ public final class RegionNetworkFirewallPolicyRuleMatch { * */ private @Nullable List srcIpRanges; + /** + * @return Network scope of the traffic source. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + * + */ + private @Nullable String srcNetworkScope; + /** + * @return Networks of the traffic source. It can be either a full or partial url. + * + */ + private @Nullable List srcNetworks; /** * @return Region codes whose IP addresses will be used to match for source of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of source region codes allowed is 5000. * @@ -101,6 +119,14 @@ public List destFqdns() { public List destIpRanges() { return this.destIpRanges == null ? List.of() : this.destIpRanges; } + /** + * @return Network scope of the traffic destination. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + * + */ + public Optional destNetworkScope() { + return Optional.ofNullable(this.destNetworkScope); + } /** * @return Region codes whose IP addresses will be used to match for destination of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of dest region codes allowed is 5000. * @@ -144,6 +170,21 @@ public List srcFqdns() { public List srcIpRanges() { return this.srcIpRanges == null ? List.of() : this.srcIpRanges; } + /** + * @return Network scope of the traffic source. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + * + */ + public Optional srcNetworkScope() { + return Optional.ofNullable(this.srcNetworkScope); + } + /** + * @return Networks of the traffic source. It can be either a full or partial url. + * + */ + public List srcNetworks() { + return this.srcNetworks == null ? List.of() : this.srcNetworks; + } /** * @return Region codes whose IP addresses will be used to match for source of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of source region codes allowed is 5000. * @@ -181,12 +222,15 @@ public static final class Builder { private @Nullable List destAddressGroups; private @Nullable List destFqdns; private @Nullable List destIpRanges; + private @Nullable String destNetworkScope; private @Nullable List destRegionCodes; private @Nullable List destThreatIntelligences; private List layer4Configs; private @Nullable List srcAddressGroups; private @Nullable List srcFqdns; private @Nullable List srcIpRanges; + private @Nullable String srcNetworkScope; + private @Nullable List srcNetworks; private @Nullable List srcRegionCodes; private @Nullable List srcSecureTags; private @Nullable List srcThreatIntelligences; @@ -196,12 +240,15 @@ public Builder(RegionNetworkFirewallPolicyRuleMatch defaults) { this.destAddressGroups = defaults.destAddressGroups; this.destFqdns = defaults.destFqdns; this.destIpRanges = defaults.destIpRanges; + this.destNetworkScope = defaults.destNetworkScope; this.destRegionCodes = defaults.destRegionCodes; this.destThreatIntelligences = defaults.destThreatIntelligences; this.layer4Configs = defaults.layer4Configs; this.srcAddressGroups = defaults.srcAddressGroups; this.srcFqdns = defaults.srcFqdns; this.srcIpRanges = defaults.srcIpRanges; + this.srcNetworkScope = defaults.srcNetworkScope; + this.srcNetworks = defaults.srcNetworks; this.srcRegionCodes = defaults.srcRegionCodes; this.srcSecureTags = defaults.srcSecureTags; this.srcThreatIntelligences = defaults.srcThreatIntelligences; @@ -235,6 +282,12 @@ public Builder destIpRanges(String... destIpRanges) { return destIpRanges(List.of(destIpRanges)); } @CustomType.Setter + public Builder destNetworkScope(@Nullable String destNetworkScope) { + + this.destNetworkScope = destNetworkScope; + return this; + } + @CustomType.Setter public Builder destRegionCodes(@Nullable List destRegionCodes) { this.destRegionCodes = destRegionCodes; @@ -291,6 +344,21 @@ public Builder srcIpRanges(String... srcIpRanges) { return srcIpRanges(List.of(srcIpRanges)); } @CustomType.Setter + public Builder srcNetworkScope(@Nullable String srcNetworkScope) { + + this.srcNetworkScope = srcNetworkScope; + return this; + } + @CustomType.Setter + public Builder srcNetworks(@Nullable List srcNetworks) { + + this.srcNetworks = srcNetworks; + return this; + } + public Builder srcNetworks(String... srcNetworks) { + return srcNetworks(List.of(srcNetworks)); + } + @CustomType.Setter public Builder srcRegionCodes(@Nullable List srcRegionCodes) { this.srcRegionCodes = srcRegionCodes; @@ -322,12 +390,15 @@ public RegionNetworkFirewallPolicyRuleMatch build() { _resultValue.destAddressGroups = destAddressGroups; _resultValue.destFqdns = destFqdns; _resultValue.destIpRanges = destIpRanges; + _resultValue.destNetworkScope = destNetworkScope; _resultValue.destRegionCodes = destRegionCodes; _resultValue.destThreatIntelligences = destThreatIntelligences; _resultValue.layer4Configs = layer4Configs; _resultValue.srcAddressGroups = srcAddressGroups; _resultValue.srcFqdns = srcFqdns; _resultValue.srcIpRanges = srcIpRanges; + _resultValue.srcNetworkScope = srcNetworkScope; + _resultValue.srcNetworks = srcNetworks; _resultValue.srcRegionCodes = srcRegionCodes; _resultValue.srcSecureTags = srcSecureTags; _resultValue.srcThreatIntelligences = srcThreatIntelligences; diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/RegionNetworkFirewallPolicyWithRulesRuleMatch.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/RegionNetworkFirewallPolicyWithRulesRuleMatch.java index 4e9924793a..ef8c2b2b08 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/RegionNetworkFirewallPolicyWithRulesRuleMatch.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/RegionNetworkFirewallPolicyWithRulesRuleMatch.java @@ -10,6 +10,7 @@ import java.lang.String; import java.util.List; import java.util.Objects; +import java.util.Optional; import javax.annotation.Nullable; @CustomType @@ -32,6 +33,12 @@ public final class RegionNetworkFirewallPolicyWithRulesRuleMatch { * */ private @Nullable List destIpRanges; + /** + * @return Network scope of the traffic destination. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + * + */ + private @Nullable String destNetworkScope; /** * @return Region codes whose IP addresses will be used to match for destination * of traffic. Should be specified as 2 letter country code defined as per @@ -70,6 +77,17 @@ public final class RegionNetworkFirewallPolicyWithRulesRuleMatch { * */ private @Nullable List srcIpRanges; + /** + * @return Network scope of the traffic source. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + * + */ + private @Nullable String srcNetworkScope; + /** + * @return Networks of the traffic source. It can be either a full or partial url. + * + */ + private @Nullable List srcNetworks; /** * @return Region codes whose IP addresses will be used to match for source * of traffic. Should be specified as 2 letter country code defined as per @@ -122,6 +140,14 @@ public List destFqdns() { public List destIpRanges() { return this.destIpRanges == null ? List.of() : this.destIpRanges; } + /** + * @return Network scope of the traffic destination. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + * + */ + public Optional destNetworkScope() { + return Optional.ofNullable(this.destNetworkScope); + } /** * @return Region codes whose IP addresses will be used to match for destination * of traffic. Should be specified as 2 letter country code defined as per @@ -172,6 +198,21 @@ public List srcFqdns() { public List srcIpRanges() { return this.srcIpRanges == null ? List.of() : this.srcIpRanges; } + /** + * @return Network scope of the traffic source. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + * + */ + public Optional srcNetworkScope() { + return Optional.ofNullable(this.srcNetworkScope); + } + /** + * @return Networks of the traffic source. It can be either a full or partial url. + * + */ + public List srcNetworks() { + return this.srcNetworks == null ? List.of() : this.srcNetworks; + } /** * @return Region codes whose IP addresses will be used to match for source * of traffic. Should be specified as 2 letter country code defined as per @@ -217,12 +258,15 @@ public static final class Builder { private @Nullable List destAddressGroups; private @Nullable List destFqdns; private @Nullable List destIpRanges; + private @Nullable String destNetworkScope; private @Nullable List destRegionCodes; private @Nullable List destThreatIntelligences; private List layer4Configs; private @Nullable List srcAddressGroups; private @Nullable List srcFqdns; private @Nullable List srcIpRanges; + private @Nullable String srcNetworkScope; + private @Nullable List srcNetworks; private @Nullable List srcRegionCodes; private @Nullable List srcSecureTags; private @Nullable List srcThreatIntelligences; @@ -232,12 +276,15 @@ public Builder(RegionNetworkFirewallPolicyWithRulesRuleMatch defaults) { this.destAddressGroups = defaults.destAddressGroups; this.destFqdns = defaults.destFqdns; this.destIpRanges = defaults.destIpRanges; + this.destNetworkScope = defaults.destNetworkScope; this.destRegionCodes = defaults.destRegionCodes; this.destThreatIntelligences = defaults.destThreatIntelligences; this.layer4Configs = defaults.layer4Configs; this.srcAddressGroups = defaults.srcAddressGroups; this.srcFqdns = defaults.srcFqdns; this.srcIpRanges = defaults.srcIpRanges; + this.srcNetworkScope = defaults.srcNetworkScope; + this.srcNetworks = defaults.srcNetworks; this.srcRegionCodes = defaults.srcRegionCodes; this.srcSecureTags = defaults.srcSecureTags; this.srcThreatIntelligences = defaults.srcThreatIntelligences; @@ -271,6 +318,12 @@ public Builder destIpRanges(String... destIpRanges) { return destIpRanges(List.of(destIpRanges)); } @CustomType.Setter + public Builder destNetworkScope(@Nullable String destNetworkScope) { + + this.destNetworkScope = destNetworkScope; + return this; + } + @CustomType.Setter public Builder destRegionCodes(@Nullable List destRegionCodes) { this.destRegionCodes = destRegionCodes; @@ -327,6 +380,21 @@ public Builder srcIpRanges(String... srcIpRanges) { return srcIpRanges(List.of(srcIpRanges)); } @CustomType.Setter + public Builder srcNetworkScope(@Nullable String srcNetworkScope) { + + this.srcNetworkScope = srcNetworkScope; + return this; + } + @CustomType.Setter + public Builder srcNetworks(@Nullable List srcNetworks) { + + this.srcNetworks = srcNetworks; + return this; + } + public Builder srcNetworks(String... srcNetworks) { + return srcNetworks(List.of(srcNetworks)); + } + @CustomType.Setter public Builder srcRegionCodes(@Nullable List srcRegionCodes) { this.srcRegionCodes = srcRegionCodes; @@ -358,12 +426,15 @@ public RegionNetworkFirewallPolicyWithRulesRuleMatch build() { _resultValue.destAddressGroups = destAddressGroups; _resultValue.destFqdns = destFqdns; _resultValue.destIpRanges = destIpRanges; + _resultValue.destNetworkScope = destNetworkScope; _resultValue.destRegionCodes = destRegionCodes; _resultValue.destThreatIntelligences = destThreatIntelligences; _resultValue.layer4Configs = layer4Configs; _resultValue.srcAddressGroups = srcAddressGroups; _resultValue.srcFqdns = srcFqdns; _resultValue.srcIpRanges = srcIpRanges; + _resultValue.srcNetworkScope = srcNetworkScope; + _resultValue.srcNetworks = srcNetworks; _resultValue.srcRegionCodes = srcRegionCodes; _resultValue.srcSecureTags = srcSecureTags; _resultValue.srcThreatIntelligences = srcThreatIntelligences; diff --git a/sdk/java/src/main/java/com/pulumi/gcp/filestore/Instance.java b/sdk/java/src/main/java/com/pulumi/gcp/filestore/Instance.java index 8ebd2fc2ba..930f1f8bde 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/filestore/Instance.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/filestore/Instance.java @@ -511,6 +511,28 @@ public Output> protocol() { public Output> pulumiLabels() { return this.pulumiLabels; } + /** + * A map of resource manager tags. Resource manager tag keys and values have the same definition as resource manager tags. + * Keys must be in the format tagKeys/{tag_key_id}, and values are in the format tagValues/456. The field is ignored when + * empty. The field is immutable and causes resource replacement when mutated. This field is only set at create time and + * modifying this field after creation will trigger recreation. To apply tags to an existing resource, see the + * 'google_tags_tag_value' resource. + * + */ + @Export(name="tags", refs={Map.class,String.class}, tree="[0,1,1]") + private Output> tags; + + /** + * @return A map of resource manager tags. Resource manager tag keys and values have the same definition as resource manager tags. + * Keys must be in the format tagKeys/{tag_key_id}, and values are in the format tagValues/456. The field is ignored when + * empty. The field is immutable and causes resource replacement when mutated. This field is only set at create time and + * modifying this field after creation will trigger recreation. To apply tags to an existing resource, see the + * 'google_tags_tag_value' resource. + * + */ + public Output>> tags() { + return Codegen.optional(this.tags); + } /** * The service tier of the instance. * Possible values include: STANDARD, PREMIUM, BASIC_HDD, BASIC_SSD, HIGH_SCALE_SSD, ZONAL, REGIONAL and ENTERPRISE diff --git a/sdk/java/src/main/java/com/pulumi/gcp/filestore/InstanceArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/filestore/InstanceArgs.java index 9748fd8013..4620eb73d0 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/filestore/InstanceArgs.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/filestore/InstanceArgs.java @@ -210,6 +210,29 @@ public Optional> protocol() { return Optional.ofNullable(this.protocol); } + /** + * A map of resource manager tags. Resource manager tag keys and values have the same definition as resource manager tags. + * Keys must be in the format tagKeys/{tag_key_id}, and values are in the format tagValues/456. The field is ignored when + * empty. The field is immutable and causes resource replacement when mutated. This field is only set at create time and + * modifying this field after creation will trigger recreation. To apply tags to an existing resource, see the + * 'google_tags_tag_value' resource. + * + */ + @Import(name="tags") + private @Nullable Output> tags; + + /** + * @return A map of resource manager tags. Resource manager tag keys and values have the same definition as resource manager tags. + * Keys must be in the format tagKeys/{tag_key_id}, and values are in the format tagValues/456. The field is ignored when + * empty. The field is immutable and causes resource replacement when mutated. This field is only set at create time and + * modifying this field after creation will trigger recreation. To apply tags to an existing resource, see the + * 'google_tags_tag_value' resource. + * + */ + public Optional>> tags() { + return Optional.ofNullable(this.tags); + } + /** * The service tier of the instance. * Possible values include: STANDARD, PREMIUM, BASIC_HDD, BASIC_SSD, HIGH_SCALE_SSD, ZONAL, REGIONAL and ENTERPRISE @@ -265,6 +288,7 @@ private InstanceArgs(InstanceArgs $) { this.performanceConfig = $.performanceConfig; this.project = $.project; this.protocol = $.protocol; + this.tags = $.tags; this.tier = $.tier; this.zone = $.zone; } @@ -555,6 +579,35 @@ public Builder protocol(String protocol) { return protocol(Output.of(protocol)); } + /** + * @param tags A map of resource manager tags. Resource manager tag keys and values have the same definition as resource manager tags. + * Keys must be in the format tagKeys/{tag_key_id}, and values are in the format tagValues/456. The field is ignored when + * empty. The field is immutable and causes resource replacement when mutated. This field is only set at create time and + * modifying this field after creation will trigger recreation. To apply tags to an existing resource, see the + * 'google_tags_tag_value' resource. + * + * @return builder + * + */ + public Builder tags(@Nullable Output> tags) { + $.tags = tags; + return this; + } + + /** + * @param tags A map of resource manager tags. Resource manager tag keys and values have the same definition as resource manager tags. + * Keys must be in the format tagKeys/{tag_key_id}, and values are in the format tagValues/456. The field is ignored when + * empty. The field is immutable and causes resource replacement when mutated. This field is only set at create time and + * modifying this field after creation will trigger recreation. To apply tags to an existing resource, see the + * 'google_tags_tag_value' resource. + * + * @return builder + * + */ + public Builder tags(Map tags) { + return tags(Output.of(tags)); + } + /** * @param tier The service tier of the instance. * Possible values include: STANDARD, PREMIUM, BASIC_HDD, BASIC_SSD, HIGH_SCALE_SSD, ZONAL, REGIONAL and ENTERPRISE diff --git a/sdk/java/src/main/java/com/pulumi/gcp/filestore/inputs/InstanceState.java b/sdk/java/src/main/java/com/pulumi/gcp/filestore/inputs/InstanceState.java index 6ebe09af9c..a8a71a7683 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/filestore/inputs/InstanceState.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/filestore/inputs/InstanceState.java @@ -273,6 +273,29 @@ public Optional>> pulumiLabels() { return Optional.ofNullable(this.pulumiLabels); } + /** + * A map of resource manager tags. Resource manager tag keys and values have the same definition as resource manager tags. + * Keys must be in the format tagKeys/{tag_key_id}, and values are in the format tagValues/456. The field is ignored when + * empty. The field is immutable and causes resource replacement when mutated. This field is only set at create time and + * modifying this field after creation will trigger recreation. To apply tags to an existing resource, see the + * 'google_tags_tag_value' resource. + * + */ + @Import(name="tags") + private @Nullable Output> tags; + + /** + * @return A map of resource manager tags. Resource manager tag keys and values have the same definition as resource manager tags. + * Keys must be in the format tagKeys/{tag_key_id}, and values are in the format tagValues/456. The field is ignored when + * empty. The field is immutable and causes resource replacement when mutated. This field is only set at create time and + * modifying this field after creation will trigger recreation. To apply tags to an existing resource, see the + * 'google_tags_tag_value' resource. + * + */ + public Optional>> tags() { + return Optional.ofNullable(this.tags); + } + /** * The service tier of the instance. * Possible values include: STANDARD, PREMIUM, BASIC_HDD, BASIC_SSD, HIGH_SCALE_SSD, ZONAL, REGIONAL and ENTERPRISE @@ -332,6 +355,7 @@ private InstanceState(InstanceState $) { this.project = $.project; this.protocol = $.protocol; this.pulumiLabels = $.pulumiLabels; + this.tags = $.tags; this.tier = $.tier; this.zone = $.zone; } @@ -710,6 +734,35 @@ public Builder pulumiLabels(Map pulumiLabels) { return pulumiLabels(Output.of(pulumiLabels)); } + /** + * @param tags A map of resource manager tags. Resource manager tag keys and values have the same definition as resource manager tags. + * Keys must be in the format tagKeys/{tag_key_id}, and values are in the format tagValues/456. The field is ignored when + * empty. The field is immutable and causes resource replacement when mutated. This field is only set at create time and + * modifying this field after creation will trigger recreation. To apply tags to an existing resource, see the + * 'google_tags_tag_value' resource. + * + * @return builder + * + */ + public Builder tags(@Nullable Output> tags) { + $.tags = tags; + return this; + } + + /** + * @param tags A map of resource manager tags. Resource manager tag keys and values have the same definition as resource manager tags. + * Keys must be in the format tagKeys/{tag_key_id}, and values are in the format tagValues/456. The field is ignored when + * empty. The field is immutable and causes resource replacement when mutated. This field is only set at create time and + * modifying this field after creation will trigger recreation. To apply tags to an existing resource, see the + * 'google_tags_tag_value' resource. + * + * @return builder + * + */ + public Builder tags(Map tags) { + return tags(Output.of(tags)); + } + /** * @param tier The service tier of the instance. * Possible values include: STANDARD, PREMIUM, BASIC_HDD, BASIC_SSD, HIGH_SCALE_SSD, ZONAL, REGIONAL and ENTERPRISE diff --git a/sdk/java/src/main/java/com/pulumi/gcp/filestore/outputs/GetInstanceResult.java b/sdk/java/src/main/java/com/pulumi/gcp/filestore/outputs/GetInstanceResult.java index c2e7db0899..7d0d8031d9 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/filestore/outputs/GetInstanceResult.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/filestore/outputs/GetInstanceResult.java @@ -39,6 +39,7 @@ public final class GetInstanceResult { private @Nullable String project; private String protocol; private Map pulumiLabels; + private Map tags; private String tier; private String zone; @@ -98,6 +99,9 @@ public String protocol() { public Map pulumiLabels() { return this.pulumiLabels; } + public Map tags() { + return this.tags; + } public String tier() { return this.tier; } @@ -131,6 +135,7 @@ public static final class Builder { private @Nullable String project; private String protocol; private Map pulumiLabels; + private Map tags; private String tier; private String zone; public Builder() {} @@ -153,6 +158,7 @@ public Builder(GetInstanceResult defaults) { this.project = defaults.project; this.protocol = defaults.protocol; this.pulumiLabels = defaults.pulumiLabels; + this.tags = defaults.tags; this.tier = defaults.tier; this.zone = defaults.zone; } @@ -299,6 +305,14 @@ public Builder pulumiLabels(Map pulumiLabels) { return this; } @CustomType.Setter + public Builder tags(Map tags) { + if (tags == null) { + throw new MissingRequiredPropertyException("GetInstanceResult", "tags"); + } + this.tags = tags; + return this; + } + @CustomType.Setter public Builder tier(String tier) { if (tier == null) { throw new MissingRequiredPropertyException("GetInstanceResult", "tier"); @@ -333,6 +347,7 @@ public GetInstanceResult build() { _resultValue.project = project; _resultValue.protocol = protocol; _resultValue.pulumiLabels = pulumiLabels; + _resultValue.tags = tags; _resultValue.tier = tier; _resultValue.zone = zone; return _resultValue; diff --git a/sdk/java/src/main/java/com/pulumi/gcp/gemini/CodeRepositoryIndex.java b/sdk/java/src/main/java/com/pulumi/gcp/gemini/CodeRepositoryIndex.java index 3685937fd7..177ba05925 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/gemini/CodeRepositoryIndex.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/gemini/CodeRepositoryIndex.java @@ -18,6 +18,14 @@ import javax.annotation.Nullable; /** + * The resource for managing Code Repository Index for Gemini Code Assist. + * + * To get more information about CodeRepositoryIndex, see: + * + * * [API documentation](https://cloud.google.com/gemini/docs/api/reference/rest/v1/projects.locations.codeRepositoryIndexes) + * * How-to Guides + * * [Gemini Code Assist overview](https://cloud.google.com/gemini/docs/codeassist/overview) + * * ## Example Usage * * ### Gemini Code Repository Index Basic @@ -47,7 +55,7 @@ * public static void stack(Context ctx) { * var example = new CodeRepositoryIndex("example", CodeRepositoryIndexArgs.builder() * .location("us-central1") - * .codeRepositoryIndexId("") + * .codeRepositoryIndexId("code-repository-index-example") * .kmsKey("projects/projectExample/locations/locationExample/keyRings/keyRingExample/cryptoKeys/cryptoKeyExample") * .build()); * @@ -146,7 +154,7 @@ public Output> forceDestroy() { } /** * Optional. Immutable. Customer-managed encryption key name, in the format - * projects/*/locations/*/keyRings/*/cryptoKeys/*. + * `projects/*/locations/*/keyRings/*/cryptoKeys/*`. * */ @Export(name="kmsKey", refs={String.class}, tree="[0]") @@ -154,7 +162,7 @@ public Output> forceDestroy() { /** * @return Optional. Immutable. Customer-managed encryption key name, in the format - * projects/*/locations/*/keyRings/*/cryptoKeys/*. + * `projects/*/locations/*/keyRings/*/cryptoKeys/*`. * */ public Output> kmsKey() { @@ -240,12 +248,7 @@ public Output> pulumiLabels() { } /** * Output only. Code Repository Index instance State. - * Possible values: - * STATE_UNSPECIFIED - * CREATING - * ACTIVE - * DELETING - * SUSPENDED + * Possible values are: `STATE_UNSPECIFIED`, `CREATING`, `ACTIVE`, `DELETING`, `SUSPENDED`. * */ @Export(name="state", refs={String.class}, tree="[0]") @@ -253,12 +256,7 @@ public Output> pulumiLabels() { /** * @return Output only. Code Repository Index instance State. - * Possible values: - * STATE_UNSPECIFIED - * CREATING - * ACTIVE - * DELETING - * SUSPENDED + * Possible values are: `STATE_UNSPECIFIED`, `CREATING`, `ACTIVE`, `DELETING`, `SUSPENDED`. * */ public Output state() { diff --git a/sdk/java/src/main/java/com/pulumi/gcp/gemini/CodeRepositoryIndexArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/gemini/CodeRepositoryIndexArgs.java index e62e7926c5..b104c06612 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/gemini/CodeRepositoryIndexArgs.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/gemini/CodeRepositoryIndexArgs.java @@ -54,7 +54,7 @@ public Optional> forceDestroy() { /** * Optional. Immutable. Customer-managed encryption key name, in the format - * projects/*/locations/*/keyRings/*/cryptoKeys/*. + * `projects/*/locations/*/keyRings/*/cryptoKeys/*`. * */ @Import(name="kmsKey") @@ -62,7 +62,7 @@ public Optional> forceDestroy() { /** * @return Optional. Immutable. Customer-managed encryption key name, in the format - * projects/*/locations/*/keyRings/*/cryptoKeys/*. + * `projects/*/locations/*/keyRings/*/cryptoKeys/*`. * */ public Optional> kmsKey() { @@ -197,7 +197,7 @@ public Builder forceDestroy(Boolean forceDestroy) { /** * @param kmsKey Optional. Immutable. Customer-managed encryption key name, in the format - * projects/*/locations/*/keyRings/*/cryptoKeys/*. + * `projects/*/locations/*/keyRings/*/cryptoKeys/*`. * * @return builder * @@ -209,7 +209,7 @@ public Builder kmsKey(@Nullable Output kmsKey) { /** * @param kmsKey Optional. Immutable. Customer-managed encryption key name, in the format - * projects/*/locations/*/keyRings/*/cryptoKeys/*. + * `projects/*/locations/*/keyRings/*/cryptoKeys/*`. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/gcp/gemini/GeminiFunctions.java b/sdk/java/src/main/java/com/pulumi/gcp/gemini/GeminiFunctions.java index 9f6d4bd5be..69cad5044b 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/gemini/GeminiFunctions.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/gemini/GeminiFunctions.java @@ -15,18 +15,228 @@ import java.util.concurrent.CompletableFuture; public final class GeminiFunctions { + /** + * Retrieves the current IAM policy data for repositorygroup + * + * ## example + * + * <!--Start PulumiCodeChooser --> + * 
+     * {@code
+     * package generated_program;
+     * 
+     * import com.pulumi.Context;
+     * import com.pulumi.Pulumi;
+     * import com.pulumi.core.Output;
+     * import com.pulumi.gcp.gemini.GeminiFunctions;
+     * import com.pulumi.gcp.gemini.inputs.GetRepositoryGroupIamPolicyArgs;
+     * import java.util.List;
+     * import java.util.ArrayList;
+     * import java.util.Map;
+     * import java.io.File;
+     * import java.nio.file.Files;
+     * import java.nio.file.Paths;
+     * 
+     * public class App {
+     *     public static void main(String[] args) {
+     *         Pulumi.run(App::stack);
+     *     }
+     * 
+     *     public static void stack(Context ctx) {
+     *         final var policy = GeminiFunctions.getRepositoryGroupIamPolicy(GetRepositoryGroupIamPolicyArgs.builder()
+     *             .project(example.project())
+     *             .location(example.location())
+     *             .codeRepositoryIndex(example.codeRepositoryIndex())
+     *             .repositoryGroupId(example.repositoryGroupId())
+     *             .build());
+     * 
+     *     }
+     * }
+     * }
+     *
+ * <!--End PulumiCodeChooser --> + * + */ public static Output getRepositoryGroupIamPolicy(GetRepositoryGroupIamPolicyArgs args) { return getRepositoryGroupIamPolicy(args, InvokeOptions.Empty); } + /** + * Retrieves the current IAM policy data for repositorygroup + * + * ## example + * + * <!--Start PulumiCodeChooser --> + * 
+     * {@code
+     * package generated_program;
+     * 
+     * import com.pulumi.Context;
+     * import com.pulumi.Pulumi;
+     * import com.pulumi.core.Output;
+     * import com.pulumi.gcp.gemini.GeminiFunctions;
+     * import com.pulumi.gcp.gemini.inputs.GetRepositoryGroupIamPolicyArgs;
+     * import java.util.List;
+     * import java.util.ArrayList;
+     * import java.util.Map;
+     * import java.io.File;
+     * import java.nio.file.Files;
+     * import java.nio.file.Paths;
+     * 
+     * public class App {
+     *     public static void main(String[] args) {
+     *         Pulumi.run(App::stack);
+     *     }
+     * 
+     *     public static void stack(Context ctx) {
+     *         final var policy = GeminiFunctions.getRepositoryGroupIamPolicy(GetRepositoryGroupIamPolicyArgs.builder()
+     *             .project(example.project())
+     *             .location(example.location())
+     *             .codeRepositoryIndex(example.codeRepositoryIndex())
+     *             .repositoryGroupId(example.repositoryGroupId())
+     *             .build());
+     * 
+     *     }
+     * }
+     * }
+     *
+ * <!--End PulumiCodeChooser --> + * + */ public static CompletableFuture getRepositoryGroupIamPolicyPlain(GetRepositoryGroupIamPolicyPlainArgs args) { return getRepositoryGroupIamPolicyPlain(args, InvokeOptions.Empty); } + /** + * Retrieves the current IAM policy data for repositorygroup + * + * ## example + * + * <!--Start PulumiCodeChooser --> + * 
+     * {@code
+     * package generated_program;
+     * 
+     * import com.pulumi.Context;
+     * import com.pulumi.Pulumi;
+     * import com.pulumi.core.Output;
+     * import com.pulumi.gcp.gemini.GeminiFunctions;
+     * import com.pulumi.gcp.gemini.inputs.GetRepositoryGroupIamPolicyArgs;
+     * import java.util.List;
+     * import java.util.ArrayList;
+     * import java.util.Map;
+     * import java.io.File;
+     * import java.nio.file.Files;
+     * import java.nio.file.Paths;
+     * 
+     * public class App {
+     *     public static void main(String[] args) {
+     *         Pulumi.run(App::stack);
+     *     }
+     * 
+     *     public static void stack(Context ctx) {
+     *         final var policy = GeminiFunctions.getRepositoryGroupIamPolicy(GetRepositoryGroupIamPolicyArgs.builder()
+     *             .project(example.project())
+     *             .location(example.location())
+     *             .codeRepositoryIndex(example.codeRepositoryIndex())
+     *             .repositoryGroupId(example.repositoryGroupId())
+     *             .build());
+     * 
+     *     }
+     * }
+     * }
+     *
+ * <!--End PulumiCodeChooser --> + * + */ public static Output getRepositoryGroupIamPolicy(GetRepositoryGroupIamPolicyArgs args, InvokeOptions options) { return Deployment.getInstance().invoke("gcp:gemini/getRepositoryGroupIamPolicy:getRepositoryGroupIamPolicy", TypeShape.of(GetRepositoryGroupIamPolicyResult.class), args, Utilities.withVersion(options)); } + /** + * Retrieves the current IAM policy data for repositorygroup + * + * ## example + * + * <!--Start PulumiCodeChooser --> + * 
+     * {@code
+     * package generated_program;
+     * 
+     * import com.pulumi.Context;
+     * import com.pulumi.Pulumi;
+     * import com.pulumi.core.Output;
+     * import com.pulumi.gcp.gemini.GeminiFunctions;
+     * import com.pulumi.gcp.gemini.inputs.GetRepositoryGroupIamPolicyArgs;
+     * import java.util.List;
+     * import java.util.ArrayList;
+     * import java.util.Map;
+     * import java.io.File;
+     * import java.nio.file.Files;
+     * import java.nio.file.Paths;
+     * 
+     * public class App {
+     *     public static void main(String[] args) {
+     *         Pulumi.run(App::stack);
+     *     }
+     * 
+     *     public static void stack(Context ctx) {
+     *         final var policy = GeminiFunctions.getRepositoryGroupIamPolicy(GetRepositoryGroupIamPolicyArgs.builder()
+     *             .project(example.project())
+     *             .location(example.location())
+     *             .codeRepositoryIndex(example.codeRepositoryIndex())
+     *             .repositoryGroupId(example.repositoryGroupId())
+     *             .build());
+     * 
+     *     }
+     * }
+     * }
+     *
+ * <!--End PulumiCodeChooser --> + * + */ public static Output getRepositoryGroupIamPolicy(GetRepositoryGroupIamPolicyArgs args, InvokeOutputOptions options) { return Deployment.getInstance().invoke("gcp:gemini/getRepositoryGroupIamPolicy:getRepositoryGroupIamPolicy", TypeShape.of(GetRepositoryGroupIamPolicyResult.class), args, Utilities.withVersion(options)); } + /** + * Retrieves the current IAM policy data for repositorygroup + * + * ## example + * + * <!--Start PulumiCodeChooser --> + * 
+     * {@code
+     * package generated_program;
+     * 
+     * import com.pulumi.Context;
+     * import com.pulumi.Pulumi;
+     * import com.pulumi.core.Output;
+     * import com.pulumi.gcp.gemini.GeminiFunctions;
+     * import com.pulumi.gcp.gemini.inputs.GetRepositoryGroupIamPolicyArgs;
+     * import java.util.List;
+     * import java.util.ArrayList;
+     * import java.util.Map;
+     * import java.io.File;
+     * import java.nio.file.Files;
+     * import java.nio.file.Paths;
+     * 
+     * public class App {
+     *     public static void main(String[] args) {
+     *         Pulumi.run(App::stack);
+     *     }
+     * 
+     *     public static void stack(Context ctx) {
+     *         final var policy = GeminiFunctions.getRepositoryGroupIamPolicy(GetRepositoryGroupIamPolicyArgs.builder()
+     *             .project(example.project())
+     *             .location(example.location())
+     *             .codeRepositoryIndex(example.codeRepositoryIndex())
+     *             .repositoryGroupId(example.repositoryGroupId())
+     *             .build());
+     * 
+     *     }
+     * }
+     * }
+     *
+ * <!--End PulumiCodeChooser --> + * + */ public static CompletableFuture getRepositoryGroupIamPolicyPlain(GetRepositoryGroupIamPolicyPlainArgs args, InvokeOptions options) { return Deployment.getInstance().invokeAsync("gcp:gemini/getRepositoryGroupIamPolicy:getRepositoryGroupIamPolicy", TypeShape.of(GetRepositoryGroupIamPolicyResult.class), args, Utilities.withVersion(options)); } diff --git a/sdk/java/src/main/java/com/pulumi/gcp/gemini/RepositoryGroup.java b/sdk/java/src/main/java/com/pulumi/gcp/gemini/RepositoryGroup.java index 0b9630f52f..89878a445d 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/gemini/RepositoryGroup.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/gemini/RepositoryGroup.java @@ -18,8 +18,57 @@ import javax.annotation.Nullable; /** + * The resource for managing Repository Group for Gemini Code Assist. + * + * To get more information about RepositoryGroup, see: + * + * * [API documentation](https://cloud.google.com/gemini/docs/api/reference/rest/v1/projects.locations.codeRepositoryIndexes.repositoryGroups) + * * ## Example Usage * + * ### Gemini Repository Group Basic + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.gemini.RepositoryGroup;
+ * import com.pulumi.gcp.gemini.RepositoryGroupArgs;
+ * import com.pulumi.gcp.gemini.inputs.RepositoryGroupRepositoryArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App {
+ *     public static void main(String[] args) {
+ *         Pulumi.run(App::stack);
+ *     }
+ * 
+ *     public static void stack(Context ctx) {
+ *         var example = new RepositoryGroup("example", RepositoryGroupArgs.builder()
+ *             .location("us-central1")
+ *             .codeRepositoryIndex("example-cri")
+ *             .repositoryGroupId("example-repository-group")
+ *             .repositories(RepositoryGroupRepositoryArgs.builder()
+ *                 .resource("projects/example-project/locations/us-central1/connections/example-connection/gitRepositoryLinks/example-repo")
+ *                 .branchPattern("main")
+ *                 .build())
+ *             .labels(Map.of("label1", "value1"))
+ *             .build());
+ * 
+ *     }
+ * }
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * * ## Import * * RepositoryGroup can be imported using any of these accepted formats: @@ -62,14 +111,14 @@ public Output codeRepositoryIndex() { return this.codeRepositoryIndex; } /** - * Output only. Create time stamp + * Output only. Create time stamp. * */ @Export(name="createTime", refs={String.class}, tree="[0]") private Output createTime; /** - * @return Output only. Create time stamp + * @return Output only. Create time stamp. * */ public Output createTime() { @@ -90,7 +139,7 @@ public Output> effectiveLabels() { return this.effectiveLabels; } /** - * Optional. Labels as key value pairs **Note**: This field is non-authoritative, and will only manage the labels present + * Optional. Labels as key value pairs. **Note**: This field is non-authoritative, and will only manage the labels present * in your configuration. Please refer to the field 'effective_labels' for all of the labels present on the resource. * */ @@ -98,7 +147,7 @@ public Output> effectiveLabels() { private Output> labels; /** - * @return Optional. Labels as key value pairs **Note**: This field is non-authoritative, and will only manage the labels present + * @return Optional. Labels as key value pairs. **Note**: This field is non-authoritative, and will only manage the labels present * in your configuration. Please refer to the field 'effective_labels' for all of the labels present on the resource. * */ @@ -120,14 +169,14 @@ public Output location() { return this.location; } /** - * Immutable. Identifier. name of resource + * Immutable. Identifier. Name of Repository Group. * */ @Export(name="name", refs={String.class}, tree="[0]") private Output name; /** - * @return Immutable. Identifier. name of resource + * @return Immutable. Identifier. Name of Repository Group. * */ public Output name() { @@ -156,7 +205,7 @@ public Output> pulumiLabels() { return this.pulumiLabels; } /** - * Required. List of repositories to group + * Required. List of repositories to group. * Structure is documented below. * */ @@ -164,7 +213,7 @@ public Output> pulumiLabels() { private Output> repositories; /** - * @return Required. List of repositories to group + * @return Required. List of repositories to group. * Structure is documented below. * */ @@ -186,14 +235,14 @@ public Output repositoryGroupId() { return this.repositoryGroupId; } /** - * Output only. Update time stamp + * Output only. Update time stamp. * */ @Export(name="updateTime", refs={String.class}, tree="[0]") private Output updateTime; /** - * @return Output only. Update time stamp + * @return Output only. Update time stamp. * */ public Output updateTime() { diff --git a/sdk/java/src/main/java/com/pulumi/gcp/gemini/RepositoryGroupArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/gemini/RepositoryGroupArgs.java index 1339c0891d..9ffbeb7d80 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/gemini/RepositoryGroupArgs.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/gemini/RepositoryGroupArgs.java @@ -35,7 +35,7 @@ public Output codeRepositoryIndex() { } /** - * Optional. Labels as key value pairs **Note**: This field is non-authoritative, and will only manage the labels present + * Optional. Labels as key value pairs. **Note**: This field is non-authoritative, and will only manage the labels present * in your configuration. Please refer to the field 'effective_labels' for all of the labels present on the resource. * */ @@ -43,7 +43,7 @@ public Output codeRepositoryIndex() { private @Nullable Output> labels; /** - * @return Optional. Labels as key value pairs **Note**: This field is non-authoritative, and will only manage the labels present + * @return Optional. Labels as key value pairs. **Note**: This field is non-authoritative, and will only manage the labels present * in your configuration. Please refer to the field 'effective_labels' for all of the labels present on the resource. * */ @@ -74,7 +74,7 @@ public Optional> project() { } /** - * Required. List of repositories to group + * Required. List of repositories to group. * Structure is documented below. * */ @@ -82,7 +82,7 @@ public Optional> project() { private Output> repositories; /** - * @return Required. List of repositories to group + * @return Required. List of repositories to group. * Structure is documented below. * */ @@ -156,7 +156,7 @@ public Builder codeRepositoryIndex(String codeRepositoryIndex) { } /** - * @param labels Optional. Labels as key value pairs **Note**: This field is non-authoritative, and will only manage the labels present + * @param labels Optional. Labels as key value pairs. **Note**: This field is non-authoritative, and will only manage the labels present * in your configuration. Please refer to the field 'effective_labels' for all of the labels present on the resource. * * @return builder @@ -168,7 +168,7 @@ public Builder labels(@Nullable Output> labels) { } /** - * @param labels Optional. Labels as key value pairs **Note**: This field is non-authoritative, and will only manage the labels present + * @param labels Optional. Labels as key value pairs. **Note**: This field is non-authoritative, and will only manage the labels present * in your configuration. Please refer to the field 'effective_labels' for all of the labels present on the resource. * * @return builder @@ -209,7 +209,7 @@ public Builder project(String project) { } /** - * @param repositories Required. List of repositories to group + * @param repositories Required. List of repositories to group. * Structure is documented below. * * @return builder @@ -221,7 +221,7 @@ public Builder repositories(Output> reposito } /** - * @param repositories Required. List of repositories to group + * @param repositories Required. List of repositories to group. * Structure is documented below. * * @return builder @@ -232,7 +232,7 @@ public Builder repositories(List repositories) { } /** - * @param repositories Required. List of repositories to group + * @param repositories Required. List of repositories to group. * Structure is documented below. * * @return builder diff --git a/sdk/java/src/main/java/com/pulumi/gcp/gemini/RepositoryGroupIamBinding.java b/sdk/java/src/main/java/com/pulumi/gcp/gemini/RepositoryGroupIamBinding.java index 91e37aa845..c099aefd36 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/gemini/RepositoryGroupIamBinding.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/gemini/RepositoryGroupIamBinding.java @@ -17,6 +17,295 @@ import javax.annotation.Nullable; /** + * Three different resources help you manage your IAM policy for Gemini for Google Cloud RepositoryGroup. Each of these resources serves a different use case: + * + * * `gcp.gemini.RepositoryGroupIamPolicy`: Authoritative. Sets the IAM policy for the repositorygroup and replaces any existing policy already attached. + * * `gcp.gemini.RepositoryGroupIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the repositorygroup are preserved. + * * `gcp.gemini.RepositoryGroupIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the repositorygroup are preserved. + * + * A data source can be used to retrieve policy data in advent you do not need creation + * + * * `gcp.gemini.RepositoryGroupIamPolicy`: Retrieves the IAM policy for the repositorygroup + * + * > **Note:** `gcp.gemini.RepositoryGroupIamPolicy` **cannot** be used in conjunction with `gcp.gemini.RepositoryGroupIamBinding` and `gcp.gemini.RepositoryGroupIamMember` or they will fight over what your policy should be. + * + * > **Note:** `gcp.gemini.RepositoryGroupIamBinding` resources **can be** used in conjunction with `gcp.gemini.RepositoryGroupIamMember` resources **only if** they do not grant privilege to the same role. + * + * ## gcp.gemini.RepositoryGroupIamPolicy + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.organizations.OrganizationsFunctions;
+ * import com.pulumi.gcp.organizations.inputs.GetIAMPolicyArgs;
+ * import com.pulumi.gcp.gemini.RepositoryGroupIamPolicy;
+ * import com.pulumi.gcp.gemini.RepositoryGroupIamPolicyArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App }{{@code
+ *     public static void main(String[] args) }{{@code
+ *         Pulumi.run(App::stack);
+ *     }}{@code
+ * 
+ *     public static void stack(Context ctx) }{{@code
+ *         final var admin = OrganizationsFunctions.getIAMPolicy(GetIAMPolicyArgs.builder()
+ *             .bindings(GetIAMPolicyBindingArgs.builder()
+ *                 .role("roles/cloudaicompanion.repositoryGroupsUser")
+ *                 .members("user:jane}{@literal @}{@code example.com")
+ *                 .build())
+ *             .build());
+ * 
+ *         var policy = new RepositoryGroupIamPolicy("policy", RepositoryGroupIamPolicyArgs.builder()
+ *             .project(example.project())
+ *             .location(example.location())
+ *             .codeRepositoryIndex(example.codeRepositoryIndex())
+ *             .repositoryGroupId(example.repositoryGroupId())
+ *             .policyData(admin.applyValue(getIAMPolicyResult -> getIAMPolicyResult.policyData()))
+ *             .build());
+ * 
+ *     }}{@code
+ * }}{@code
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * ## gcp.gemini.RepositoryGroupIamBinding + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.gemini.RepositoryGroupIamBinding;
+ * import com.pulumi.gcp.gemini.RepositoryGroupIamBindingArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App }{{@code
+ *     public static void main(String[] args) }{{@code
+ *         Pulumi.run(App::stack);
+ *     }}{@code
+ * 
+ *     public static void stack(Context ctx) }{{@code
+ *         var binding = new RepositoryGroupIamBinding("binding", RepositoryGroupIamBindingArgs.builder()
+ *             .project(example.project())
+ *             .location(example.location())
+ *             .codeRepositoryIndex(example.codeRepositoryIndex())
+ *             .repositoryGroupId(example.repositoryGroupId())
+ *             .role("roles/cloudaicompanion.repositoryGroupsUser")
+ *             .members("user:jane}{@literal @}{@code example.com")
+ *             .build());
+ * 
+ *     }}{@code
+ * }}{@code
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * ## gcp.gemini.RepositoryGroupIamMember + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.gemini.RepositoryGroupIamMember;
+ * import com.pulumi.gcp.gemini.RepositoryGroupIamMemberArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App }{{@code
+ *     public static void main(String[] args) }{{@code
+ *         Pulumi.run(App::stack);
+ *     }}{@code
+ * 
+ *     public static void stack(Context ctx) }{{@code
+ *         var member = new RepositoryGroupIamMember("member", RepositoryGroupIamMemberArgs.builder()
+ *             .project(example.project())
+ *             .location(example.location())
+ *             .codeRepositoryIndex(example.codeRepositoryIndex())
+ *             .repositoryGroupId(example.repositoryGroupId())
+ *             .role("roles/cloudaicompanion.repositoryGroupsUser")
+ *             .member("user:jane}{@literal @}{@code example.com")
+ *             .build());
+ * 
+ *     }}{@code
+ * }}{@code
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * ## This resource supports User Project Overrides. + * + * - + * + * # IAM policy for Gemini for Google Cloud RepositoryGroup + * Three different resources help you manage your IAM policy for Gemini for Google Cloud RepositoryGroup. Each of these resources serves a different use case: + * + * * `gcp.gemini.RepositoryGroupIamPolicy`: Authoritative. Sets the IAM policy for the repositorygroup and replaces any existing policy already attached. + * * `gcp.gemini.RepositoryGroupIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the repositorygroup are preserved. + * * `gcp.gemini.RepositoryGroupIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the repositorygroup are preserved. + * + * A data source can be used to retrieve policy data in advent you do not need creation + * + * * `gcp.gemini.RepositoryGroupIamPolicy`: Retrieves the IAM policy for the repositorygroup + * + * > **Note:** `gcp.gemini.RepositoryGroupIamPolicy` **cannot** be used in conjunction with `gcp.gemini.RepositoryGroupIamBinding` and `gcp.gemini.RepositoryGroupIamMember` or they will fight over what your policy should be. + * + * > **Note:** `gcp.gemini.RepositoryGroupIamBinding` resources **can be** used in conjunction with `gcp.gemini.RepositoryGroupIamMember` resources **only if** they do not grant privilege to the same role. + * + * ## gcp.gemini.RepositoryGroupIamPolicy + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.organizations.OrganizationsFunctions;
+ * import com.pulumi.gcp.organizations.inputs.GetIAMPolicyArgs;
+ * import com.pulumi.gcp.gemini.RepositoryGroupIamPolicy;
+ * import com.pulumi.gcp.gemini.RepositoryGroupIamPolicyArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App }{{@code
+ *     public static void main(String[] args) }{{@code
+ *         Pulumi.run(App::stack);
+ *     }}{@code
+ * 
+ *     public static void stack(Context ctx) }{{@code
+ *         final var admin = OrganizationsFunctions.getIAMPolicy(GetIAMPolicyArgs.builder()
+ *             .bindings(GetIAMPolicyBindingArgs.builder()
+ *                 .role("roles/cloudaicompanion.repositoryGroupsUser")
+ *                 .members("user:jane}{@literal @}{@code example.com")
+ *                 .build())
+ *             .build());
+ * 
+ *         var policy = new RepositoryGroupIamPolicy("policy", RepositoryGroupIamPolicyArgs.builder()
+ *             .project(example.project())
+ *             .location(example.location())
+ *             .codeRepositoryIndex(example.codeRepositoryIndex())
+ *             .repositoryGroupId(example.repositoryGroupId())
+ *             .policyData(admin.applyValue(getIAMPolicyResult -> getIAMPolicyResult.policyData()))
+ *             .build());
+ * 
+ *     }}{@code
+ * }}{@code
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * ## gcp.gemini.RepositoryGroupIamBinding + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.gemini.RepositoryGroupIamBinding;
+ * import com.pulumi.gcp.gemini.RepositoryGroupIamBindingArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App }{{@code
+ *     public static void main(String[] args) }{{@code
+ *         Pulumi.run(App::stack);
+ *     }}{@code
+ * 
+ *     public static void stack(Context ctx) }{{@code
+ *         var binding = new RepositoryGroupIamBinding("binding", RepositoryGroupIamBindingArgs.builder()
+ *             .project(example.project())
+ *             .location(example.location())
+ *             .codeRepositoryIndex(example.codeRepositoryIndex())
+ *             .repositoryGroupId(example.repositoryGroupId())
+ *             .role("roles/cloudaicompanion.repositoryGroupsUser")
+ *             .members("user:jane}{@literal @}{@code example.com")
+ *             .build());
+ * 
+ *     }}{@code
+ * }}{@code
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * ## gcp.gemini.RepositoryGroupIamMember + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.gemini.RepositoryGroupIamMember;
+ * import com.pulumi.gcp.gemini.RepositoryGroupIamMemberArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App }{{@code
+ *     public static void main(String[] args) }{{@code
+ *         Pulumi.run(App::stack);
+ *     }}{@code
+ * 
+ *     public static void stack(Context ctx) }{{@code
+ *         var member = new RepositoryGroupIamMember("member", RepositoryGroupIamMemberArgs.builder()
+ *             .project(example.project())
+ *             .location(example.location())
+ *             .codeRepositoryIndex(example.codeRepositoryIndex())
+ *             .repositoryGroupId(example.repositoryGroupId())
+ *             .role("roles/cloudaicompanion.repositoryGroupsUser")
+ *             .member("user:jane}{@literal @}{@code example.com")
+ *             .build());
+ * 
+ *     }}{@code
+ * }}{@code
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * * ## Import * * For all import syntaxes, the "resource in question" can take any of the following forms: diff --git a/sdk/java/src/main/java/com/pulumi/gcp/gemini/RepositoryGroupIamMember.java b/sdk/java/src/main/java/com/pulumi/gcp/gemini/RepositoryGroupIamMember.java index 3e96e0e7a0..331f8b6bf6 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/gemini/RepositoryGroupIamMember.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/gemini/RepositoryGroupIamMember.java @@ -16,6 +16,295 @@ import javax.annotation.Nullable; /** + * Three different resources help you manage your IAM policy for Gemini for Google Cloud RepositoryGroup. Each of these resources serves a different use case: + * + * * `gcp.gemini.RepositoryGroupIamPolicy`: Authoritative. Sets the IAM policy for the repositorygroup and replaces any existing policy already attached. + * * `gcp.gemini.RepositoryGroupIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the repositorygroup are preserved. + * * `gcp.gemini.RepositoryGroupIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the repositorygroup are preserved. + * + * A data source can be used to retrieve policy data in advent you do not need creation + * + * * `gcp.gemini.RepositoryGroupIamPolicy`: Retrieves the IAM policy for the repositorygroup + * + * > **Note:** `gcp.gemini.RepositoryGroupIamPolicy` **cannot** be used in conjunction with `gcp.gemini.RepositoryGroupIamBinding` and `gcp.gemini.RepositoryGroupIamMember` or they will fight over what your policy should be. + * + * > **Note:** `gcp.gemini.RepositoryGroupIamBinding` resources **can be** used in conjunction with `gcp.gemini.RepositoryGroupIamMember` resources **only if** they do not grant privilege to the same role. + * + * ## gcp.gemini.RepositoryGroupIamPolicy + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.organizations.OrganizationsFunctions;
+ * import com.pulumi.gcp.organizations.inputs.GetIAMPolicyArgs;
+ * import com.pulumi.gcp.gemini.RepositoryGroupIamPolicy;
+ * import com.pulumi.gcp.gemini.RepositoryGroupIamPolicyArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App }{{@code
+ *     public static void main(String[] args) }{{@code
+ *         Pulumi.run(App::stack);
+ *     }}{@code
+ * 
+ *     public static void stack(Context ctx) }{{@code
+ *         final var admin = OrganizationsFunctions.getIAMPolicy(GetIAMPolicyArgs.builder()
+ *             .bindings(GetIAMPolicyBindingArgs.builder()
+ *                 .role("roles/cloudaicompanion.repositoryGroupsUser")
+ *                 .members("user:jane}{@literal @}{@code example.com")
+ *                 .build())
+ *             .build());
+ * 
+ *         var policy = new RepositoryGroupIamPolicy("policy", RepositoryGroupIamPolicyArgs.builder()
+ *             .project(example.project())
+ *             .location(example.location())
+ *             .codeRepositoryIndex(example.codeRepositoryIndex())
+ *             .repositoryGroupId(example.repositoryGroupId())
+ *             .policyData(admin.applyValue(getIAMPolicyResult -> getIAMPolicyResult.policyData()))
+ *             .build());
+ * 
+ *     }}{@code
+ * }}{@code
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * ## gcp.gemini.RepositoryGroupIamBinding + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.gemini.RepositoryGroupIamBinding;
+ * import com.pulumi.gcp.gemini.RepositoryGroupIamBindingArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App }{{@code
+ *     public static void main(String[] args) }{{@code
+ *         Pulumi.run(App::stack);
+ *     }}{@code
+ * 
+ *     public static void stack(Context ctx) }{{@code
+ *         var binding = new RepositoryGroupIamBinding("binding", RepositoryGroupIamBindingArgs.builder()
+ *             .project(example.project())
+ *             .location(example.location())
+ *             .codeRepositoryIndex(example.codeRepositoryIndex())
+ *             .repositoryGroupId(example.repositoryGroupId())
+ *             .role("roles/cloudaicompanion.repositoryGroupsUser")
+ *             .members("user:jane}{@literal @}{@code example.com")
+ *             .build());
+ * 
+ *     }}{@code
+ * }}{@code
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * ## gcp.gemini.RepositoryGroupIamMember + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.gemini.RepositoryGroupIamMember;
+ * import com.pulumi.gcp.gemini.RepositoryGroupIamMemberArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App }{{@code
+ *     public static void main(String[] args) }{{@code
+ *         Pulumi.run(App::stack);
+ *     }}{@code
+ * 
+ *     public static void stack(Context ctx) }{{@code
+ *         var member = new RepositoryGroupIamMember("member", RepositoryGroupIamMemberArgs.builder()
+ *             .project(example.project())
+ *             .location(example.location())
+ *             .codeRepositoryIndex(example.codeRepositoryIndex())
+ *             .repositoryGroupId(example.repositoryGroupId())
+ *             .role("roles/cloudaicompanion.repositoryGroupsUser")
+ *             .member("user:jane}{@literal @}{@code example.com")
+ *             .build());
+ * 
+ *     }}{@code
+ * }}{@code
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * ## This resource supports User Project Overrides. + * + * - + * + * # IAM policy for Gemini for Google Cloud RepositoryGroup + * Three different resources help you manage your IAM policy for Gemini for Google Cloud RepositoryGroup. Each of these resources serves a different use case: + * + * * `gcp.gemini.RepositoryGroupIamPolicy`: Authoritative. Sets the IAM policy for the repositorygroup and replaces any existing policy already attached. + * * `gcp.gemini.RepositoryGroupIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the repositorygroup are preserved. + * * `gcp.gemini.RepositoryGroupIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the repositorygroup are preserved. + * + * A data source can be used to retrieve policy data in advent you do not need creation + * + * * `gcp.gemini.RepositoryGroupIamPolicy`: Retrieves the IAM policy for the repositorygroup + * + * > **Note:** `gcp.gemini.RepositoryGroupIamPolicy` **cannot** be used in conjunction with `gcp.gemini.RepositoryGroupIamBinding` and `gcp.gemini.RepositoryGroupIamMember` or they will fight over what your policy should be. + * + * > **Note:** `gcp.gemini.RepositoryGroupIamBinding` resources **can be** used in conjunction with `gcp.gemini.RepositoryGroupIamMember` resources **only if** they do not grant privilege to the same role. + * + * ## gcp.gemini.RepositoryGroupIamPolicy + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.organizations.OrganizationsFunctions;
+ * import com.pulumi.gcp.organizations.inputs.GetIAMPolicyArgs;
+ * import com.pulumi.gcp.gemini.RepositoryGroupIamPolicy;
+ * import com.pulumi.gcp.gemini.RepositoryGroupIamPolicyArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App }{{@code
+ *     public static void main(String[] args) }{{@code
+ *         Pulumi.run(App::stack);
+ *     }}{@code
+ * 
+ *     public static void stack(Context ctx) }{{@code
+ *         final var admin = OrganizationsFunctions.getIAMPolicy(GetIAMPolicyArgs.builder()
+ *             .bindings(GetIAMPolicyBindingArgs.builder()
+ *                 .role("roles/cloudaicompanion.repositoryGroupsUser")
+ *                 .members("user:jane}{@literal @}{@code example.com")
+ *                 .build())
+ *             .build());
+ * 
+ *         var policy = new RepositoryGroupIamPolicy("policy", RepositoryGroupIamPolicyArgs.builder()
+ *             .project(example.project())
+ *             .location(example.location())
+ *             .codeRepositoryIndex(example.codeRepositoryIndex())
+ *             .repositoryGroupId(example.repositoryGroupId())
+ *             .policyData(admin.applyValue(getIAMPolicyResult -> getIAMPolicyResult.policyData()))
+ *             .build());
+ * 
+ *     }}{@code
+ * }}{@code
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * ## gcp.gemini.RepositoryGroupIamBinding + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.gemini.RepositoryGroupIamBinding;
+ * import com.pulumi.gcp.gemini.RepositoryGroupIamBindingArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App }{{@code
+ *     public static void main(String[] args) }{{@code
+ *         Pulumi.run(App::stack);
+ *     }}{@code
+ * 
+ *     public static void stack(Context ctx) }{{@code
+ *         var binding = new RepositoryGroupIamBinding("binding", RepositoryGroupIamBindingArgs.builder()
+ *             .project(example.project())
+ *             .location(example.location())
+ *             .codeRepositoryIndex(example.codeRepositoryIndex())
+ *             .repositoryGroupId(example.repositoryGroupId())
+ *             .role("roles/cloudaicompanion.repositoryGroupsUser")
+ *             .members("user:jane}{@literal @}{@code example.com")
+ *             .build());
+ * 
+ *     }}{@code
+ * }}{@code
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * ## gcp.gemini.RepositoryGroupIamMember + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.gemini.RepositoryGroupIamMember;
+ * import com.pulumi.gcp.gemini.RepositoryGroupIamMemberArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App }{{@code
+ *     public static void main(String[] args) }{{@code
+ *         Pulumi.run(App::stack);
+ *     }}{@code
+ * 
+ *     public static void stack(Context ctx) }{{@code
+ *         var member = new RepositoryGroupIamMember("member", RepositoryGroupIamMemberArgs.builder()
+ *             .project(example.project())
+ *             .location(example.location())
+ *             .codeRepositoryIndex(example.codeRepositoryIndex())
+ *             .repositoryGroupId(example.repositoryGroupId())
+ *             .role("roles/cloudaicompanion.repositoryGroupsUser")
+ *             .member("user:jane}{@literal @}{@code example.com")
+ *             .build());
+ * 
+ *     }}{@code
+ * }}{@code
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * * ## Import * * For all import syntaxes, the "resource in question" can take any of the following forms: diff --git a/sdk/java/src/main/java/com/pulumi/gcp/gemini/RepositoryGroupIamPolicy.java b/sdk/java/src/main/java/com/pulumi/gcp/gemini/RepositoryGroupIamPolicy.java index 698d04eb69..369a72bdfa 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/gemini/RepositoryGroupIamPolicy.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/gemini/RepositoryGroupIamPolicy.java @@ -14,6 +14,295 @@ import javax.annotation.Nullable; /** + * Three different resources help you manage your IAM policy for Gemini for Google Cloud RepositoryGroup. Each of these resources serves a different use case: + * + * * `gcp.gemini.RepositoryGroupIamPolicy`: Authoritative. Sets the IAM policy for the repositorygroup and replaces any existing policy already attached. + * * `gcp.gemini.RepositoryGroupIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the repositorygroup are preserved. + * * `gcp.gemini.RepositoryGroupIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the repositorygroup are preserved. + * + * A data source can be used to retrieve policy data in advent you do not need creation + * + * * `gcp.gemini.RepositoryGroupIamPolicy`: Retrieves the IAM policy for the repositorygroup + * + * > **Note:** `gcp.gemini.RepositoryGroupIamPolicy` **cannot** be used in conjunction with `gcp.gemini.RepositoryGroupIamBinding` and `gcp.gemini.RepositoryGroupIamMember` or they will fight over what your policy should be. + * + * > **Note:** `gcp.gemini.RepositoryGroupIamBinding` resources **can be** used in conjunction with `gcp.gemini.RepositoryGroupIamMember` resources **only if** they do not grant privilege to the same role. + * + * ## gcp.gemini.RepositoryGroupIamPolicy + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.organizations.OrganizationsFunctions;
+ * import com.pulumi.gcp.organizations.inputs.GetIAMPolicyArgs;
+ * import com.pulumi.gcp.gemini.RepositoryGroupIamPolicy;
+ * import com.pulumi.gcp.gemini.RepositoryGroupIamPolicyArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App }{{@code
+ *     public static void main(String[] args) }{{@code
+ *         Pulumi.run(App::stack);
+ *     }}{@code
+ * 
+ *     public static void stack(Context ctx) }{{@code
+ *         final var admin = OrganizationsFunctions.getIAMPolicy(GetIAMPolicyArgs.builder()
+ *             .bindings(GetIAMPolicyBindingArgs.builder()
+ *                 .role("roles/cloudaicompanion.repositoryGroupsUser")
+ *                 .members("user:jane}{@literal @}{@code example.com")
+ *                 .build())
+ *             .build());
+ * 
+ *         var policy = new RepositoryGroupIamPolicy("policy", RepositoryGroupIamPolicyArgs.builder()
+ *             .project(example.project())
+ *             .location(example.location())
+ *             .codeRepositoryIndex(example.codeRepositoryIndex())
+ *             .repositoryGroupId(example.repositoryGroupId())
+ *             .policyData(admin.applyValue(getIAMPolicyResult -> getIAMPolicyResult.policyData()))
+ *             .build());
+ * 
+ *     }}{@code
+ * }}{@code
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * ## gcp.gemini.RepositoryGroupIamBinding + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.gemini.RepositoryGroupIamBinding;
+ * import com.pulumi.gcp.gemini.RepositoryGroupIamBindingArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App }{{@code
+ *     public static void main(String[] args) }{{@code
+ *         Pulumi.run(App::stack);
+ *     }}{@code
+ * 
+ *     public static void stack(Context ctx) }{{@code
+ *         var binding = new RepositoryGroupIamBinding("binding", RepositoryGroupIamBindingArgs.builder()
+ *             .project(example.project())
+ *             .location(example.location())
+ *             .codeRepositoryIndex(example.codeRepositoryIndex())
+ *             .repositoryGroupId(example.repositoryGroupId())
+ *             .role("roles/cloudaicompanion.repositoryGroupsUser")
+ *             .members("user:jane}{@literal @}{@code example.com")
+ *             .build());
+ * 
+ *     }}{@code
+ * }}{@code
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * ## gcp.gemini.RepositoryGroupIamMember + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.gemini.RepositoryGroupIamMember;
+ * import com.pulumi.gcp.gemini.RepositoryGroupIamMemberArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App }{{@code
+ *     public static void main(String[] args) }{{@code
+ *         Pulumi.run(App::stack);
+ *     }}{@code
+ * 
+ *     public static void stack(Context ctx) }{{@code
+ *         var member = new RepositoryGroupIamMember("member", RepositoryGroupIamMemberArgs.builder()
+ *             .project(example.project())
+ *             .location(example.location())
+ *             .codeRepositoryIndex(example.codeRepositoryIndex())
+ *             .repositoryGroupId(example.repositoryGroupId())
+ *             .role("roles/cloudaicompanion.repositoryGroupsUser")
+ *             .member("user:jane}{@literal @}{@code example.com")
+ *             .build());
+ * 
+ *     }}{@code
+ * }}{@code
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * ## This resource supports User Project Overrides. + * + * - + * + * # IAM policy for Gemini for Google Cloud RepositoryGroup + * Three different resources help you manage your IAM policy for Gemini for Google Cloud RepositoryGroup. Each of these resources serves a different use case: + * + * * `gcp.gemini.RepositoryGroupIamPolicy`: Authoritative. Sets the IAM policy for the repositorygroup and replaces any existing policy already attached. + * * `gcp.gemini.RepositoryGroupIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the repositorygroup are preserved. + * * `gcp.gemini.RepositoryGroupIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the repositorygroup are preserved. + * + * A data source can be used to retrieve policy data in advent you do not need creation + * + * * `gcp.gemini.RepositoryGroupIamPolicy`: Retrieves the IAM policy for the repositorygroup + * + * > **Note:** `gcp.gemini.RepositoryGroupIamPolicy` **cannot** be used in conjunction with `gcp.gemini.RepositoryGroupIamBinding` and `gcp.gemini.RepositoryGroupIamMember` or they will fight over what your policy should be. + * + * > **Note:** `gcp.gemini.RepositoryGroupIamBinding` resources **can be** used in conjunction with `gcp.gemini.RepositoryGroupIamMember` resources **only if** they do not grant privilege to the same role. + * + * ## gcp.gemini.RepositoryGroupIamPolicy + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.organizations.OrganizationsFunctions;
+ * import com.pulumi.gcp.organizations.inputs.GetIAMPolicyArgs;
+ * import com.pulumi.gcp.gemini.RepositoryGroupIamPolicy;
+ * import com.pulumi.gcp.gemini.RepositoryGroupIamPolicyArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App }{{@code
+ *     public static void main(String[] args) }{{@code
+ *         Pulumi.run(App::stack);
+ *     }}{@code
+ * 
+ *     public static void stack(Context ctx) }{{@code
+ *         final var admin = OrganizationsFunctions.getIAMPolicy(GetIAMPolicyArgs.builder()
+ *             .bindings(GetIAMPolicyBindingArgs.builder()
+ *                 .role("roles/cloudaicompanion.repositoryGroupsUser")
+ *                 .members("user:jane}{@literal @}{@code example.com")
+ *                 .build())
+ *             .build());
+ * 
+ *         var policy = new RepositoryGroupIamPolicy("policy", RepositoryGroupIamPolicyArgs.builder()
+ *             .project(example.project())
+ *             .location(example.location())
+ *             .codeRepositoryIndex(example.codeRepositoryIndex())
+ *             .repositoryGroupId(example.repositoryGroupId())
+ *             .policyData(admin.applyValue(getIAMPolicyResult -> getIAMPolicyResult.policyData()))
+ *             .build());
+ * 
+ *     }}{@code
+ * }}{@code
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * ## gcp.gemini.RepositoryGroupIamBinding + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.gemini.RepositoryGroupIamBinding;
+ * import com.pulumi.gcp.gemini.RepositoryGroupIamBindingArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App }{{@code
+ *     public static void main(String[] args) }{{@code
+ *         Pulumi.run(App::stack);
+ *     }}{@code
+ * 
+ *     public static void stack(Context ctx) }{{@code
+ *         var binding = new RepositoryGroupIamBinding("binding", RepositoryGroupIamBindingArgs.builder()
+ *             .project(example.project())
+ *             .location(example.location())
+ *             .codeRepositoryIndex(example.codeRepositoryIndex())
+ *             .repositoryGroupId(example.repositoryGroupId())
+ *             .role("roles/cloudaicompanion.repositoryGroupsUser")
+ *             .members("user:jane}{@literal @}{@code example.com")
+ *             .build());
+ * 
+ *     }}{@code
+ * }}{@code
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * ## gcp.gemini.RepositoryGroupIamMember + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.gemini.RepositoryGroupIamMember;
+ * import com.pulumi.gcp.gemini.RepositoryGroupIamMemberArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App }{{@code
+ *     public static void main(String[] args) }{{@code
+ *         Pulumi.run(App::stack);
+ *     }}{@code
+ * 
+ *     public static void stack(Context ctx) }{{@code
+ *         var member = new RepositoryGroupIamMember("member", RepositoryGroupIamMemberArgs.builder()
+ *             .project(example.project())
+ *             .location(example.location())
+ *             .codeRepositoryIndex(example.codeRepositoryIndex())
+ *             .repositoryGroupId(example.repositoryGroupId())
+ *             .role("roles/cloudaicompanion.repositoryGroupsUser")
+ *             .member("user:jane}{@literal @}{@code example.com")
+ *             .build());
+ * 
+ *     }}{@code
+ * }}{@code
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * * ## Import * * For all import syntaxes, the "resource in question" can take any of the following forms: diff --git a/sdk/java/src/main/java/com/pulumi/gcp/gemini/inputs/CodeRepositoryIndexState.java b/sdk/java/src/main/java/com/pulumi/gcp/gemini/inputs/CodeRepositoryIndexState.java index 2f3265c48d..8ec8820244 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/gemini/inputs/CodeRepositoryIndexState.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/gemini/inputs/CodeRepositoryIndexState.java @@ -83,7 +83,7 @@ public Optional> forceDestroy() { /** * Optional. Immutable. Customer-managed encryption key name, in the format - * projects/*/locations/*/keyRings/*/cryptoKeys/*. + * `projects/*/locations/*/keyRings/*/cryptoKeys/*`. * */ @Import(name="kmsKey") @@ -91,7 +91,7 @@ public Optional> forceDestroy() { /** * @return Optional. Immutable. Customer-managed encryption key name, in the format - * projects/*/locations/*/keyRings/*/cryptoKeys/*. + * `projects/*/locations/*/keyRings/*/cryptoKeys/*`. * */ public Optional> kmsKey() { @@ -183,12 +183,7 @@ public Optional>> pulumiLabels() { /** * Output only. Code Repository Index instance State. - * Possible values: - * STATE_UNSPECIFIED - * CREATING - * ACTIVE - * DELETING - * SUSPENDED + * Possible values are: `STATE_UNSPECIFIED`, `CREATING`, `ACTIVE`, `DELETING`, `SUSPENDED`. * */ @Import(name="state") @@ -196,12 +191,7 @@ public Optional>> pulumiLabels() { /** * @return Output only. Code Repository Index instance State. - * Possible values: - * STATE_UNSPECIFIED - * CREATING - * ACTIVE - * DELETING - * SUSPENDED + * Possible values are: `STATE_UNSPECIFIED`, `CREATING`, `ACTIVE`, `DELETING`, `SUSPENDED`. * */ public Optional> state() { @@ -348,7 +338,7 @@ public Builder forceDestroy(Boolean forceDestroy) { /** * @param kmsKey Optional. Immutable. Customer-managed encryption key name, in the format - * projects/*/locations/*/keyRings/*/cryptoKeys/*. + * `projects/*/locations/*/keyRings/*/cryptoKeys/*`. * * @return builder * @@ -360,7 +350,7 @@ public Builder kmsKey(@Nullable Output kmsKey) { /** * @param kmsKey Optional. Immutable. Customer-managed encryption key name, in the format - * projects/*/locations/*/keyRings/*/cryptoKeys/*. + * `projects/*/locations/*/keyRings/*/cryptoKeys/*`. * * @return builder * @@ -484,12 +474,7 @@ public Builder pulumiLabels(Map pulumiLabels) { /** * @param state Output only. Code Repository Index instance State. - * Possible values: - * STATE_UNSPECIFIED - * CREATING - * ACTIVE - * DELETING - * SUSPENDED + * Possible values are: `STATE_UNSPECIFIED`, `CREATING`, `ACTIVE`, `DELETING`, `SUSPENDED`. * * @return builder * @@ -501,12 +486,7 @@ public Builder state(@Nullable Output state) { /** * @param state Output only. Code Repository Index instance State. - * Possible values: - * STATE_UNSPECIFIED - * CREATING - * ACTIVE - * DELETING - * SUSPENDED + * Possible values are: `STATE_UNSPECIFIED`, `CREATING`, `ACTIVE`, `DELETING`, `SUSPENDED`. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/gcp/gemini/inputs/RepositoryGroupState.java b/sdk/java/src/main/java/com/pulumi/gcp/gemini/inputs/RepositoryGroupState.java index 0fdb70615e..bbab70a302 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/gemini/inputs/RepositoryGroupState.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/gemini/inputs/RepositoryGroupState.java @@ -34,14 +34,14 @@ public Optional> codeRepositoryIndex() { } /** - * Output only. Create time stamp + * Output only. Create time stamp. * */ @Import(name="createTime") private @Nullable Output createTime; /** - * @return Output only. Create time stamp + * @return Output only. Create time stamp. * */ public Optional> createTime() { @@ -64,7 +64,7 @@ public Optional>> effectiveLabels() { } /** - * Optional. Labels as key value pairs **Note**: This field is non-authoritative, and will only manage the labels present + * Optional. Labels as key value pairs. **Note**: This field is non-authoritative, and will only manage the labels present * in your configuration. Please refer to the field 'effective_labels' for all of the labels present on the resource. * */ @@ -72,7 +72,7 @@ public Optional>> effectiveLabels() { private @Nullable Output> labels; /** - * @return Optional. Labels as key value pairs **Note**: This field is non-authoritative, and will only manage the labels present + * @return Optional. Labels as key value pairs. **Note**: This field is non-authoritative, and will only manage the labels present * in your configuration. Please refer to the field 'effective_labels' for all of the labels present on the resource. * */ @@ -96,14 +96,14 @@ public Optional> location() { } /** - * Immutable. Identifier. name of resource + * Immutable. Identifier. Name of Repository Group. * */ @Import(name="name") private @Nullable Output name; /** - * @return Immutable. Identifier. name of resource + * @return Immutable. Identifier. Name of Repository Group. * */ public Optional> name() { @@ -135,7 +135,7 @@ public Optional>> pulumiLabels() { } /** - * Required. List of repositories to group + * Required. List of repositories to group. * Structure is documented below. * */ @@ -143,7 +143,7 @@ public Optional>> pulumiLabels() { private @Nullable Output> repositories; /** - * @return Required. List of repositories to group + * @return Required. List of repositories to group. * Structure is documented below. * */ @@ -167,14 +167,14 @@ public Optional> repositoryGroupId() { } /** - * Output only. Update time stamp + * Output only. Update time stamp. * */ @Import(name="updateTime") private @Nullable Output updateTime; /** - * @return Output only. Update time stamp + * @return Output only. Update time stamp. * */ public Optional> updateTime() { @@ -237,7 +237,7 @@ public Builder codeRepositoryIndex(String codeRepositoryIndex) { } /** - * @param createTime Output only. Create time stamp + * @param createTime Output only. Create time stamp. * * @return builder * @@ -248,7 +248,7 @@ public Builder createTime(@Nullable Output createTime) { } /** - * @param createTime Output only. Create time stamp + * @param createTime Output only. Create time stamp. * * @return builder * @@ -279,7 +279,7 @@ public Builder effectiveLabels(Map effectiveLabels) { } /** - * @param labels Optional. Labels as key value pairs **Note**: This field is non-authoritative, and will only manage the labels present + * @param labels Optional. Labels as key value pairs. **Note**: This field is non-authoritative, and will only manage the labels present * in your configuration. Please refer to the field 'effective_labels' for all of the labels present on the resource. * * @return builder @@ -291,7 +291,7 @@ public Builder labels(@Nullable Output> labels) { } /** - * @param labels Optional. Labels as key value pairs **Note**: This field is non-authoritative, and will only manage the labels present + * @param labels Optional. Labels as key value pairs. **Note**: This field is non-authoritative, and will only manage the labels present * in your configuration. Please refer to the field 'effective_labels' for all of the labels present on the resource. * * @return builder @@ -323,7 +323,7 @@ public Builder location(String location) { } /** - * @param name Immutable. Identifier. name of resource + * @param name Immutable. Identifier. Name of Repository Group. * * @return builder * @@ -334,7 +334,7 @@ public Builder name(@Nullable Output name) { } /** - * @param name Immutable. Identifier. name of resource + * @param name Immutable. Identifier. Name of Repository Group. * * @return builder * @@ -376,7 +376,7 @@ public Builder pulumiLabels(Map pulumiLabels) { } /** - * @param repositories Required. List of repositories to group + * @param repositories Required. List of repositories to group. * Structure is documented below. * * @return builder @@ -388,7 +388,7 @@ public Builder repositories(@Nullable Output } /** - * @param repositories Required. List of repositories to group + * @param repositories Required. List of repositories to group. * Structure is documented below. * * @return builder @@ -399,7 +399,7 @@ public Builder repositories(List repositories) { } /** - * @param repositories Required. List of repositories to group + * @param repositories Required. List of repositories to group. * Structure is documented below. * * @return builder @@ -431,7 +431,7 @@ public Builder repositoryGroupId(String repositoryGroupId) { } /** - * @param updateTime Output only. Update time stamp + * @param updateTime Output only. Update time stamp. * * @return builder * @@ -442,7 +442,7 @@ public Builder updateTime(@Nullable Output updateTime) { } /** - * @param updateTime Output only. Update time stamp + * @param updateTime Output only. Update time stamp. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/gcp/kms/KmsFunctions.java b/sdk/java/src/main/java/com/pulumi/gcp/kms/KmsFunctions.java index b7701c3080..f16c103fba 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/kms/KmsFunctions.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/kms/KmsFunctions.java @@ -35,6 +35,8 @@ import com.pulumi.gcp.kms.inputs.GetKMSSecretPlainArgs; import com.pulumi.gcp.kms.inputs.GetKeyHandleArgs; import com.pulumi.gcp.kms.inputs.GetKeyHandlePlainArgs; +import com.pulumi.gcp.kms.inputs.GetKeyHandlesArgs; +import com.pulumi.gcp.kms.inputs.GetKeyHandlesPlainArgs; import com.pulumi.gcp.kms.inputs.GetKeyRingIamPolicyArgs; import com.pulumi.gcp.kms.inputs.GetKeyRingIamPolicyPlainArgs; import com.pulumi.gcp.kms.inputs.GetKeyRingsArgs; @@ -52,6 +54,7 @@ import com.pulumi.gcp.kms.outputs.GetKMSSecretCiphertextResult; import com.pulumi.gcp.kms.outputs.GetKMSSecretResult; import com.pulumi.gcp.kms.outputs.GetKeyHandleResult; +import com.pulumi.gcp.kms.outputs.GetKeyHandlesResult; import com.pulumi.gcp.kms.outputs.GetKeyRingIamPolicyResult; import com.pulumi.gcp.kms.outputs.GetKeyRingsResult; import java.util.concurrent.CompletableFuture; @@ -4317,6 +4320,216 @@ public static Output getKeyHandle(GetKeyHandleArgs args, Inv public static CompletableFuture getKeyHandlePlain(GetKeyHandlePlainArgs args, InvokeOptions options) { return Deployment.getInstance().invokeAsync("gcp:kms/getKeyHandle:getKeyHandle", TypeShape.of(GetKeyHandleResult.class), args, Utilities.withVersion(options)); } + /** + * ## Example Usage + * + * <!--Start PulumiCodeChooser --> + * 
+     * {@code
+     * package generated_program;
+     * 
+     * import com.pulumi.Context;
+     * import com.pulumi.Pulumi;
+     * import com.pulumi.core.Output;
+     * import com.pulumi.gcp.kms.KmsFunctions;
+     * import com.pulumi.gcp.kms.inputs.GetKeyHandlesArgs;
+     * import java.util.List;
+     * import java.util.ArrayList;
+     * import java.util.Map;
+     * import java.io.File;
+     * import java.nio.file.Files;
+     * import java.nio.file.Paths;
+     * 
+     * public class App {
+     *     public static void main(String[] args) {
+     *         Pulumi.run(App::stack);
+     *     }
+     * 
+     *     public static void stack(Context ctx) {
+     *         final var myKeyHandles = KmsFunctions.getKeyHandles(GetKeyHandlesArgs.builder()
+     *             .project("resource-project-id")
+     *             .location("us-central1")
+     *             .resourceTypeSelector("storage.googleapis.com/Bucket")
+     *             .build());
+     * 
+     *     }
+     * }
+     * }
+     *
+ * <!--End PulumiCodeChooser --> + * + */ + public static Output getKeyHandles(GetKeyHandlesArgs args) { + return getKeyHandles(args, InvokeOptions.Empty); + } + /** + * ## Example Usage + * + * <!--Start PulumiCodeChooser --> + * 
+     * {@code
+     * package generated_program;
+     * 
+     * import com.pulumi.Context;
+     * import com.pulumi.Pulumi;
+     * import com.pulumi.core.Output;
+     * import com.pulumi.gcp.kms.KmsFunctions;
+     * import com.pulumi.gcp.kms.inputs.GetKeyHandlesArgs;
+     * import java.util.List;
+     * import java.util.ArrayList;
+     * import java.util.Map;
+     * import java.io.File;
+     * import java.nio.file.Files;
+     * import java.nio.file.Paths;
+     * 
+     * public class App {
+     *     public static void main(String[] args) {
+     *         Pulumi.run(App::stack);
+     *     }
+     * 
+     *     public static void stack(Context ctx) {
+     *         final var myKeyHandles = KmsFunctions.getKeyHandles(GetKeyHandlesArgs.builder()
+     *             .project("resource-project-id")
+     *             .location("us-central1")
+     *             .resourceTypeSelector("storage.googleapis.com/Bucket")
+     *             .build());
+     * 
+     *     }
+     * }
+     * }
+     *
+ * <!--End PulumiCodeChooser --> + * + */ + public static CompletableFuture getKeyHandlesPlain(GetKeyHandlesPlainArgs args) { + return getKeyHandlesPlain(args, InvokeOptions.Empty); + } + /** + * ## Example Usage + * + * <!--Start PulumiCodeChooser --> + * 
+     * {@code
+     * package generated_program;
+     * 
+     * import com.pulumi.Context;
+     * import com.pulumi.Pulumi;
+     * import com.pulumi.core.Output;
+     * import com.pulumi.gcp.kms.KmsFunctions;
+     * import com.pulumi.gcp.kms.inputs.GetKeyHandlesArgs;
+     * import java.util.List;
+     * import java.util.ArrayList;
+     * import java.util.Map;
+     * import java.io.File;
+     * import java.nio.file.Files;
+     * import java.nio.file.Paths;
+     * 
+     * public class App {
+     *     public static void main(String[] args) {
+     *         Pulumi.run(App::stack);
+     *     }
+     * 
+     *     public static void stack(Context ctx) {
+     *         final var myKeyHandles = KmsFunctions.getKeyHandles(GetKeyHandlesArgs.builder()
+     *             .project("resource-project-id")
+     *             .location("us-central1")
+     *             .resourceTypeSelector("storage.googleapis.com/Bucket")
+     *             .build());
+     * 
+     *     }
+     * }
+     * }
+     *
+ * <!--End PulumiCodeChooser --> + * + */ + public static Output getKeyHandles(GetKeyHandlesArgs args, InvokeOptions options) { + return Deployment.getInstance().invoke("gcp:kms/getKeyHandles:getKeyHandles", TypeShape.of(GetKeyHandlesResult.class), args, Utilities.withVersion(options)); + } + /** + * ## Example Usage + * + * <!--Start PulumiCodeChooser --> + * 
+     * {@code
+     * package generated_program;
+     * 
+     * import com.pulumi.Context;
+     * import com.pulumi.Pulumi;
+     * import com.pulumi.core.Output;
+     * import com.pulumi.gcp.kms.KmsFunctions;
+     * import com.pulumi.gcp.kms.inputs.GetKeyHandlesArgs;
+     * import java.util.List;
+     * import java.util.ArrayList;
+     * import java.util.Map;
+     * import java.io.File;
+     * import java.nio.file.Files;
+     * import java.nio.file.Paths;
+     * 
+     * public class App {
+     *     public static void main(String[] args) {
+     *         Pulumi.run(App::stack);
+     *     }
+     * 
+     *     public static void stack(Context ctx) {
+     *         final var myKeyHandles = KmsFunctions.getKeyHandles(GetKeyHandlesArgs.builder()
+     *             .project("resource-project-id")
+     *             .location("us-central1")
+     *             .resourceTypeSelector("storage.googleapis.com/Bucket")
+     *             .build());
+     * 
+     *     }
+     * }
+     * }
+     *
+ * <!--End PulumiCodeChooser --> + * + */ + public static Output getKeyHandles(GetKeyHandlesArgs args, InvokeOutputOptions options) { + return Deployment.getInstance().invoke("gcp:kms/getKeyHandles:getKeyHandles", TypeShape.of(GetKeyHandlesResult.class), args, Utilities.withVersion(options)); + } + /** + * ## Example Usage + * + * <!--Start PulumiCodeChooser --> + * 
+     * {@code
+     * package generated_program;
+     * 
+     * import com.pulumi.Context;
+     * import com.pulumi.Pulumi;
+     * import com.pulumi.core.Output;
+     * import com.pulumi.gcp.kms.KmsFunctions;
+     * import com.pulumi.gcp.kms.inputs.GetKeyHandlesArgs;
+     * import java.util.List;
+     * import java.util.ArrayList;
+     * import java.util.Map;
+     * import java.io.File;
+     * import java.nio.file.Files;
+     * import java.nio.file.Paths;
+     * 
+     * public class App {
+     *     public static void main(String[] args) {
+     *         Pulumi.run(App::stack);
+     *     }
+     * 
+     *     public static void stack(Context ctx) {
+     *         final var myKeyHandles = KmsFunctions.getKeyHandles(GetKeyHandlesArgs.builder()
+     *             .project("resource-project-id")
+     *             .location("us-central1")
+     *             .resourceTypeSelector("storage.googleapis.com/Bucket")
+     *             .build());
+     * 
+     *     }
+     * }
+     * }
+     *
+ * <!--End PulumiCodeChooser --> + * + */ + public static CompletableFuture getKeyHandlesPlain(GetKeyHandlesPlainArgs args, InvokeOptions options) { + return Deployment.getInstance().invokeAsync("gcp:kms/getKeyHandles:getKeyHandles", TypeShape.of(GetKeyHandlesResult.class), args, Utilities.withVersion(options)); + } /** * Retrieves the current IAM policy data for a Google Cloud KMS key ring. * diff --git a/sdk/java/src/main/java/com/pulumi/gcp/kms/inputs/GetKeyHandlesArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/kms/inputs/GetKeyHandlesArgs.java new file mode 100644 index 0000000000..440a17595a --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/kms/inputs/GetKeyHandlesArgs.java @@ -0,0 +1,180 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.kms.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class GetKeyHandlesArgs extends com.pulumi.resources.InvokeArgs { + + public static final GetKeyHandlesArgs Empty = new GetKeyHandlesArgs(); + + /** + * The Google Cloud Platform location for the KeyHandle. + * A full list of valid locations can be found by running `gcloud kms locations list`. + * + */ + @Import(name="location", required=true) + private Output location; + + /** + * @return The Google Cloud Platform location for the KeyHandle. + * A full list of valid locations can be found by running `gcloud kms locations list`. + * + */ + public Output location() { + return this.location; + } + + /** + * The project in which the resource belongs. If it + * is not provided, the provider project is used. + * + */ + @Import(name="project") + private @Nullable Output project; + + /** + * @return The project in which the resource belongs. If it + * is not provided, the provider project is used. + * + */ + public Optional> project() { + return Optional.ofNullable(this.project); + } + + /** + * The resource type by which to filter KeyHandle e.g. {SERVICE}.googleapis.com/{TYPE}. See documentation for supported resource types. + * + * *** + * + */ + @Import(name="resourceTypeSelector", required=true) + private Output resourceTypeSelector; + + /** + * @return The resource type by which to filter KeyHandle e.g. {SERVICE}.googleapis.com/{TYPE}. See documentation for supported resource types. + * + * *** + * + */ + public Output resourceTypeSelector() { + return this.resourceTypeSelector; + } + + private GetKeyHandlesArgs() {} + + private GetKeyHandlesArgs(GetKeyHandlesArgs $) { + this.location = $.location; + this.project = $.project; + this.resourceTypeSelector = $.resourceTypeSelector; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(GetKeyHandlesArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private GetKeyHandlesArgs $; + + public Builder() { + $ = new GetKeyHandlesArgs(); + } + + public Builder(GetKeyHandlesArgs defaults) { + $ = new GetKeyHandlesArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param location The Google Cloud Platform location for the KeyHandle. + * A full list of valid locations can be found by running `gcloud kms locations list`. + * + * @return builder + * + */ + public Builder location(Output location) { + $.location = location; + return this; + } + + /** + * @param location The Google Cloud Platform location for the KeyHandle. + * A full list of valid locations can be found by running `gcloud kms locations list`. + * + * @return builder + * + */ + public Builder location(String location) { + return location(Output.of(location)); + } + + /** + * @param project The project in which the resource belongs. If it + * is not provided, the provider project is used. + * + * @return builder + * + */ + public Builder project(@Nullable Output project) { + $.project = project; + return this; + } + + /** + * @param project The project in which the resource belongs. If it + * is not provided, the provider project is used. + * + * @return builder + * + */ + public Builder project(String project) { + return project(Output.of(project)); + } + + /** + * @param resourceTypeSelector The resource type by which to filter KeyHandle e.g. {SERVICE}.googleapis.com/{TYPE}. See documentation for supported resource types. + * + * *** + * + * @return builder + * + */ + public Builder resourceTypeSelector(Output resourceTypeSelector) { + $.resourceTypeSelector = resourceTypeSelector; + return this; + } + + /** + * @param resourceTypeSelector The resource type by which to filter KeyHandle e.g. {SERVICE}.googleapis.com/{TYPE}. See documentation for supported resource types. + * + * *** + * + * @return builder + * + */ + public Builder resourceTypeSelector(String resourceTypeSelector) { + return resourceTypeSelector(Output.of(resourceTypeSelector)); + } + + public GetKeyHandlesArgs build() { + if ($.location == null) { + throw new MissingRequiredPropertyException("GetKeyHandlesArgs", "location"); + } + if ($.resourceTypeSelector == null) { + throw new MissingRequiredPropertyException("GetKeyHandlesArgs", "resourceTypeSelector"); + } + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/kms/inputs/GetKeyHandlesPlainArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/kms/inputs/GetKeyHandlesPlainArgs.java new file mode 100644 index 0000000000..eac99aa1ac --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/kms/inputs/GetKeyHandlesPlainArgs.java @@ -0,0 +1,145 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.kms.inputs; + +import com.pulumi.core.annotations.Import; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class GetKeyHandlesPlainArgs extends com.pulumi.resources.InvokeArgs { + + public static final GetKeyHandlesPlainArgs Empty = new GetKeyHandlesPlainArgs(); + + /** + * The Google Cloud Platform location for the KeyHandle. + * A full list of valid locations can be found by running `gcloud kms locations list`. + * + */ + @Import(name="location", required=true) + private String location; + + /** + * @return The Google Cloud Platform location for the KeyHandle. + * A full list of valid locations can be found by running `gcloud kms locations list`. + * + */ + public String location() { + return this.location; + } + + /** + * The project in which the resource belongs. If it + * is not provided, the provider project is used. + * + */ + @Import(name="project") + private @Nullable String project; + + /** + * @return The project in which the resource belongs. If it + * is not provided, the provider project is used. + * + */ + public Optional project() { + return Optional.ofNullable(this.project); + } + + /** + * The resource type by which to filter KeyHandle e.g. {SERVICE}.googleapis.com/{TYPE}. See documentation for supported resource types. + * + * *** + * + */ + @Import(name="resourceTypeSelector", required=true) + private String resourceTypeSelector; + + /** + * @return The resource type by which to filter KeyHandle e.g. {SERVICE}.googleapis.com/{TYPE}. See documentation for supported resource types. + * + * *** + * + */ + public String resourceTypeSelector() { + return this.resourceTypeSelector; + } + + private GetKeyHandlesPlainArgs() {} + + private GetKeyHandlesPlainArgs(GetKeyHandlesPlainArgs $) { + this.location = $.location; + this.project = $.project; + this.resourceTypeSelector = $.resourceTypeSelector; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(GetKeyHandlesPlainArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private GetKeyHandlesPlainArgs $; + + public Builder() { + $ = new GetKeyHandlesPlainArgs(); + } + + public Builder(GetKeyHandlesPlainArgs defaults) { + $ = new GetKeyHandlesPlainArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param location The Google Cloud Platform location for the KeyHandle. + * A full list of valid locations can be found by running `gcloud kms locations list`. + * + * @return builder + * + */ + public Builder location(String location) { + $.location = location; + return this; + } + + /** + * @param project The project in which the resource belongs. If it + * is not provided, the provider project is used. + * + * @return builder + * + */ + public Builder project(@Nullable String project) { + $.project = project; + return this; + } + + /** + * @param resourceTypeSelector The resource type by which to filter KeyHandle e.g. {SERVICE}.googleapis.com/{TYPE}. See documentation for supported resource types. + * + * *** + * + * @return builder + * + */ + public Builder resourceTypeSelector(String resourceTypeSelector) { + $.resourceTypeSelector = resourceTypeSelector; + return this; + } + + public GetKeyHandlesPlainArgs build() { + if ($.location == null) { + throw new MissingRequiredPropertyException("GetKeyHandlesPlainArgs", "location"); + } + if ($.resourceTypeSelector == null) { + throw new MissingRequiredPropertyException("GetKeyHandlesPlainArgs", "resourceTypeSelector"); + } + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/kms/outputs/GetKeyHandlesKeyHandle.java b/sdk/java/src/main/java/com/pulumi/gcp/kms/outputs/GetKeyHandlesKeyHandle.java new file mode 100644 index 0000000000..140cdf283b --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/kms/outputs/GetKeyHandlesKeyHandle.java @@ -0,0 +1,108 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.kms.outputs; + +import com.pulumi.core.annotations.CustomType; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.Objects; + +@CustomType +public final class GetKeyHandlesKeyHandle { + /** + * @return The identifier of the KMS Key created for the KeyHandle. Its format is `projects/{projectId}/locations/{location}/keyRings/{keyRingName}/cryptoKeys/{cryptoKeyName}`. + * + */ + private String kmsKey; + /** + * @return The name of the KeyHandle. Its format is `projects/{projectId}/locations/{location}/keyHandles/{keyHandleName}`. + * + */ + private String name; + /** + * @return The resource type by which to filter KeyHandle e.g. {SERVICE}.googleapis.com/{TYPE}. See documentation for supported resource types. + * + * *** + * + */ + private String resourceTypeSelector; + + private GetKeyHandlesKeyHandle() {} + /** + * @return The identifier of the KMS Key created for the KeyHandle. Its format is `projects/{projectId}/locations/{location}/keyRings/{keyRingName}/cryptoKeys/{cryptoKeyName}`. + * + */ + public String kmsKey() { + return this.kmsKey; + } + /** + * @return The name of the KeyHandle. Its format is `projects/{projectId}/locations/{location}/keyHandles/{keyHandleName}`. + * + */ + public String name() { + return this.name; + } + /** + * @return The resource type by which to filter KeyHandle e.g. {SERVICE}.googleapis.com/{TYPE}. See documentation for supported resource types. + * + * *** + * + */ + public String resourceTypeSelector() { + return this.resourceTypeSelector; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(GetKeyHandlesKeyHandle defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private String kmsKey; + private String name; + private String resourceTypeSelector; + public Builder() {} + public Builder(GetKeyHandlesKeyHandle defaults) { + Objects.requireNonNull(defaults); + this.kmsKey = defaults.kmsKey; + this.name = defaults.name; + this.resourceTypeSelector = defaults.resourceTypeSelector; + } + + @CustomType.Setter + public Builder kmsKey(String kmsKey) { + if (kmsKey == null) { + throw new MissingRequiredPropertyException("GetKeyHandlesKeyHandle", "kmsKey"); + } + this.kmsKey = kmsKey; + return this; + } + @CustomType.Setter + public Builder name(String name) { + if (name == null) { + throw new MissingRequiredPropertyException("GetKeyHandlesKeyHandle", "name"); + } + this.name = name; + return this; + } + @CustomType.Setter + public Builder resourceTypeSelector(String resourceTypeSelector) { + if (resourceTypeSelector == null) { + throw new MissingRequiredPropertyException("GetKeyHandlesKeyHandle", "resourceTypeSelector"); + } + this.resourceTypeSelector = resourceTypeSelector; + return this; + } + public GetKeyHandlesKeyHandle build() { + final var _resultValue = new GetKeyHandlesKeyHandle(); + _resultValue.kmsKey = kmsKey; + _resultValue.name = name; + _resultValue.resourceTypeSelector = resourceTypeSelector; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/kms/outputs/GetKeyHandlesResult.java b/sdk/java/src/main/java/com/pulumi/gcp/kms/outputs/GetKeyHandlesResult.java new file mode 100644 index 0000000000..da5b162f1d --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/kms/outputs/GetKeyHandlesResult.java @@ -0,0 +1,147 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.kms.outputs; + +import com.pulumi.core.annotations.CustomType; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import com.pulumi.gcp.kms.outputs.GetKeyHandlesKeyHandle; +import java.lang.String; +import java.util.List; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + +@CustomType +public final class GetKeyHandlesResult { + /** + * @return The provider-assigned unique ID for this managed resource. + * + */ + private String id; + private List keyHandles; + /** + * @return The location of the KMS Key and KeyHandle. + * + */ + private String location; + /** + * @return The identifier of the project where KMS KeyHandle is created. + * + */ + private @Nullable String project; + /** + * @return Indicates the resource type that the resulting CryptoKey is meant to protect, e.g. {SERVICE}.googleapis.com/{TYPE}. See documentation for supported resource types. + * + */ + private String resourceTypeSelector; + + private GetKeyHandlesResult() {} + /** + * @return The provider-assigned unique ID for this managed resource. + * + */ + public String id() { + return this.id; + } + public List keyHandles() { + return this.keyHandles; + } + /** + * @return The location of the KMS Key and KeyHandle. + * + */ + public String location() { + return this.location; + } + /** + * @return The identifier of the project where KMS KeyHandle is created. + * + */ + public Optional project() { + return Optional.ofNullable(this.project); + } + /** + * @return Indicates the resource type that the resulting CryptoKey is meant to protect, e.g. {SERVICE}.googleapis.com/{TYPE}. See documentation for supported resource types. + * + */ + public String resourceTypeSelector() { + return this.resourceTypeSelector; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(GetKeyHandlesResult defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private String id; + private List keyHandles; + private String location; + private @Nullable String project; + private String resourceTypeSelector; + public Builder() {} + public Builder(GetKeyHandlesResult defaults) { + Objects.requireNonNull(defaults); + this.id = defaults.id; + this.keyHandles = defaults.keyHandles; + this.location = defaults.location; + this.project = defaults.project; + this.resourceTypeSelector = defaults.resourceTypeSelector; + } + + @CustomType.Setter + public Builder id(String id) { + if (id == null) { + throw new MissingRequiredPropertyException("GetKeyHandlesResult", "id"); + } + this.id = id; + return this; + } + @CustomType.Setter + public Builder keyHandles(List keyHandles) { + if (keyHandles == null) { + throw new MissingRequiredPropertyException("GetKeyHandlesResult", "keyHandles"); + } + this.keyHandles = keyHandles; + return this; + } + public Builder keyHandles(GetKeyHandlesKeyHandle... keyHandles) { + return keyHandles(List.of(keyHandles)); + } + @CustomType.Setter + public Builder location(String location) { + if (location == null) { + throw new MissingRequiredPropertyException("GetKeyHandlesResult", "location"); + } + this.location = location; + return this; + } + @CustomType.Setter + public Builder project(@Nullable String project) { + + this.project = project; + return this; + } + @CustomType.Setter + public Builder resourceTypeSelector(String resourceTypeSelector) { + if (resourceTypeSelector == null) { + throw new MissingRequiredPropertyException("GetKeyHandlesResult", "resourceTypeSelector"); + } + this.resourceTypeSelector = resourceTypeSelector; + return this; + } + public GetKeyHandlesResult build() { + final var _resultValue = new GetKeyHandlesResult(); + _resultValue.id = id; + _resultValue.keyHandles = keyHandles; + _resultValue.location = location; + _resultValue.project = project; + _resultValue.resourceTypeSelector = resourceTypeSelector; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/networksecurity/SecurityProfile.java b/sdk/java/src/main/java/com/pulumi/gcp/networksecurity/SecurityProfile.java index 969cb91303..8934bb4f5e 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/networksecurity/SecurityProfile.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/networksecurity/SecurityProfile.java @@ -10,6 +10,8 @@ import com.pulumi.gcp.Utilities; import com.pulumi.gcp.networksecurity.SecurityProfileArgs; import com.pulumi.gcp.networksecurity.inputs.SecurityProfileState; +import com.pulumi.gcp.networksecurity.outputs.SecurityProfileCustomInterceptProfile; +import com.pulumi.gcp.networksecurity.outputs.SecurityProfileCustomMirroringProfile; import com.pulumi.gcp.networksecurity.outputs.SecurityProfileThreatPreventionProfile; import java.lang.String; import java.util.List; @@ -119,6 +121,134 @@ * } * * <!--End PulumiCodeChooser --> + * ### Network Security Security Profile Mirroring + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.compute.Network;
+ * import com.pulumi.gcp.compute.NetworkArgs;
+ * import com.pulumi.gcp.networksecurity.MirroringDeploymentGroup;
+ * import com.pulumi.gcp.networksecurity.MirroringDeploymentGroupArgs;
+ * import com.pulumi.gcp.networksecurity.MirroringEndpointGroup;
+ * import com.pulumi.gcp.networksecurity.MirroringEndpointGroupArgs;
+ * import com.pulumi.gcp.networksecurity.SecurityProfile;
+ * import com.pulumi.gcp.networksecurity.SecurityProfileArgs;
+ * import com.pulumi.gcp.networksecurity.inputs.SecurityProfileCustomMirroringProfileArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App {
+ *     public static void main(String[] args) {
+ *         Pulumi.run(App::stack);
+ *     }
+ * 
+ *     public static void stack(Context ctx) {
+ *         var default_ = new Network("default", NetworkArgs.builder()
+ *             .name("my-network")
+ *             .autoCreateSubnetworks(false)
+ *             .build());
+ * 
+ *         var defaultMirroringDeploymentGroup = new MirroringDeploymentGroup("defaultMirroringDeploymentGroup", MirroringDeploymentGroupArgs.builder()
+ *             .mirroringDeploymentGroupId("my-dg")
+ *             .location("global")
+ *             .network(default_.id())
+ *             .build());
+ * 
+ *         var defaultMirroringEndpointGroup = new MirroringEndpointGroup("defaultMirroringEndpointGroup", MirroringEndpointGroupArgs.builder()
+ *             .mirroringEndpointGroupId("my-eg")
+ *             .location("global")
+ *             .mirroringDeploymentGroup(defaultMirroringDeploymentGroup.id())
+ *             .build());
+ * 
+ *         var defaultSecurityProfile = new SecurityProfile("defaultSecurityProfile", SecurityProfileArgs.builder()
+ *             .name("my-security-profile")
+ *             .parent("organizations/123456789")
+ *             .description("my description")
+ *             .type("CUSTOM_MIRRORING")
+ *             .customMirroringProfile(SecurityProfileCustomMirroringProfileArgs.builder()
+ *                 .mirroringEndpointGroup(defaultMirroringEndpointGroup.id())
+ *                 .build())
+ *             .build());
+ * 
+ *     }
+ * }
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * ### Network Security Security Profile Intercept + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.compute.Network;
+ * import com.pulumi.gcp.compute.NetworkArgs;
+ * import com.pulumi.gcp.networksecurity.InterceptDeploymentGroup;
+ * import com.pulumi.gcp.networksecurity.InterceptDeploymentGroupArgs;
+ * import com.pulumi.gcp.networksecurity.InterceptEndpointGroup;
+ * import com.pulumi.gcp.networksecurity.InterceptEndpointGroupArgs;
+ * import com.pulumi.gcp.networksecurity.SecurityProfile;
+ * import com.pulumi.gcp.networksecurity.SecurityProfileArgs;
+ * import com.pulumi.gcp.networksecurity.inputs.SecurityProfileCustomInterceptProfileArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App {
+ *     public static void main(String[] args) {
+ *         Pulumi.run(App::stack);
+ *     }
+ * 
+ *     public static void stack(Context ctx) {
+ *         var default_ = new Network("default", NetworkArgs.builder()
+ *             .name("my-network")
+ *             .autoCreateSubnetworks(false)
+ *             .build());
+ * 
+ *         var defaultInterceptDeploymentGroup = new InterceptDeploymentGroup("defaultInterceptDeploymentGroup", InterceptDeploymentGroupArgs.builder()
+ *             .interceptDeploymentGroupId("my-dg")
+ *             .location("global")
+ *             .network(default_.id())
+ *             .build());
+ * 
+ *         var defaultInterceptEndpointGroup = new InterceptEndpointGroup("defaultInterceptEndpointGroup", InterceptEndpointGroupArgs.builder()
+ *             .interceptEndpointGroupId("my-eg")
+ *             .location("global")
+ *             .interceptDeploymentGroup(defaultInterceptDeploymentGroup.id())
+ *             .build());
+ * 
+ *         var defaultSecurityProfile = new SecurityProfile("defaultSecurityProfile", SecurityProfileArgs.builder()
+ *             .name("my-security-profile")
+ *             .parent("organizations/123456789")
+ *             .description("my description")
+ *             .type("CUSTOM_INTERCEPT")
+ *             .customInterceptProfile(SecurityProfileCustomInterceptProfileArgs.builder()
+ *                 .interceptEndpointGroup(defaultInterceptEndpointGroup.id())
+ *                 .build())
+ *             .build());
+ * 
+ *     }
+ * }
+ * }
+ *
+ * <!--End PulumiCodeChooser --> * * ## Import * @@ -149,6 +279,42 @@ public class SecurityProfile extends com.pulumi.resources.CustomResource { public Output createTime() { return this.createTime; } + /** + * The configuration for defining the Intercept Endpoint Group used to + * intercept traffic to third-party firewall appliances. + * Structure is documented below. + * + */ + @Export(name="customInterceptProfile", refs={SecurityProfileCustomInterceptProfile.class}, tree="[0]") + private Output customInterceptProfile; + + /** + * @return The configuration for defining the Intercept Endpoint Group used to + * intercept traffic to third-party firewall appliances. + * Structure is documented below. + * + */ + public Output> customInterceptProfile() { + return Codegen.optional(this.customInterceptProfile); + } + /** + * The configuration for defining the Mirroring Endpoint Group used to + * mirror traffic to third-party collectors. + * Structure is documented below. + * + */ + @Export(name="customMirroringProfile", refs={SecurityProfileCustomMirroringProfile.class}, tree="[0]") + private Output customMirroringProfile; + + /** + * @return The configuration for defining the Mirroring Endpoint Group used to + * mirror traffic to third-party collectors. + * Structure is documented below. + * + */ + public Output> customMirroringProfile() { + return Codegen.optional(this.customMirroringProfile); + } /** * An optional description of the security profile. The Max length is 512 characters. * @@ -313,7 +479,7 @@ public Output> threatPrevention } /** * The type of security profile. - * Possible values are: `THREAT_PREVENTION`. + * Possible values are: `THREAT_PREVENTION`, `CUSTOM_MIRRORING`, `CUSTOM_INTERCEPT`. * */ @Export(name="type", refs={String.class}, tree="[0]") @@ -321,7 +487,7 @@ public Output> threatPrevention /** * @return The type of security profile. - * Possible values are: `THREAT_PREVENTION`. + * Possible values are: `THREAT_PREVENTION`, `CUSTOM_MIRRORING`, `CUSTOM_INTERCEPT`. * */ public Output type() { diff --git a/sdk/java/src/main/java/com/pulumi/gcp/networksecurity/SecurityProfileArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/networksecurity/SecurityProfileArgs.java index 1f966208b9..f32021b02a 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/networksecurity/SecurityProfileArgs.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/networksecurity/SecurityProfileArgs.java @@ -6,6 +6,8 @@ import com.pulumi.core.Output; import com.pulumi.core.annotations.Import; import com.pulumi.exceptions.MissingRequiredPropertyException; +import com.pulumi.gcp.networksecurity.inputs.SecurityProfileCustomInterceptProfileArgs; +import com.pulumi.gcp.networksecurity.inputs.SecurityProfileCustomMirroringProfileArgs; import com.pulumi.gcp.networksecurity.inputs.SecurityProfileThreatPreventionProfileArgs; import java.lang.String; import java.util.Map; @@ -18,6 +20,44 @@ public final class SecurityProfileArgs extends com.pulumi.resources.ResourceArgs public static final SecurityProfileArgs Empty = new SecurityProfileArgs(); + /** + * The configuration for defining the Intercept Endpoint Group used to + * intercept traffic to third-party firewall appliances. + * Structure is documented below. + * + */ + @Import(name="customInterceptProfile") + private @Nullable Output customInterceptProfile; + + /** + * @return The configuration for defining the Intercept Endpoint Group used to + * intercept traffic to third-party firewall appliances. + * Structure is documented below. + * + */ + public Optional> customInterceptProfile() { + return Optional.ofNullable(this.customInterceptProfile); + } + + /** + * The configuration for defining the Mirroring Endpoint Group used to + * mirror traffic to third-party collectors. + * Structure is documented below. + * + */ + @Import(name="customMirroringProfile") + private @Nullable Output customMirroringProfile; + + /** + * @return The configuration for defining the Mirroring Endpoint Group used to + * mirror traffic to third-party collectors. + * Structure is documented below. + * + */ + public Optional> customMirroringProfile() { + return Optional.ofNullable(this.customMirroringProfile); + } + /** * An optional description of the security profile. The Max length is 512 characters. * @@ -126,7 +166,7 @@ public Optional> threatPreven /** * The type of security profile. - * Possible values are: `THREAT_PREVENTION`. + * Possible values are: `THREAT_PREVENTION`, `CUSTOM_MIRRORING`, `CUSTOM_INTERCEPT`. * */ @Import(name="type", required=true) @@ -134,7 +174,7 @@ public Optional> threatPreven /** * @return The type of security profile. - * Possible values are: `THREAT_PREVENTION`. + * Possible values are: `THREAT_PREVENTION`, `CUSTOM_MIRRORING`, `CUSTOM_INTERCEPT`. * */ public Output type() { @@ -144,6 +184,8 @@ public Output type() { private SecurityProfileArgs() {} private SecurityProfileArgs(SecurityProfileArgs $) { + this.customInterceptProfile = $.customInterceptProfile; + this.customMirroringProfile = $.customMirroringProfile; this.description = $.description; this.labels = $.labels; this.location = $.location; @@ -171,6 +213,56 @@ public Builder(SecurityProfileArgs defaults) { $ = new SecurityProfileArgs(Objects.requireNonNull(defaults)); } + /** + * @param customInterceptProfile The configuration for defining the Intercept Endpoint Group used to + * intercept traffic to third-party firewall appliances. + * Structure is documented below. + * + * @return builder + * + */ + public Builder customInterceptProfile(@Nullable Output customInterceptProfile) { + $.customInterceptProfile = customInterceptProfile; + return this; + } + + /** + * @param customInterceptProfile The configuration for defining the Intercept Endpoint Group used to + * intercept traffic to third-party firewall appliances. + * Structure is documented below. + * + * @return builder + * + */ + public Builder customInterceptProfile(SecurityProfileCustomInterceptProfileArgs customInterceptProfile) { + return customInterceptProfile(Output.of(customInterceptProfile)); + } + + /** + * @param customMirroringProfile The configuration for defining the Mirroring Endpoint Group used to + * mirror traffic to third-party collectors. + * Structure is documented below. + * + * @return builder + * + */ + public Builder customMirroringProfile(@Nullable Output customMirroringProfile) { + $.customMirroringProfile = customMirroringProfile; + return this; + } + + /** + * @param customMirroringProfile The configuration for defining the Mirroring Endpoint Group used to + * mirror traffic to third-party collectors. + * Structure is documented below. + * + * @return builder + * + */ + public Builder customMirroringProfile(SecurityProfileCustomMirroringProfileArgs customMirroringProfile) { + return customMirroringProfile(Output.of(customMirroringProfile)); + } + /** * @param description An optional description of the security profile. The Max length is 512 characters. * @@ -315,7 +407,7 @@ public Builder threatPreventionProfile(SecurityProfileThreatPreventionProfileArg /** * @param type The type of security profile. - * Possible values are: `THREAT_PREVENTION`. + * Possible values are: `THREAT_PREVENTION`, `CUSTOM_MIRRORING`, `CUSTOM_INTERCEPT`. * * @return builder * @@ -327,7 +419,7 @@ public Builder type(Output type) { /** * @param type The type of security profile. - * Possible values are: `THREAT_PREVENTION`. + * Possible values are: `THREAT_PREVENTION`, `CUSTOM_MIRRORING`, `CUSTOM_INTERCEPT`. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/gcp/networksecurity/SecurityProfileGroup.java b/sdk/java/src/main/java/com/pulumi/gcp/networksecurity/SecurityProfileGroup.java index e2b1389532..acfed9b4a3 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/networksecurity/SecurityProfileGroup.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/networksecurity/SecurityProfileGroup.java @@ -75,6 +75,152 @@ * } * * <!--End PulumiCodeChooser --> + * ### Network Security Security Profile Group Mirroring + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.compute.Network;
+ * import com.pulumi.gcp.compute.NetworkArgs;
+ * import com.pulumi.gcp.networksecurity.MirroringDeploymentGroup;
+ * import com.pulumi.gcp.networksecurity.MirroringDeploymentGroupArgs;
+ * import com.pulumi.gcp.networksecurity.MirroringEndpointGroup;
+ * import com.pulumi.gcp.networksecurity.MirroringEndpointGroupArgs;
+ * import com.pulumi.gcp.networksecurity.SecurityProfile;
+ * import com.pulumi.gcp.networksecurity.SecurityProfileArgs;
+ * import com.pulumi.gcp.networksecurity.inputs.SecurityProfileCustomMirroringProfileArgs;
+ * import com.pulumi.gcp.networksecurity.SecurityProfileGroup;
+ * import com.pulumi.gcp.networksecurity.SecurityProfileGroupArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App {
+ *     public static void main(String[] args) {
+ *         Pulumi.run(App::stack);
+ *     }
+ * 
+ *     public static void stack(Context ctx) {
+ *         var default_ = new Network("default", NetworkArgs.builder()
+ *             .name("network")
+ *             .autoCreateSubnetworks(false)
+ *             .build());
+ * 
+ *         var defaultMirroringDeploymentGroup = new MirroringDeploymentGroup("defaultMirroringDeploymentGroup", MirroringDeploymentGroupArgs.builder()
+ *             .mirroringDeploymentGroupId("deployment-group")
+ *             .location("global")
+ *             .network(default_.id())
+ *             .build());
+ * 
+ *         var defaultMirroringEndpointGroup = new MirroringEndpointGroup("defaultMirroringEndpointGroup", MirroringEndpointGroupArgs.builder()
+ *             .mirroringEndpointGroupId("endpoint-group")
+ *             .location("global")
+ *             .mirroringDeploymentGroup(defaultMirroringDeploymentGroup.id())
+ *             .build());
+ * 
+ *         var defaultSecurityProfile = new SecurityProfile("defaultSecurityProfile", SecurityProfileArgs.builder()
+ *             .name("sec-profile")
+ *             .parent("organizations/123456789")
+ *             .description("my description")
+ *             .type("CUSTOM_MIRRORING")
+ *             .customMirroringProfile(SecurityProfileCustomMirroringProfileArgs.builder()
+ *                 .mirroringEndpointGroup(defaultMirroringEndpointGroup.id())
+ *                 .build())
+ *             .build());
+ * 
+ *         var defaultSecurityProfileGroup = new SecurityProfileGroup("defaultSecurityProfileGroup", SecurityProfileGroupArgs.builder()
+ *             .name("sec-profile-group")
+ *             .parent("organizations/123456789")
+ *             .description("my description")
+ *             .customMirroringProfile(defaultSecurityProfile.id())
+ *             .build());
+ * 
+ *     }
+ * }
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * ### Network Security Security Profile Group Intercept + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.compute.Network;
+ * import com.pulumi.gcp.compute.NetworkArgs;
+ * import com.pulumi.gcp.networksecurity.InterceptDeploymentGroup;
+ * import com.pulumi.gcp.networksecurity.InterceptDeploymentGroupArgs;
+ * import com.pulumi.gcp.networksecurity.InterceptEndpointGroup;
+ * import com.pulumi.gcp.networksecurity.InterceptEndpointGroupArgs;
+ * import com.pulumi.gcp.networksecurity.SecurityProfile;
+ * import com.pulumi.gcp.networksecurity.SecurityProfileArgs;
+ * import com.pulumi.gcp.networksecurity.inputs.SecurityProfileCustomInterceptProfileArgs;
+ * import com.pulumi.gcp.networksecurity.SecurityProfileGroup;
+ * import com.pulumi.gcp.networksecurity.SecurityProfileGroupArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App {
+ *     public static void main(String[] args) {
+ *         Pulumi.run(App::stack);
+ *     }
+ * 
+ *     public static void stack(Context ctx) {
+ *         var default_ = new Network("default", NetworkArgs.builder()
+ *             .name("network")
+ *             .autoCreateSubnetworks(false)
+ *             .build());
+ * 
+ *         var defaultInterceptDeploymentGroup = new InterceptDeploymentGroup("defaultInterceptDeploymentGroup", InterceptDeploymentGroupArgs.builder()
+ *             .interceptDeploymentGroupId("deployment-group")
+ *             .location("global")
+ *             .network(default_.id())
+ *             .build());
+ * 
+ *         var defaultInterceptEndpointGroup = new InterceptEndpointGroup("defaultInterceptEndpointGroup", InterceptEndpointGroupArgs.builder()
+ *             .interceptEndpointGroupId("endpoint-group")
+ *             .location("global")
+ *             .interceptDeploymentGroup(defaultInterceptDeploymentGroup.id())
+ *             .build());
+ * 
+ *         var defaultSecurityProfile = new SecurityProfile("defaultSecurityProfile", SecurityProfileArgs.builder()
+ *             .name("sec-profile")
+ *             .parent("organizations/123456789")
+ *             .description("my description")
+ *             .type("CUSTOM_INTERCEPT")
+ *             .customInterceptProfile(SecurityProfileCustomInterceptProfileArgs.builder()
+ *                 .interceptEndpointGroup(defaultInterceptEndpointGroup.id())
+ *                 .build())
+ *             .build());
+ * 
+ *         var defaultSecurityProfileGroup = new SecurityProfileGroup("defaultSecurityProfileGroup", SecurityProfileGroupArgs.builder()
+ *             .name("sec-profile-group")
+ *             .parent("organizations/123456789")
+ *             .description("my description")
+ *             .customInterceptProfile(defaultSecurityProfile.id())
+ *             .build());
+ * 
+ *     }
+ * }
+ * }
+ *
+ * <!--End PulumiCodeChooser --> * * ## Import * @@ -105,6 +251,34 @@ public class SecurityProfileGroup extends com.pulumi.resources.CustomResource { public Output createTime() { return this.createTime; } + /** + * Reference to a SecurityProfile with the CustomIntercept configuration. + * + */ + @Export(name="customInterceptProfile", refs={String.class}, tree="[0]") + private Output customInterceptProfile; + + /** + * @return Reference to a SecurityProfile with the CustomIntercept configuration. + * + */ + public Output> customInterceptProfile() { + return Codegen.optional(this.customInterceptProfile); + } + /** + * Reference to a SecurityProfile with the custom mirroring configuration for the SecurityProfileGroup. + * + */ + @Export(name="customMirroringProfile", refs={String.class}, tree="[0]") + private Output customMirroringProfile; + + /** + * @return Reference to a SecurityProfile with the custom mirroring configuration for the SecurityProfileGroup. + * + */ + public Output> customMirroringProfile() { + return Codegen.optional(this.customMirroringProfile); + } /** * An optional description of the profile. The Max length is 512 characters. * diff --git a/sdk/java/src/main/java/com/pulumi/gcp/networksecurity/SecurityProfileGroupArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/networksecurity/SecurityProfileGroupArgs.java index 77c604da83..d87f86ff07 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/networksecurity/SecurityProfileGroupArgs.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/networksecurity/SecurityProfileGroupArgs.java @@ -16,6 +16,36 @@ public final class SecurityProfileGroupArgs extends com.pulumi.resources.Resourc public static final SecurityProfileGroupArgs Empty = new SecurityProfileGroupArgs(); + /** + * Reference to a SecurityProfile with the CustomIntercept configuration. + * + */ + @Import(name="customInterceptProfile") + private @Nullable Output customInterceptProfile; + + /** + * @return Reference to a SecurityProfile with the CustomIntercept configuration. + * + */ + public Optional> customInterceptProfile() { + return Optional.ofNullable(this.customInterceptProfile); + } + + /** + * Reference to a SecurityProfile with the custom mirroring configuration for the SecurityProfileGroup. + * + */ + @Import(name="customMirroringProfile") + private @Nullable Output customMirroringProfile; + + /** + * @return Reference to a SecurityProfile with the custom mirroring configuration for the SecurityProfileGroup. + * + */ + public Optional> customMirroringProfile() { + return Optional.ofNullable(this.customMirroringProfile); + } + /** * An optional description of the profile. The Max length is 512 characters. * @@ -123,6 +153,8 @@ public Optional> threatPreventionProfile() { private SecurityProfileGroupArgs() {} private SecurityProfileGroupArgs(SecurityProfileGroupArgs $) { + this.customInterceptProfile = $.customInterceptProfile; + this.customMirroringProfile = $.customMirroringProfile; this.description = $.description; this.labels = $.labels; this.location = $.location; @@ -149,6 +181,48 @@ public Builder(SecurityProfileGroupArgs defaults) { $ = new SecurityProfileGroupArgs(Objects.requireNonNull(defaults)); } + /** + * @param customInterceptProfile Reference to a SecurityProfile with the CustomIntercept configuration. + * + * @return builder + * + */ + public Builder customInterceptProfile(@Nullable Output customInterceptProfile) { + $.customInterceptProfile = customInterceptProfile; + return this; + } + + /** + * @param customInterceptProfile Reference to a SecurityProfile with the CustomIntercept configuration. + * + * @return builder + * + */ + public Builder customInterceptProfile(String customInterceptProfile) { + return customInterceptProfile(Output.of(customInterceptProfile)); + } + + /** + * @param customMirroringProfile Reference to a SecurityProfile with the custom mirroring configuration for the SecurityProfileGroup. + * + * @return builder + * + */ + public Builder customMirroringProfile(@Nullable Output customMirroringProfile) { + $.customMirroringProfile = customMirroringProfile; + return this; + } + + /** + * @param customMirroringProfile Reference to a SecurityProfile with the custom mirroring configuration for the SecurityProfileGroup. + * + * @return builder + * + */ + public Builder customMirroringProfile(String customMirroringProfile) { + return customMirroringProfile(Output.of(customMirroringProfile)); + } + /** * @param description An optional description of the profile. The Max length is 512 characters. * diff --git a/sdk/java/src/main/java/com/pulumi/gcp/networksecurity/inputs/SecurityProfileCustomInterceptProfileArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/networksecurity/inputs/SecurityProfileCustomInterceptProfileArgs.java new file mode 100644 index 0000000000..e9941b8116 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/networksecurity/inputs/SecurityProfileCustomInterceptProfileArgs.java @@ -0,0 +1,89 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.networksecurity.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.Objects; + + +public final class SecurityProfileCustomInterceptProfileArgs extends com.pulumi.resources.ResourceArgs { + + public static final SecurityProfileCustomInterceptProfileArgs Empty = new SecurityProfileCustomInterceptProfileArgs(); + + /** + * The Intercept Endpoint Group to which matching traffic should be intercepted. + * Format: projects/{project_id}/locations/global/interceptEndpointGroups/{endpoint_group_id} + * + */ + @Import(name="interceptEndpointGroup", required=true) + private Output interceptEndpointGroup; + + /** + * @return The Intercept Endpoint Group to which matching traffic should be intercepted. + * Format: projects/{project_id}/locations/global/interceptEndpointGroups/{endpoint_group_id} + * + */ + public Output interceptEndpointGroup() { + return this.interceptEndpointGroup; + } + + private SecurityProfileCustomInterceptProfileArgs() {} + + private SecurityProfileCustomInterceptProfileArgs(SecurityProfileCustomInterceptProfileArgs $) { + this.interceptEndpointGroup = $.interceptEndpointGroup; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(SecurityProfileCustomInterceptProfileArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private SecurityProfileCustomInterceptProfileArgs $; + + public Builder() { + $ = new SecurityProfileCustomInterceptProfileArgs(); + } + + public Builder(SecurityProfileCustomInterceptProfileArgs defaults) { + $ = new SecurityProfileCustomInterceptProfileArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param interceptEndpointGroup The Intercept Endpoint Group to which matching traffic should be intercepted. + * Format: projects/{project_id}/locations/global/interceptEndpointGroups/{endpoint_group_id} + * + * @return builder + * + */ + public Builder interceptEndpointGroup(Output interceptEndpointGroup) { + $.interceptEndpointGroup = interceptEndpointGroup; + return this; + } + + /** + * @param interceptEndpointGroup The Intercept Endpoint Group to which matching traffic should be intercepted. + * Format: projects/{project_id}/locations/global/interceptEndpointGroups/{endpoint_group_id} + * + * @return builder + * + */ + public Builder interceptEndpointGroup(String interceptEndpointGroup) { + return interceptEndpointGroup(Output.of(interceptEndpointGroup)); + } + + public SecurityProfileCustomInterceptProfileArgs build() { + if ($.interceptEndpointGroup == null) { + throw new MissingRequiredPropertyException("SecurityProfileCustomInterceptProfileArgs", "interceptEndpointGroup"); + } + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/networksecurity/inputs/SecurityProfileCustomMirroringProfileArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/networksecurity/inputs/SecurityProfileCustomMirroringProfileArgs.java new file mode 100644 index 0000000000..7494985d04 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/networksecurity/inputs/SecurityProfileCustomMirroringProfileArgs.java @@ -0,0 +1,89 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.networksecurity.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.Objects; + + +public final class SecurityProfileCustomMirroringProfileArgs extends com.pulumi.resources.ResourceArgs { + + public static final SecurityProfileCustomMirroringProfileArgs Empty = new SecurityProfileCustomMirroringProfileArgs(); + + /** + * The Mirroring Endpoint Group to which matching traffic should be mirrored. + * Format: projects/{project_id}/locations/global/mirroringEndpointGroups/{endpoint_group_id} + * + */ + @Import(name="mirroringEndpointGroup", required=true) + private Output mirroringEndpointGroup; + + /** + * @return The Mirroring Endpoint Group to which matching traffic should be mirrored. + * Format: projects/{project_id}/locations/global/mirroringEndpointGroups/{endpoint_group_id} + * + */ + public Output mirroringEndpointGroup() { + return this.mirroringEndpointGroup; + } + + private SecurityProfileCustomMirroringProfileArgs() {} + + private SecurityProfileCustomMirroringProfileArgs(SecurityProfileCustomMirroringProfileArgs $) { + this.mirroringEndpointGroup = $.mirroringEndpointGroup; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(SecurityProfileCustomMirroringProfileArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private SecurityProfileCustomMirroringProfileArgs $; + + public Builder() { + $ = new SecurityProfileCustomMirroringProfileArgs(); + } + + public Builder(SecurityProfileCustomMirroringProfileArgs defaults) { + $ = new SecurityProfileCustomMirroringProfileArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param mirroringEndpointGroup The Mirroring Endpoint Group to which matching traffic should be mirrored. + * Format: projects/{project_id}/locations/global/mirroringEndpointGroups/{endpoint_group_id} + * + * @return builder + * + */ + public Builder mirroringEndpointGroup(Output mirroringEndpointGroup) { + $.mirroringEndpointGroup = mirroringEndpointGroup; + return this; + } + + /** + * @param mirroringEndpointGroup The Mirroring Endpoint Group to which matching traffic should be mirrored. + * Format: projects/{project_id}/locations/global/mirroringEndpointGroups/{endpoint_group_id} + * + * @return builder + * + */ + public Builder mirroringEndpointGroup(String mirroringEndpointGroup) { + return mirroringEndpointGroup(Output.of(mirroringEndpointGroup)); + } + + public SecurityProfileCustomMirroringProfileArgs build() { + if ($.mirroringEndpointGroup == null) { + throw new MissingRequiredPropertyException("SecurityProfileCustomMirroringProfileArgs", "mirroringEndpointGroup"); + } + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/networksecurity/inputs/SecurityProfileGroupState.java b/sdk/java/src/main/java/com/pulumi/gcp/networksecurity/inputs/SecurityProfileGroupState.java index 598585a873..7256d28f86 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/networksecurity/inputs/SecurityProfileGroupState.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/networksecurity/inputs/SecurityProfileGroupState.java @@ -31,6 +31,36 @@ public Optional> createTime() { return Optional.ofNullable(this.createTime); } + /** + * Reference to a SecurityProfile with the CustomIntercept configuration. + * + */ + @Import(name="customInterceptProfile") + private @Nullable Output customInterceptProfile; + + /** + * @return Reference to a SecurityProfile with the CustomIntercept configuration. + * + */ + public Optional> customInterceptProfile() { + return Optional.ofNullable(this.customInterceptProfile); + } + + /** + * Reference to a SecurityProfile with the custom mirroring configuration for the SecurityProfileGroup. + * + */ + @Import(name="customMirroringProfile") + private @Nullable Output customMirroringProfile; + + /** + * @return Reference to a SecurityProfile with the custom mirroring configuration for the SecurityProfileGroup. + * + */ + public Optional> customMirroringProfile() { + return Optional.ofNullable(this.customMirroringProfile); + } + /** * An optional description of the profile. The Max length is 512 characters. * @@ -205,6 +235,8 @@ private SecurityProfileGroupState() {} private SecurityProfileGroupState(SecurityProfileGroupState $) { this.createTime = $.createTime; + this.customInterceptProfile = $.customInterceptProfile; + this.customMirroringProfile = $.customMirroringProfile; this.description = $.description; this.effectiveLabels = $.effectiveLabels; this.etag = $.etag; @@ -256,6 +288,48 @@ public Builder createTime(String createTime) { return createTime(Output.of(createTime)); } + /** + * @param customInterceptProfile Reference to a SecurityProfile with the CustomIntercept configuration. + * + * @return builder + * + */ + public Builder customInterceptProfile(@Nullable Output customInterceptProfile) { + $.customInterceptProfile = customInterceptProfile; + return this; + } + + /** + * @param customInterceptProfile Reference to a SecurityProfile with the CustomIntercept configuration. + * + * @return builder + * + */ + public Builder customInterceptProfile(String customInterceptProfile) { + return customInterceptProfile(Output.of(customInterceptProfile)); + } + + /** + * @param customMirroringProfile Reference to a SecurityProfile with the custom mirroring configuration for the SecurityProfileGroup. + * + * @return builder + * + */ + public Builder customMirroringProfile(@Nullable Output customMirroringProfile) { + $.customMirroringProfile = customMirroringProfile; + return this; + } + + /** + * @param customMirroringProfile Reference to a SecurityProfile with the custom mirroring configuration for the SecurityProfileGroup. + * + * @return builder + * + */ + public Builder customMirroringProfile(String customMirroringProfile) { + return customMirroringProfile(Output.of(customMirroringProfile)); + } + /** * @param description An optional description of the profile. The Max length is 512 characters. * diff --git a/sdk/java/src/main/java/com/pulumi/gcp/networksecurity/inputs/SecurityProfileState.java b/sdk/java/src/main/java/com/pulumi/gcp/networksecurity/inputs/SecurityProfileState.java index f04d6d9c10..992ca18ad6 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/networksecurity/inputs/SecurityProfileState.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/networksecurity/inputs/SecurityProfileState.java @@ -5,6 +5,8 @@ import com.pulumi.core.Output; import com.pulumi.core.annotations.Import; +import com.pulumi.gcp.networksecurity.inputs.SecurityProfileCustomInterceptProfileArgs; +import com.pulumi.gcp.networksecurity.inputs.SecurityProfileCustomMirroringProfileArgs; import com.pulumi.gcp.networksecurity.inputs.SecurityProfileThreatPreventionProfileArgs; import java.lang.String; import java.util.Map; @@ -32,6 +34,44 @@ public Optional> createTime() { return Optional.ofNullable(this.createTime); } + /** + * The configuration for defining the Intercept Endpoint Group used to + * intercept traffic to third-party firewall appliances. + * Structure is documented below. + * + */ + @Import(name="customInterceptProfile") + private @Nullable Output customInterceptProfile; + + /** + * @return The configuration for defining the Intercept Endpoint Group used to + * intercept traffic to third-party firewall appliances. + * Structure is documented below. + * + */ + public Optional> customInterceptProfile() { + return Optional.ofNullable(this.customInterceptProfile); + } + + /** + * The configuration for defining the Mirroring Endpoint Group used to + * mirror traffic to third-party collectors. + * Structure is documented below. + * + */ + @Import(name="customMirroringProfile") + private @Nullable Output customMirroringProfile; + + /** + * @return The configuration for defining the Mirroring Endpoint Group used to + * mirror traffic to third-party collectors. + * Structure is documented below. + * + */ + public Optional> customMirroringProfile() { + return Optional.ofNullable(this.customMirroringProfile); + } + /** * An optional description of the security profile. The Max length is 512 characters. * @@ -206,7 +246,7 @@ public Optional> threatPreven /** * The type of security profile. - * Possible values are: `THREAT_PREVENTION`. + * Possible values are: `THREAT_PREVENTION`, `CUSTOM_MIRRORING`, `CUSTOM_INTERCEPT`. * */ @Import(name="type") @@ -214,7 +254,7 @@ public Optional> threatPreven /** * @return The type of security profile. - * Possible values are: `THREAT_PREVENTION`. + * Possible values are: `THREAT_PREVENTION`, `CUSTOM_MIRRORING`, `CUSTOM_INTERCEPT`. * */ public Optional> type() { @@ -240,6 +280,8 @@ private SecurityProfileState() {} private SecurityProfileState(SecurityProfileState $) { this.createTime = $.createTime; + this.customInterceptProfile = $.customInterceptProfile; + this.customMirroringProfile = $.customMirroringProfile; this.description = $.description; this.effectiveLabels = $.effectiveLabels; this.etag = $.etag; @@ -293,6 +335,56 @@ public Builder createTime(String createTime) { return createTime(Output.of(createTime)); } + /** + * @param customInterceptProfile The configuration for defining the Intercept Endpoint Group used to + * intercept traffic to third-party firewall appliances. + * Structure is documented below. + * + * @return builder + * + */ + public Builder customInterceptProfile(@Nullable Output customInterceptProfile) { + $.customInterceptProfile = customInterceptProfile; + return this; + } + + /** + * @param customInterceptProfile The configuration for defining the Intercept Endpoint Group used to + * intercept traffic to third-party firewall appliances. + * Structure is documented below. + * + * @return builder + * + */ + public Builder customInterceptProfile(SecurityProfileCustomInterceptProfileArgs customInterceptProfile) { + return customInterceptProfile(Output.of(customInterceptProfile)); + } + + /** + * @param customMirroringProfile The configuration for defining the Mirroring Endpoint Group used to + * mirror traffic to third-party collectors. + * Structure is documented below. + * + * @return builder + * + */ + public Builder customMirroringProfile(@Nullable Output customMirroringProfile) { + $.customMirroringProfile = customMirroringProfile; + return this; + } + + /** + * @param customMirroringProfile The configuration for defining the Mirroring Endpoint Group used to + * mirror traffic to third-party collectors. + * Structure is documented below. + * + * @return builder + * + */ + public Builder customMirroringProfile(SecurityProfileCustomMirroringProfileArgs customMirroringProfile) { + return customMirroringProfile(Output.of(customMirroringProfile)); + } + /** * @param description An optional description of the security profile. The Max length is 512 characters. * @@ -527,7 +619,7 @@ public Builder threatPreventionProfile(SecurityProfileThreatPreventionProfileArg /** * @param type The type of security profile. - * Possible values are: `THREAT_PREVENTION`. + * Possible values are: `THREAT_PREVENTION`, `CUSTOM_MIRRORING`, `CUSTOM_INTERCEPT`. * * @return builder * @@ -539,7 +631,7 @@ public Builder type(@Nullable Output type) { /** * @param type The type of security profile. - * Possible values are: `THREAT_PREVENTION`. + * Possible values are: `THREAT_PREVENTION`, `CUSTOM_MIRRORING`, `CUSTOM_INTERCEPT`. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/gcp/networksecurity/outputs/SecurityProfileCustomInterceptProfile.java b/sdk/java/src/main/java/com/pulumi/gcp/networksecurity/outputs/SecurityProfileCustomInterceptProfile.java new file mode 100644 index 0000000000..b98eef691e --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/networksecurity/outputs/SecurityProfileCustomInterceptProfile.java @@ -0,0 +1,60 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.networksecurity.outputs; + +import com.pulumi.core.annotations.CustomType; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.Objects; + +@CustomType +public final class SecurityProfileCustomInterceptProfile { + /** + * @return The Intercept Endpoint Group to which matching traffic should be intercepted. + * Format: projects/{project_id}/locations/global/interceptEndpointGroups/{endpoint_group_id} + * + */ + private String interceptEndpointGroup; + + private SecurityProfileCustomInterceptProfile() {} + /** + * @return The Intercept Endpoint Group to which matching traffic should be intercepted. + * Format: projects/{project_id}/locations/global/interceptEndpointGroups/{endpoint_group_id} + * + */ + public String interceptEndpointGroup() { + return this.interceptEndpointGroup; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(SecurityProfileCustomInterceptProfile defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private String interceptEndpointGroup; + public Builder() {} + public Builder(SecurityProfileCustomInterceptProfile defaults) { + Objects.requireNonNull(defaults); + this.interceptEndpointGroup = defaults.interceptEndpointGroup; + } + + @CustomType.Setter + public Builder interceptEndpointGroup(String interceptEndpointGroup) { + if (interceptEndpointGroup == null) { + throw new MissingRequiredPropertyException("SecurityProfileCustomInterceptProfile", "interceptEndpointGroup"); + } + this.interceptEndpointGroup = interceptEndpointGroup; + return this; + } + public SecurityProfileCustomInterceptProfile build() { + final var _resultValue = new SecurityProfileCustomInterceptProfile(); + _resultValue.interceptEndpointGroup = interceptEndpointGroup; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/networksecurity/outputs/SecurityProfileCustomMirroringProfile.java b/sdk/java/src/main/java/com/pulumi/gcp/networksecurity/outputs/SecurityProfileCustomMirroringProfile.java new file mode 100644 index 0000000000..cd1303ed4a --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/networksecurity/outputs/SecurityProfileCustomMirroringProfile.java @@ -0,0 +1,60 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.networksecurity.outputs; + +import com.pulumi.core.annotations.CustomType; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.Objects; + +@CustomType +public final class SecurityProfileCustomMirroringProfile { + /** + * @return The Mirroring Endpoint Group to which matching traffic should be mirrored. + * Format: projects/{project_id}/locations/global/mirroringEndpointGroups/{endpoint_group_id} + * + */ + private String mirroringEndpointGroup; + + private SecurityProfileCustomMirroringProfile() {} + /** + * @return The Mirroring Endpoint Group to which matching traffic should be mirrored. + * Format: projects/{project_id}/locations/global/mirroringEndpointGroups/{endpoint_group_id} + * + */ + public String mirroringEndpointGroup() { + return this.mirroringEndpointGroup; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(SecurityProfileCustomMirroringProfile defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private String mirroringEndpointGroup; + public Builder() {} + public Builder(SecurityProfileCustomMirroringProfile defaults) { + Objects.requireNonNull(defaults); + this.mirroringEndpointGroup = defaults.mirroringEndpointGroup; + } + + @CustomType.Setter + public Builder mirroringEndpointGroup(String mirroringEndpointGroup) { + if (mirroringEndpointGroup == null) { + throw new MissingRequiredPropertyException("SecurityProfileCustomMirroringProfile", "mirroringEndpointGroup"); + } + this.mirroringEndpointGroup = mirroringEndpointGroup; + return this; + } + public SecurityProfileCustomMirroringProfile build() { + final var _resultValue = new SecurityProfileCustomMirroringProfile(); + _resultValue.mirroringEndpointGroup = mirroringEndpointGroup; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/organizations/OrganizationsFunctions.java b/sdk/java/src/main/java/com/pulumi/gcp/organizations/OrganizationsFunctions.java index 79e4a03156..3ccdbb98d9 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/organizations/OrganizationsFunctions.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/organizations/OrganizationsFunctions.java @@ -23,6 +23,8 @@ import com.pulumi.gcp.organizations.inputs.GetOrganizationPlainArgs; import com.pulumi.gcp.organizations.inputs.GetProjectArgs; import com.pulumi.gcp.organizations.inputs.GetProjectPlainArgs; +import com.pulumi.gcp.organizations.inputs.GetSArgs; +import com.pulumi.gcp.organizations.inputs.GetSPlainArgs; import com.pulumi.gcp.organizations.outputs.GetActiveFolderResult; import com.pulumi.gcp.organizations.outputs.GetBillingAccountResult; import com.pulumi.gcp.organizations.outputs.GetClientConfigResult; @@ -32,6 +34,7 @@ import com.pulumi.gcp.organizations.outputs.GetIAMPolicyResult; import com.pulumi.gcp.organizations.outputs.GetOrganizationResult; import com.pulumi.gcp.organizations.outputs.GetProjectResult; +import com.pulumi.gcp.organizations.outputs.GetSResult; import com.pulumi.resources.InvokeArgs; import java.util.concurrent.CompletableFuture; @@ -2729,4 +2732,312 @@ public static Output getProject(GetProjectArgs args, InvokeOut public static CompletableFuture getProjectPlain(GetProjectPlainArgs args, InvokeOptions options) { return Deployment.getInstance().invokeAsync("gcp:organizations/getProject:getProject", TypeShape.of(GetProjectResult.class), args, Utilities.withVersion(options)); } + /** + * Gets a list of all organizations. + * See [the official documentation](https://cloud.google.com/resource-manager/docs/creating-managing-organization) + * and [API](https://cloud.google.com/resource-manager/reference/rest/v1/organizations/search). + * + * ## Example Usage + * + * <!--Start PulumiCodeChooser --> + * 
+     * {@code
+     * package generated_program;
+     * 
+     * import com.pulumi.Context;
+     * import com.pulumi.Pulumi;
+     * import com.pulumi.core.Output;
+     * import com.pulumi.gcp.organizations.OrganizationsFunctions;
+     * import com.pulumi.gcp.organizations.inputs.GetSArgs;
+     * import java.util.List;
+     * import java.util.ArrayList;
+     * import java.util.Map;
+     * import java.io.File;
+     * import java.nio.file.Files;
+     * import java.nio.file.Paths;
+     * 
+     * public class App {
+     *     public static void main(String[] args) {
+     *         Pulumi.run(App::stack);
+     *     }
+     * 
+     *     public static void stack(Context ctx) {
+     *         final var example = OrganizationsFunctions.getS(GetSArgs.builder()
+     *             .filter("domain:example.com")
+     *             .build());
+     * 
+     *     }
+     * }
+     * }
+     *
+ * <!--End PulumiCodeChooser --> + * + */ + public static Output getS() { + return getS(GetSArgs.Empty, InvokeOptions.Empty); + } + /** + * Gets a list of all organizations. + * See [the official documentation](https://cloud.google.com/resource-manager/docs/creating-managing-organization) + * and [API](https://cloud.google.com/resource-manager/reference/rest/v1/organizations/search). + * + * ## Example Usage + * + * <!--Start PulumiCodeChooser --> + * 
+     * {@code
+     * package generated_program;
+     * 
+     * import com.pulumi.Context;
+     * import com.pulumi.Pulumi;
+     * import com.pulumi.core.Output;
+     * import com.pulumi.gcp.organizations.OrganizationsFunctions;
+     * import com.pulumi.gcp.organizations.inputs.GetSArgs;
+     * import java.util.List;
+     * import java.util.ArrayList;
+     * import java.util.Map;
+     * import java.io.File;
+     * import java.nio.file.Files;
+     * import java.nio.file.Paths;
+     * 
+     * public class App {
+     *     public static void main(String[] args) {
+     *         Pulumi.run(App::stack);
+     *     }
+     * 
+     *     public static void stack(Context ctx) {
+     *         final var example = OrganizationsFunctions.getS(GetSArgs.builder()
+     *             .filter("domain:example.com")
+     *             .build());
+     * 
+     *     }
+     * }
+     * }
+     *
+ * <!--End PulumiCodeChooser --> + * + */ + public static CompletableFuture getSPlain() { + return getSPlain(GetSPlainArgs.Empty, InvokeOptions.Empty); + } + /** + * Gets a list of all organizations. + * See [the official documentation](https://cloud.google.com/resource-manager/docs/creating-managing-organization) + * and [API](https://cloud.google.com/resource-manager/reference/rest/v1/organizations/search). + * + * ## Example Usage + * + * <!--Start PulumiCodeChooser --> + * 
+     * {@code
+     * package generated_program;
+     * 
+     * import com.pulumi.Context;
+     * import com.pulumi.Pulumi;
+     * import com.pulumi.core.Output;
+     * import com.pulumi.gcp.organizations.OrganizationsFunctions;
+     * import com.pulumi.gcp.organizations.inputs.GetSArgs;
+     * import java.util.List;
+     * import java.util.ArrayList;
+     * import java.util.Map;
+     * import java.io.File;
+     * import java.nio.file.Files;
+     * import java.nio.file.Paths;
+     * 
+     * public class App {
+     *     public static void main(String[] args) {
+     *         Pulumi.run(App::stack);
+     *     }
+     * 
+     *     public static void stack(Context ctx) {
+     *         final var example = OrganizationsFunctions.getS(GetSArgs.builder()
+     *             .filter("domain:example.com")
+     *             .build());
+     * 
+     *     }
+     * }
+     * }
+     *
+ * <!--End PulumiCodeChooser --> + * + */ + public static Output getS(GetSArgs args) { + return getS(args, InvokeOptions.Empty); + } + /** + * Gets a list of all organizations. + * See [the official documentation](https://cloud.google.com/resource-manager/docs/creating-managing-organization) + * and [API](https://cloud.google.com/resource-manager/reference/rest/v1/organizations/search). + * + * ## Example Usage + * + * <!--Start PulumiCodeChooser --> + * 
+     * {@code
+     * package generated_program;
+     * 
+     * import com.pulumi.Context;
+     * import com.pulumi.Pulumi;
+     * import com.pulumi.core.Output;
+     * import com.pulumi.gcp.organizations.OrganizationsFunctions;
+     * import com.pulumi.gcp.organizations.inputs.GetSArgs;
+     * import java.util.List;
+     * import java.util.ArrayList;
+     * import java.util.Map;
+     * import java.io.File;
+     * import java.nio.file.Files;
+     * import java.nio.file.Paths;
+     * 
+     * public class App {
+     *     public static void main(String[] args) {
+     *         Pulumi.run(App::stack);
+     *     }
+     * 
+     *     public static void stack(Context ctx) {
+     *         final var example = OrganizationsFunctions.getS(GetSArgs.builder()
+     *             .filter("domain:example.com")
+     *             .build());
+     * 
+     *     }
+     * }
+     * }
+     *
+ * <!--End PulumiCodeChooser --> + * + */ + public static CompletableFuture getSPlain(GetSPlainArgs args) { + return getSPlain(args, InvokeOptions.Empty); + } + /** + * Gets a list of all organizations. + * See [the official documentation](https://cloud.google.com/resource-manager/docs/creating-managing-organization) + * and [API](https://cloud.google.com/resource-manager/reference/rest/v1/organizations/search). + * + * ## Example Usage + * + * <!--Start PulumiCodeChooser --> + * 
+     * {@code
+     * package generated_program;
+     * 
+     * import com.pulumi.Context;
+     * import com.pulumi.Pulumi;
+     * import com.pulumi.core.Output;
+     * import com.pulumi.gcp.organizations.OrganizationsFunctions;
+     * import com.pulumi.gcp.organizations.inputs.GetSArgs;
+     * import java.util.List;
+     * import java.util.ArrayList;
+     * import java.util.Map;
+     * import java.io.File;
+     * import java.nio.file.Files;
+     * import java.nio.file.Paths;
+     * 
+     * public class App {
+     *     public static void main(String[] args) {
+     *         Pulumi.run(App::stack);
+     *     }
+     * 
+     *     public static void stack(Context ctx) {
+     *         final var example = OrganizationsFunctions.getS(GetSArgs.builder()
+     *             .filter("domain:example.com")
+     *             .build());
+     * 
+     *     }
+     * }
+     * }
+     *
+ * <!--End PulumiCodeChooser --> + * + */ + public static Output getS(GetSArgs args, InvokeOptions options) { + return Deployment.getInstance().invoke("gcp:organizations/getS:getS", TypeShape.of(GetSResult.class), args, Utilities.withVersion(options)); + } + /** + * Gets a list of all organizations. + * See [the official documentation](https://cloud.google.com/resource-manager/docs/creating-managing-organization) + * and [API](https://cloud.google.com/resource-manager/reference/rest/v1/organizations/search). + * + * ## Example Usage + * + * <!--Start PulumiCodeChooser --> + * 
+     * {@code
+     * package generated_program;
+     * 
+     * import com.pulumi.Context;
+     * import com.pulumi.Pulumi;
+     * import com.pulumi.core.Output;
+     * import com.pulumi.gcp.organizations.OrganizationsFunctions;
+     * import com.pulumi.gcp.organizations.inputs.GetSArgs;
+     * import java.util.List;
+     * import java.util.ArrayList;
+     * import java.util.Map;
+     * import java.io.File;
+     * import java.nio.file.Files;
+     * import java.nio.file.Paths;
+     * 
+     * public class App {
+     *     public static void main(String[] args) {
+     *         Pulumi.run(App::stack);
+     *     }
+     * 
+     *     public static void stack(Context ctx) {
+     *         final var example = OrganizationsFunctions.getS(GetSArgs.builder()
+     *             .filter("domain:example.com")
+     *             .build());
+     * 
+     *     }
+     * }
+     * }
+     *
+ * <!--End PulumiCodeChooser --> + * + */ + public static Output getS(GetSArgs args, InvokeOutputOptions options) { + return Deployment.getInstance().invoke("gcp:organizations/getS:getS", TypeShape.of(GetSResult.class), args, Utilities.withVersion(options)); + } + /** + * Gets a list of all organizations. + * See [the official documentation](https://cloud.google.com/resource-manager/docs/creating-managing-organization) + * and [API](https://cloud.google.com/resource-manager/reference/rest/v1/organizations/search). + * + * ## Example Usage + * + * <!--Start PulumiCodeChooser --> + * 
+     * {@code
+     * package generated_program;
+     * 
+     * import com.pulumi.Context;
+     * import com.pulumi.Pulumi;
+     * import com.pulumi.core.Output;
+     * import com.pulumi.gcp.organizations.OrganizationsFunctions;
+     * import com.pulumi.gcp.organizations.inputs.GetSArgs;
+     * import java.util.List;
+     * import java.util.ArrayList;
+     * import java.util.Map;
+     * import java.io.File;
+     * import java.nio.file.Files;
+     * import java.nio.file.Paths;
+     * 
+     * public class App {
+     *     public static void main(String[] args) {
+     *         Pulumi.run(App::stack);
+     *     }
+     * 
+     *     public static void stack(Context ctx) {
+     *         final var example = OrganizationsFunctions.getS(GetSArgs.builder()
+     *             .filter("domain:example.com")
+     *             .build());
+     * 
+     *     }
+     * }
+     * }
+     *
+ * <!--End PulumiCodeChooser --> + * + */ + public static CompletableFuture getSPlain(GetSPlainArgs args, InvokeOptions options) { + return Deployment.getInstance().invokeAsync("gcp:organizations/getS:getS", TypeShape.of(GetSResult.class), args, Utilities.withVersion(options)); + } } diff --git a/sdk/java/src/main/java/com/pulumi/gcp/organizations/inputs/GetSArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/organizations/inputs/GetSArgs.java new file mode 100644 index 0000000000..63c54b32b3 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/organizations/inputs/GetSArgs.java @@ -0,0 +1,83 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.organizations.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class GetSArgs extends com.pulumi.resources.InvokeArgs { + + public static final GetSArgs Empty = new GetSArgs(); + + /** + * An optional query string used to filter the Organizations to return in the response. Filter rules are case-insensitive. Further information can be found in the [REST API](https://cloud.google.com/resource-manager/reference/rest/v1/organizations/search#request-body). + * + */ + @Import(name="filter") + private @Nullable Output filter; + + /** + * @return An optional query string used to filter the Organizations to return in the response. Filter rules are case-insensitive. Further information can be found in the [REST API](https://cloud.google.com/resource-manager/reference/rest/v1/organizations/search#request-body). + * + */ + public Optional> filter() { + return Optional.ofNullable(this.filter); + } + + private GetSArgs() {} + + private GetSArgs(GetSArgs $) { + this.filter = $.filter; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(GetSArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private GetSArgs $; + + public Builder() { + $ = new GetSArgs(); + } + + public Builder(GetSArgs defaults) { + $ = new GetSArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param filter An optional query string used to filter the Organizations to return in the response. Filter rules are case-insensitive. Further information can be found in the [REST API](https://cloud.google.com/resource-manager/reference/rest/v1/organizations/search#request-body). + * + * @return builder + * + */ + public Builder filter(@Nullable Output filter) { + $.filter = filter; + return this; + } + + /** + * @param filter An optional query string used to filter the Organizations to return in the response. Filter rules are case-insensitive. Further information can be found in the [REST API](https://cloud.google.com/resource-manager/reference/rest/v1/organizations/search#request-body). + * + * @return builder + * + */ + public Builder filter(String filter) { + return filter(Output.of(filter)); + } + + public GetSArgs build() { + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/organizations/inputs/GetSPlainArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/organizations/inputs/GetSPlainArgs.java new file mode 100644 index 0000000000..d9025bf643 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/organizations/inputs/GetSPlainArgs.java @@ -0,0 +1,72 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.organizations.inputs; + +import com.pulumi.core.annotations.Import; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class GetSPlainArgs extends com.pulumi.resources.InvokeArgs { + + public static final GetSPlainArgs Empty = new GetSPlainArgs(); + + /** + * An optional query string used to filter the Organizations to return in the response. Filter rules are case-insensitive. Further information can be found in the [REST API](https://cloud.google.com/resource-manager/reference/rest/v1/organizations/search#request-body). + * + */ + @Import(name="filter") + private @Nullable String filter; + + /** + * @return An optional query string used to filter the Organizations to return in the response. Filter rules are case-insensitive. Further information can be found in the [REST API](https://cloud.google.com/resource-manager/reference/rest/v1/organizations/search#request-body). + * + */ + public Optional filter() { + return Optional.ofNullable(this.filter); + } + + private GetSPlainArgs() {} + + private GetSPlainArgs(GetSPlainArgs $) { + this.filter = $.filter; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(GetSPlainArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private GetSPlainArgs $; + + public Builder() { + $ = new GetSPlainArgs(); + } + + public Builder(GetSPlainArgs defaults) { + $ = new GetSPlainArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param filter An optional query string used to filter the Organizations to return in the response. Filter rules are case-insensitive. Further information can be found in the [REST API](https://cloud.google.com/resource-manager/reference/rest/v1/organizations/search#request-body). + * + * @return builder + * + */ + public Builder filter(@Nullable String filter) { + $.filter = filter; + return this; + } + + public GetSPlainArgs build() { + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/organizations/outputs/GetSOrganization.java b/sdk/java/src/main/java/com/pulumi/gcp/organizations/outputs/GetSOrganization.java new file mode 100644 index 0000000000..6b5e1c4ef5 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/organizations/outputs/GetSOrganization.java @@ -0,0 +1,150 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.organizations.outputs; + +import com.pulumi.core.annotations.CustomType; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.Objects; + +@CustomType +public final class GetSOrganization { + /** + * @return The Google for Work customer ID of the Organization. + * + */ + private String directoryCustomerId; + /** + * @return A human-readable string that refers to the Organization in the Google Cloud console. The string will be set to the primary domain (for example, `"google.com"`) of the G Suite customer that owns the organization. + * + */ + private String displayName; + /** + * @return The Organization's current lifecycle state. + * + */ + private String lifecycleState; + /** + * @return The resource name of the Organization in the form `organizations/{organization_id}`. + * + */ + private String name; + /** + * @return The Organization ID. + * + */ + private String orgId; + + private GetSOrganization() {} + /** + * @return The Google for Work customer ID of the Organization. + * + */ + public String directoryCustomerId() { + return this.directoryCustomerId; + } + /** + * @return A human-readable string that refers to the Organization in the Google Cloud console. The string will be set to the primary domain (for example, `"google.com"`) of the G Suite customer that owns the organization. + * + */ + public String displayName() { + return this.displayName; + } + /** + * @return The Organization's current lifecycle state. + * + */ + public String lifecycleState() { + return this.lifecycleState; + } + /** + * @return The resource name of the Organization in the form `organizations/{organization_id}`. + * + */ + public String name() { + return this.name; + } + /** + * @return The Organization ID. + * + */ + public String orgId() { + return this.orgId; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(GetSOrganization defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private String directoryCustomerId; + private String displayName; + private String lifecycleState; + private String name; + private String orgId; + public Builder() {} + public Builder(GetSOrganization defaults) { + Objects.requireNonNull(defaults); + this.directoryCustomerId = defaults.directoryCustomerId; + this.displayName = defaults.displayName; + this.lifecycleState = defaults.lifecycleState; + this.name = defaults.name; + this.orgId = defaults.orgId; + } + + @CustomType.Setter + public Builder directoryCustomerId(String directoryCustomerId) { + if (directoryCustomerId == null) { + throw new MissingRequiredPropertyException("GetSOrganization", "directoryCustomerId"); + } + this.directoryCustomerId = directoryCustomerId; + return this; + } + @CustomType.Setter + public Builder displayName(String displayName) { + if (displayName == null) { + throw new MissingRequiredPropertyException("GetSOrganization", "displayName"); + } + this.displayName = displayName; + return this; + } + @CustomType.Setter + public Builder lifecycleState(String lifecycleState) { + if (lifecycleState == null) { + throw new MissingRequiredPropertyException("GetSOrganization", "lifecycleState"); + } + this.lifecycleState = lifecycleState; + return this; + } + @CustomType.Setter + public Builder name(String name) { + if (name == null) { + throw new MissingRequiredPropertyException("GetSOrganization", "name"); + } + this.name = name; + return this; + } + @CustomType.Setter + public Builder orgId(String orgId) { + if (orgId == null) { + throw new MissingRequiredPropertyException("GetSOrganization", "orgId"); + } + this.orgId = orgId; + return this; + } + public GetSOrganization build() { + final var _resultValue = new GetSOrganization(); + _resultValue.directoryCustomerId = directoryCustomerId; + _resultValue.displayName = displayName; + _resultValue.lifecycleState = lifecycleState; + _resultValue.name = name; + _resultValue.orgId = orgId; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/organizations/outputs/GetSResult.java b/sdk/java/src/main/java/com/pulumi/gcp/organizations/outputs/GetSResult.java new file mode 100644 index 0000000000..fdc5a8b659 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/organizations/outputs/GetSResult.java @@ -0,0 +1,101 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.organizations.outputs; + +import com.pulumi.core.annotations.CustomType; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import com.pulumi.gcp.organizations.outputs.GetSOrganization; +import java.lang.String; +import java.util.List; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + +@CustomType +public final class GetSResult { + private @Nullable String filter; + /** + * @return The provider-assigned unique ID for this managed resource. + * + */ + private String id; + /** + * @return A list of all retrieved organizations. Structure is defined below. + * + */ + private List organizations; + + private GetSResult() {} + public Optional filter() { + return Optional.ofNullable(this.filter); + } + /** + * @return The provider-assigned unique ID for this managed resource. + * + */ + public String id() { + return this.id; + } + /** + * @return A list of all retrieved organizations. Structure is defined below. + * + */ + public List organizations() { + return this.organizations; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(GetSResult defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private @Nullable String filter; + private String id; + private List organizations; + public Builder() {} + public Builder(GetSResult defaults) { + Objects.requireNonNull(defaults); + this.filter = defaults.filter; + this.id = defaults.id; + this.organizations = defaults.organizations; + } + + @CustomType.Setter + public Builder filter(@Nullable String filter) { + + this.filter = filter; + return this; + } + @CustomType.Setter + public Builder id(String id) { + if (id == null) { + throw new MissingRequiredPropertyException("GetSResult", "id"); + } + this.id = id; + return this; + } + @CustomType.Setter + public Builder organizations(List organizations) { + if (organizations == null) { + throw new MissingRequiredPropertyException("GetSResult", "organizations"); + } + this.organizations = organizations; + return this; + } + public Builder organizations(GetSOrganization... organizations) { + return organizations(List.of(organizations)); + } + public GetSResult build() { + final var _resultValue = new GetSResult(); + _resultValue.filter = filter; + _resultValue.id = id; + _resultValue.organizations = organizations; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/parametermanager/ParameterVersion.java b/sdk/java/src/main/java/com/pulumi/gcp/parametermanager/ParameterVersion.java new file mode 100644 index 0000000000..b01272d418 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/parametermanager/ParameterVersion.java @@ -0,0 +1,292 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.parametermanager; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Export; +import com.pulumi.core.annotations.ResourceType; +import com.pulumi.core.internal.Codegen; +import com.pulumi.gcp.Utilities; +import com.pulumi.gcp.parametermanager.ParameterVersionArgs; +import com.pulumi.gcp.parametermanager.inputs.ParameterVersionState; +import java.lang.Boolean; +import java.lang.String; +import java.util.List; +import java.util.Optional; +import javax.annotation.Nullable; + +/** + * ## Example Usage + * + * ### Parameter Version Basic + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.parametermanager.Parameter;
+ * import com.pulumi.gcp.parametermanager.ParameterArgs;
+ * import com.pulumi.gcp.parametermanager.ParameterVersion;
+ * import com.pulumi.gcp.parametermanager.ParameterVersionArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App {
+ *     public static void main(String[] args) {
+ *         Pulumi.run(App::stack);
+ *     }
+ * 
+ *     public static void stack(Context ctx) {
+ *         var parameter_basic = new Parameter("parameter-basic", ParameterArgs.builder()
+ *             .parameterId("parameter")
+ *             .build());
+ * 
+ *         var parameter_version_basic = new ParameterVersion("parameter-version-basic", ParameterVersionArgs.builder()
+ *             .parameter(parameter_basic.id())
+ *             .parameterVersionId("parameter_version")
+ *             .parameterData("app-parameter-version-data")
+ *             .build());
+ * 
+ *     }
+ * }
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * ### Parameter Version With Json Format + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.parametermanager.Parameter;
+ * import com.pulumi.gcp.parametermanager.ParameterArgs;
+ * import com.pulumi.gcp.parametermanager.ParameterVersion;
+ * import com.pulumi.gcp.parametermanager.ParameterVersionArgs;
+ * import static com.pulumi.codegen.internal.Serialization.*;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App {
+ *     public static void main(String[] args) {
+ *         Pulumi.run(App::stack);
+ *     }
+ * 
+ *     public static void stack(Context ctx) {
+ *         var parameter_basic = new Parameter("parameter-basic", ParameterArgs.builder()
+ *             .parameterId("parameter")
+ *             .format("JSON")
+ *             .build());
+ * 
+ *         var parameter_version_with_json_format = new ParameterVersion("parameter-version-with-json-format", ParameterVersionArgs.builder()
+ *             .parameter(parameter_basic.id())
+ *             .parameterVersionId("parameter_version")
+ *             .parameterData(serializeJson(
+ *                 jsonObject(
+ *                     jsonProperty("key1", "val1"),
+ *                     jsonProperty("key2", "val2")
+ *                 )))
+ *             .build());
+ * 
+ *     }
+ * }
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * ## Import + * + * ParameterVersion can be imported using any of these accepted formats: + * + * * `projects/{{project}}/locations/global/parameters/{{parameter_id}}/versions/{{parameter_version_id}}` + * + * When using the `pulumi import` command, ParameterVersion can be imported using one of the formats above. For example: + * + * ```sh + * $ pulumi import gcp:parametermanager/parameterVersion:ParameterVersion default projects/{{project}}/locations/global/parameters/{{parameter_id}}/versions/{{parameter_version_id}} + * ``` + * + */ +@ResourceType(type="gcp:parametermanager/parameterVersion:ParameterVersion") +public class ParameterVersion extends com.pulumi.resources.CustomResource { + /** + * The time at which the Parameter Version was created. + * + */ + @Export(name="createTime", refs={String.class}, tree="[0]") + private Output createTime; + + /** + * @return The time at which the Parameter Version was created. + * + */ + public Output createTime() { + return this.createTime; + } + /** + * The current state of Parameter Version. This field is only applicable for updating Parameter Version. + * + */ + @Export(name="disabled", refs={Boolean.class}, tree="[0]") + private Output disabled; + + /** + * @return The current state of Parameter Version. This field is only applicable for updating Parameter Version. + * + */ + public Output> disabled() { + return Codegen.optional(this.disabled); + } + /** + * The resource name of the Parameter Version. Format: + * `projects/{{project}}/locations/global/parameters/{{parameter_id}}/versions/{{parameter_version_id}}` + * + */ + @Export(name="name", refs={String.class}, tree="[0]") + private Output name; + + /** + * @return The resource name of the Parameter Version. Format: + * `projects/{{project}}/locations/global/parameters/{{parameter_id}}/versions/{{parameter_version_id}}` + * + */ + public Output name() { + return this.name; + } + /** + * Parameter Manager Parameter resource. + * + */ + @Export(name="parameter", refs={String.class}, tree="[0]") + private Output parameter; + + /** + * @return Parameter Manager Parameter resource. + * + */ + public Output parameter() { + return this.parameter; + } + /** + * The Parameter data. + * **Note**: This property is sensitive and will not be displayed in the plan. + * + */ + @Export(name="parameterData", refs={String.class}, tree="[0]") + private Output parameterData; + + /** + * @return The Parameter data. + * **Note**: This property is sensitive and will not be displayed in the plan. + * + */ + public Output parameterData() { + return this.parameterData; + } + /** + * Version ID of the Parameter Version Resource. This must be unique within the Parameter. + * + * *** + * + */ + @Export(name="parameterVersionId", refs={String.class}, tree="[0]") + private Output parameterVersionId; + + /** + * @return Version ID of the Parameter Version Resource. This must be unique within the Parameter. + * + * *** + * + */ + public Output parameterVersionId() { + return this.parameterVersionId; + } + /** + * The time at which the Parameter Version was updated. + * + */ + @Export(name="updateTime", refs={String.class}, tree="[0]") + private Output updateTime; + + /** + * @return The time at which the Parameter Version was updated. + * + */ + public Output updateTime() { + return this.updateTime; + } + + /** + * + * @param name The _unique_ name of the resulting resource. + */ + public ParameterVersion(java.lang.String name) { + this(name, ParameterVersionArgs.Empty); + } + /** + * + * @param name The _unique_ name of the resulting resource. + * @param args The arguments to use to populate this resource's properties. + */ + public ParameterVersion(java.lang.String name, ParameterVersionArgs args) { + this(name, args, null); + } + /** + * + * @param name The _unique_ name of the resulting resource. + * @param args The arguments to use to populate this resource's properties. + * @param options A bag of options that control this resource's behavior. + */ + public ParameterVersion(java.lang.String name, ParameterVersionArgs args, @Nullable com.pulumi.resources.CustomResourceOptions options) { + super("gcp:parametermanager/parameterVersion:ParameterVersion", name, makeArgs(args, options), makeResourceOptions(options, Codegen.empty()), false); + } + + private ParameterVersion(java.lang.String name, Output id, @Nullable ParameterVersionState state, @Nullable com.pulumi.resources.CustomResourceOptions options) { + super("gcp:parametermanager/parameterVersion:ParameterVersion", name, state, makeResourceOptions(options, id), false); + } + + private static ParameterVersionArgs makeArgs(ParameterVersionArgs args, @Nullable com.pulumi.resources.CustomResourceOptions options) { + if (options != null && options.getUrn().isPresent()) { + return null; + } + return args == null ? ParameterVersionArgs.Empty : args; + } + + private static com.pulumi.resources.CustomResourceOptions makeResourceOptions(@Nullable com.pulumi.resources.CustomResourceOptions options, @Nullable Output id) { + var defaultOptions = com.pulumi.resources.CustomResourceOptions.builder() + .version(Utilities.getVersion()) + .additionalSecretOutputs(List.of( + "parameterData" + )) + .build(); + return com.pulumi.resources.CustomResourceOptions.merge(defaultOptions, options, id); + } + + /** + * Get an existing Host resource's state with the given name, ID, and optional extra + * properties used to qualify the lookup. + * + * @param name The _unique_ name of the resulting resource. + * @param id The _unique_ provider ID of the resource to lookup. + * @param state + * @param options Optional settings to control the behavior of the CustomResource. + */ + public static ParameterVersion get(java.lang.String name, Output id, @Nullable ParameterVersionState state, @Nullable com.pulumi.resources.CustomResourceOptions options) { + return new ParameterVersion(name, id, state, options); + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/parametermanager/ParameterVersionArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/parametermanager/ParameterVersionArgs.java new file mode 100644 index 0000000000..48c1c1b407 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/parametermanager/ParameterVersionArgs.java @@ -0,0 +1,217 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.parametermanager; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.Boolean; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class ParameterVersionArgs extends com.pulumi.resources.ResourceArgs { + + public static final ParameterVersionArgs Empty = new ParameterVersionArgs(); + + /** + * The current state of Parameter Version. This field is only applicable for updating Parameter Version. + * + */ + @Import(name="disabled") + private @Nullable Output disabled; + + /** + * @return The current state of Parameter Version. This field is only applicable for updating Parameter Version. + * + */ + public Optional> disabled() { + return Optional.ofNullable(this.disabled); + } + + /** + * Parameter Manager Parameter resource. + * + */ + @Import(name="parameter", required=true) + private Output parameter; + + /** + * @return Parameter Manager Parameter resource. + * + */ + public Output parameter() { + return this.parameter; + } + + /** + * The Parameter data. + * **Note**: This property is sensitive and will not be displayed in the plan. + * + */ + @Import(name="parameterData", required=true) + private Output parameterData; + + /** + * @return The Parameter data. + * **Note**: This property is sensitive and will not be displayed in the plan. + * + */ + public Output parameterData() { + return this.parameterData; + } + + /** + * Version ID of the Parameter Version Resource. This must be unique within the Parameter. + * + * *** + * + */ + @Import(name="parameterVersionId", required=true) + private Output parameterVersionId; + + /** + * @return Version ID of the Parameter Version Resource. This must be unique within the Parameter. + * + * *** + * + */ + public Output parameterVersionId() { + return this.parameterVersionId; + } + + private ParameterVersionArgs() {} + + private ParameterVersionArgs(ParameterVersionArgs $) { + this.disabled = $.disabled; + this.parameter = $.parameter; + this.parameterData = $.parameterData; + this.parameterVersionId = $.parameterVersionId; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(ParameterVersionArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private ParameterVersionArgs $; + + public Builder() { + $ = new ParameterVersionArgs(); + } + + public Builder(ParameterVersionArgs defaults) { + $ = new ParameterVersionArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param disabled The current state of Parameter Version. This field is only applicable for updating Parameter Version. + * + * @return builder + * + */ + public Builder disabled(@Nullable Output disabled) { + $.disabled = disabled; + return this; + } + + /** + * @param disabled The current state of Parameter Version. This field is only applicable for updating Parameter Version. + * + * @return builder + * + */ + public Builder disabled(Boolean disabled) { + return disabled(Output.of(disabled)); + } + + /** + * @param parameter Parameter Manager Parameter resource. + * + * @return builder + * + */ + public Builder parameter(Output parameter) { + $.parameter = parameter; + return this; + } + + /** + * @param parameter Parameter Manager Parameter resource. + * + * @return builder + * + */ + public Builder parameter(String parameter) { + return parameter(Output.of(parameter)); + } + + /** + * @param parameterData The Parameter data. + * **Note**: This property is sensitive and will not be displayed in the plan. + * + * @return builder + * + */ + public Builder parameterData(Output parameterData) { + $.parameterData = parameterData; + return this; + } + + /** + * @param parameterData The Parameter data. + * **Note**: This property is sensitive and will not be displayed in the plan. + * + * @return builder + * + */ + public Builder parameterData(String parameterData) { + return parameterData(Output.of(parameterData)); + } + + /** + * @param parameterVersionId Version ID of the Parameter Version Resource. This must be unique within the Parameter. + * + * *** + * + * @return builder + * + */ + public Builder parameterVersionId(Output parameterVersionId) { + $.parameterVersionId = parameterVersionId; + return this; + } + + /** + * @param parameterVersionId Version ID of the Parameter Version Resource. This must be unique within the Parameter. + * + * *** + * + * @return builder + * + */ + public Builder parameterVersionId(String parameterVersionId) { + return parameterVersionId(Output.of(parameterVersionId)); + } + + public ParameterVersionArgs build() { + if ($.parameter == null) { + throw new MissingRequiredPropertyException("ParameterVersionArgs", "parameter"); + } + if ($.parameterData == null) { + throw new MissingRequiredPropertyException("ParameterVersionArgs", "parameterData"); + } + if ($.parameterVersionId == null) { + throw new MissingRequiredPropertyException("ParameterVersionArgs", "parameterVersionId"); + } + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/parametermanager/ParametermanagerFunctions.java b/sdk/java/src/main/java/com/pulumi/gcp/parametermanager/ParametermanagerFunctions.java index 479ed7c5d0..283c5243f3 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/parametermanager/ParametermanagerFunctions.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/parametermanager/ParametermanagerFunctions.java @@ -9,12 +9,218 @@ import com.pulumi.deployment.InvokeOptions; import com.pulumi.deployment.InvokeOutputOptions; import com.pulumi.gcp.Utilities; +import com.pulumi.gcp.parametermanager.inputs.GetParameterArgs; +import com.pulumi.gcp.parametermanager.inputs.GetParameterPlainArgs; import com.pulumi.gcp.parametermanager.inputs.GetRegionalParameterArgs; import com.pulumi.gcp.parametermanager.inputs.GetRegionalParameterPlainArgs; +import com.pulumi.gcp.parametermanager.inputs.GetRegionalParametersArgs; +import com.pulumi.gcp.parametermanager.inputs.GetRegionalParametersPlainArgs; +import com.pulumi.gcp.parametermanager.outputs.GetParameterResult; import com.pulumi.gcp.parametermanager.outputs.GetRegionalParameterResult; +import com.pulumi.gcp.parametermanager.outputs.GetRegionalParametersResult; import java.util.concurrent.CompletableFuture; public final class ParametermanagerFunctions { + /** + * ## Example Usage + * + * <!--Start PulumiCodeChooser --> + * 
+     * {@code
+     * package generated_program;
+     * 
+     * import com.pulumi.Context;
+     * import com.pulumi.Pulumi;
+     * import com.pulumi.core.Output;
+     * import com.pulumi.gcp.parametermanager.ParametermanagerFunctions;
+     * import com.pulumi.gcp.parametermanager.inputs.GetParameterArgs;
+     * import java.util.List;
+     * import java.util.ArrayList;
+     * import java.util.Map;
+     * import java.io.File;
+     * import java.nio.file.Files;
+     * import java.nio.file.Paths;
+     * 
+     * public class App {
+     *     public static void main(String[] args) {
+     *         Pulumi.run(App::stack);
+     *     }
+     * 
+     *     public static void stack(Context ctx) {
+     *         final var parameterDatasource = ParametermanagerFunctions.getParameter(GetParameterArgs.builder()
+     *             .parameterId("foobar")
+     *             .build());
+     * 
+     *     }
+     * }
+     * }
+     *
+ * <!--End PulumiCodeChooser --> + * + */ + public static Output getParameter(GetParameterArgs args) { + return getParameter(args, InvokeOptions.Empty); + } + /** + * ## Example Usage + * + * <!--Start PulumiCodeChooser --> + * 
+     * {@code
+     * package generated_program;
+     * 
+     * import com.pulumi.Context;
+     * import com.pulumi.Pulumi;
+     * import com.pulumi.core.Output;
+     * import com.pulumi.gcp.parametermanager.ParametermanagerFunctions;
+     * import com.pulumi.gcp.parametermanager.inputs.GetParameterArgs;
+     * import java.util.List;
+     * import java.util.ArrayList;
+     * import java.util.Map;
+     * import java.io.File;
+     * import java.nio.file.Files;
+     * import java.nio.file.Paths;
+     * 
+     * public class App {
+     *     public static void main(String[] args) {
+     *         Pulumi.run(App::stack);
+     *     }
+     * 
+     *     public static void stack(Context ctx) {
+     *         final var parameterDatasource = ParametermanagerFunctions.getParameter(GetParameterArgs.builder()
+     *             .parameterId("foobar")
+     *             .build());
+     * 
+     *     }
+     * }
+     * }
+     *
+ * <!--End PulumiCodeChooser --> + * + */ + public static CompletableFuture getParameterPlain(GetParameterPlainArgs args) { + return getParameterPlain(args, InvokeOptions.Empty); + } + /** + * ## Example Usage + * + * <!--Start PulumiCodeChooser --> + * 
+     * {@code
+     * package generated_program;
+     * 
+     * import com.pulumi.Context;
+     * import com.pulumi.Pulumi;
+     * import com.pulumi.core.Output;
+     * import com.pulumi.gcp.parametermanager.ParametermanagerFunctions;
+     * import com.pulumi.gcp.parametermanager.inputs.GetParameterArgs;
+     * import java.util.List;
+     * import java.util.ArrayList;
+     * import java.util.Map;
+     * import java.io.File;
+     * import java.nio.file.Files;
+     * import java.nio.file.Paths;
+     * 
+     * public class App {
+     *     public static void main(String[] args) {
+     *         Pulumi.run(App::stack);
+     *     }
+     * 
+     *     public static void stack(Context ctx) {
+     *         final var parameterDatasource = ParametermanagerFunctions.getParameter(GetParameterArgs.builder()
+     *             .parameterId("foobar")
+     *             .build());
+     * 
+     *     }
+     * }
+     * }
+     *
+ * <!--End PulumiCodeChooser --> + * + */ + public static Output getParameter(GetParameterArgs args, InvokeOptions options) { + return Deployment.getInstance().invoke("gcp:parametermanager/getParameter:getParameter", TypeShape.of(GetParameterResult.class), args, Utilities.withVersion(options)); + } + /** + * ## Example Usage + * + * <!--Start PulumiCodeChooser --> + * 
+     * {@code
+     * package generated_program;
+     * 
+     * import com.pulumi.Context;
+     * import com.pulumi.Pulumi;
+     * import com.pulumi.core.Output;
+     * import com.pulumi.gcp.parametermanager.ParametermanagerFunctions;
+     * import com.pulumi.gcp.parametermanager.inputs.GetParameterArgs;
+     * import java.util.List;
+     * import java.util.ArrayList;
+     * import java.util.Map;
+     * import java.io.File;
+     * import java.nio.file.Files;
+     * import java.nio.file.Paths;
+     * 
+     * public class App {
+     *     public static void main(String[] args) {
+     *         Pulumi.run(App::stack);
+     *     }
+     * 
+     *     public static void stack(Context ctx) {
+     *         final var parameterDatasource = ParametermanagerFunctions.getParameter(GetParameterArgs.builder()
+     *             .parameterId("foobar")
+     *             .build());
+     * 
+     *     }
+     * }
+     * }
+     *
+ * <!--End PulumiCodeChooser --> + * + */ + public static Output getParameter(GetParameterArgs args, InvokeOutputOptions options) { + return Deployment.getInstance().invoke("gcp:parametermanager/getParameter:getParameter", TypeShape.of(GetParameterResult.class), args, Utilities.withVersion(options)); + } + /** + * ## Example Usage + * + * <!--Start PulumiCodeChooser --> + * 
+     * {@code
+     * package generated_program;
+     * 
+     * import com.pulumi.Context;
+     * import com.pulumi.Pulumi;
+     * import com.pulumi.core.Output;
+     * import com.pulumi.gcp.parametermanager.ParametermanagerFunctions;
+     * import com.pulumi.gcp.parametermanager.inputs.GetParameterArgs;
+     * import java.util.List;
+     * import java.util.ArrayList;
+     * import java.util.Map;
+     * import java.io.File;
+     * import java.nio.file.Files;
+     * import java.nio.file.Paths;
+     * 
+     * public class App {
+     *     public static void main(String[] args) {
+     *         Pulumi.run(App::stack);
+     *     }
+     * 
+     *     public static void stack(Context ctx) {
+     *         final var parameterDatasource = ParametermanagerFunctions.getParameter(GetParameterArgs.builder()
+     *             .parameterId("foobar")
+     *             .build());
+     * 
+     *     }
+     * }
+     * }
+     *
+ * <!--End PulumiCodeChooser --> + * + */ + public static CompletableFuture getParameterPlain(GetParameterPlainArgs args, InvokeOptions options) { + return Deployment.getInstance().invokeAsync("gcp:parametermanager/getParameter:getParameter", TypeShape.of(GetParameterResult.class), args, Utilities.withVersion(options)); + } /** * ## Example Usage * @@ -220,4 +426,204 @@ public static Output getRegionalParameter(GetRegiona public static CompletableFuture getRegionalParameterPlain(GetRegionalParameterPlainArgs args, InvokeOptions options) { return Deployment.getInstance().invokeAsync("gcp:parametermanager/getRegionalParameter:getRegionalParameter", TypeShape.of(GetRegionalParameterResult.class), args, Utilities.withVersion(options)); } + /** + * ## Example Usage + * + * <!--Start PulumiCodeChooser --> + * 
+     * {@code
+     * package generated_program;
+     * 
+     * import com.pulumi.Context;
+     * import com.pulumi.Pulumi;
+     * import com.pulumi.core.Output;
+     * import com.pulumi.gcp.parametermanager.ParametermanagerFunctions;
+     * import com.pulumi.gcp.parametermanager.inputs.GetRegionalParametersArgs;
+     * import java.util.List;
+     * import java.util.ArrayList;
+     * import java.util.Map;
+     * import java.io.File;
+     * import java.nio.file.Files;
+     * import java.nio.file.Paths;
+     * 
+     * public class App {
+     *     public static void main(String[] args) {
+     *         Pulumi.run(App::stack);
+     *     }
+     * 
+     *     public static void stack(Context ctx) {
+     *         final var regional-parameters = ParametermanagerFunctions.getRegionalParameters(GetRegionalParametersArgs.builder()
+     *             .location("us-central1")
+     *             .build());
+     * 
+     *     }
+     * }
+     * }
+     *
+ * <!--End PulumiCodeChooser --> + * + */ + public static Output getRegionalParameters(GetRegionalParametersArgs args) { + return getRegionalParameters(args, InvokeOptions.Empty); + } + /** + * ## Example Usage + * + * <!--Start PulumiCodeChooser --> + * 
+     * {@code
+     * package generated_program;
+     * 
+     * import com.pulumi.Context;
+     * import com.pulumi.Pulumi;
+     * import com.pulumi.core.Output;
+     * import com.pulumi.gcp.parametermanager.ParametermanagerFunctions;
+     * import com.pulumi.gcp.parametermanager.inputs.GetRegionalParametersArgs;
+     * import java.util.List;
+     * import java.util.ArrayList;
+     * import java.util.Map;
+     * import java.io.File;
+     * import java.nio.file.Files;
+     * import java.nio.file.Paths;
+     * 
+     * public class App {
+     *     public static void main(String[] args) {
+     *         Pulumi.run(App::stack);
+     *     }
+     * 
+     *     public static void stack(Context ctx) {
+     *         final var regional-parameters = ParametermanagerFunctions.getRegionalParameters(GetRegionalParametersArgs.builder()
+     *             .location("us-central1")
+     *             .build());
+     * 
+     *     }
+     * }
+     * }
+     *
+ * <!--End PulumiCodeChooser --> + * + */ + public static CompletableFuture getRegionalParametersPlain(GetRegionalParametersPlainArgs args) { + return getRegionalParametersPlain(args, InvokeOptions.Empty); + } + /** + * ## Example Usage + * + * <!--Start PulumiCodeChooser --> + * 
+     * {@code
+     * package generated_program;
+     * 
+     * import com.pulumi.Context;
+     * import com.pulumi.Pulumi;
+     * import com.pulumi.core.Output;
+     * import com.pulumi.gcp.parametermanager.ParametermanagerFunctions;
+     * import com.pulumi.gcp.parametermanager.inputs.GetRegionalParametersArgs;
+     * import java.util.List;
+     * import java.util.ArrayList;
+     * import java.util.Map;
+     * import java.io.File;
+     * import java.nio.file.Files;
+     * import java.nio.file.Paths;
+     * 
+     * public class App {
+     *     public static void main(String[] args) {
+     *         Pulumi.run(App::stack);
+     *     }
+     * 
+     *     public static void stack(Context ctx) {
+     *         final var regional-parameters = ParametermanagerFunctions.getRegionalParameters(GetRegionalParametersArgs.builder()
+     *             .location("us-central1")
+     *             .build());
+     * 
+     *     }
+     * }
+     * }
+     *
+ * <!--End PulumiCodeChooser --> + * + */ + public static Output getRegionalParameters(GetRegionalParametersArgs args, InvokeOptions options) { + return Deployment.getInstance().invoke("gcp:parametermanager/getRegionalParameters:getRegionalParameters", TypeShape.of(GetRegionalParametersResult.class), args, Utilities.withVersion(options)); + } + /** + * ## Example Usage + * + * <!--Start PulumiCodeChooser --> + * 
+     * {@code
+     * package generated_program;
+     * 
+     * import com.pulumi.Context;
+     * import com.pulumi.Pulumi;
+     * import com.pulumi.core.Output;
+     * import com.pulumi.gcp.parametermanager.ParametermanagerFunctions;
+     * import com.pulumi.gcp.parametermanager.inputs.GetRegionalParametersArgs;
+     * import java.util.List;
+     * import java.util.ArrayList;
+     * import java.util.Map;
+     * import java.io.File;
+     * import java.nio.file.Files;
+     * import java.nio.file.Paths;
+     * 
+     * public class App {
+     *     public static void main(String[] args) {
+     *         Pulumi.run(App::stack);
+     *     }
+     * 
+     *     public static void stack(Context ctx) {
+     *         final var regional-parameters = ParametermanagerFunctions.getRegionalParameters(GetRegionalParametersArgs.builder()
+     *             .location("us-central1")
+     *             .build());
+     * 
+     *     }
+     * }
+     * }
+     *
+ * <!--End PulumiCodeChooser --> + * + */ + public static Output getRegionalParameters(GetRegionalParametersArgs args, InvokeOutputOptions options) { + return Deployment.getInstance().invoke("gcp:parametermanager/getRegionalParameters:getRegionalParameters", TypeShape.of(GetRegionalParametersResult.class), args, Utilities.withVersion(options)); + } + /** + * ## Example Usage + * + * <!--Start PulumiCodeChooser --> + * 
+     * {@code
+     * package generated_program;
+     * 
+     * import com.pulumi.Context;
+     * import com.pulumi.Pulumi;
+     * import com.pulumi.core.Output;
+     * import com.pulumi.gcp.parametermanager.ParametermanagerFunctions;
+     * import com.pulumi.gcp.parametermanager.inputs.GetRegionalParametersArgs;
+     * import java.util.List;
+     * import java.util.ArrayList;
+     * import java.util.Map;
+     * import java.io.File;
+     * import java.nio.file.Files;
+     * import java.nio.file.Paths;
+     * 
+     * public class App {
+     *     public static void main(String[] args) {
+     *         Pulumi.run(App::stack);
+     *     }
+     * 
+     *     public static void stack(Context ctx) {
+     *         final var regional-parameters = ParametermanagerFunctions.getRegionalParameters(GetRegionalParametersArgs.builder()
+     *             .location("us-central1")
+     *             .build());
+     * 
+     *     }
+     * }
+     * }
+     *
+ * <!--End PulumiCodeChooser --> + * + */ + public static CompletableFuture getRegionalParametersPlain(GetRegionalParametersPlainArgs args, InvokeOptions options) { + return Deployment.getInstance().invokeAsync("gcp:parametermanager/getRegionalParameters:getRegionalParameters", TypeShape.of(GetRegionalParametersResult.class), args, Utilities.withVersion(options)); + } } diff --git a/sdk/java/src/main/java/com/pulumi/gcp/parametermanager/RegionalParameterVersion.java b/sdk/java/src/main/java/com/pulumi/gcp/parametermanager/RegionalParameterVersion.java index 44eba05fe2..a13071703f 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/parametermanager/RegionalParameterVersion.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/parametermanager/RegionalParameterVersion.java @@ -76,6 +76,7 @@ * import com.pulumi.gcp.parametermanager.RegionalParameterArgs; * import com.pulumi.gcp.parametermanager.RegionalParameterVersion; * import com.pulumi.gcp.parametermanager.RegionalParameterVersionArgs; + * import static com.pulumi.codegen.internal.Serialization.*; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -98,9 +99,11 @@ * var regional_parameter_version_with_json_format = new RegionalParameterVersion("regional-parameter-version-with-json-format", RegionalParameterVersionArgs.builder() * .parameter(regional_parameter_basic.id()) * .parameterVersionId("regional_parameter_version") - * .parameterData(StdFunctions.file(FileArgs.builder() - * .input("parameter_data_json_format.yaml") - * .build()).result()) + * .parameterData(serializeJson( + * jsonObject( + * jsonProperty("key1", "val1"), + * jsonProperty("key2", "val2") + * ))) * .build()); * * } @@ -108,53 +111,6 @@ * } * * <!--End PulumiCodeChooser --> - * ### Regional Parameter Version With Yaml Format - * - * <!--Start PulumiCodeChooser --> - * 
- * {@code
- * package generated_program;
- * 
- * import com.pulumi.Context;
- * import com.pulumi.Pulumi;
- * import com.pulumi.core.Output;
- * import com.pulumi.gcp.parametermanager.RegionalParameter;
- * import com.pulumi.gcp.parametermanager.RegionalParameterArgs;
- * import com.pulumi.gcp.parametermanager.RegionalParameterVersion;
- * import com.pulumi.gcp.parametermanager.RegionalParameterVersionArgs;
- * import java.util.List;
- * import java.util.ArrayList;
- * import java.util.Map;
- * import java.io.File;
- * import java.nio.file.Files;
- * import java.nio.file.Paths;
- * 
- * public class App {
- *     public static void main(String[] args) {
- *         Pulumi.run(App::stack);
- *     }
- * 
- *     public static void stack(Context ctx) {
- *         var regional_parameter_basic = new RegionalParameter("regional-parameter-basic", RegionalParameterArgs.builder()
- *             .parameterId("regional_parameter")
- *             .format("YAML")
- *             .location("us-central1")
- *             .build());
- * 
- *         var regional_parameter_version_with_yaml_format = new RegionalParameterVersion("regional-parameter-version-with-yaml-format", RegionalParameterVersionArgs.builder()
- *             .parameter(regional_parameter_basic.id())
- *             .parameterVersionId("regional_parameter_version")
- *             .parameterData(StdFunctions.file(FileArgs.builder()
- *                 .input("parameter_data_yaml_format.yaml")
- *                 .build()).result())
- *             .build());
- * 
- *     }
- * }
- * }
- *
- * <!--End PulumiCodeChooser --> - * * ## Import * * RegionalParameterVersion can be imported using any of these accepted formats: diff --git a/sdk/java/src/main/java/com/pulumi/gcp/parametermanager/inputs/GetParameterArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/parametermanager/inputs/GetParameterArgs.java new file mode 100644 index 0000000000..390777f501 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/parametermanager/inputs/GetParameterArgs.java @@ -0,0 +1,124 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.parametermanager.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class GetParameterArgs extends com.pulumi.resources.InvokeArgs { + + public static final GetParameterArgs Empty = new GetParameterArgs(); + + /** + * The name of the parameter. + * + */ + @Import(name="parameterId", required=true) + private Output parameterId; + + /** + * @return The name of the parameter. + * + */ + public Output parameterId() { + return this.parameterId; + } + + /** + * The ID of the project in which the resource belongs. + * + */ + @Import(name="project") + private @Nullable Output project; + + /** + * @return The ID of the project in which the resource belongs. + * + */ + public Optional> project() { + return Optional.ofNullable(this.project); + } + + private GetParameterArgs() {} + + private GetParameterArgs(GetParameterArgs $) { + this.parameterId = $.parameterId; + this.project = $.project; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(GetParameterArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private GetParameterArgs $; + + public Builder() { + $ = new GetParameterArgs(); + } + + public Builder(GetParameterArgs defaults) { + $ = new GetParameterArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param parameterId The name of the parameter. + * + * @return builder + * + */ + public Builder parameterId(Output parameterId) { + $.parameterId = parameterId; + return this; + } + + /** + * @param parameterId The name of the parameter. + * + * @return builder + * + */ + public Builder parameterId(String parameterId) { + return parameterId(Output.of(parameterId)); + } + + /** + * @param project The ID of the project in which the resource belongs. + * + * @return builder + * + */ + public Builder project(@Nullable Output project) { + $.project = project; + return this; + } + + /** + * @param project The ID of the project in which the resource belongs. + * + * @return builder + * + */ + public Builder project(String project) { + return project(Output.of(project)); + } + + public GetParameterArgs build() { + if ($.parameterId == null) { + throw new MissingRequiredPropertyException("GetParameterArgs", "parameterId"); + } + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/parametermanager/inputs/GetParameterPlainArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/parametermanager/inputs/GetParameterPlainArgs.java new file mode 100644 index 0000000000..904975c2d6 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/parametermanager/inputs/GetParameterPlainArgs.java @@ -0,0 +1,103 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.parametermanager.inputs; + +import com.pulumi.core.annotations.Import; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class GetParameterPlainArgs extends com.pulumi.resources.InvokeArgs { + + public static final GetParameterPlainArgs Empty = new GetParameterPlainArgs(); + + /** + * The name of the parameter. + * + */ + @Import(name="parameterId", required=true) + private String parameterId; + + /** + * @return The name of the parameter. + * + */ + public String parameterId() { + return this.parameterId; + } + + /** + * The ID of the project in which the resource belongs. + * + */ + @Import(name="project") + private @Nullable String project; + + /** + * @return The ID of the project in which the resource belongs. + * + */ + public Optional project() { + return Optional.ofNullable(this.project); + } + + private GetParameterPlainArgs() {} + + private GetParameterPlainArgs(GetParameterPlainArgs $) { + this.parameterId = $.parameterId; + this.project = $.project; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(GetParameterPlainArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private GetParameterPlainArgs $; + + public Builder() { + $ = new GetParameterPlainArgs(); + } + + public Builder(GetParameterPlainArgs defaults) { + $ = new GetParameterPlainArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param parameterId The name of the parameter. + * + * @return builder + * + */ + public Builder parameterId(String parameterId) { + $.parameterId = parameterId; + return this; + } + + /** + * @param project The ID of the project in which the resource belongs. + * + * @return builder + * + */ + public Builder project(@Nullable String project) { + $.project = project; + return this; + } + + public GetParameterPlainArgs build() { + if ($.parameterId == null) { + throw new MissingRequiredPropertyException("GetParameterPlainArgs", "parameterId"); + } + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/parametermanager/inputs/GetRegionalParametersArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/parametermanager/inputs/GetRegionalParametersArgs.java new file mode 100644 index 0000000000..e33138377d --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/parametermanager/inputs/GetRegionalParametersArgs.java @@ -0,0 +1,161 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.parametermanager.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class GetRegionalParametersArgs extends com.pulumi.resources.InvokeArgs { + + public static final GetRegionalParametersArgs Empty = new GetRegionalParametersArgs(); + + /** + * Filter string, adhering to the rules in List-operation filtering. List only parameters matching the filter. If filter is empty, all regional parameters are listed. + * + */ + @Import(name="filter") + private @Nullable Output filter; + + /** + * @return Filter string, adhering to the rules in List-operation filtering. List only parameters matching the filter. If filter is empty, all regional parameters are listed. + * + */ + public Optional> filter() { + return Optional.ofNullable(this.filter); + } + + /** + * The location of regional parameter. + * + */ + @Import(name="location", required=true) + private Output location; + + /** + * @return The location of regional parameter. + * + */ + public Output location() { + return this.location; + } + + /** + * The ID of the project. + * + */ + @Import(name="project") + private @Nullable Output project; + + /** + * @return The ID of the project. + * + */ + public Optional> project() { + return Optional.ofNullable(this.project); + } + + private GetRegionalParametersArgs() {} + + private GetRegionalParametersArgs(GetRegionalParametersArgs $) { + this.filter = $.filter; + this.location = $.location; + this.project = $.project; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(GetRegionalParametersArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private GetRegionalParametersArgs $; + + public Builder() { + $ = new GetRegionalParametersArgs(); + } + + public Builder(GetRegionalParametersArgs defaults) { + $ = new GetRegionalParametersArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param filter Filter string, adhering to the rules in List-operation filtering. List only parameters matching the filter. If filter is empty, all regional parameters are listed. + * + * @return builder + * + */ + public Builder filter(@Nullable Output filter) { + $.filter = filter; + return this; + } + + /** + * @param filter Filter string, adhering to the rules in List-operation filtering. List only parameters matching the filter. If filter is empty, all regional parameters are listed. + * + * @return builder + * + */ + public Builder filter(String filter) { + return filter(Output.of(filter)); + } + + /** + * @param location The location of regional parameter. + * + * @return builder + * + */ + public Builder location(Output location) { + $.location = location; + return this; + } + + /** + * @param location The location of regional parameter. + * + * @return builder + * + */ + public Builder location(String location) { + return location(Output.of(location)); + } + + /** + * @param project The ID of the project. + * + * @return builder + * + */ + public Builder project(@Nullable Output project) { + $.project = project; + return this; + } + + /** + * @param project The ID of the project. + * + * @return builder + * + */ + public Builder project(String project) { + return project(Output.of(project)); + } + + public GetRegionalParametersArgs build() { + if ($.location == null) { + throw new MissingRequiredPropertyException("GetRegionalParametersArgs", "location"); + } + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/parametermanager/inputs/GetRegionalParametersPlainArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/parametermanager/inputs/GetRegionalParametersPlainArgs.java new file mode 100644 index 0000000000..ab8b48d509 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/parametermanager/inputs/GetRegionalParametersPlainArgs.java @@ -0,0 +1,130 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.parametermanager.inputs; + +import com.pulumi.core.annotations.Import; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class GetRegionalParametersPlainArgs extends com.pulumi.resources.InvokeArgs { + + public static final GetRegionalParametersPlainArgs Empty = new GetRegionalParametersPlainArgs(); + + /** + * Filter string, adhering to the rules in List-operation filtering. List only parameters matching the filter. If filter is empty, all regional parameters are listed. + * + */ + @Import(name="filter") + private @Nullable String filter; + + /** + * @return Filter string, adhering to the rules in List-operation filtering. List only parameters matching the filter. If filter is empty, all regional parameters are listed. + * + */ + public Optional filter() { + return Optional.ofNullable(this.filter); + } + + /** + * The location of regional parameter. + * + */ + @Import(name="location", required=true) + private String location; + + /** + * @return The location of regional parameter. + * + */ + public String location() { + return this.location; + } + + /** + * The ID of the project. + * + */ + @Import(name="project") + private @Nullable String project; + + /** + * @return The ID of the project. + * + */ + public Optional project() { + return Optional.ofNullable(this.project); + } + + private GetRegionalParametersPlainArgs() {} + + private GetRegionalParametersPlainArgs(GetRegionalParametersPlainArgs $) { + this.filter = $.filter; + this.location = $.location; + this.project = $.project; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(GetRegionalParametersPlainArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private GetRegionalParametersPlainArgs $; + + public Builder() { + $ = new GetRegionalParametersPlainArgs(); + } + + public Builder(GetRegionalParametersPlainArgs defaults) { + $ = new GetRegionalParametersPlainArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param filter Filter string, adhering to the rules in List-operation filtering. List only parameters matching the filter. If filter is empty, all regional parameters are listed. + * + * @return builder + * + */ + public Builder filter(@Nullable String filter) { + $.filter = filter; + return this; + } + + /** + * @param location The location of regional parameter. + * + * @return builder + * + */ + public Builder location(String location) { + $.location = location; + return this; + } + + /** + * @param project The ID of the project. + * + * @return builder + * + */ + public Builder project(@Nullable String project) { + $.project = project; + return this; + } + + public GetRegionalParametersPlainArgs build() { + if ($.location == null) { + throw new MissingRequiredPropertyException("GetRegionalParametersPlainArgs", "location"); + } + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/parametermanager/inputs/ParameterVersionState.java b/sdk/java/src/main/java/com/pulumi/gcp/parametermanager/inputs/ParameterVersionState.java new file mode 100644 index 0000000000..186c43d0e5 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/parametermanager/inputs/ParameterVersionState.java @@ -0,0 +1,322 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.parametermanager.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import java.lang.Boolean; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class ParameterVersionState extends com.pulumi.resources.ResourceArgs { + + public static final ParameterVersionState Empty = new ParameterVersionState(); + + /** + * The time at which the Parameter Version was created. + * + */ + @Import(name="createTime") + private @Nullable Output createTime; + + /** + * @return The time at which the Parameter Version was created. + * + */ + public Optional> createTime() { + return Optional.ofNullable(this.createTime); + } + + /** + * The current state of Parameter Version. This field is only applicable for updating Parameter Version. + * + */ + @Import(name="disabled") + private @Nullable Output disabled; + + /** + * @return The current state of Parameter Version. This field is only applicable for updating Parameter Version. + * + */ + public Optional> disabled() { + return Optional.ofNullable(this.disabled); + } + + /** + * The resource name of the Parameter Version. Format: + * `projects/{{project}}/locations/global/parameters/{{parameter_id}}/versions/{{parameter_version_id}}` + * + */ + @Import(name="name") + private @Nullable Output name; + + /** + * @return The resource name of the Parameter Version. Format: + * `projects/{{project}}/locations/global/parameters/{{parameter_id}}/versions/{{parameter_version_id}}` + * + */ + public Optional> name() { + return Optional.ofNullable(this.name); + } + + /** + * Parameter Manager Parameter resource. + * + */ + @Import(name="parameter") + private @Nullable Output parameter; + + /** + * @return Parameter Manager Parameter resource. + * + */ + public Optional> parameter() { + return Optional.ofNullable(this.parameter); + } + + /** + * The Parameter data. + * **Note**: This property is sensitive and will not be displayed in the plan. + * + */ + @Import(name="parameterData") + private @Nullable Output parameterData; + + /** + * @return The Parameter data. + * **Note**: This property is sensitive and will not be displayed in the plan. + * + */ + public Optional> parameterData() { + return Optional.ofNullable(this.parameterData); + } + + /** + * Version ID of the Parameter Version Resource. This must be unique within the Parameter. + * + * *** + * + */ + @Import(name="parameterVersionId") + private @Nullable Output parameterVersionId; + + /** + * @return Version ID of the Parameter Version Resource. This must be unique within the Parameter. + * + * *** + * + */ + public Optional> parameterVersionId() { + return Optional.ofNullable(this.parameterVersionId); + } + + /** + * The time at which the Parameter Version was updated. + * + */ + @Import(name="updateTime") + private @Nullable Output updateTime; + + /** + * @return The time at which the Parameter Version was updated. + * + */ + public Optional> updateTime() { + return Optional.ofNullable(this.updateTime); + } + + private ParameterVersionState() {} + + private ParameterVersionState(ParameterVersionState $) { + this.createTime = $.createTime; + this.disabled = $.disabled; + this.name = $.name; + this.parameter = $.parameter; + this.parameterData = $.parameterData; + this.parameterVersionId = $.parameterVersionId; + this.updateTime = $.updateTime; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(ParameterVersionState defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private ParameterVersionState $; + + public Builder() { + $ = new ParameterVersionState(); + } + + public Builder(ParameterVersionState defaults) { + $ = new ParameterVersionState(Objects.requireNonNull(defaults)); + } + + /** + * @param createTime The time at which the Parameter Version was created. + * + * @return builder + * + */ + public Builder createTime(@Nullable Output createTime) { + $.createTime = createTime; + return this; + } + + /** + * @param createTime The time at which the Parameter Version was created. + * + * @return builder + * + */ + public Builder createTime(String createTime) { + return createTime(Output.of(createTime)); + } + + /** + * @param disabled The current state of Parameter Version. This field is only applicable for updating Parameter Version. + * + * @return builder + * + */ + public Builder disabled(@Nullable Output disabled) { + $.disabled = disabled; + return this; + } + + /** + * @param disabled The current state of Parameter Version. This field is only applicable for updating Parameter Version. + * + * @return builder + * + */ + public Builder disabled(Boolean disabled) { + return disabled(Output.of(disabled)); + } + + /** + * @param name The resource name of the Parameter Version. Format: + * `projects/{{project}}/locations/global/parameters/{{parameter_id}}/versions/{{parameter_version_id}}` + * + * @return builder + * + */ + public Builder name(@Nullable Output name) { + $.name = name; + return this; + } + + /** + * @param name The resource name of the Parameter Version. Format: + * `projects/{{project}}/locations/global/parameters/{{parameter_id}}/versions/{{parameter_version_id}}` + * + * @return builder + * + */ + public Builder name(String name) { + return name(Output.of(name)); + } + + /** + * @param parameter Parameter Manager Parameter resource. + * + * @return builder + * + */ + public Builder parameter(@Nullable Output parameter) { + $.parameter = parameter; + return this; + } + + /** + * @param parameter Parameter Manager Parameter resource. + * + * @return builder + * + */ + public Builder parameter(String parameter) { + return parameter(Output.of(parameter)); + } + + /** + * @param parameterData The Parameter data. + * **Note**: This property is sensitive and will not be displayed in the plan. + * + * @return builder + * + */ + public Builder parameterData(@Nullable Output parameterData) { + $.parameterData = parameterData; + return this; + } + + /** + * @param parameterData The Parameter data. + * **Note**: This property is sensitive and will not be displayed in the plan. + * + * @return builder + * + */ + public Builder parameterData(String parameterData) { + return parameterData(Output.of(parameterData)); + } + + /** + * @param parameterVersionId Version ID of the Parameter Version Resource. This must be unique within the Parameter. + * + * *** + * + * @return builder + * + */ + public Builder parameterVersionId(@Nullable Output parameterVersionId) { + $.parameterVersionId = parameterVersionId; + return this; + } + + /** + * @param parameterVersionId Version ID of the Parameter Version Resource. This must be unique within the Parameter. + * + * *** + * + * @return builder + * + */ + public Builder parameterVersionId(String parameterVersionId) { + return parameterVersionId(Output.of(parameterVersionId)); + } + + /** + * @param updateTime The time at which the Parameter Version was updated. + * + * @return builder + * + */ + public Builder updateTime(@Nullable Output updateTime) { + $.updateTime = updateTime; + return this; + } + + /** + * @param updateTime The time at which the Parameter Version was updated. + * + * @return builder + * + */ + public Builder updateTime(String updateTime) { + return updateTime(Output.of(updateTime)); + } + + public ParameterVersionState build() { + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/parametermanager/outputs/GetParameterPolicyMember.java b/sdk/java/src/main/java/com/pulumi/gcp/parametermanager/outputs/GetParameterPolicyMember.java new file mode 100644 index 0000000000..6d2b7827c7 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/parametermanager/outputs/GetParameterPolicyMember.java @@ -0,0 +1,93 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.parametermanager.outputs; + +import com.pulumi.core.annotations.CustomType; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.Objects; + +@CustomType +public final class GetParameterPolicyMember { + /** + * @return IAM policy binding member referring to a Google Cloud resource by user-assigned name. If a + * resource is deleted and recreated with the same name, the binding will be applicable to the + * new resource. Format: + * 'principal://parametermanager.googleapis.com/projects/{{project}}/name/locations/global/parameters/{{parameter_id}}' + * + */ + private String iamPolicyNamePrincipal; + /** + * @return IAM policy binding member referring to a Google Cloud resource by system-assigned unique identifier. + * If a resource is deleted and recreated with the same name, the binding will not be applicable to the + * new resource. Format: + * 'principal://parametermanager.googleapis.com/projects/{{project}}/uid/locations/global/parameters/{{uid}}' + * + */ + private String iamPolicyUidPrincipal; + + private GetParameterPolicyMember() {} + /** + * @return IAM policy binding member referring to a Google Cloud resource by user-assigned name. If a + * resource is deleted and recreated with the same name, the binding will be applicable to the + * new resource. Format: + * 'principal://parametermanager.googleapis.com/projects/{{project}}/name/locations/global/parameters/{{parameter_id}}' + * + */ + public String iamPolicyNamePrincipal() { + return this.iamPolicyNamePrincipal; + } + /** + * @return IAM policy binding member referring to a Google Cloud resource by system-assigned unique identifier. + * If a resource is deleted and recreated with the same name, the binding will not be applicable to the + * new resource. Format: + * 'principal://parametermanager.googleapis.com/projects/{{project}}/uid/locations/global/parameters/{{uid}}' + * + */ + public String iamPolicyUidPrincipal() { + return this.iamPolicyUidPrincipal; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(GetParameterPolicyMember defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private String iamPolicyNamePrincipal; + private String iamPolicyUidPrincipal; + public Builder() {} + public Builder(GetParameterPolicyMember defaults) { + Objects.requireNonNull(defaults); + this.iamPolicyNamePrincipal = defaults.iamPolicyNamePrincipal; + this.iamPolicyUidPrincipal = defaults.iamPolicyUidPrincipal; + } + + @CustomType.Setter + public Builder iamPolicyNamePrincipal(String iamPolicyNamePrincipal) { + if (iamPolicyNamePrincipal == null) { + throw new MissingRequiredPropertyException("GetParameterPolicyMember", "iamPolicyNamePrincipal"); + } + this.iamPolicyNamePrincipal = iamPolicyNamePrincipal; + return this; + } + @CustomType.Setter + public Builder iamPolicyUidPrincipal(String iamPolicyUidPrincipal) { + if (iamPolicyUidPrincipal == null) { + throw new MissingRequiredPropertyException("GetParameterPolicyMember", "iamPolicyUidPrincipal"); + } + this.iamPolicyUidPrincipal = iamPolicyUidPrincipal; + return this; + } + public GetParameterPolicyMember build() { + final var _resultValue = new GetParameterPolicyMember(); + _resultValue.iamPolicyNamePrincipal = iamPolicyNamePrincipal; + _resultValue.iamPolicyUidPrincipal = iamPolicyUidPrincipal; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/parametermanager/outputs/GetParameterResult.java b/sdk/java/src/main/java/com/pulumi/gcp/parametermanager/outputs/GetParameterResult.java new file mode 100644 index 0000000000..8f870f67d2 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/parametermanager/outputs/GetParameterResult.java @@ -0,0 +1,214 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.parametermanager.outputs; + +import com.pulumi.core.annotations.CustomType; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import com.pulumi.gcp.parametermanager.outputs.GetParameterPolicyMember; +import java.lang.String; +import java.util.List; +import java.util.Map; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + +@CustomType +public final class GetParameterResult { + private String createTime; + private Map effectiveLabels; + private String format; + /** + * @return The provider-assigned unique ID for this managed resource. + * + */ + private String id; + private Map labels; + private String name; + private String parameterId; + private List policyMembers; + private @Nullable String project; + private Map pulumiLabels; + private String updateTime; + + private GetParameterResult() {} + public String createTime() { + return this.createTime; + } + public Map effectiveLabels() { + return this.effectiveLabels; + } + public String format() { + return this.format; + } + /** + * @return The provider-assigned unique ID for this managed resource. + * + */ + public String id() { + return this.id; + } + public Map labels() { + return this.labels; + } + public String name() { + return this.name; + } + public String parameterId() { + return this.parameterId; + } + public List policyMembers() { + return this.policyMembers; + } + public Optional project() { + return Optional.ofNullable(this.project); + } + public Map pulumiLabels() { + return this.pulumiLabels; + } + public String updateTime() { + return this.updateTime; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(GetParameterResult defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private String createTime; + private Map effectiveLabels; + private String format; + private String id; + private Map labels; + private String name; + private String parameterId; + private List policyMembers; + private @Nullable String project; + private Map pulumiLabels; + private String updateTime; + public Builder() {} + public Builder(GetParameterResult defaults) { + Objects.requireNonNull(defaults); + this.createTime = defaults.createTime; + this.effectiveLabels = defaults.effectiveLabels; + this.format = defaults.format; + this.id = defaults.id; + this.labels = defaults.labels; + this.name = defaults.name; + this.parameterId = defaults.parameterId; + this.policyMembers = defaults.policyMembers; + this.project = defaults.project; + this.pulumiLabels = defaults.pulumiLabels; + this.updateTime = defaults.updateTime; + } + + @CustomType.Setter + public Builder createTime(String createTime) { + if (createTime == null) { + throw new MissingRequiredPropertyException("GetParameterResult", "createTime"); + } + this.createTime = createTime; + return this; + } + @CustomType.Setter + public Builder effectiveLabels(Map effectiveLabels) { + if (effectiveLabels == null) { + throw new MissingRequiredPropertyException("GetParameterResult", "effectiveLabels"); + } + this.effectiveLabels = effectiveLabels; + return this; + } + @CustomType.Setter + public Builder format(String format) { + if (format == null) { + throw new MissingRequiredPropertyException("GetParameterResult", "format"); + } + this.format = format; + return this; + } + @CustomType.Setter + public Builder id(String id) { + if (id == null) { + throw new MissingRequiredPropertyException("GetParameterResult", "id"); + } + this.id = id; + return this; + } + @CustomType.Setter + public Builder labels(Map labels) { + if (labels == null) { + throw new MissingRequiredPropertyException("GetParameterResult", "labels"); + } + this.labels = labels; + return this; + } + @CustomType.Setter + public Builder name(String name) { + if (name == null) { + throw new MissingRequiredPropertyException("GetParameterResult", "name"); + } + this.name = name; + return this; + } + @CustomType.Setter + public Builder parameterId(String parameterId) { + if (parameterId == null) { + throw new MissingRequiredPropertyException("GetParameterResult", "parameterId"); + } + this.parameterId = parameterId; + return this; + } + @CustomType.Setter + public Builder policyMembers(List policyMembers) { + if (policyMembers == null) { + throw new MissingRequiredPropertyException("GetParameterResult", "policyMembers"); + } + this.policyMembers = policyMembers; + return this; + } + public Builder policyMembers(GetParameterPolicyMember... policyMembers) { + return policyMembers(List.of(policyMembers)); + } + @CustomType.Setter + public Builder project(@Nullable String project) { + + this.project = project; + return this; + } + @CustomType.Setter + public Builder pulumiLabels(Map pulumiLabels) { + if (pulumiLabels == null) { + throw new MissingRequiredPropertyException("GetParameterResult", "pulumiLabels"); + } + this.pulumiLabels = pulumiLabels; + return this; + } + @CustomType.Setter + public Builder updateTime(String updateTime) { + if (updateTime == null) { + throw new MissingRequiredPropertyException("GetParameterResult", "updateTime"); + } + this.updateTime = updateTime; + return this; + } + public GetParameterResult build() { + final var _resultValue = new GetParameterResult(); + _resultValue.createTime = createTime; + _resultValue.effectiveLabels = effectiveLabels; + _resultValue.format = format; + _resultValue.id = id; + _resultValue.labels = labels; + _resultValue.name = name; + _resultValue.parameterId = parameterId; + _resultValue.policyMembers = policyMembers; + _resultValue.project = project; + _resultValue.pulumiLabels = pulumiLabels; + _resultValue.updateTime = updateTime; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/parametermanager/outputs/GetRegionalParametersParameter.java b/sdk/java/src/main/java/com/pulumi/gcp/parametermanager/outputs/GetRegionalParametersParameter.java new file mode 100644 index 0000000000..d150aaa8da --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/parametermanager/outputs/GetRegionalParametersParameter.java @@ -0,0 +1,288 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.parametermanager.outputs; + +import com.pulumi.core.annotations.CustomType; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import com.pulumi.gcp.parametermanager.outputs.GetRegionalParametersParameterPolicyMember; +import java.lang.String; +import java.util.List; +import java.util.Map; +import java.util.Objects; + +@CustomType +public final class GetRegionalParametersParameter { + /** + * @return The time at which the regional parameter was created. + * + */ + private String createTime; + private Map effectiveLabels; + /** + * @return The format type of the regional parameter. + * + */ + private String format; + /** + * @return The labels assigned to the regional parameter. + * + */ + private Map labels; + /** + * @return The location of regional parameter. + * + */ + private String location; + /** + * @return The resource name of the regional parameter. Format: `projects/{{project}}/locations/{{location}}/parameters/{{parameter_id}}` + * + */ + private String name; + /** + * @return The unique name of the resource. + * + */ + private String parameterId; + /** + * @return An object containing a unique resource identity tied to the regional parameter. Structure is documented below. + * + */ + private List policyMembers; + /** + * @return The ID of the project. + * + */ + private String project; + /** + * @return The combination of labels configured directly on the resource + * and default labels configured on the provider. + * + */ + private Map pulumiLabels; + /** + * @return The time at which the regional parameter was updated. + * + */ + private String updateTime; + + private GetRegionalParametersParameter() {} + /** + * @return The time at which the regional parameter was created. + * + */ + public String createTime() { + return this.createTime; + } + public Map effectiveLabels() { + return this.effectiveLabels; + } + /** + * @return The format type of the regional parameter. + * + */ + public String format() { + return this.format; + } + /** + * @return The labels assigned to the regional parameter. + * + */ + public Map labels() { + return this.labels; + } + /** + * @return The location of regional parameter. + * + */ + public String location() { + return this.location; + } + /** + * @return The resource name of the regional parameter. Format: `projects/{{project}}/locations/{{location}}/parameters/{{parameter_id}}` + * + */ + public String name() { + return this.name; + } + /** + * @return The unique name of the resource. + * + */ + public String parameterId() { + return this.parameterId; + } + /** + * @return An object containing a unique resource identity tied to the regional parameter. Structure is documented below. + * + */ + public List policyMembers() { + return this.policyMembers; + } + /** + * @return The ID of the project. + * + */ + public String project() { + return this.project; + } + /** + * @return The combination of labels configured directly on the resource + * and default labels configured on the provider. + * + */ + public Map pulumiLabels() { + return this.pulumiLabels; + } + /** + * @return The time at which the regional parameter was updated. + * + */ + public String updateTime() { + return this.updateTime; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(GetRegionalParametersParameter defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private String createTime; + private Map effectiveLabels; + private String format; + private Map labels; + private String location; + private String name; + private String parameterId; + private List policyMembers; + private String project; + private Map pulumiLabels; + private String updateTime; + public Builder() {} + public Builder(GetRegionalParametersParameter defaults) { + Objects.requireNonNull(defaults); + this.createTime = defaults.createTime; + this.effectiveLabels = defaults.effectiveLabels; + this.format = defaults.format; + this.labels = defaults.labels; + this.location = defaults.location; + this.name = defaults.name; + this.parameterId = defaults.parameterId; + this.policyMembers = defaults.policyMembers; + this.project = defaults.project; + this.pulumiLabels = defaults.pulumiLabels; + this.updateTime = defaults.updateTime; + } + + @CustomType.Setter + public Builder createTime(String createTime) { + if (createTime == null) { + throw new MissingRequiredPropertyException("GetRegionalParametersParameter", "createTime"); + } + this.createTime = createTime; + return this; + } + @CustomType.Setter + public Builder effectiveLabels(Map effectiveLabels) { + if (effectiveLabels == null) { + throw new MissingRequiredPropertyException("GetRegionalParametersParameter", "effectiveLabels"); + } + this.effectiveLabels = effectiveLabels; + return this; + } + @CustomType.Setter + public Builder format(String format) { + if (format == null) { + throw new MissingRequiredPropertyException("GetRegionalParametersParameter", "format"); + } + this.format = format; + return this; + } + @CustomType.Setter + public Builder labels(Map labels) { + if (labels == null) { + throw new MissingRequiredPropertyException("GetRegionalParametersParameter", "labels"); + } + this.labels = labels; + return this; + } + @CustomType.Setter + public Builder location(String location) { + if (location == null) { + throw new MissingRequiredPropertyException("GetRegionalParametersParameter", "location"); + } + this.location = location; + return this; + } + @CustomType.Setter + public Builder name(String name) { + if (name == null) { + throw new MissingRequiredPropertyException("GetRegionalParametersParameter", "name"); + } + this.name = name; + return this; + } + @CustomType.Setter + public Builder parameterId(String parameterId) { + if (parameterId == null) { + throw new MissingRequiredPropertyException("GetRegionalParametersParameter", "parameterId"); + } + this.parameterId = parameterId; + return this; + } + @CustomType.Setter + public Builder policyMembers(List policyMembers) { + if (policyMembers == null) { + throw new MissingRequiredPropertyException("GetRegionalParametersParameter", "policyMembers"); + } + this.policyMembers = policyMembers; + return this; + } + public Builder policyMembers(GetRegionalParametersParameterPolicyMember... policyMembers) { + return policyMembers(List.of(policyMembers)); + } + @CustomType.Setter + public Builder project(String project) { + if (project == null) { + throw new MissingRequiredPropertyException("GetRegionalParametersParameter", "project"); + } + this.project = project; + return this; + } + @CustomType.Setter + public Builder pulumiLabels(Map pulumiLabels) { + if (pulumiLabels == null) { + throw new MissingRequiredPropertyException("GetRegionalParametersParameter", "pulumiLabels"); + } + this.pulumiLabels = pulumiLabels; + return this; + } + @CustomType.Setter + public Builder updateTime(String updateTime) { + if (updateTime == null) { + throw new MissingRequiredPropertyException("GetRegionalParametersParameter", "updateTime"); + } + this.updateTime = updateTime; + return this; + } + public GetRegionalParametersParameter build() { + final var _resultValue = new GetRegionalParametersParameter(); + _resultValue.createTime = createTime; + _resultValue.effectiveLabels = effectiveLabels; + _resultValue.format = format; + _resultValue.labels = labels; + _resultValue.location = location; + _resultValue.name = name; + _resultValue.parameterId = parameterId; + _resultValue.policyMembers = policyMembers; + _resultValue.project = project; + _resultValue.pulumiLabels = pulumiLabels; + _resultValue.updateTime = updateTime; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/parametermanager/outputs/GetRegionalParametersParameterPolicyMember.java b/sdk/java/src/main/java/com/pulumi/gcp/parametermanager/outputs/GetRegionalParametersParameterPolicyMember.java new file mode 100644 index 0000000000..0291288830 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/parametermanager/outputs/GetRegionalParametersParameterPolicyMember.java @@ -0,0 +1,91 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.parametermanager.outputs; + +import com.pulumi.core.annotations.CustomType; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.Objects; + +@CustomType +public final class GetRegionalParametersParameterPolicyMember { + /** + * @return AM policy binding member referring to a Google Cloud resource by user-assigned name. If a resource is deleted and recreated with the same name, the binding will be applicable to the + * new resource. Format: + * `principal://parametermanager.googleapis.com/projects/{{project}}/name/locations/{{location}}/parameters/{{parameter_id}}` + * + */ + private String iamPolicyNamePrincipal; + /** + * @return IAM policy binding member referring to a Google Cloud resource by system-assigned unique identifier. + * If a resource is deleted and recreated with the same name, the binding will not be applicable to the + * new resource. Format: + * `principal://parametermanager.googleapis.com/projects/{{project}}/uid/locations/{{location}}/parameters/{{uid}}` + * + */ + private String iamPolicyUidPrincipal; + + private GetRegionalParametersParameterPolicyMember() {} + /** + * @return AM policy binding member referring to a Google Cloud resource by user-assigned name. If a resource is deleted and recreated with the same name, the binding will be applicable to the + * new resource. Format: + * `principal://parametermanager.googleapis.com/projects/{{project}}/name/locations/{{location}}/parameters/{{parameter_id}}` + * + */ + public String iamPolicyNamePrincipal() { + return this.iamPolicyNamePrincipal; + } + /** + * @return IAM policy binding member referring to a Google Cloud resource by system-assigned unique identifier. + * If a resource is deleted and recreated with the same name, the binding will not be applicable to the + * new resource. Format: + * `principal://parametermanager.googleapis.com/projects/{{project}}/uid/locations/{{location}}/parameters/{{uid}}` + * + */ + public String iamPolicyUidPrincipal() { + return this.iamPolicyUidPrincipal; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(GetRegionalParametersParameterPolicyMember defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private String iamPolicyNamePrincipal; + private String iamPolicyUidPrincipal; + public Builder() {} + public Builder(GetRegionalParametersParameterPolicyMember defaults) { + Objects.requireNonNull(defaults); + this.iamPolicyNamePrincipal = defaults.iamPolicyNamePrincipal; + this.iamPolicyUidPrincipal = defaults.iamPolicyUidPrincipal; + } + + @CustomType.Setter + public Builder iamPolicyNamePrincipal(String iamPolicyNamePrincipal) { + if (iamPolicyNamePrincipal == null) { + throw new MissingRequiredPropertyException("GetRegionalParametersParameterPolicyMember", "iamPolicyNamePrincipal"); + } + this.iamPolicyNamePrincipal = iamPolicyNamePrincipal; + return this; + } + @CustomType.Setter + public Builder iamPolicyUidPrincipal(String iamPolicyUidPrincipal) { + if (iamPolicyUidPrincipal == null) { + throw new MissingRequiredPropertyException("GetRegionalParametersParameterPolicyMember", "iamPolicyUidPrincipal"); + } + this.iamPolicyUidPrincipal = iamPolicyUidPrincipal; + return this; + } + public GetRegionalParametersParameterPolicyMember build() { + final var _resultValue = new GetRegionalParametersParameterPolicyMember(); + _resultValue.iamPolicyNamePrincipal = iamPolicyNamePrincipal; + _resultValue.iamPolicyUidPrincipal = iamPolicyUidPrincipal; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/parametermanager/outputs/GetRegionalParametersResult.java b/sdk/java/src/main/java/com/pulumi/gcp/parametermanager/outputs/GetRegionalParametersResult.java new file mode 100644 index 0000000000..b20a17947e --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/parametermanager/outputs/GetRegionalParametersResult.java @@ -0,0 +1,139 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.parametermanager.outputs; + +import com.pulumi.core.annotations.CustomType; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import com.pulumi.gcp.parametermanager.outputs.GetRegionalParametersParameter; +import java.lang.String; +import java.util.List; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + +@CustomType +public final class GetRegionalParametersResult { + private @Nullable String filter; + /** + * @return The provider-assigned unique ID for this managed resource. + * + */ + private String id; + private String location; + /** + * @return A list of regional parameters matching the filter. Structure is defined below. + * + */ + private List parameters; + /** + * @return The ID of the project in which the resource belongs. + * + */ + private String project; + + private GetRegionalParametersResult() {} + public Optional filter() { + return Optional.ofNullable(this.filter); + } + /** + * @return The provider-assigned unique ID for this managed resource. + * + */ + public String id() { + return this.id; + } + public String location() { + return this.location; + } + /** + * @return A list of regional parameters matching the filter. Structure is defined below. + * + */ + public List parameters() { + return this.parameters; + } + /** + * @return The ID of the project in which the resource belongs. + * + */ + public String project() { + return this.project; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(GetRegionalParametersResult defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private @Nullable String filter; + private String id; + private String location; + private List parameters; + private String project; + public Builder() {} + public Builder(GetRegionalParametersResult defaults) { + Objects.requireNonNull(defaults); + this.filter = defaults.filter; + this.id = defaults.id; + this.location = defaults.location; + this.parameters = defaults.parameters; + this.project = defaults.project; + } + + @CustomType.Setter + public Builder filter(@Nullable String filter) { + + this.filter = filter; + return this; + } + @CustomType.Setter + public Builder id(String id) { + if (id == null) { + throw new MissingRequiredPropertyException("GetRegionalParametersResult", "id"); + } + this.id = id; + return this; + } + @CustomType.Setter + public Builder location(String location) { + if (location == null) { + throw new MissingRequiredPropertyException("GetRegionalParametersResult", "location"); + } + this.location = location; + return this; + } + @CustomType.Setter + public Builder parameters(List parameters) { + if (parameters == null) { + throw new MissingRequiredPropertyException("GetRegionalParametersResult", "parameters"); + } + this.parameters = parameters; + return this; + } + public Builder parameters(GetRegionalParametersParameter... parameters) { + return parameters(List.of(parameters)); + } + @CustomType.Setter + public Builder project(String project) { + if (project == null) { + throw new MissingRequiredPropertyException("GetRegionalParametersResult", "project"); + } + this.project = project; + return this; + } + public GetRegionalParametersResult build() { + final var _resultValue = new GetRegionalParametersResult(); + _resultValue.filter = filter; + _resultValue.id = id; + _resultValue.location = location; + _resultValue.parameters = parameters; + _resultValue.project = project; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/pubsub/Topic.java b/sdk/java/src/main/java/com/pulumi/gcp/pubsub/Topic.java index 91cf4b8add..79681dec6f 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/pubsub/Topic.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/pubsub/Topic.java @@ -148,6 +148,7 @@ * .name("example-topic") * .messageStoragePolicy(TopicMessageStoragePolicyArgs.builder() * .allowedPersistenceRegions("europe-west3") + * .enforceInTransit(true) * .build()) * .build()); * @@ -316,6 +317,53 @@ * } * * <!--End PulumiCodeChooser --> + * ### Pubsub Topic Ingestion Azure Event Hubs + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.pubsub.Topic;
+ * import com.pulumi.gcp.pubsub.TopicArgs;
+ * import com.pulumi.gcp.pubsub.inputs.TopicIngestionDataSourceSettingsArgs;
+ * import com.pulumi.gcp.pubsub.inputs.TopicIngestionDataSourceSettingsAzureEventHubsArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App }{{@code
+ *     public static void main(String[] args) }{{@code
+ *         Pulumi.run(App::stack);
+ *     }}{@code
+ * 
+ *     public static void stack(Context ctx) }{{@code
+ *         var example = new Topic("example", TopicArgs.builder()
+ *             .name("example-topic")
+ *             .ingestionDataSourceSettings(TopicIngestionDataSourceSettingsArgs.builder()
+ *                 .azureEventHubs(TopicIngestionDataSourceSettingsAzureEventHubsArgs.builder()
+ *                     .resourceGroup("azure-ingestion-resource-group")
+ *                     .namespace("azure-ingestion-namespace")
+ *                     .eventHub("azure-ingestion-event-hub")
+ *                     .clientId("aZZZZZZZ-YYYY-HHHH-GGGG-abcdef569123")
+ *                     .tenantId("0XXXXXXX-YYYY-HHHH-GGGG-123456789123")
+ *                     .subscriptionId("bXXXXXXX-YYYY-HHHH-GGGG-123456789123")
+ *                     .gcpServiceAccount("fake-service-account}{@literal @}{@code fake-gcp-project.iam.gserviceaccount.com")
+ *                     .build())
+ *                 .build())
+ *             .build());
+ * 
+ *     }}{@code
+ * }}{@code
+ * }
+ *
+ * <!--End PulumiCodeChooser --> * * ## Import * diff --git a/sdk/java/src/main/java/com/pulumi/gcp/pubsub/inputs/TopicIngestionDataSourceSettingsArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/pubsub/inputs/TopicIngestionDataSourceSettingsArgs.java index bf9098c178..943a52f122 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/pubsub/inputs/TopicIngestionDataSourceSettingsArgs.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/pubsub/inputs/TopicIngestionDataSourceSettingsArgs.java @@ -6,6 +6,7 @@ import com.pulumi.core.Output; import com.pulumi.core.annotations.Import; import com.pulumi.gcp.pubsub.inputs.TopicIngestionDataSourceSettingsAwsKinesisArgs; +import com.pulumi.gcp.pubsub.inputs.TopicIngestionDataSourceSettingsAzureEventHubsArgs; import com.pulumi.gcp.pubsub.inputs.TopicIngestionDataSourceSettingsCloudStorageArgs; import com.pulumi.gcp.pubsub.inputs.TopicIngestionDataSourceSettingsPlatformLogsSettingsArgs; import java.util.Objects; @@ -34,6 +35,23 @@ public Optional> awsKines return Optional.ofNullable(this.awsKinesis); } + /** + * Settings for ingestion from Azure Event Hubs. + * Structure is documented below. + * + */ + @Import(name="azureEventHubs") + private @Nullable Output azureEventHubs; + + /** + * @return Settings for ingestion from Azure Event Hubs. + * Structure is documented below. + * + */ + public Optional> azureEventHubs() { + return Optional.ofNullable(this.azureEventHubs); + } + /** * Settings for ingestion from Cloud Storage. * Structure is documented below. @@ -74,6 +92,7 @@ private TopicIngestionDataSourceSettingsArgs() {} private TopicIngestionDataSourceSettingsArgs(TopicIngestionDataSourceSettingsArgs $) { this.awsKinesis = $.awsKinesis; + this.azureEventHubs = $.azureEventHubs; this.cloudStorage = $.cloudStorage; this.platformLogsSettings = $.platformLogsSettings; } @@ -119,6 +138,29 @@ public Builder awsKinesis(TopicIngestionDataSourceSettingsAwsKinesisArgs awsKine return awsKinesis(Output.of(awsKinesis)); } + /** + * @param azureEventHubs Settings for ingestion from Azure Event Hubs. + * Structure is documented below. + * + * @return builder + * + */ + public Builder azureEventHubs(@Nullable Output azureEventHubs) { + $.azureEventHubs = azureEventHubs; + return this; + } + + /** + * @param azureEventHubs Settings for ingestion from Azure Event Hubs. + * Structure is documented below. + * + * @return builder + * + */ + public Builder azureEventHubs(TopicIngestionDataSourceSettingsAzureEventHubsArgs azureEventHubs) { + return azureEventHubs(Output.of(azureEventHubs)); + } + /** * @param cloudStorage Settings for ingestion from Cloud Storage. * Structure is documented below. diff --git a/sdk/java/src/main/java/com/pulumi/gcp/pubsub/inputs/TopicIngestionDataSourceSettingsAzureEventHubsArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/pubsub/inputs/TopicIngestionDataSourceSettingsAzureEventHubsArgs.java new file mode 100644 index 0000000000..cd73431a52 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/pubsub/inputs/TopicIngestionDataSourceSettingsAzureEventHubsArgs.java @@ -0,0 +1,313 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.pubsub.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class TopicIngestionDataSourceSettingsAzureEventHubsArgs extends com.pulumi.resources.ResourceArgs { + + public static final TopicIngestionDataSourceSettingsAzureEventHubsArgs Empty = new TopicIngestionDataSourceSettingsAzureEventHubsArgs(); + + /** + * The Azure event hub client ID to use for ingestion. + * + */ + @Import(name="clientId") + private @Nullable Output clientId; + + /** + * @return The Azure event hub client ID to use for ingestion. + * + */ + public Optional> clientId() { + return Optional.ofNullable(this.clientId); + } + + /** + * The Azure event hub to ingest data from. + * + */ + @Import(name="eventHub") + private @Nullable Output eventHub; + + /** + * @return The Azure event hub to ingest data from. + * + */ + public Optional> eventHub() { + return Optional.ofNullable(this.eventHub); + } + + /** + * The GCP service account to be used for Federated Identity authentication + * with Azure (via a `AssumeRoleWithWebIdentity` call for the provided + * role). + * + */ + @Import(name="gcpServiceAccount") + private @Nullable Output gcpServiceAccount; + + /** + * @return The GCP service account to be used for Federated Identity authentication + * with Azure (via a `AssumeRoleWithWebIdentity` call for the provided + * role). + * + */ + public Optional> gcpServiceAccount() { + return Optional.ofNullable(this.gcpServiceAccount); + } + + /** + * The Azure event hub namespace to ingest data from. + * + */ + @Import(name="namespace") + private @Nullable Output namespace; + + /** + * @return The Azure event hub namespace to ingest data from. + * + */ + public Optional> namespace() { + return Optional.ofNullable(this.namespace); + } + + /** + * The name of the resource group within an Azure subscription. + * + */ + @Import(name="resourceGroup") + private @Nullable Output resourceGroup; + + /** + * @return The name of the resource group within an Azure subscription. + * + */ + public Optional> resourceGroup() { + return Optional.ofNullable(this.resourceGroup); + } + + /** + * The Azure event hub subscription ID to use for ingestion. + * + */ + @Import(name="subscriptionId") + private @Nullable Output subscriptionId; + + /** + * @return The Azure event hub subscription ID to use for ingestion. + * + */ + public Optional> subscriptionId() { + return Optional.ofNullable(this.subscriptionId); + } + + /** + * The Azure event hub tenant ID to use for ingestion. + * + */ + @Import(name="tenantId") + private @Nullable Output tenantId; + + /** + * @return The Azure event hub tenant ID to use for ingestion. + * + */ + public Optional> tenantId() { + return Optional.ofNullable(this.tenantId); + } + + private TopicIngestionDataSourceSettingsAzureEventHubsArgs() {} + + private TopicIngestionDataSourceSettingsAzureEventHubsArgs(TopicIngestionDataSourceSettingsAzureEventHubsArgs $) { + this.clientId = $.clientId; + this.eventHub = $.eventHub; + this.gcpServiceAccount = $.gcpServiceAccount; + this.namespace = $.namespace; + this.resourceGroup = $.resourceGroup; + this.subscriptionId = $.subscriptionId; + this.tenantId = $.tenantId; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(TopicIngestionDataSourceSettingsAzureEventHubsArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private TopicIngestionDataSourceSettingsAzureEventHubsArgs $; + + public Builder() { + $ = new TopicIngestionDataSourceSettingsAzureEventHubsArgs(); + } + + public Builder(TopicIngestionDataSourceSettingsAzureEventHubsArgs defaults) { + $ = new TopicIngestionDataSourceSettingsAzureEventHubsArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param clientId The Azure event hub client ID to use for ingestion. + * + * @return builder + * + */ + public Builder clientId(@Nullable Output clientId) { + $.clientId = clientId; + return this; + } + + /** + * @param clientId The Azure event hub client ID to use for ingestion. + * + * @return builder + * + */ + public Builder clientId(String clientId) { + return clientId(Output.of(clientId)); + } + + /** + * @param eventHub The Azure event hub to ingest data from. + * + * @return builder + * + */ + public Builder eventHub(@Nullable Output eventHub) { + $.eventHub = eventHub; + return this; + } + + /** + * @param eventHub The Azure event hub to ingest data from. + * + * @return builder + * + */ + public Builder eventHub(String eventHub) { + return eventHub(Output.of(eventHub)); + } + + /** + * @param gcpServiceAccount The GCP service account to be used for Federated Identity authentication + * with Azure (via a `AssumeRoleWithWebIdentity` call for the provided + * role). + * + * @return builder + * + */ + public Builder gcpServiceAccount(@Nullable Output gcpServiceAccount) { + $.gcpServiceAccount = gcpServiceAccount; + return this; + } + + /** + * @param gcpServiceAccount The GCP service account to be used for Federated Identity authentication + * with Azure (via a `AssumeRoleWithWebIdentity` call for the provided + * role). + * + * @return builder + * + */ + public Builder gcpServiceAccount(String gcpServiceAccount) { + return gcpServiceAccount(Output.of(gcpServiceAccount)); + } + + /** + * @param namespace The Azure event hub namespace to ingest data from. + * + * @return builder + * + */ + public Builder namespace(@Nullable Output namespace) { + $.namespace = namespace; + return this; + } + + /** + * @param namespace The Azure event hub namespace to ingest data from. + * + * @return builder + * + */ + public Builder namespace(String namespace) { + return namespace(Output.of(namespace)); + } + + /** + * @param resourceGroup The name of the resource group within an Azure subscription. + * + * @return builder + * + */ + public Builder resourceGroup(@Nullable Output resourceGroup) { + $.resourceGroup = resourceGroup; + return this; + } + + /** + * @param resourceGroup The name of the resource group within an Azure subscription. + * + * @return builder + * + */ + public Builder resourceGroup(String resourceGroup) { + return resourceGroup(Output.of(resourceGroup)); + } + + /** + * @param subscriptionId The Azure event hub subscription ID to use for ingestion. + * + * @return builder + * + */ + public Builder subscriptionId(@Nullable Output subscriptionId) { + $.subscriptionId = subscriptionId; + return this; + } + + /** + * @param subscriptionId The Azure event hub subscription ID to use for ingestion. + * + * @return builder + * + */ + public Builder subscriptionId(String subscriptionId) { + return subscriptionId(Output.of(subscriptionId)); + } + + /** + * @param tenantId The Azure event hub tenant ID to use for ingestion. + * + * @return builder + * + */ + public Builder tenantId(@Nullable Output tenantId) { + $.tenantId = tenantId; + return this; + } + + /** + * @param tenantId The Azure event hub tenant ID to use for ingestion. + * + * @return builder + * + */ + public Builder tenantId(String tenantId) { + return tenantId(Output.of(tenantId)); + } + + public TopicIngestionDataSourceSettingsAzureEventHubsArgs build() { + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/pubsub/inputs/TopicMessageStoragePolicyArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/pubsub/inputs/TopicMessageStoragePolicyArgs.java index e0f7499200..c01a0b4195 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/pubsub/inputs/TopicMessageStoragePolicyArgs.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/pubsub/inputs/TopicMessageStoragePolicyArgs.java @@ -6,9 +6,12 @@ import com.pulumi.core.Output; import com.pulumi.core.annotations.Import; import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.Boolean; import java.lang.String; import java.util.List; import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; public final class TopicMessageStoragePolicyArgs extends com.pulumi.resources.ResourceArgs { @@ -40,10 +43,32 @@ public Output> allowedPersistenceRegions() { return this.allowedPersistenceRegions; } + /** + * If true, `allowedPersistenceRegions` is also used to enforce in-transit + * guarantees for messages. That is, Pub/Sub will fail topics.publish + * operations on this topic and subscribe operations on any subscription + * attached to this topic in any region that is not in `allowedPersistenceRegions`. + * + */ + @Import(name="enforceInTransit") + private @Nullable Output enforceInTransit; + + /** + * @return If true, `allowedPersistenceRegions` is also used to enforce in-transit + * guarantees for messages. That is, Pub/Sub will fail topics.publish + * operations on this topic and subscribe operations on any subscription + * attached to this topic in any region that is not in `allowedPersistenceRegions`. + * + */ + public Optional> enforceInTransit() { + return Optional.ofNullable(this.enforceInTransit); + } + private TopicMessageStoragePolicyArgs() {} private TopicMessageStoragePolicyArgs(TopicMessageStoragePolicyArgs $) { this.allowedPersistenceRegions = $.allowedPersistenceRegions; + this.enforceInTransit = $.enforceInTransit; } public static Builder builder() { @@ -110,6 +135,33 @@ public Builder allowedPersistenceRegions(String... allowedPersistenceRegions) { return allowedPersistenceRegions(List.of(allowedPersistenceRegions)); } + /** + * @param enforceInTransit If true, `allowedPersistenceRegions` is also used to enforce in-transit + * guarantees for messages. That is, Pub/Sub will fail topics.publish + * operations on this topic and subscribe operations on any subscription + * attached to this topic in any region that is not in `allowedPersistenceRegions`. + * + * @return builder + * + */ + public Builder enforceInTransit(@Nullable Output enforceInTransit) { + $.enforceInTransit = enforceInTransit; + return this; + } + + /** + * @param enforceInTransit If true, `allowedPersistenceRegions` is also used to enforce in-transit + * guarantees for messages. That is, Pub/Sub will fail topics.publish + * operations on this topic and subscribe operations on any subscription + * attached to this topic in any region that is not in `allowedPersistenceRegions`. + * + * @return builder + * + */ + public Builder enforceInTransit(Boolean enforceInTransit) { + return enforceInTransit(Output.of(enforceInTransit)); + } + public TopicMessageStoragePolicyArgs build() { if ($.allowedPersistenceRegions == null) { throw new MissingRequiredPropertyException("TopicMessageStoragePolicyArgs", "allowedPersistenceRegions"); diff --git a/sdk/java/src/main/java/com/pulumi/gcp/pubsub/outputs/GetTopicIngestionDataSourceSetting.java b/sdk/java/src/main/java/com/pulumi/gcp/pubsub/outputs/GetTopicIngestionDataSourceSetting.java index 7a68bd0944..a149847672 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/pubsub/outputs/GetTopicIngestionDataSourceSetting.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/pubsub/outputs/GetTopicIngestionDataSourceSetting.java @@ -6,6 +6,7 @@ import com.pulumi.core.annotations.CustomType; import com.pulumi.exceptions.MissingRequiredPropertyException; import com.pulumi.gcp.pubsub.outputs.GetTopicIngestionDataSourceSettingAwsKinese; +import com.pulumi.gcp.pubsub.outputs.GetTopicIngestionDataSourceSettingAzureEventHub; import com.pulumi.gcp.pubsub.outputs.GetTopicIngestionDataSourceSettingCloudStorage; import com.pulumi.gcp.pubsub.outputs.GetTopicIngestionDataSourceSettingPlatformLogsSetting; import java.util.List; @@ -18,6 +19,11 @@ public final class GetTopicIngestionDataSourceSetting { * */ private List awsKineses; + /** + * @return Settings for ingestion from Azure Event Hubs. + * + */ + private List azureEventHubs; /** * @return Settings for ingestion from Cloud Storage. * @@ -38,6 +44,13 @@ private GetTopicIngestionDataSourceSetting() {} public List awsKineses() { return this.awsKineses; } + /** + * @return Settings for ingestion from Azure Event Hubs. + * + */ + public List azureEventHubs() { + return this.azureEventHubs; + } /** * @return Settings for ingestion from Cloud Storage. * @@ -64,12 +77,14 @@ public static Builder builder(GetTopicIngestionDataSourceSetting defaults) { @CustomType.Builder public static final class Builder { private List awsKineses; + private List azureEventHubs; private List cloudStorages; private List platformLogsSettings; public Builder() {} public Builder(GetTopicIngestionDataSourceSetting defaults) { Objects.requireNonNull(defaults); this.awsKineses = defaults.awsKineses; + this.azureEventHubs = defaults.azureEventHubs; this.cloudStorages = defaults.cloudStorages; this.platformLogsSettings = defaults.platformLogsSettings; } @@ -86,6 +101,17 @@ public Builder awsKineses(GetTopicIngestionDataSourceSettingAwsKinese... awsKine return awsKineses(List.of(awsKineses)); } @CustomType.Setter + public Builder azureEventHubs(List azureEventHubs) { + if (azureEventHubs == null) { + throw new MissingRequiredPropertyException("GetTopicIngestionDataSourceSetting", "azureEventHubs"); + } + this.azureEventHubs = azureEventHubs; + return this; + } + public Builder azureEventHubs(GetTopicIngestionDataSourceSettingAzureEventHub... azureEventHubs) { + return azureEventHubs(List.of(azureEventHubs)); + } + @CustomType.Setter public Builder cloudStorages(List cloudStorages) { if (cloudStorages == null) { throw new MissingRequiredPropertyException("GetTopicIngestionDataSourceSetting", "cloudStorages"); @@ -110,6 +136,7 @@ public Builder platformLogsSettings(GetTopicIngestionDataSourceSettingPlatformLo public GetTopicIngestionDataSourceSetting build() { final var _resultValue = new GetTopicIngestionDataSourceSetting(); _resultValue.awsKineses = awsKineses; + _resultValue.azureEventHubs = azureEventHubs; _resultValue.cloudStorages = cloudStorages; _resultValue.platformLogsSettings = platformLogsSettings; return _resultValue; diff --git a/sdk/java/src/main/java/com/pulumi/gcp/pubsub/outputs/GetTopicIngestionDataSourceSettingAzureEventHub.java b/sdk/java/src/main/java/com/pulumi/gcp/pubsub/outputs/GetTopicIngestionDataSourceSettingAzureEventHub.java new file mode 100644 index 0000000000..3c94765d23 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/pubsub/outputs/GetTopicIngestionDataSourceSettingAzureEventHub.java @@ -0,0 +1,200 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.pubsub.outputs; + +import com.pulumi.core.annotations.CustomType; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.Objects; + +@CustomType +public final class GetTopicIngestionDataSourceSettingAzureEventHub { + /** + * @return The Azure event hub client ID to use for ingestion. + * + */ + private String clientId; + /** + * @return The Azure event hub to ingest data from. + * + */ + private String eventHub; + /** + * @return The GCP service account to be used for Federated Identity authentication + * with Azure (via a 'AssumeRoleWithWebIdentity' call for the provided + * role). + * + */ + private String gcpServiceAccount; + /** + * @return The Azure event hub namespace to ingest data from. + * + */ + private String namespace; + /** + * @return The name of the resource group within an Azure subscription. + * + */ + private String resourceGroup; + /** + * @return The Azure event hub subscription ID to use for ingestion. + * + */ + private String subscriptionId; + /** + * @return The Azure event hub tenant ID to use for ingestion. + * + */ + private String tenantId; + + private GetTopicIngestionDataSourceSettingAzureEventHub() {} + /** + * @return The Azure event hub client ID to use for ingestion. + * + */ + public String clientId() { + return this.clientId; + } + /** + * @return The Azure event hub to ingest data from. + * + */ + public String eventHub() { + return this.eventHub; + } + /** + * @return The GCP service account to be used for Federated Identity authentication + * with Azure (via a 'AssumeRoleWithWebIdentity' call for the provided + * role). + * + */ + public String gcpServiceAccount() { + return this.gcpServiceAccount; + } + /** + * @return The Azure event hub namespace to ingest data from. + * + */ + public String namespace() { + return this.namespace; + } + /** + * @return The name of the resource group within an Azure subscription. + * + */ + public String resourceGroup() { + return this.resourceGroup; + } + /** + * @return The Azure event hub subscription ID to use for ingestion. + * + */ + public String subscriptionId() { + return this.subscriptionId; + } + /** + * @return The Azure event hub tenant ID to use for ingestion. + * + */ + public String tenantId() { + return this.tenantId; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(GetTopicIngestionDataSourceSettingAzureEventHub defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private String clientId; + private String eventHub; + private String gcpServiceAccount; + private String namespace; + private String resourceGroup; + private String subscriptionId; + private String tenantId; + public Builder() {} + public Builder(GetTopicIngestionDataSourceSettingAzureEventHub defaults) { + Objects.requireNonNull(defaults); + this.clientId = defaults.clientId; + this.eventHub = defaults.eventHub; + this.gcpServiceAccount = defaults.gcpServiceAccount; + this.namespace = defaults.namespace; + this.resourceGroup = defaults.resourceGroup; + this.subscriptionId = defaults.subscriptionId; + this.tenantId = defaults.tenantId; + } + + @CustomType.Setter + public Builder clientId(String clientId) { + if (clientId == null) { + throw new MissingRequiredPropertyException("GetTopicIngestionDataSourceSettingAzureEventHub", "clientId"); + } + this.clientId = clientId; + return this; + } + @CustomType.Setter + public Builder eventHub(String eventHub) { + if (eventHub == null) { + throw new MissingRequiredPropertyException("GetTopicIngestionDataSourceSettingAzureEventHub", "eventHub"); + } + this.eventHub = eventHub; + return this; + } + @CustomType.Setter + public Builder gcpServiceAccount(String gcpServiceAccount) { + if (gcpServiceAccount == null) { + throw new MissingRequiredPropertyException("GetTopicIngestionDataSourceSettingAzureEventHub", "gcpServiceAccount"); + } + this.gcpServiceAccount = gcpServiceAccount; + return this; + } + @CustomType.Setter + public Builder namespace(String namespace) { + if (namespace == null) { + throw new MissingRequiredPropertyException("GetTopicIngestionDataSourceSettingAzureEventHub", "namespace"); + } + this.namespace = namespace; + return this; + } + @CustomType.Setter + public Builder resourceGroup(String resourceGroup) { + if (resourceGroup == null) { + throw new MissingRequiredPropertyException("GetTopicIngestionDataSourceSettingAzureEventHub", "resourceGroup"); + } + this.resourceGroup = resourceGroup; + return this; + } + @CustomType.Setter + public Builder subscriptionId(String subscriptionId) { + if (subscriptionId == null) { + throw new MissingRequiredPropertyException("GetTopicIngestionDataSourceSettingAzureEventHub", "subscriptionId"); + } + this.subscriptionId = subscriptionId; + return this; + } + @CustomType.Setter + public Builder tenantId(String tenantId) { + if (tenantId == null) { + throw new MissingRequiredPropertyException("GetTopicIngestionDataSourceSettingAzureEventHub", "tenantId"); + } + this.tenantId = tenantId; + return this; + } + public GetTopicIngestionDataSourceSettingAzureEventHub build() { + final var _resultValue = new GetTopicIngestionDataSourceSettingAzureEventHub(); + _resultValue.clientId = clientId; + _resultValue.eventHub = eventHub; + _resultValue.gcpServiceAccount = gcpServiceAccount; + _resultValue.namespace = namespace; + _resultValue.resourceGroup = resourceGroup; + _resultValue.subscriptionId = subscriptionId; + _resultValue.tenantId = tenantId; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/pubsub/outputs/GetTopicMessageStoragePolicy.java b/sdk/java/src/main/java/com/pulumi/gcp/pubsub/outputs/GetTopicMessageStoragePolicy.java index 171cf2c7c3..b48324c0fe 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/pubsub/outputs/GetTopicMessageStoragePolicy.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/pubsub/outputs/GetTopicMessageStoragePolicy.java @@ -5,6 +5,7 @@ import com.pulumi.core.annotations.CustomType; import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.Boolean; import java.lang.String; import java.util.List; import java.util.Objects; @@ -21,6 +22,14 @@ public final class GetTopicMessageStoragePolicy { * */ private List allowedPersistenceRegions; + /** + * @return If true, 'allowedPersistenceRegions' is also used to enforce in-transit + * guarantees for messages. That is, Pub/Sub will fail topics.publish + * operations on this topic and subscribe operations on any subscription + * attached to this topic in any region that is not in 'allowedPersistenceRegions'. + * + */ + private Boolean enforceInTransit; private GetTopicMessageStoragePolicy() {} /** @@ -35,6 +44,16 @@ private GetTopicMessageStoragePolicy() {} public List allowedPersistenceRegions() { return this.allowedPersistenceRegions; } + /** + * @return If true, 'allowedPersistenceRegions' is also used to enforce in-transit + * guarantees for messages. That is, Pub/Sub will fail topics.publish + * operations on this topic and subscribe operations on any subscription + * attached to this topic in any region that is not in 'allowedPersistenceRegions'. + * + */ + public Boolean enforceInTransit() { + return this.enforceInTransit; + } public static Builder builder() { return new Builder(); @@ -46,10 +65,12 @@ public static Builder builder(GetTopicMessageStoragePolicy defaults) { @CustomType.Builder public static final class Builder { private List allowedPersistenceRegions; + private Boolean enforceInTransit; public Builder() {} public Builder(GetTopicMessageStoragePolicy defaults) { Objects.requireNonNull(defaults); this.allowedPersistenceRegions = defaults.allowedPersistenceRegions; + this.enforceInTransit = defaults.enforceInTransit; } @CustomType.Setter @@ -63,9 +84,18 @@ public Builder allowedPersistenceRegions(List allowedPersistenceRegions) public Builder allowedPersistenceRegions(String... allowedPersistenceRegions) { return allowedPersistenceRegions(List.of(allowedPersistenceRegions)); } + @CustomType.Setter + public Builder enforceInTransit(Boolean enforceInTransit) { + if (enforceInTransit == null) { + throw new MissingRequiredPropertyException("GetTopicMessageStoragePolicy", "enforceInTransit"); + } + this.enforceInTransit = enforceInTransit; + return this; + } public GetTopicMessageStoragePolicy build() { final var _resultValue = new GetTopicMessageStoragePolicy(); _resultValue.allowedPersistenceRegions = allowedPersistenceRegions; + _resultValue.enforceInTransit = enforceInTransit; return _resultValue; } } diff --git a/sdk/java/src/main/java/com/pulumi/gcp/pubsub/outputs/TopicIngestionDataSourceSettings.java b/sdk/java/src/main/java/com/pulumi/gcp/pubsub/outputs/TopicIngestionDataSourceSettings.java index 6757862853..e26c02fc3a 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/pubsub/outputs/TopicIngestionDataSourceSettings.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/pubsub/outputs/TopicIngestionDataSourceSettings.java @@ -5,6 +5,7 @@ import com.pulumi.core.annotations.CustomType; import com.pulumi.gcp.pubsub.outputs.TopicIngestionDataSourceSettingsAwsKinesis; +import com.pulumi.gcp.pubsub.outputs.TopicIngestionDataSourceSettingsAzureEventHubs; import com.pulumi.gcp.pubsub.outputs.TopicIngestionDataSourceSettingsCloudStorage; import com.pulumi.gcp.pubsub.outputs.TopicIngestionDataSourceSettingsPlatformLogsSettings; import java.util.Objects; @@ -19,6 +20,12 @@ public final class TopicIngestionDataSourceSettings { * */ private @Nullable TopicIngestionDataSourceSettingsAwsKinesis awsKinesis; + /** + * @return Settings for ingestion from Azure Event Hubs. + * Structure is documented below. + * + */ + private @Nullable TopicIngestionDataSourceSettingsAzureEventHubs azureEventHubs; /** * @return Settings for ingestion from Cloud Storage. * Structure is documented below. @@ -42,6 +49,14 @@ private TopicIngestionDataSourceSettings() {} public Optional awsKinesis() { return Optional.ofNullable(this.awsKinesis); } + /** + * @return Settings for ingestion from Azure Event Hubs. + * Structure is documented below. + * + */ + public Optional azureEventHubs() { + return Optional.ofNullable(this.azureEventHubs); + } /** * @return Settings for ingestion from Cloud Storage. * Structure is documented below. @@ -70,12 +85,14 @@ public static Builder builder(TopicIngestionDataSourceSettings defaults) { @CustomType.Builder public static final class Builder { private @Nullable TopicIngestionDataSourceSettingsAwsKinesis awsKinesis; + private @Nullable TopicIngestionDataSourceSettingsAzureEventHubs azureEventHubs; private @Nullable TopicIngestionDataSourceSettingsCloudStorage cloudStorage; private @Nullable TopicIngestionDataSourceSettingsPlatformLogsSettings platformLogsSettings; public Builder() {} public Builder(TopicIngestionDataSourceSettings defaults) { Objects.requireNonNull(defaults); this.awsKinesis = defaults.awsKinesis; + this.azureEventHubs = defaults.azureEventHubs; this.cloudStorage = defaults.cloudStorage; this.platformLogsSettings = defaults.platformLogsSettings; } @@ -87,6 +104,12 @@ public Builder awsKinesis(@Nullable TopicIngestionDataSourceSettingsAwsKinesis a return this; } @CustomType.Setter + public Builder azureEventHubs(@Nullable TopicIngestionDataSourceSettingsAzureEventHubs azureEventHubs) { + + this.azureEventHubs = azureEventHubs; + return this; + } + @CustomType.Setter public Builder cloudStorage(@Nullable TopicIngestionDataSourceSettingsCloudStorage cloudStorage) { this.cloudStorage = cloudStorage; @@ -101,6 +124,7 @@ public Builder platformLogsSettings(@Nullable TopicIngestionDataSourceSettingsPl public TopicIngestionDataSourceSettings build() { final var _resultValue = new TopicIngestionDataSourceSettings(); _resultValue.awsKinesis = awsKinesis; + _resultValue.azureEventHubs = azureEventHubs; _resultValue.cloudStorage = cloudStorage; _resultValue.platformLogsSettings = platformLogsSettings; return _resultValue; diff --git a/sdk/java/src/main/java/com/pulumi/gcp/pubsub/outputs/TopicIngestionDataSourceSettingsAzureEventHubs.java b/sdk/java/src/main/java/com/pulumi/gcp/pubsub/outputs/TopicIngestionDataSourceSettingsAzureEventHubs.java new file mode 100644 index 0000000000..85f81dcb73 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/pubsub/outputs/TopicIngestionDataSourceSettingsAzureEventHubs.java @@ -0,0 +1,187 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.pubsub.outputs; + +import com.pulumi.core.annotations.CustomType; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + +@CustomType +public final class TopicIngestionDataSourceSettingsAzureEventHubs { + /** + * @return The Azure event hub client ID to use for ingestion. + * + */ + private @Nullable String clientId; + /** + * @return The Azure event hub to ingest data from. + * + */ + private @Nullable String eventHub; + /** + * @return The GCP service account to be used for Federated Identity authentication + * with Azure (via a `AssumeRoleWithWebIdentity` call for the provided + * role). + * + */ + private @Nullable String gcpServiceAccount; + /** + * @return The Azure event hub namespace to ingest data from. + * + */ + private @Nullable String namespace; + /** + * @return The name of the resource group within an Azure subscription. + * + */ + private @Nullable String resourceGroup; + /** + * @return The Azure event hub subscription ID to use for ingestion. + * + */ + private @Nullable String subscriptionId; + /** + * @return The Azure event hub tenant ID to use for ingestion. + * + */ + private @Nullable String tenantId; + + private TopicIngestionDataSourceSettingsAzureEventHubs() {} + /** + * @return The Azure event hub client ID to use for ingestion. + * + */ + public Optional clientId() { + return Optional.ofNullable(this.clientId); + } + /** + * @return The Azure event hub to ingest data from. + * + */ + public Optional eventHub() { + return Optional.ofNullable(this.eventHub); + } + /** + * @return The GCP service account to be used for Federated Identity authentication + * with Azure (via a `AssumeRoleWithWebIdentity` call for the provided + * role). + * + */ + public Optional gcpServiceAccount() { + return Optional.ofNullable(this.gcpServiceAccount); + } + /** + * @return The Azure event hub namespace to ingest data from. + * + */ + public Optional namespace() { + return Optional.ofNullable(this.namespace); + } + /** + * @return The name of the resource group within an Azure subscription. + * + */ + public Optional resourceGroup() { + return Optional.ofNullable(this.resourceGroup); + } + /** + * @return The Azure event hub subscription ID to use for ingestion. + * + */ + public Optional subscriptionId() { + return Optional.ofNullable(this.subscriptionId); + } + /** + * @return The Azure event hub tenant ID to use for ingestion. + * + */ + public Optional tenantId() { + return Optional.ofNullable(this.tenantId); + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(TopicIngestionDataSourceSettingsAzureEventHubs defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private @Nullable String clientId; + private @Nullable String eventHub; + private @Nullable String gcpServiceAccount; + private @Nullable String namespace; + private @Nullable String resourceGroup; + private @Nullable String subscriptionId; + private @Nullable String tenantId; + public Builder() {} + public Builder(TopicIngestionDataSourceSettingsAzureEventHubs defaults) { + Objects.requireNonNull(defaults); + this.clientId = defaults.clientId; + this.eventHub = defaults.eventHub; + this.gcpServiceAccount = defaults.gcpServiceAccount; + this.namespace = defaults.namespace; + this.resourceGroup = defaults.resourceGroup; + this.subscriptionId = defaults.subscriptionId; + this.tenantId = defaults.tenantId; + } + + @CustomType.Setter + public Builder clientId(@Nullable String clientId) { + + this.clientId = clientId; + return this; + } + @CustomType.Setter + public Builder eventHub(@Nullable String eventHub) { + + this.eventHub = eventHub; + return this; + } + @CustomType.Setter + public Builder gcpServiceAccount(@Nullable String gcpServiceAccount) { + + this.gcpServiceAccount = gcpServiceAccount; + return this; + } + @CustomType.Setter + public Builder namespace(@Nullable String namespace) { + + this.namespace = namespace; + return this; + } + @CustomType.Setter + public Builder resourceGroup(@Nullable String resourceGroup) { + + this.resourceGroup = resourceGroup; + return this; + } + @CustomType.Setter + public Builder subscriptionId(@Nullable String subscriptionId) { + + this.subscriptionId = subscriptionId; + return this; + } + @CustomType.Setter + public Builder tenantId(@Nullable String tenantId) { + + this.tenantId = tenantId; + return this; + } + public TopicIngestionDataSourceSettingsAzureEventHubs build() { + final var _resultValue = new TopicIngestionDataSourceSettingsAzureEventHubs(); + _resultValue.clientId = clientId; + _resultValue.eventHub = eventHub; + _resultValue.gcpServiceAccount = gcpServiceAccount; + _resultValue.namespace = namespace; + _resultValue.resourceGroup = resourceGroup; + _resultValue.subscriptionId = subscriptionId; + _resultValue.tenantId = tenantId; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/pubsub/outputs/TopicMessageStoragePolicy.java b/sdk/java/src/main/java/com/pulumi/gcp/pubsub/outputs/TopicMessageStoragePolicy.java index 27cc86ff64..0e4f079a1a 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/pubsub/outputs/TopicMessageStoragePolicy.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/pubsub/outputs/TopicMessageStoragePolicy.java @@ -5,9 +5,12 @@ import com.pulumi.core.annotations.CustomType; import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.Boolean; import java.lang.String; import java.util.List; import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; @CustomType public final class TopicMessageStoragePolicy { @@ -21,6 +24,14 @@ public final class TopicMessageStoragePolicy { * */ private List allowedPersistenceRegions; + /** + * @return If true, `allowedPersistenceRegions` is also used to enforce in-transit + * guarantees for messages. That is, Pub/Sub will fail topics.publish + * operations on this topic and subscribe operations on any subscription + * attached to this topic in any region that is not in `allowedPersistenceRegions`. + * + */ + private @Nullable Boolean enforceInTransit; private TopicMessageStoragePolicy() {} /** @@ -35,6 +46,16 @@ private TopicMessageStoragePolicy() {} public List allowedPersistenceRegions() { return this.allowedPersistenceRegions; } + /** + * @return If true, `allowedPersistenceRegions` is also used to enforce in-transit + * guarantees for messages. That is, Pub/Sub will fail topics.publish + * operations on this topic and subscribe operations on any subscription + * attached to this topic in any region that is not in `allowedPersistenceRegions`. + * + */ + public Optional enforceInTransit() { + return Optional.ofNullable(this.enforceInTransit); + } public static Builder builder() { return new Builder(); @@ -46,10 +67,12 @@ public static Builder builder(TopicMessageStoragePolicy defaults) { @CustomType.Builder public static final class Builder { private List allowedPersistenceRegions; + private @Nullable Boolean enforceInTransit; public Builder() {} public Builder(TopicMessageStoragePolicy defaults) { Objects.requireNonNull(defaults); this.allowedPersistenceRegions = defaults.allowedPersistenceRegions; + this.enforceInTransit = defaults.enforceInTransit; } @CustomType.Setter @@ -63,9 +86,16 @@ public Builder allowedPersistenceRegions(List allowedPersistenceRegions) public Builder allowedPersistenceRegions(String... allowedPersistenceRegions) { return allowedPersistenceRegions(List.of(allowedPersistenceRegions)); } + @CustomType.Setter + public Builder enforceInTransit(@Nullable Boolean enforceInTransit) { + + this.enforceInTransit = enforceInTransit; + return this; + } public TopicMessageStoragePolicy build() { final var _resultValue = new TopicMessageStoragePolicy(); _resultValue.allowedPersistenceRegions = allowedPersistenceRegions; + _resultValue.enforceInTransit = enforceInTransit; return _resultValue; } } diff --git a/sdk/java/src/main/java/com/pulumi/gcp/redis/Cluster.java b/sdk/java/src/main/java/com/pulumi/gcp/redis/Cluster.java index 32d414cf9a..8ebe019c0f 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/redis/Cluster.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/redis/Cluster.java @@ -17,6 +17,7 @@ import com.pulumi.gcp.redis.outputs.ClusterPersistenceConfig; import com.pulumi.gcp.redis.outputs.ClusterPscConfig; import com.pulumi.gcp.redis.outputs.ClusterPscConnection; +import com.pulumi.gcp.redis.outputs.ClusterPscServiceAttachment; import com.pulumi.gcp.redis.outputs.ClusterStateInfo; import com.pulumi.gcp.redis.outputs.ClusterZoneDistributionConfig; import java.lang.Boolean; @@ -630,8 +631,8 @@ public class Cluster extends com.pulumi.resources.CustomResource { /** * Optional. The authorization mode of the Redis cluster. If not provided, auth feature is disabled for the cluster. - * Default value: "AUTH_MODE_DISABLED" Possible values: ["AUTH_MODE_UNSPECIFIED", "AUTH_MODE_IAM_AUTH", - * "AUTH_MODE_DISABLED"] + * Default value is `AUTH_MODE_DISABLED`. + * Possible values are: `AUTH_MODE_UNSPECIFIED`, `AUTH_MODE_IAM_AUTH`, `AUTH_MODE_DISABLED`. * */ @Export(name="authorizationMode", refs={String.class}, tree="[0]") @@ -639,8 +640,8 @@ public class Cluster extends com.pulumi.resources.CustomResource { /** * @return Optional. The authorization mode of the Redis cluster. If not provided, auth feature is disabled for the cluster. - * Default value: "AUTH_MODE_DISABLED" Possible values: ["AUTH_MODE_UNSPECIFIED", "AUTH_MODE_IAM_AUTH", - * "AUTH_MODE_DISABLED"] + * Default value is `AUTH_MODE_DISABLED`. + * Possible values are: `AUTH_MODE_UNSPECIFIED`, `AUTH_MODE_IAM_AUTH`, `AUTH_MODE_DISABLED`. * */ public Output> authorizationMode() { @@ -666,6 +667,7 @@ public Output createTime() { } /** * Cross cluster replication config + * Structure is documented below. * */ @Export(name="crossClusterReplicationConfig", refs={ClusterCrossClusterReplicationConfig.class}, tree="[0]") @@ -673,22 +675,25 @@ public Output createTime() { /** * @return Cross cluster replication config + * Structure is documented below. * */ public Output crossClusterReplicationConfig() { return this.crossClusterReplicationConfig; } /** - * Optional. Indicates if the cluster is deletion protected or not. If the value if set to true, any delete cluster - * operation will fail. Default value is true. + * Optional. Indicates if the cluster is deletion protected or not. + * If the value if set to true, any delete cluster operation will fail. + * Default value is true. * */ @Export(name="deletionProtectionEnabled", refs={Boolean.class}, tree="[0]") private Output deletionProtectionEnabled; /** - * @return Optional. Indicates if the cluster is deletion protected or not. If the value if set to true, any delete cluster - * operation will fail. Default value is true. + * @return Optional. Indicates if the cluster is deletion protected or not. + * If the value if set to true, any delete cluster operation will fail. + * Default value is true. * */ public Output> deletionProtectionEnabled() { @@ -716,6 +721,7 @@ public Output> discoveryEndpoints() { } /** * Maintenance policy for a cluster + * Structure is documented below. * */ @Export(name="maintenancePolicy", refs={ClusterMaintenancePolicy.class}, tree="[0]") @@ -723,6 +729,7 @@ public Output> discoveryEndpoints() { /** * @return Maintenance policy for a cluster + * Structure is documented below. * */ public Output> maintenancePolicy() { @@ -748,6 +755,8 @@ public Output> maintenanceSchedules() { * Unique name of the resource in this scope including project and location using the form: * projects/{projectId}/locations/{locationId}/clusters/{clusterId} * + * *** + * */ @Export(name="name", refs={String.class}, tree="[0]") private Output name; @@ -756,21 +765,25 @@ public Output> maintenanceSchedules() { * @return Unique name of the resource in this scope including project and location using the form: * projects/{projectId}/locations/{locationId}/clusters/{clusterId} * + * *** + * */ public Output name() { return this.name; } /** - * The nodeType for the Redis cluster. If not provided, REDIS_HIGHMEM_MEDIUM will be used as default Possible values: - * ["REDIS_SHARED_CORE_NANO", "REDIS_HIGHMEM_MEDIUM", "REDIS_HIGHMEM_XLARGE", "REDIS_STANDARD_SMALL"] + * The nodeType for the Redis cluster. + * If not provided, REDIS_HIGHMEM_MEDIUM will be used as default + * Possible values are: `REDIS_SHARED_CORE_NANO`, `REDIS_HIGHMEM_MEDIUM`, `REDIS_HIGHMEM_XLARGE`, `REDIS_STANDARD_SMALL`. * */ @Export(name="nodeType", refs={String.class}, tree="[0]") private Output nodeType; /** - * @return The nodeType for the Redis cluster. If not provided, REDIS_HIGHMEM_MEDIUM will be used as default Possible values: - * ["REDIS_SHARED_CORE_NANO", "REDIS_HIGHMEM_MEDIUM", "REDIS_HIGHMEM_XLARGE", "REDIS_STANDARD_SMALL"] + * @return The nodeType for the Redis cluster. + * If not provided, REDIS_HIGHMEM_MEDIUM will be used as default + * Possible values are: `REDIS_SHARED_CORE_NANO`, `REDIS_HIGHMEM_MEDIUM`, `REDIS_HIGHMEM_XLARGE`, `REDIS_STANDARD_SMALL`. * */ public Output nodeType() { @@ -778,6 +791,7 @@ public Output nodeType() { } /** * Persistence config (RDB, AOF) for the cluster. + * Structure is documented below. * */ @Export(name="persistenceConfig", refs={ClusterPersistenceConfig.class}, tree="[0]") @@ -785,6 +799,7 @@ public Output nodeType() { /** * @return Persistence config (RDB, AOF) for the cluster. + * Structure is documented below. * */ public Output persistenceConfig() { @@ -804,9 +819,19 @@ public Output persistenceConfig() { public Output preciseSizeGb() { return this.preciseSizeGb; } + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the provider project is used. + * + */ @Export(name="project", refs={String.class}, tree="[0]") private Output project; + /** + * @return The ID of the project in which the resource belongs. + * If it is not provided, the provider project is used. + * + */ public Output project() { return this.project; } @@ -818,7 +843,7 @@ public Output project() { * */ @Export(name="pscConfigs", refs={List.class,ClusterPscConfig.class}, tree="[0,1]") - private Output> pscConfigs; + private Output> pscConfigs; /** * @return Required. Each PscConfig configures the consumer network where two @@ -827,8 +852,8 @@ public Output project() { * Structure is documented below. * */ - public Output> pscConfigs() { - return this.pscConfigs; + public Output>> pscConfigs() { + return Codegen.optional(this.pscConfigs); } /** * Output only. PSC connections for discovery of the cluster topology and accessing the cluster. @@ -847,8 +872,24 @@ public Output> pscConnections() { return this.pscConnections; } /** - * Configure Redis Cluster behavior using a subset of native Redis configuration parameters. Please check Memorystore - * documentation for the list of supported parameters: + * Service attachment details to configure Psc connections. + * Structure is documented below. + * + */ + @Export(name="pscServiceAttachments", refs={List.class,ClusterPscServiceAttachment.class}, tree="[0,1]") + private Output> pscServiceAttachments; + + /** + * @return Service attachment details to configure Psc connections. + * Structure is documented below. + * + */ + public Output> pscServiceAttachments() { + return this.pscServiceAttachments; + } + /** + * Configure Redis Cluster behavior using a subset of native Redis configuration parameters. + * Please check Memorystore documentation for the list of supported parameters: * https://cloud.google.com/memorystore/docs/cluster/supported-instance-configurations * */ @@ -856,8 +897,8 @@ public Output> pscConnections() { private Output> redisConfigs; /** - * @return Configure Redis Cluster behavior using a subset of native Redis configuration parameters. Please check Memorystore - * documentation for the list of supported parameters: + * @return Configure Redis Cluster behavior using a subset of native Redis configuration parameters. + * Please check Memorystore documentation for the list of supported parameters: * https://cloud.google.com/memorystore/docs/cluster/supported-instance-configurations * */ @@ -951,18 +992,20 @@ public Output> stateInfos() { return this.stateInfos; } /** - * Optional. The in-transit encryption for the Redis cluster. If not provided, encryption is disabled for the cluster. - * Default value: "TRANSIT_ENCRYPTION_MODE_DISABLED" Possible values: ["TRANSIT_ENCRYPTION_MODE_UNSPECIFIED", - * "TRANSIT_ENCRYPTION_MODE_DISABLED", "TRANSIT_ENCRYPTION_MODE_SERVER_AUTHENTICATION"] + * Optional. The in-transit encryption for the Redis cluster. + * If not provided, encryption is disabled for the cluster. + * Default value is `TRANSIT_ENCRYPTION_MODE_DISABLED`. + * Possible values are: `TRANSIT_ENCRYPTION_MODE_UNSPECIFIED`, `TRANSIT_ENCRYPTION_MODE_DISABLED`, `TRANSIT_ENCRYPTION_MODE_SERVER_AUTHENTICATION`. * */ @Export(name="transitEncryptionMode", refs={String.class}, tree="[0]") private Output transitEncryptionMode; /** - * @return Optional. The in-transit encryption for the Redis cluster. If not provided, encryption is disabled for the cluster. - * Default value: "TRANSIT_ENCRYPTION_MODE_DISABLED" Possible values: ["TRANSIT_ENCRYPTION_MODE_UNSPECIFIED", - * "TRANSIT_ENCRYPTION_MODE_DISABLED", "TRANSIT_ENCRYPTION_MODE_SERVER_AUTHENTICATION"] + * @return Optional. The in-transit encryption for the Redis cluster. + * If not provided, encryption is disabled for the cluster. + * Default value is `TRANSIT_ENCRYPTION_MODE_DISABLED`. + * Possible values are: `TRANSIT_ENCRYPTION_MODE_UNSPECIFIED`, `TRANSIT_ENCRYPTION_MODE_DISABLED`, `TRANSIT_ENCRYPTION_MODE_SERVER_AUTHENTICATION`. * */ public Output> transitEncryptionMode() { @@ -984,17 +1027,19 @@ public Output uid() { } /** * Immutable. Zone distribution config for Memorystore Redis cluster. + * Structure is documented below. * */ @Export(name="zoneDistributionConfig", refs={ClusterZoneDistributionConfig.class}, tree="[0]") - private Output zoneDistributionConfig; + private Output zoneDistributionConfig; /** * @return Immutable. Zone distribution config for Memorystore Redis cluster. + * Structure is documented below. * */ - public Output> zoneDistributionConfig() { - return Codegen.optional(this.zoneDistributionConfig); + public Output zoneDistributionConfig() { + return this.zoneDistributionConfig; } /** diff --git a/sdk/java/src/main/java/com/pulumi/gcp/redis/ClusterArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/redis/ClusterArgs.java index 71bb7ef987..0b34079cf8 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/redis/ClusterArgs.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/redis/ClusterArgs.java @@ -27,8 +27,8 @@ public final class ClusterArgs extends com.pulumi.resources.ResourceArgs { /** * Optional. The authorization mode of the Redis cluster. If not provided, auth feature is disabled for the cluster. - * Default value: "AUTH_MODE_DISABLED" Possible values: ["AUTH_MODE_UNSPECIFIED", "AUTH_MODE_IAM_AUTH", - * "AUTH_MODE_DISABLED"] + * Default value is `AUTH_MODE_DISABLED`. + * Possible values are: `AUTH_MODE_UNSPECIFIED`, `AUTH_MODE_IAM_AUTH`, `AUTH_MODE_DISABLED`. * */ @Import(name="authorizationMode") @@ -36,8 +36,8 @@ public final class ClusterArgs extends com.pulumi.resources.ResourceArgs { /** * @return Optional. The authorization mode of the Redis cluster. If not provided, auth feature is disabled for the cluster. - * Default value: "AUTH_MODE_DISABLED" Possible values: ["AUTH_MODE_UNSPECIFIED", "AUTH_MODE_IAM_AUTH", - * "AUTH_MODE_DISABLED"] + * Default value is `AUTH_MODE_DISABLED`. + * Possible values are: `AUTH_MODE_UNSPECIFIED`, `AUTH_MODE_IAM_AUTH`, `AUTH_MODE_DISABLED`. * */ public Optional> authorizationMode() { @@ -46,6 +46,7 @@ public Optional> authorizationMode() { /** * Cross cluster replication config + * Structure is documented below. * */ @Import(name="crossClusterReplicationConfig") @@ -53,6 +54,7 @@ public Optional> authorizationMode() { /** * @return Cross cluster replication config + * Structure is documented below. * */ public Optional> crossClusterReplicationConfig() { @@ -60,16 +62,18 @@ public Optional> crossClusterRe } /** - * Optional. Indicates if the cluster is deletion protected or not. If the value if set to true, any delete cluster - * operation will fail. Default value is true. + * Optional. Indicates if the cluster is deletion protected or not. + * If the value if set to true, any delete cluster operation will fail. + * Default value is true. * */ @Import(name="deletionProtectionEnabled") private @Nullable Output deletionProtectionEnabled; /** - * @return Optional. Indicates if the cluster is deletion protected or not. If the value if set to true, any delete cluster - * operation will fail. Default value is true. + * @return Optional. Indicates if the cluster is deletion protected or not. + * If the value if set to true, any delete cluster operation will fail. + * Default value is true. * */ public Optional> deletionProtectionEnabled() { @@ -78,6 +82,7 @@ public Optional> deletionProtectionEnabled() { /** * Maintenance policy for a cluster + * Structure is documented below. * */ @Import(name="maintenancePolicy") @@ -85,6 +90,7 @@ public Optional> deletionProtectionEnabled() { /** * @return Maintenance policy for a cluster + * Structure is documented below. * */ public Optional> maintenancePolicy() { @@ -95,6 +101,8 @@ public Optional> maintenancePolicy() { * Unique name of the resource in this scope including project and location using the form: * projects/{projectId}/locations/{locationId}/clusters/{clusterId} * + * *** + * */ @Import(name="name") private @Nullable Output name; @@ -103,22 +111,26 @@ public Optional> maintenancePolicy() { * @return Unique name of the resource in this scope including project and location using the form: * projects/{projectId}/locations/{locationId}/clusters/{clusterId} * + * *** + * */ public Optional> name() { return Optional.ofNullable(this.name); } /** - * The nodeType for the Redis cluster. If not provided, REDIS_HIGHMEM_MEDIUM will be used as default Possible values: - * ["REDIS_SHARED_CORE_NANO", "REDIS_HIGHMEM_MEDIUM", "REDIS_HIGHMEM_XLARGE", "REDIS_STANDARD_SMALL"] + * The nodeType for the Redis cluster. + * If not provided, REDIS_HIGHMEM_MEDIUM will be used as default + * Possible values are: `REDIS_SHARED_CORE_NANO`, `REDIS_HIGHMEM_MEDIUM`, `REDIS_HIGHMEM_XLARGE`, `REDIS_STANDARD_SMALL`. * */ @Import(name="nodeType") private @Nullable Output nodeType; /** - * @return The nodeType for the Redis cluster. If not provided, REDIS_HIGHMEM_MEDIUM will be used as default Possible values: - * ["REDIS_SHARED_CORE_NANO", "REDIS_HIGHMEM_MEDIUM", "REDIS_HIGHMEM_XLARGE", "REDIS_STANDARD_SMALL"] + * @return The nodeType for the Redis cluster. + * If not provided, REDIS_HIGHMEM_MEDIUM will be used as default + * Possible values are: `REDIS_SHARED_CORE_NANO`, `REDIS_HIGHMEM_MEDIUM`, `REDIS_HIGHMEM_XLARGE`, `REDIS_STANDARD_SMALL`. * */ public Optional> nodeType() { @@ -127,6 +139,7 @@ public Optional> nodeType() { /** * Persistence config (RDB, AOF) for the cluster. + * Structure is documented below. * */ @Import(name="persistenceConfig") @@ -134,15 +147,26 @@ public Optional> nodeType() { /** * @return Persistence config (RDB, AOF) for the cluster. + * Structure is documented below. * */ public Optional> persistenceConfig() { return Optional.ofNullable(this.persistenceConfig); } + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the provider project is used. + * + */ @Import(name="project") private @Nullable Output project; + /** + * @return The ID of the project in which the resource belongs. + * If it is not provided, the provider project is used. + * + */ public Optional> project() { return Optional.ofNullable(this.project); } @@ -154,8 +178,8 @@ public Optional> project() { * Structure is documented below. * */ - @Import(name="pscConfigs", required=true) - private Output> pscConfigs; + @Import(name="pscConfigs") + private @Nullable Output> pscConfigs; /** * @return Required. Each PscConfig configures the consumer network where two @@ -164,13 +188,13 @@ public Optional> project() { * Structure is documented below. * */ - public Output> pscConfigs() { - return this.pscConfigs; + public Optional>> pscConfigs() { + return Optional.ofNullable(this.pscConfigs); } /** - * Configure Redis Cluster behavior using a subset of native Redis configuration parameters. Please check Memorystore - * documentation for the list of supported parameters: + * Configure Redis Cluster behavior using a subset of native Redis configuration parameters. + * Please check Memorystore documentation for the list of supported parameters: * https://cloud.google.com/memorystore/docs/cluster/supported-instance-configurations * */ @@ -178,8 +202,8 @@ public Output> pscConfigs() { private @Nullable Output> redisConfigs; /** - * @return Configure Redis Cluster behavior using a subset of native Redis configuration parameters. Please check Memorystore - * documentation for the list of supported parameters: + * @return Configure Redis Cluster behavior using a subset of native Redis configuration parameters. + * Please check Memorystore documentation for the list of supported parameters: * https://cloud.google.com/memorystore/docs/cluster/supported-instance-configurations * */ @@ -233,18 +257,20 @@ public Output shardCount() { } /** - * Optional. The in-transit encryption for the Redis cluster. If not provided, encryption is disabled for the cluster. - * Default value: "TRANSIT_ENCRYPTION_MODE_DISABLED" Possible values: ["TRANSIT_ENCRYPTION_MODE_UNSPECIFIED", - * "TRANSIT_ENCRYPTION_MODE_DISABLED", "TRANSIT_ENCRYPTION_MODE_SERVER_AUTHENTICATION"] + * Optional. The in-transit encryption for the Redis cluster. + * If not provided, encryption is disabled for the cluster. + * Default value is `TRANSIT_ENCRYPTION_MODE_DISABLED`. + * Possible values are: `TRANSIT_ENCRYPTION_MODE_UNSPECIFIED`, `TRANSIT_ENCRYPTION_MODE_DISABLED`, `TRANSIT_ENCRYPTION_MODE_SERVER_AUTHENTICATION`. * */ @Import(name="transitEncryptionMode") private @Nullable Output transitEncryptionMode; /** - * @return Optional. The in-transit encryption for the Redis cluster. If not provided, encryption is disabled for the cluster. - * Default value: "TRANSIT_ENCRYPTION_MODE_DISABLED" Possible values: ["TRANSIT_ENCRYPTION_MODE_UNSPECIFIED", - * "TRANSIT_ENCRYPTION_MODE_DISABLED", "TRANSIT_ENCRYPTION_MODE_SERVER_AUTHENTICATION"] + * @return Optional. The in-transit encryption for the Redis cluster. + * If not provided, encryption is disabled for the cluster. + * Default value is `TRANSIT_ENCRYPTION_MODE_DISABLED`. + * Possible values are: `TRANSIT_ENCRYPTION_MODE_UNSPECIFIED`, `TRANSIT_ENCRYPTION_MODE_DISABLED`, `TRANSIT_ENCRYPTION_MODE_SERVER_AUTHENTICATION`. * */ public Optional> transitEncryptionMode() { @@ -253,6 +279,7 @@ public Optional> transitEncryptionMode() { /** * Immutable. Zone distribution config for Memorystore Redis cluster. + * Structure is documented below. * */ @Import(name="zoneDistributionConfig") @@ -260,6 +287,7 @@ public Optional> transitEncryptionMode() { /** * @return Immutable. Zone distribution config for Memorystore Redis cluster. + * Structure is documented below. * */ public Optional> zoneDistributionConfig() { @@ -306,8 +334,8 @@ public Builder(ClusterArgs defaults) { /** * @param authorizationMode Optional. The authorization mode of the Redis cluster. If not provided, auth feature is disabled for the cluster. - * Default value: "AUTH_MODE_DISABLED" Possible values: ["AUTH_MODE_UNSPECIFIED", "AUTH_MODE_IAM_AUTH", - * "AUTH_MODE_DISABLED"] + * Default value is `AUTH_MODE_DISABLED`. + * Possible values are: `AUTH_MODE_UNSPECIFIED`, `AUTH_MODE_IAM_AUTH`, `AUTH_MODE_DISABLED`. * * @return builder * @@ -319,8 +347,8 @@ public Builder authorizationMode(@Nullable Output authorizationMode) { /** * @param authorizationMode Optional. The authorization mode of the Redis cluster. If not provided, auth feature is disabled for the cluster. - * Default value: "AUTH_MODE_DISABLED" Possible values: ["AUTH_MODE_UNSPECIFIED", "AUTH_MODE_IAM_AUTH", - * "AUTH_MODE_DISABLED"] + * Default value is `AUTH_MODE_DISABLED`. + * Possible values are: `AUTH_MODE_UNSPECIFIED`, `AUTH_MODE_IAM_AUTH`, `AUTH_MODE_DISABLED`. * * @return builder * @@ -331,6 +359,7 @@ public Builder authorizationMode(String authorizationMode) { /** * @param crossClusterReplicationConfig Cross cluster replication config + * Structure is documented below. * * @return builder * @@ -342,6 +371,7 @@ public Builder crossClusterReplicationConfig(@Nullable Output deletionProte } /** - * @param deletionProtectionEnabled Optional. Indicates if the cluster is deletion protected or not. If the value if set to true, any delete cluster - * operation will fail. Default value is true. + * @param deletionProtectionEnabled Optional. Indicates if the cluster is deletion protected or not. + * If the value if set to true, any delete cluster operation will fail. + * Default value is true. * * @return builder * @@ -375,6 +407,7 @@ public Builder deletionProtectionEnabled(Boolean deletionProtectionEnabled) { /** * @param maintenancePolicy Maintenance policy for a cluster + * Structure is documented below. * * @return builder * @@ -386,6 +419,7 @@ public Builder maintenancePolicy(@Nullable Output /** * @param maintenancePolicy Maintenance policy for a cluster + * Structure is documented below. * * @return builder * @@ -398,6 +432,8 @@ public Builder maintenancePolicy(ClusterMaintenancePolicyArgs maintenancePolicy) * @param name Unique name of the resource in this scope including project and location using the form: * projects/{projectId}/locations/{locationId}/clusters/{clusterId} * + * *** + * * @return builder * */ @@ -410,6 +446,8 @@ public Builder name(@Nullable Output name) { * @param name Unique name of the resource in this scope including project and location using the form: * projects/{projectId}/locations/{locationId}/clusters/{clusterId} * + * *** + * * @return builder * */ @@ -418,8 +456,9 @@ public Builder name(String name) { } /** - * @param nodeType The nodeType for the Redis cluster. If not provided, REDIS_HIGHMEM_MEDIUM will be used as default Possible values: - * ["REDIS_SHARED_CORE_NANO", "REDIS_HIGHMEM_MEDIUM", "REDIS_HIGHMEM_XLARGE", "REDIS_STANDARD_SMALL"] + * @param nodeType The nodeType for the Redis cluster. + * If not provided, REDIS_HIGHMEM_MEDIUM will be used as default + * Possible values are: `REDIS_SHARED_CORE_NANO`, `REDIS_HIGHMEM_MEDIUM`, `REDIS_HIGHMEM_XLARGE`, `REDIS_STANDARD_SMALL`. * * @return builder * @@ -430,8 +469,9 @@ public Builder nodeType(@Nullable Output nodeType) { } /** - * @param nodeType The nodeType for the Redis cluster. If not provided, REDIS_HIGHMEM_MEDIUM will be used as default Possible values: - * ["REDIS_SHARED_CORE_NANO", "REDIS_HIGHMEM_MEDIUM", "REDIS_HIGHMEM_XLARGE", "REDIS_STANDARD_SMALL"] + * @param nodeType The nodeType for the Redis cluster. + * If not provided, REDIS_HIGHMEM_MEDIUM will be used as default + * Possible values are: `REDIS_SHARED_CORE_NANO`, `REDIS_HIGHMEM_MEDIUM`, `REDIS_HIGHMEM_XLARGE`, `REDIS_STANDARD_SMALL`. * * @return builder * @@ -442,6 +482,7 @@ public Builder nodeType(String nodeType) { /** * @param persistenceConfig Persistence config (RDB, AOF) for the cluster. + * Structure is documented below. * * @return builder * @@ -453,6 +494,7 @@ public Builder persistenceConfig(@Nullable Output /** * @param persistenceConfig Persistence config (RDB, AOF) for the cluster. + * Structure is documented below. * * @return builder * @@ -461,11 +503,25 @@ public Builder persistenceConfig(ClusterPersistenceConfigArgs persistenceConfig) return persistenceConfig(Output.of(persistenceConfig)); } + /** + * @param project The ID of the project in which the resource belongs. + * If it is not provided, the provider project is used. + * + * @return builder + * + */ public Builder project(@Nullable Output project) { $.project = project; return this; } + /** + * @param project The ID of the project in which the resource belongs. + * If it is not provided, the provider project is used. + * + * @return builder + * + */ public Builder project(String project) { return project(Output.of(project)); } @@ -479,7 +535,7 @@ public Builder project(String project) { * @return builder * */ - public Builder pscConfigs(Output> pscConfigs) { + public Builder pscConfigs(@Nullable Output> pscConfigs) { $.pscConfigs = pscConfigs; return this; } @@ -511,8 +567,8 @@ public Builder pscConfigs(ClusterPscConfigArgs... pscConfigs) { } /** - * @param redisConfigs Configure Redis Cluster behavior using a subset of native Redis configuration parameters. Please check Memorystore - * documentation for the list of supported parameters: + * @param redisConfigs Configure Redis Cluster behavior using a subset of native Redis configuration parameters. + * Please check Memorystore documentation for the list of supported parameters: * https://cloud.google.com/memorystore/docs/cluster/supported-instance-configurations * * @return builder @@ -524,8 +580,8 @@ public Builder redisConfigs(@Nullable Output> redisConfigs) { } /** - * @param redisConfigs Configure Redis Cluster behavior using a subset of native Redis configuration parameters. Please check Memorystore - * documentation for the list of supported parameters: + * @param redisConfigs Configure Redis Cluster behavior using a subset of native Redis configuration parameters. + * Please check Memorystore documentation for the list of supported parameters: * https://cloud.google.com/memorystore/docs/cluster/supported-instance-configurations * * @return builder @@ -599,9 +655,10 @@ public Builder shardCount(Integer shardCount) { } /** - * @param transitEncryptionMode Optional. The in-transit encryption for the Redis cluster. If not provided, encryption is disabled for the cluster. - * Default value: "TRANSIT_ENCRYPTION_MODE_DISABLED" Possible values: ["TRANSIT_ENCRYPTION_MODE_UNSPECIFIED", - * "TRANSIT_ENCRYPTION_MODE_DISABLED", "TRANSIT_ENCRYPTION_MODE_SERVER_AUTHENTICATION"] + * @param transitEncryptionMode Optional. The in-transit encryption for the Redis cluster. + * If not provided, encryption is disabled for the cluster. + * Default value is `TRANSIT_ENCRYPTION_MODE_DISABLED`. + * Possible values are: `TRANSIT_ENCRYPTION_MODE_UNSPECIFIED`, `TRANSIT_ENCRYPTION_MODE_DISABLED`, `TRANSIT_ENCRYPTION_MODE_SERVER_AUTHENTICATION`. * * @return builder * @@ -612,9 +669,10 @@ public Builder transitEncryptionMode(@Nullable Output transitEncryptionM } /** - * @param transitEncryptionMode Optional. The in-transit encryption for the Redis cluster. If not provided, encryption is disabled for the cluster. - * Default value: "TRANSIT_ENCRYPTION_MODE_DISABLED" Possible values: ["TRANSIT_ENCRYPTION_MODE_UNSPECIFIED", - * "TRANSIT_ENCRYPTION_MODE_DISABLED", "TRANSIT_ENCRYPTION_MODE_SERVER_AUTHENTICATION"] + * @param transitEncryptionMode Optional. The in-transit encryption for the Redis cluster. + * If not provided, encryption is disabled for the cluster. + * Default value is `TRANSIT_ENCRYPTION_MODE_DISABLED`. + * Possible values are: `TRANSIT_ENCRYPTION_MODE_UNSPECIFIED`, `TRANSIT_ENCRYPTION_MODE_DISABLED`, `TRANSIT_ENCRYPTION_MODE_SERVER_AUTHENTICATION`. * * @return builder * @@ -625,6 +683,7 @@ public Builder transitEncryptionMode(String transitEncryptionMode) { /** * @param zoneDistributionConfig Immutable. Zone distribution config for Memorystore Redis cluster. + * Structure is documented below. * * @return builder * @@ -636,6 +695,7 @@ public Builder zoneDistributionConfig(@Nullable Output + * {@code + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import com.pulumi.gcp.compute.Network; + * import com.pulumi.gcp.compute.NetworkArgs; + * import com.pulumi.gcp.compute.Subnetwork; + * import com.pulumi.gcp.compute.SubnetworkArgs; + * import com.pulumi.gcp.compute.Address; + * import com.pulumi.gcp.compute.AddressArgs; + * import com.pulumi.gcp.redis.Cluster; + * import com.pulumi.gcp.redis.ClusterArgs; + * import com.pulumi.gcp.compute.ForwardingRule; + * import com.pulumi.gcp.compute.ForwardingRuleArgs; + * import com.pulumi.gcp.organizations.OrganizationsFunctions; + * import com.pulumi.gcp.organizations.inputs.GetProjectArgs; + * import com.pulumi.gcp.redis.ClusterUserCreatedConnections; + * import com.pulumi.gcp.redis.ClusterUserCreatedConnectionsArgs; + * import com.pulumi.gcp.redis.inputs.ClusterUserCreatedConnectionsClusterEndpointArgs; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * var network1 = new Network("network1", NetworkArgs.builder() + * .name("net1") + * .autoCreateSubnetworks(false) + * .build()); + * + * var subnetNetwork1 = new Subnetwork("subnetNetwork1", SubnetworkArgs.builder() + * .name("subnet-net1") + * .ipCidrRange("10.0.0.248/29") + * .region("us-central1") + * .network(network1.id()) + * .build()); + * + * var ip1Network1 = new Address("ip1Network1", AddressArgs.builder() + * .name("ip1-net1") + * .region("us-central1") + * .subnetwork(subnetNetwork1.id()) + * .addressType("INTERNAL") + * .purpose("GCE_ENDPOINT") + * .build()); + * + * // redis cluster without endpoint + * var cluster_user_connCluster = new Cluster("cluster-user-connCluster", ClusterArgs.builder() + * .name("cluster-user-conn") + * .shardCount(3) + * .region("us-central1") + * .replicaCount(0) + * .deletionProtectionEnabled(false) + * .build()); + * + * var forwardingRule1Network1 = new ForwardingRule("forwardingRule1Network1", ForwardingRuleArgs.builder() + * .name("fwd1-net1") + * .region("us-central1") + * .ipAddress(ip1Network1.id()) + * .loadBalancingScheme("") + * .network(network1.id()) + * .target(cluster_user_connCluster.pscServiceAttachments().applyValue(pscServiceAttachments -> pscServiceAttachments[0].serviceAttachment())) + * .build()); + * + * var ip2Network1 = new Address("ip2Network1", AddressArgs.builder() + * .name("ip2-net1") + * .region("us-central1") + * .subnetwork(subnetNetwork1.id()) + * .addressType("INTERNAL") + * .purpose("GCE_ENDPOINT") + * .build()); + * + * var forwardingRule2Network1 = new ForwardingRule("forwardingRule2Network1", ForwardingRuleArgs.builder() + * .name("fwd2-net1") + * .region("us-central1") + * .ipAddress(ip2Network1.id()) + * .loadBalancingScheme("") + * .network(network1.id()) + * .target(cluster_user_connCluster.pscServiceAttachments().applyValue(pscServiceAttachments -> pscServiceAttachments[1].serviceAttachment())) + * .build()); + * + * var network2 = new Network("network2", NetworkArgs.builder() + * .name("network2") + * .autoCreateSubnetworks(false) + * .build()); + * + * var subnetNetwork2 = new Subnetwork("subnetNetwork2", SubnetworkArgs.builder() + * .name("subnet-net2") + * .ipCidrRange("10.0.0.248/29") + * .region("us-central1") + * .network(network2.id()) + * .build()); + * + * var ip1Network2 = new Address("ip1Network2", AddressArgs.builder() + * .name("ip1-net2") + * .region("us-central1") + * .subnetwork(subnetNetwork2.id()) + * .addressType("INTERNAL") + * .purpose("GCE_ENDPOINT") + * .build()); + * + * var forwardingRule1Network2 = new ForwardingRule("forwardingRule1Network2", ForwardingRuleArgs.builder() + * .name("fwd1-net2") + * .region("us-central1") + * .ipAddress(ip1Network2.id()) + * .loadBalancingScheme("") + * .network(network2.id()) + * .target(cluster_user_connCluster.pscServiceAttachments().applyValue(pscServiceAttachments -> pscServiceAttachments[0].serviceAttachment())) + * .build()); + * + * var ip2Network2 = new Address("ip2Network2", AddressArgs.builder() + * .name("ip2-net2") + * .region("us-central1") + * .subnetwork(subnetNetwork2.id()) + * .addressType("INTERNAL") + * .purpose("GCE_ENDPOINT") + * .build()); + * + * var forwardingRule2Network2 = new ForwardingRule("forwardingRule2Network2", ForwardingRuleArgs.builder() + * .name("fwd2-net2") + * .region("us-central1") + * .ipAddress(ip2Network2.id()) + * .loadBalancingScheme("") + * .network(network2.id()) + * .target(cluster_user_connCluster.pscServiceAttachments().applyValue(pscServiceAttachments -> pscServiceAttachments[1].serviceAttachment())) + * .build()); + * + * final var project = OrganizationsFunctions.getProject(); + * + * var cluster_user_conn = new ClusterUserCreatedConnections("cluster-user-conn", ClusterUserCreatedConnectionsArgs.builder() + * .name("cluster-user-conn") + * .region("us-central1") + * .clusterEndpoints( + * ClusterUserCreatedConnectionsClusterEndpointArgs.builder() + * .connections( + * ClusterUserCreatedConnectionsClusterEndpointConnectionArgs.builder() + * .pscConnection(ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionArgs.builder() + * .pscConnectionId(forwardingRule1Network1.pscConnectionId()) + * .address(ip1Network1.address()) + * .forwardingRule(forwardingRule1Network1.id()) + * .network(network1.id()) + * .projectId(project.applyValue(getProjectResult -> getProjectResult.projectId())) + * .serviceAttachment(cluster_user_connCluster.pscServiceAttachments().applyValue(pscServiceAttachments -> pscServiceAttachments[0].serviceAttachment())) + * .build()) + * .build(), + * ClusterUserCreatedConnectionsClusterEndpointConnectionArgs.builder() + * .pscConnection(ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionArgs.builder() + * .pscConnectionId(forwardingRule2Network1.pscConnectionId()) + * .address(ip2Network1.address()) + * .forwardingRule(forwardingRule2Network1.id()) + * .network(network1.id()) + * .serviceAttachment(cluster_user_connCluster.pscServiceAttachments().applyValue(pscServiceAttachments -> pscServiceAttachments[1].serviceAttachment())) + * .build()) + * .build()) + * .build(), + * ClusterUserCreatedConnectionsClusterEndpointArgs.builder() + * .connections( + * ClusterUserCreatedConnectionsClusterEndpointConnectionArgs.builder() + * .pscConnection(ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionArgs.builder() + * .pscConnectionId(forwardingRule1Network2.pscConnectionId()) + * .address(ip1Network2.address()) + * .forwardingRule(forwardingRule1Network2.id()) + * .network(network2.id()) + * .serviceAttachment(cluster_user_connCluster.pscServiceAttachments().applyValue(pscServiceAttachments -> pscServiceAttachments[0].serviceAttachment())) + * .build()) + * .build(), + * ClusterUserCreatedConnectionsClusterEndpointConnectionArgs.builder() + * .pscConnection(ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionArgs.builder() + * .pscConnectionId(forwardingRule2Network2.pscConnectionId()) + * .address(ip2Network2.address()) + * .forwardingRule(forwardingRule2Network2.id()) + * .network(network2.id()) + * .serviceAttachment(cluster_user_connCluster.pscServiceAttachments().applyValue(pscServiceAttachments -> pscServiceAttachments[1].serviceAttachment())) + * .build()) + * .build()) + * .build()) + * .build()); + * + * } + * } + * } + * + * <!--End PulumiCodeChooser --> + * ### Redis Cluster User And Auto Created Connections + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.compute.Network;
+ * import com.pulumi.gcp.compute.NetworkArgs;
+ * import com.pulumi.gcp.compute.Subnetwork;
+ * import com.pulumi.gcp.compute.SubnetworkArgs;
+ * import com.pulumi.gcp.compute.Address;
+ * import com.pulumi.gcp.compute.AddressArgs;
+ * import com.pulumi.gcp.networkconnectivity.ServiceConnectionPolicy;
+ * import com.pulumi.gcp.networkconnectivity.ServiceConnectionPolicyArgs;
+ * import com.pulumi.gcp.networkconnectivity.inputs.ServiceConnectionPolicyPscConfigArgs;
+ * import com.pulumi.gcp.redis.Cluster;
+ * import com.pulumi.gcp.redis.ClusterArgs;
+ * import com.pulumi.gcp.redis.inputs.ClusterPscConfigArgs;
+ * import com.pulumi.gcp.compute.ForwardingRule;
+ * import com.pulumi.gcp.compute.ForwardingRuleArgs;
+ * import com.pulumi.gcp.redis.ClusterUserCreatedConnections;
+ * import com.pulumi.gcp.redis.ClusterUserCreatedConnectionsArgs;
+ * import com.pulumi.gcp.redis.inputs.ClusterUserCreatedConnectionsClusterEndpointArgs;
+ * import com.pulumi.resources.CustomResourceOptions;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App {
+ *     public static void main(String[] args) {
+ *         Pulumi.run(App::stack);
+ *     }
+ * 
+ *     public static void stack(Context ctx) {
+ *         var network2 = new Network("network2", NetworkArgs.builder()
+ *             .name("network2")
+ *             .autoCreateSubnetworks(false)
+ *             .build());
+ * 
+ *         var subnetNetwork2 = new Subnetwork("subnetNetwork2", SubnetworkArgs.builder()
+ *             .name("subnet-net2")
+ *             .ipCidrRange("10.0.0.248/29")
+ *             .region("us-central1")
+ *             .network(network2.id())
+ *             .build());
+ * 
+ *         var ip1Network2 = new Address("ip1Network2", AddressArgs.builder()
+ *             .name("ip1-net2")
+ *             .region("us-central1")
+ *             .subnetwork(subnetNetwork2.id())
+ *             .addressType("INTERNAL")
+ *             .purpose("GCE_ENDPOINT")
+ *             .build());
+ * 
+ *         var network1 = new Network("network1", NetworkArgs.builder()
+ *             .name("net1")
+ *             .autoCreateSubnetworks(false)
+ *             .build());
+ * 
+ *         var subnetNetwork1 = new Subnetwork("subnetNetwork1", SubnetworkArgs.builder()
+ *             .name("subnet-net1")
+ *             .ipCidrRange("10.0.0.248/29")
+ *             .region("us-central1")
+ *             .network(network1.id())
+ *             .build());
+ * 
+ *         var default_ = new ServiceConnectionPolicy("default", ServiceConnectionPolicyArgs.builder()
+ *             .name("scpolicy")
+ *             .location("us-central1")
+ *             .serviceClass("gcp-memorystore-redis")
+ *             .description("my basic service connection policy")
+ *             .network(network1.id())
+ *             .pscConfig(ServiceConnectionPolicyPscConfigArgs.builder()
+ *                 .subnetworks(subnetNetwork1.id())
+ *                 .build())
+ *             .build());
+ * 
+ *         // redis cluster without endpoint
+ *         var cluster_user_auto_connCluster = new Cluster("cluster-user-auto-connCluster", ClusterArgs.builder()
+ *             .name("cluster-user-auto-conn")
+ *             .shardCount(3)
+ *             .region("us-central1")
+ *             .replicaCount(0)
+ *             .deletionProtectionEnabled(false)
+ *             .pscConfigs(ClusterPscConfigArgs.builder()
+ *                 .network(network1.id())
+ *                 .build())
+ *             .build(), CustomResourceOptions.builder()
+ *                 .dependsOn(default_)
+ *                 .build());
+ * 
+ *         var forwardingRule1Network2 = new ForwardingRule("forwardingRule1Network2", ForwardingRuleArgs.builder()
+ *             .name("fwd1-net2")
+ *             .region("us-central1")
+ *             .ipAddress(ip1Network2.id())
+ *             .loadBalancingScheme("")
+ *             .network(network2.id())
+ *             .target(cluster_user_auto_connCluster.pscServiceAttachments().applyValue(pscServiceAttachments -> pscServiceAttachments[0].serviceAttachment()))
+ *             .build());
+ * 
+ *         var ip2Network2 = new Address("ip2Network2", AddressArgs.builder()
+ *             .name("ip2-net2")
+ *             .region("us-central1")
+ *             .subnetwork(subnetNetwork2.id())
+ *             .addressType("INTERNAL")
+ *             .purpose("GCE_ENDPOINT")
+ *             .build());
+ * 
+ *         var forwardingRule2Network2 = new ForwardingRule("forwardingRule2Network2", ForwardingRuleArgs.builder()
+ *             .name("fwd2-net2")
+ *             .region("us-central1")
+ *             .ipAddress(ip2Network2.id())
+ *             .loadBalancingScheme("")
+ *             .network(network2.id())
+ *             .target(cluster_user_auto_connCluster.pscServiceAttachments().applyValue(pscServiceAttachments -> pscServiceAttachments[1].serviceAttachment()))
+ *             .build());
+ * 
+ *         var cluster_user_auto_conn = new ClusterUserCreatedConnections("cluster-user-auto-conn", ClusterUserCreatedConnectionsArgs.builder()
+ *             .name("cluster-user-auto-conn")
+ *             .region("us-central1")
+ *             .clusterEndpoints(ClusterUserCreatedConnectionsClusterEndpointArgs.builder()
+ *                 .connections(                
+ *                     ClusterUserCreatedConnectionsClusterEndpointConnectionArgs.builder()
+ *                         .pscConnection(ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionArgs.builder()
+ *                             .pscConnectionId(forwardingRule1Network2.pscConnectionId())
+ *                             .address(ip1Network2.address())
+ *                             .forwardingRule(forwardingRule1Network2.id())
+ *                             .network(network2.id())
+ *                             .serviceAttachment(cluster_user_auto_connCluster.pscServiceAttachments().applyValue(pscServiceAttachments -> pscServiceAttachments[0].serviceAttachment()))
+ *                             .build())
+ *                         .build(),
+ *                     ClusterUserCreatedConnectionsClusterEndpointConnectionArgs.builder()
+ *                         .pscConnection(ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionArgs.builder()
+ *                             .pscConnectionId(forwardingRule2Network2.pscConnectionId())
+ *                             .address(ip2Network2.address())
+ *                             .forwardingRule(forwardingRule2Network2.id())
+ *                             .network(network2.id())
+ *                             .serviceAttachment(cluster_user_auto_connCluster.pscServiceAttachments().applyValue(pscServiceAttachments -> pscServiceAttachments[1].serviceAttachment()))
+ *                             .build())
+ *                         .build())
+ *                 .build())
+ *             .build());
+ * 
+ *     }
+ * }
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * ## Import + * + * ClusterUserCreatedConnections can be imported using any of these accepted formats: + * + * * `projects/{{project}}/locations/{{region}}/clusters/{{name}}` + * + * * `{{project}}/{{region}}/{{name}}` + * + * * `{{region}}/{{name}}` + * + * * `{{name}}` + * + * When using the `pulumi import` command, ClusterUserCreatedConnections can be imported using one of the formats above. For example: + * + * ```sh + * $ pulumi import gcp:redis/clusterUserCreatedConnections:ClusterUserCreatedConnections default projects/{{project}}/locations/{{region}}/clusters/{{name}} + * ``` + * + * ```sh + * $ pulumi import gcp:redis/clusterUserCreatedConnections:ClusterUserCreatedConnections default {{project}}/{{region}}/{{name}} + * ``` + * + * ```sh + * $ pulumi import gcp:redis/clusterUserCreatedConnections:ClusterUserCreatedConnections default {{region}}/{{name}} + * ``` + * + * ```sh + * $ pulumi import gcp:redis/clusterUserCreatedConnections:ClusterUserCreatedConnections default {{name}} + * ``` + * + */ +@ResourceType(type="gcp:redis/clusterUserCreatedConnections:ClusterUserCreatedConnections") +public class ClusterUserCreatedConnections extends com.pulumi.resources.CustomResource { + /** + * A list of cluster endpoints + * Structure is documented below. + * + */ + @Export(name="clusterEndpoints", refs={List.class,ClusterUserCreatedConnectionsClusterEndpoint.class}, tree="[0,1]") + private Output> clusterEndpoints; + + /** + * @return A list of cluster endpoints + * Structure is documented below. + * + */ + public Output>> clusterEndpoints() { + return Codegen.optional(this.clusterEndpoints); + } + /** + * The name of the Redis cluster these endpoints should be added to. + * + */ + @Export(name="name", refs={String.class}, tree="[0]") + private Output name; + + /** + * @return The name of the Redis cluster these endpoints should be added to. + * + */ + public Output name() { + return this.name; + } + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the provider project is used. + * + */ + @Export(name="project", refs={String.class}, tree="[0]") + private Output project; + + /** + * @return The ID of the project in which the resource belongs. + * If it is not provided, the provider project is used. + * + */ + public Output project() { + return this.project; + } + /** + * The name of the region of the Redis cluster these endpoints should be added to. + * + * *** + * + */ + @Export(name="region", refs={String.class}, tree="[0]") + private Output region; + + /** + * @return The name of the region of the Redis cluster these endpoints should be added to. + * + * *** + * + */ + public Output region() { + return this.region; + } + + /** + * + * @param name The _unique_ name of the resulting resource. + */ + public ClusterUserCreatedConnections(java.lang.String name) { + this(name, ClusterUserCreatedConnectionsArgs.Empty); + } + /** + * + * @param name The _unique_ name of the resulting resource. + * @param args The arguments to use to populate this resource's properties. + */ + public ClusterUserCreatedConnections(java.lang.String name, ClusterUserCreatedConnectionsArgs args) { + this(name, args, null); + } + /** + * + * @param name The _unique_ name of the resulting resource. + * @param args The arguments to use to populate this resource's properties. + * @param options A bag of options that control this resource's behavior. + */ + public ClusterUserCreatedConnections(java.lang.String name, ClusterUserCreatedConnectionsArgs args, @Nullable com.pulumi.resources.CustomResourceOptions options) { + super("gcp:redis/clusterUserCreatedConnections:ClusterUserCreatedConnections", name, makeArgs(args, options), makeResourceOptions(options, Codegen.empty()), false); + } + + private ClusterUserCreatedConnections(java.lang.String name, Output id, @Nullable ClusterUserCreatedConnectionsState state, @Nullable com.pulumi.resources.CustomResourceOptions options) { + super("gcp:redis/clusterUserCreatedConnections:ClusterUserCreatedConnections", name, state, makeResourceOptions(options, id), false); + } + + private static ClusterUserCreatedConnectionsArgs makeArgs(ClusterUserCreatedConnectionsArgs args, @Nullable com.pulumi.resources.CustomResourceOptions options) { + if (options != null && options.getUrn().isPresent()) { + return null; + } + return args == null ? ClusterUserCreatedConnectionsArgs.Empty : args; + } + + private static com.pulumi.resources.CustomResourceOptions makeResourceOptions(@Nullable com.pulumi.resources.CustomResourceOptions options, @Nullable Output id) { + var defaultOptions = com.pulumi.resources.CustomResourceOptions.builder() + .version(Utilities.getVersion()) + .build(); + return com.pulumi.resources.CustomResourceOptions.merge(defaultOptions, options, id); + } + + /** + * Get an existing Host resource's state with the given name, ID, and optional extra + * properties used to qualify the lookup. + * + * @param name The _unique_ name of the resulting resource. + * @param id The _unique_ provider ID of the resource to lookup. + * @param state + * @param options Optional settings to control the behavior of the CustomResource. + */ + public static ClusterUserCreatedConnections get(java.lang.String name, Output id, @Nullable ClusterUserCreatedConnectionsState state, @Nullable com.pulumi.resources.CustomResourceOptions options) { + return new ClusterUserCreatedConnections(name, id, state, options); + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/redis/ClusterUserCreatedConnectionsArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/redis/ClusterUserCreatedConnectionsArgs.java new file mode 100644 index 0000000000..9a2fa4446d --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/redis/ClusterUserCreatedConnectionsArgs.java @@ -0,0 +1,227 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.redis; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import com.pulumi.gcp.redis.inputs.ClusterUserCreatedConnectionsClusterEndpointArgs; +import java.lang.String; +import java.util.List; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class ClusterUserCreatedConnectionsArgs extends com.pulumi.resources.ResourceArgs { + + public static final ClusterUserCreatedConnectionsArgs Empty = new ClusterUserCreatedConnectionsArgs(); + + /** + * A list of cluster endpoints + * Structure is documented below. + * + */ + @Import(name="clusterEndpoints") + private @Nullable Output> clusterEndpoints; + + /** + * @return A list of cluster endpoints + * Structure is documented below. + * + */ + public Optional>> clusterEndpoints() { + return Optional.ofNullable(this.clusterEndpoints); + } + + /** + * The name of the Redis cluster these endpoints should be added to. + * + */ + @Import(name="name") + private @Nullable Output name; + + /** + * @return The name of the Redis cluster these endpoints should be added to. + * + */ + public Optional> name() { + return Optional.ofNullable(this.name); + } + + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the provider project is used. + * + */ + @Import(name="project") + private @Nullable Output project; + + /** + * @return The ID of the project in which the resource belongs. + * If it is not provided, the provider project is used. + * + */ + public Optional> project() { + return Optional.ofNullable(this.project); + } + + /** + * The name of the region of the Redis cluster these endpoints should be added to. + * + * *** + * + */ + @Import(name="region", required=true) + private Output region; + + /** + * @return The name of the region of the Redis cluster these endpoints should be added to. + * + * *** + * + */ + public Output region() { + return this.region; + } + + private ClusterUserCreatedConnectionsArgs() {} + + private ClusterUserCreatedConnectionsArgs(ClusterUserCreatedConnectionsArgs $) { + this.clusterEndpoints = $.clusterEndpoints; + this.name = $.name; + this.project = $.project; + this.region = $.region; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(ClusterUserCreatedConnectionsArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private ClusterUserCreatedConnectionsArgs $; + + public Builder() { + $ = new ClusterUserCreatedConnectionsArgs(); + } + + public Builder(ClusterUserCreatedConnectionsArgs defaults) { + $ = new ClusterUserCreatedConnectionsArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param clusterEndpoints A list of cluster endpoints + * Structure is documented below. + * + * @return builder + * + */ + public Builder clusterEndpoints(@Nullable Output> clusterEndpoints) { + $.clusterEndpoints = clusterEndpoints; + return this; + } + + /** + * @param clusterEndpoints A list of cluster endpoints + * Structure is documented below. + * + * @return builder + * + */ + public Builder clusterEndpoints(List clusterEndpoints) { + return clusterEndpoints(Output.of(clusterEndpoints)); + } + + /** + * @param clusterEndpoints A list of cluster endpoints + * Structure is documented below. + * + * @return builder + * + */ + public Builder clusterEndpoints(ClusterUserCreatedConnectionsClusterEndpointArgs... clusterEndpoints) { + return clusterEndpoints(List.of(clusterEndpoints)); + } + + /** + * @param name The name of the Redis cluster these endpoints should be added to. + * + * @return builder + * + */ + public Builder name(@Nullable Output name) { + $.name = name; + return this; + } + + /** + * @param name The name of the Redis cluster these endpoints should be added to. + * + * @return builder + * + */ + public Builder name(String name) { + return name(Output.of(name)); + } + + /** + * @param project The ID of the project in which the resource belongs. + * If it is not provided, the provider project is used. + * + * @return builder + * + */ + public Builder project(@Nullable Output project) { + $.project = project; + return this; + } + + /** + * @param project The ID of the project in which the resource belongs. + * If it is not provided, the provider project is used. + * + * @return builder + * + */ + public Builder project(String project) { + return project(Output.of(project)); + } + + /** + * @param region The name of the region of the Redis cluster these endpoints should be added to. + * + * *** + * + * @return builder + * + */ + public Builder region(Output region) { + $.region = region; + return this; + } + + /** + * @param region The name of the region of the Redis cluster these endpoints should be added to. + * + * *** + * + * @return builder + * + */ + public Builder region(String region) { + return region(Output.of(region)); + } + + public ClusterUserCreatedConnectionsArgs build() { + if ($.region == null) { + throw new MissingRequiredPropertyException("ClusterUserCreatedConnectionsArgs", "region"); + } + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/redis/inputs/ClusterPscConfigArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/redis/inputs/ClusterPscConfigArgs.java index f01bfdc47f..1f93d6495f 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/redis/inputs/ClusterPscConfigArgs.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/redis/inputs/ClusterPscConfigArgs.java @@ -19,8 +19,6 @@ public final class ClusterPscConfigArgs extends com.pulumi.resources.ResourceArg * the discovery endpoint will be reserved, in the form of * projects/{network_project_id_or_number}/global/networks/{network_id}. * - * *** - * */ @Import(name="network", required=true) private Output network; @@ -30,8 +28,6 @@ public final class ClusterPscConfigArgs extends com.pulumi.resources.ResourceArg * the discovery endpoint will be reserved, in the form of * projects/{network_project_id_or_number}/global/networks/{network_id}. * - * *** - * */ public Output network() { return this.network; @@ -66,8 +62,6 @@ public Builder(ClusterPscConfigArgs defaults) { * the discovery endpoint will be reserved, in the form of * projects/{network_project_id_or_number}/global/networks/{network_id}. * - * *** - * * @return builder * */ @@ -81,8 +75,6 @@ public Builder network(Output network) { * the discovery endpoint will be reserved, in the form of * projects/{network_project_id_or_number}/global/networks/{network_id}. * - * *** - * * @return builder * */ diff --git a/sdk/java/src/main/java/com/pulumi/gcp/redis/inputs/ClusterPscServiceAttachmentArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/redis/inputs/ClusterPscServiceAttachmentArgs.java new file mode 100644 index 0000000000..406744a797 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/redis/inputs/ClusterPscServiceAttachmentArgs.java @@ -0,0 +1,128 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.redis.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class ClusterPscServiceAttachmentArgs extends com.pulumi.resources.ResourceArgs { + + public static final ClusterPscServiceAttachmentArgs Empty = new ClusterPscServiceAttachmentArgs(); + + /** + * (Output) + * Type of a PSC connection targeting this service attachment. + * + */ + @Import(name="connectionType") + private @Nullable Output connectionType; + + /** + * @return (Output) + * Type of a PSC connection targeting this service attachment. + * + */ + public Optional> connectionType() { + return Optional.ofNullable(this.connectionType); + } + + /** + * (Output) + * Service attachment URI which your self-created PscConnection should use as + * + */ + @Import(name="serviceAttachment") + private @Nullable Output serviceAttachment; + + /** + * @return (Output) + * Service attachment URI which your self-created PscConnection should use as + * + */ + public Optional> serviceAttachment() { + return Optional.ofNullable(this.serviceAttachment); + } + + private ClusterPscServiceAttachmentArgs() {} + + private ClusterPscServiceAttachmentArgs(ClusterPscServiceAttachmentArgs $) { + this.connectionType = $.connectionType; + this.serviceAttachment = $.serviceAttachment; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(ClusterPscServiceAttachmentArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private ClusterPscServiceAttachmentArgs $; + + public Builder() { + $ = new ClusterPscServiceAttachmentArgs(); + } + + public Builder(ClusterPscServiceAttachmentArgs defaults) { + $ = new ClusterPscServiceAttachmentArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param connectionType (Output) + * Type of a PSC connection targeting this service attachment. + * + * @return builder + * + */ + public Builder connectionType(@Nullable Output connectionType) { + $.connectionType = connectionType; + return this; + } + + /** + * @param connectionType (Output) + * Type of a PSC connection targeting this service attachment. + * + * @return builder + * + */ + public Builder connectionType(String connectionType) { + return connectionType(Output.of(connectionType)); + } + + /** + * @param serviceAttachment (Output) + * Service attachment URI which your self-created PscConnection should use as + * + * @return builder + * + */ + public Builder serviceAttachment(@Nullable Output serviceAttachment) { + $.serviceAttachment = serviceAttachment; + return this; + } + + /** + * @param serviceAttachment (Output) + * Service attachment URI which your self-created PscConnection should use as + * + * @return builder + * + */ + public Builder serviceAttachment(String serviceAttachment) { + return serviceAttachment(Output.of(serviceAttachment)); + } + + public ClusterPscServiceAttachmentArgs build() { + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/redis/inputs/ClusterState.java b/sdk/java/src/main/java/com/pulumi/gcp/redis/inputs/ClusterState.java index 8f0c87ec39..88f15c1380 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/redis/inputs/ClusterState.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/redis/inputs/ClusterState.java @@ -12,6 +12,7 @@ import com.pulumi.gcp.redis.inputs.ClusterPersistenceConfigArgs; import com.pulumi.gcp.redis.inputs.ClusterPscConfigArgs; import com.pulumi.gcp.redis.inputs.ClusterPscConnectionArgs; +import com.pulumi.gcp.redis.inputs.ClusterPscServiceAttachmentArgs; import com.pulumi.gcp.redis.inputs.ClusterStateInfoArgs; import com.pulumi.gcp.redis.inputs.ClusterZoneDistributionConfigArgs; import java.lang.Boolean; @@ -31,8 +32,8 @@ public final class ClusterState extends com.pulumi.resources.ResourceArgs { /** * Optional. The authorization mode of the Redis cluster. If not provided, auth feature is disabled for the cluster. - * Default value: "AUTH_MODE_DISABLED" Possible values: ["AUTH_MODE_UNSPECIFIED", "AUTH_MODE_IAM_AUTH", - * "AUTH_MODE_DISABLED"] + * Default value is `AUTH_MODE_DISABLED`. + * Possible values are: `AUTH_MODE_UNSPECIFIED`, `AUTH_MODE_IAM_AUTH`, `AUTH_MODE_DISABLED`. * */ @Import(name="authorizationMode") @@ -40,8 +41,8 @@ public final class ClusterState extends com.pulumi.resources.ResourceArgs { /** * @return Optional. The authorization mode of the Redis cluster. If not provided, auth feature is disabled for the cluster. - * Default value: "AUTH_MODE_DISABLED" Possible values: ["AUTH_MODE_UNSPECIFIED", "AUTH_MODE_IAM_AUTH", - * "AUTH_MODE_DISABLED"] + * Default value is `AUTH_MODE_DISABLED`. + * Possible values are: `AUTH_MODE_UNSPECIFIED`, `AUTH_MODE_IAM_AUTH`, `AUTH_MODE_DISABLED`. * */ public Optional> authorizationMode() { @@ -69,6 +70,7 @@ public Optional> createTime() { /** * Cross cluster replication config + * Structure is documented below. * */ @Import(name="crossClusterReplicationConfig") @@ -76,6 +78,7 @@ public Optional> createTime() { /** * @return Cross cluster replication config + * Structure is documented below. * */ public Optional> crossClusterReplicationConfig() { @@ -83,16 +86,18 @@ public Optional> crossClusterRe } /** - * Optional. Indicates if the cluster is deletion protected or not. If the value if set to true, any delete cluster - * operation will fail. Default value is true. + * Optional. Indicates if the cluster is deletion protected or not. + * If the value if set to true, any delete cluster operation will fail. + * Default value is true. * */ @Import(name="deletionProtectionEnabled") private @Nullable Output deletionProtectionEnabled; /** - * @return Optional. Indicates if the cluster is deletion protected or not. If the value if set to true, any delete cluster - * operation will fail. Default value is true. + * @return Optional. Indicates if the cluster is deletion protected or not. + * If the value if set to true, any delete cluster operation will fail. + * Default value is true. * */ public Optional> deletionProtectionEnabled() { @@ -122,6 +127,7 @@ public Optional>> discoveryEndpoints() /** * Maintenance policy for a cluster + * Structure is documented below. * */ @Import(name="maintenancePolicy") @@ -129,6 +135,7 @@ public Optional>> discoveryEndpoints() /** * @return Maintenance policy for a cluster + * Structure is documented below. * */ public Optional> maintenancePolicy() { @@ -156,6 +163,8 @@ public Optional>> maintenanceSchedul * Unique name of the resource in this scope including project and location using the form: * projects/{projectId}/locations/{locationId}/clusters/{clusterId} * + * *** + * */ @Import(name="name") private @Nullable Output name; @@ -164,22 +173,26 @@ public Optional>> maintenanceSchedul * @return Unique name of the resource in this scope including project and location using the form: * projects/{projectId}/locations/{locationId}/clusters/{clusterId} * + * *** + * */ public Optional> name() { return Optional.ofNullable(this.name); } /** - * The nodeType for the Redis cluster. If not provided, REDIS_HIGHMEM_MEDIUM will be used as default Possible values: - * ["REDIS_SHARED_CORE_NANO", "REDIS_HIGHMEM_MEDIUM", "REDIS_HIGHMEM_XLARGE", "REDIS_STANDARD_SMALL"] + * The nodeType for the Redis cluster. + * If not provided, REDIS_HIGHMEM_MEDIUM will be used as default + * Possible values are: `REDIS_SHARED_CORE_NANO`, `REDIS_HIGHMEM_MEDIUM`, `REDIS_HIGHMEM_XLARGE`, `REDIS_STANDARD_SMALL`. * */ @Import(name="nodeType") private @Nullable Output nodeType; /** - * @return The nodeType for the Redis cluster. If not provided, REDIS_HIGHMEM_MEDIUM will be used as default Possible values: - * ["REDIS_SHARED_CORE_NANO", "REDIS_HIGHMEM_MEDIUM", "REDIS_HIGHMEM_XLARGE", "REDIS_STANDARD_SMALL"] + * @return The nodeType for the Redis cluster. + * If not provided, REDIS_HIGHMEM_MEDIUM will be used as default + * Possible values are: `REDIS_SHARED_CORE_NANO`, `REDIS_HIGHMEM_MEDIUM`, `REDIS_HIGHMEM_XLARGE`, `REDIS_STANDARD_SMALL`. * */ public Optional> nodeType() { @@ -188,6 +201,7 @@ public Optional> nodeType() { /** * Persistence config (RDB, AOF) for the cluster. + * Structure is documented below. * */ @Import(name="persistenceConfig") @@ -195,6 +209,7 @@ public Optional> nodeType() { /** * @return Persistence config (RDB, AOF) for the cluster. + * Structure is documented below. * */ public Optional> persistenceConfig() { @@ -216,9 +231,19 @@ public Optional> preciseSizeGb() { return Optional.ofNullable(this.preciseSizeGb); } + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the provider project is used. + * + */ @Import(name="project") private @Nullable Output project; + /** + * @return The ID of the project in which the resource belongs. + * If it is not provided, the provider project is used. + * + */ public Optional> project() { return Optional.ofNullable(this.project); } @@ -262,8 +287,25 @@ public Optional>> pscConnections() { } /** - * Configure Redis Cluster behavior using a subset of native Redis configuration parameters. Please check Memorystore - * documentation for the list of supported parameters: + * Service attachment details to configure Psc connections. + * Structure is documented below. + * + */ + @Import(name="pscServiceAttachments") + private @Nullable Output> pscServiceAttachments; + + /** + * @return Service attachment details to configure Psc connections. + * Structure is documented below. + * + */ + public Optional>> pscServiceAttachments() { + return Optional.ofNullable(this.pscServiceAttachments); + } + + /** + * Configure Redis Cluster behavior using a subset of native Redis configuration parameters. + * Please check Memorystore documentation for the list of supported parameters: * https://cloud.google.com/memorystore/docs/cluster/supported-instance-configurations * */ @@ -271,8 +313,8 @@ public Optional>> pscConnections() { private @Nullable Output> redisConfigs; /** - * @return Configure Redis Cluster behavior using a subset of native Redis configuration parameters. Please check Memorystore - * documentation for the list of supported parameters: + * @return Configure Redis Cluster behavior using a subset of native Redis configuration parameters. + * Please check Memorystore documentation for the list of supported parameters: * https://cloud.google.com/memorystore/docs/cluster/supported-instance-configurations * */ @@ -373,18 +415,20 @@ public Optional>> stateInfos() { } /** - * Optional. The in-transit encryption for the Redis cluster. If not provided, encryption is disabled for the cluster. - * Default value: "TRANSIT_ENCRYPTION_MODE_DISABLED" Possible values: ["TRANSIT_ENCRYPTION_MODE_UNSPECIFIED", - * "TRANSIT_ENCRYPTION_MODE_DISABLED", "TRANSIT_ENCRYPTION_MODE_SERVER_AUTHENTICATION"] + * Optional. The in-transit encryption for the Redis cluster. + * If not provided, encryption is disabled for the cluster. + * Default value is `TRANSIT_ENCRYPTION_MODE_DISABLED`. + * Possible values are: `TRANSIT_ENCRYPTION_MODE_UNSPECIFIED`, `TRANSIT_ENCRYPTION_MODE_DISABLED`, `TRANSIT_ENCRYPTION_MODE_SERVER_AUTHENTICATION`. * */ @Import(name="transitEncryptionMode") private @Nullable Output transitEncryptionMode; /** - * @return Optional. The in-transit encryption for the Redis cluster. If not provided, encryption is disabled for the cluster. - * Default value: "TRANSIT_ENCRYPTION_MODE_DISABLED" Possible values: ["TRANSIT_ENCRYPTION_MODE_UNSPECIFIED", - * "TRANSIT_ENCRYPTION_MODE_DISABLED", "TRANSIT_ENCRYPTION_MODE_SERVER_AUTHENTICATION"] + * @return Optional. The in-transit encryption for the Redis cluster. + * If not provided, encryption is disabled for the cluster. + * Default value is `TRANSIT_ENCRYPTION_MODE_DISABLED`. + * Possible values are: `TRANSIT_ENCRYPTION_MODE_UNSPECIFIED`, `TRANSIT_ENCRYPTION_MODE_DISABLED`, `TRANSIT_ENCRYPTION_MODE_SERVER_AUTHENTICATION`. * */ public Optional> transitEncryptionMode() { @@ -408,6 +452,7 @@ public Optional> uid() { /** * Immutable. Zone distribution config for Memorystore Redis cluster. + * Structure is documented below. * */ @Import(name="zoneDistributionConfig") @@ -415,6 +460,7 @@ public Optional> uid() { /** * @return Immutable. Zone distribution config for Memorystore Redis cluster. + * Structure is documented below. * */ public Optional> zoneDistributionConfig() { @@ -438,6 +484,7 @@ private ClusterState(ClusterState $) { this.project = $.project; this.pscConfigs = $.pscConfigs; this.pscConnections = $.pscConnections; + this.pscServiceAttachments = $.pscServiceAttachments; this.redisConfigs = $.redisConfigs; this.region = $.region; this.replicaCount = $.replicaCount; @@ -470,8 +517,8 @@ public Builder(ClusterState defaults) { /** * @param authorizationMode Optional. The authorization mode of the Redis cluster. If not provided, auth feature is disabled for the cluster. - * Default value: "AUTH_MODE_DISABLED" Possible values: ["AUTH_MODE_UNSPECIFIED", "AUTH_MODE_IAM_AUTH", - * "AUTH_MODE_DISABLED"] + * Default value is `AUTH_MODE_DISABLED`. + * Possible values are: `AUTH_MODE_UNSPECIFIED`, `AUTH_MODE_IAM_AUTH`, `AUTH_MODE_DISABLED`. * * @return builder * @@ -483,8 +530,8 @@ public Builder authorizationMode(@Nullable Output authorizationMode) { /** * @param authorizationMode Optional. The authorization mode of the Redis cluster. If not provided, auth feature is disabled for the cluster. - * Default value: "AUTH_MODE_DISABLED" Possible values: ["AUTH_MODE_UNSPECIFIED", "AUTH_MODE_IAM_AUTH", - * "AUTH_MODE_DISABLED"] + * Default value is `AUTH_MODE_DISABLED`. + * Possible values are: `AUTH_MODE_UNSPECIFIED`, `AUTH_MODE_IAM_AUTH`, `AUTH_MODE_DISABLED`. * * @return builder * @@ -520,6 +567,7 @@ public Builder createTime(String createTime) { /** * @param crossClusterReplicationConfig Cross cluster replication config + * Structure is documented below. * * @return builder * @@ -531,6 +579,7 @@ public Builder crossClusterReplicationConfig(@Nullable Output deletionProte } /** - * @param deletionProtectionEnabled Optional. Indicates if the cluster is deletion protected or not. If the value if set to true, any delete cluster - * operation will fail. Default value is true. + * @param deletionProtectionEnabled Optional. Indicates if the cluster is deletion protected or not. + * If the value if set to true, any delete cluster operation will fail. + * Default value is true. * * @return builder * @@ -604,6 +655,7 @@ public Builder discoveryEndpoints(ClusterDiscoveryEndpointArgs... discoveryEndpo /** * @param maintenancePolicy Maintenance policy for a cluster + * Structure is documented below. * * @return builder * @@ -615,6 +667,7 @@ public Builder maintenancePolicy(@Nullable Output /** * @param maintenancePolicy Maintenance policy for a cluster + * Structure is documented below. * * @return builder * @@ -661,6 +714,8 @@ public Builder maintenanceSchedules(ClusterMaintenanceScheduleArgs... maintenanc * @param name Unique name of the resource in this scope including project and location using the form: * projects/{projectId}/locations/{locationId}/clusters/{clusterId} * + * *** + * * @return builder * */ @@ -673,6 +728,8 @@ public Builder name(@Nullable Output name) { * @param name Unique name of the resource in this scope including project and location using the form: * projects/{projectId}/locations/{locationId}/clusters/{clusterId} * + * *** + * * @return builder * */ @@ -681,8 +738,9 @@ public Builder name(String name) { } /** - * @param nodeType The nodeType for the Redis cluster. If not provided, REDIS_HIGHMEM_MEDIUM will be used as default Possible values: - * ["REDIS_SHARED_CORE_NANO", "REDIS_HIGHMEM_MEDIUM", "REDIS_HIGHMEM_XLARGE", "REDIS_STANDARD_SMALL"] + * @param nodeType The nodeType for the Redis cluster. + * If not provided, REDIS_HIGHMEM_MEDIUM will be used as default + * Possible values are: `REDIS_SHARED_CORE_NANO`, `REDIS_HIGHMEM_MEDIUM`, `REDIS_HIGHMEM_XLARGE`, `REDIS_STANDARD_SMALL`. * * @return builder * @@ -693,8 +751,9 @@ public Builder nodeType(@Nullable Output nodeType) { } /** - * @param nodeType The nodeType for the Redis cluster. If not provided, REDIS_HIGHMEM_MEDIUM will be used as default Possible values: - * ["REDIS_SHARED_CORE_NANO", "REDIS_HIGHMEM_MEDIUM", "REDIS_HIGHMEM_XLARGE", "REDIS_STANDARD_SMALL"] + * @param nodeType The nodeType for the Redis cluster. + * If not provided, REDIS_HIGHMEM_MEDIUM will be used as default + * Possible values are: `REDIS_SHARED_CORE_NANO`, `REDIS_HIGHMEM_MEDIUM`, `REDIS_HIGHMEM_XLARGE`, `REDIS_STANDARD_SMALL`. * * @return builder * @@ -705,6 +764,7 @@ public Builder nodeType(String nodeType) { /** * @param persistenceConfig Persistence config (RDB, AOF) for the cluster. + * Structure is documented below. * * @return builder * @@ -716,6 +776,7 @@ public Builder persistenceConfig(@Nullable Output /** * @param persistenceConfig Persistence config (RDB, AOF) for the cluster. + * Structure is documented below. * * @return builder * @@ -745,11 +806,25 @@ public Builder preciseSizeGb(Double preciseSizeGb) { return preciseSizeGb(Output.of(preciseSizeGb)); } + /** + * @param project The ID of the project in which the resource belongs. + * If it is not provided, the provider project is used. + * + * @return builder + * + */ public Builder project(@Nullable Output project) { $.project = project; return this; } + /** + * @param project The ID of the project in which the resource belongs. + * If it is not provided, the provider project is used. + * + * @return builder + * + */ public Builder project(String project) { return project(Output.of(project)); } @@ -829,8 +904,42 @@ public Builder pscConnections(ClusterPscConnectionArgs... pscConnections) { } /** - * @param redisConfigs Configure Redis Cluster behavior using a subset of native Redis configuration parameters. Please check Memorystore - * documentation for the list of supported parameters: + * @param pscServiceAttachments Service attachment details to configure Psc connections. + * Structure is documented below. + * + * @return builder + * + */ + public Builder pscServiceAttachments(@Nullable Output> pscServiceAttachments) { + $.pscServiceAttachments = pscServiceAttachments; + return this; + } + + /** + * @param pscServiceAttachments Service attachment details to configure Psc connections. + * Structure is documented below. + * + * @return builder + * + */ + public Builder pscServiceAttachments(List pscServiceAttachments) { + return pscServiceAttachments(Output.of(pscServiceAttachments)); + } + + /** + * @param pscServiceAttachments Service attachment details to configure Psc connections. + * Structure is documented below. + * + * @return builder + * + */ + public Builder pscServiceAttachments(ClusterPscServiceAttachmentArgs... pscServiceAttachments) { + return pscServiceAttachments(List.of(pscServiceAttachments)); + } + + /** + * @param redisConfigs Configure Redis Cluster behavior using a subset of native Redis configuration parameters. + * Please check Memorystore documentation for the list of supported parameters: * https://cloud.google.com/memorystore/docs/cluster/supported-instance-configurations * * @return builder @@ -842,8 +951,8 @@ public Builder redisConfigs(@Nullable Output> redisConfigs) { } /** - * @param redisConfigs Configure Redis Cluster behavior using a subset of native Redis configuration parameters. Please check Memorystore - * documentation for the list of supported parameters: + * @param redisConfigs Configure Redis Cluster behavior using a subset of native Redis configuration parameters. + * Please check Memorystore documentation for the list of supported parameters: * https://cloud.google.com/memorystore/docs/cluster/supported-instance-configurations * * @return builder @@ -993,9 +1102,10 @@ public Builder stateInfos(ClusterStateInfoArgs... stateInfos) { } /** - * @param transitEncryptionMode Optional. The in-transit encryption for the Redis cluster. If not provided, encryption is disabled for the cluster. - * Default value: "TRANSIT_ENCRYPTION_MODE_DISABLED" Possible values: ["TRANSIT_ENCRYPTION_MODE_UNSPECIFIED", - * "TRANSIT_ENCRYPTION_MODE_DISABLED", "TRANSIT_ENCRYPTION_MODE_SERVER_AUTHENTICATION"] + * @param transitEncryptionMode Optional. The in-transit encryption for the Redis cluster. + * If not provided, encryption is disabled for the cluster. + * Default value is `TRANSIT_ENCRYPTION_MODE_DISABLED`. + * Possible values are: `TRANSIT_ENCRYPTION_MODE_UNSPECIFIED`, `TRANSIT_ENCRYPTION_MODE_DISABLED`, `TRANSIT_ENCRYPTION_MODE_SERVER_AUTHENTICATION`. * * @return builder * @@ -1006,9 +1116,10 @@ public Builder transitEncryptionMode(@Nullable Output transitEncryptionM } /** - * @param transitEncryptionMode Optional. The in-transit encryption for the Redis cluster. If not provided, encryption is disabled for the cluster. - * Default value: "TRANSIT_ENCRYPTION_MODE_DISABLED" Possible values: ["TRANSIT_ENCRYPTION_MODE_UNSPECIFIED", - * "TRANSIT_ENCRYPTION_MODE_DISABLED", "TRANSIT_ENCRYPTION_MODE_SERVER_AUTHENTICATION"] + * @param transitEncryptionMode Optional. The in-transit encryption for the Redis cluster. + * If not provided, encryption is disabled for the cluster. + * Default value is `TRANSIT_ENCRYPTION_MODE_DISABLED`. + * Possible values are: `TRANSIT_ENCRYPTION_MODE_UNSPECIFIED`, `TRANSIT_ENCRYPTION_MODE_DISABLED`, `TRANSIT_ENCRYPTION_MODE_SERVER_AUTHENTICATION`. * * @return builder * @@ -1040,6 +1151,7 @@ public Builder uid(String uid) { /** * @param zoneDistributionConfig Immutable. Zone distribution config for Memorystore Redis cluster. + * Structure is documented below. * * @return builder * @@ -1051,6 +1163,7 @@ public Builder zoneDistributionConfig(@Nullable Output> connections; + + /** + * @return Structure is documented below. + * + */ + public Optional>> connections() { + return Optional.ofNullable(this.connections); + } + + private ClusterUserCreatedConnectionsClusterEndpointArgs() {} + + private ClusterUserCreatedConnectionsClusterEndpointArgs(ClusterUserCreatedConnectionsClusterEndpointArgs $) { + this.connections = $.connections; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(ClusterUserCreatedConnectionsClusterEndpointArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private ClusterUserCreatedConnectionsClusterEndpointArgs $; + + public Builder() { + $ = new ClusterUserCreatedConnectionsClusterEndpointArgs(); + } + + public Builder(ClusterUserCreatedConnectionsClusterEndpointArgs defaults) { + $ = new ClusterUserCreatedConnectionsClusterEndpointArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param connections Structure is documented below. + * + * @return builder + * + */ + public Builder connections(@Nullable Output> connections) { + $.connections = connections; + return this; + } + + /** + * @param connections Structure is documented below. + * + * @return builder + * + */ + public Builder connections(List connections) { + return connections(Output.of(connections)); + } + + /** + * @param connections Structure is documented below. + * + * @return builder + * + */ + public Builder connections(ClusterUserCreatedConnectionsClusterEndpointConnectionArgs... connections) { + return connections(List.of(connections)); + } + + public ClusterUserCreatedConnectionsClusterEndpointArgs build() { + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/redis/inputs/ClusterUserCreatedConnectionsClusterEndpointConnectionArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/redis/inputs/ClusterUserCreatedConnectionsClusterEndpointConnectionArgs.java new file mode 100644 index 0000000000..729d937315 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/redis/inputs/ClusterUserCreatedConnectionsClusterEndpointConnectionArgs.java @@ -0,0 +1,91 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.redis.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.gcp.redis.inputs.ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionArgs; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class ClusterUserCreatedConnectionsClusterEndpointConnectionArgs extends com.pulumi.resources.ResourceArgs { + + public static final ClusterUserCreatedConnectionsClusterEndpointConnectionArgs Empty = new ClusterUserCreatedConnectionsClusterEndpointConnectionArgs(); + + /** + * Detailed information of a PSC connection that is created by the customer + * who owns the cluster. + * Structure is documented below. + * + */ + @Import(name="pscConnection") + private @Nullable Output pscConnection; + + /** + * @return Detailed information of a PSC connection that is created by the customer + * who owns the cluster. + * Structure is documented below. + * + */ + public Optional> pscConnection() { + return Optional.ofNullable(this.pscConnection); + } + + private ClusterUserCreatedConnectionsClusterEndpointConnectionArgs() {} + + private ClusterUserCreatedConnectionsClusterEndpointConnectionArgs(ClusterUserCreatedConnectionsClusterEndpointConnectionArgs $) { + this.pscConnection = $.pscConnection; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(ClusterUserCreatedConnectionsClusterEndpointConnectionArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private ClusterUserCreatedConnectionsClusterEndpointConnectionArgs $; + + public Builder() { + $ = new ClusterUserCreatedConnectionsClusterEndpointConnectionArgs(); + } + + public Builder(ClusterUserCreatedConnectionsClusterEndpointConnectionArgs defaults) { + $ = new ClusterUserCreatedConnectionsClusterEndpointConnectionArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param pscConnection Detailed information of a PSC connection that is created by the customer + * who owns the cluster. + * Structure is documented below. + * + * @return builder + * + */ + public Builder pscConnection(@Nullable Output pscConnection) { + $.pscConnection = pscConnection; + return this; + } + + /** + * @param pscConnection Detailed information of a PSC connection that is created by the customer + * who owns the cluster. + * Structure is documented below. + * + * @return builder + * + */ + public Builder pscConnection(ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionArgs pscConnection) { + return pscConnection(Output.of(pscConnection)); + } + + public ClusterUserCreatedConnectionsClusterEndpointConnectionArgs build() { + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/redis/inputs/ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/redis/inputs/ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionArgs.java new file mode 100644 index 0000000000..34cc2d58be --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/redis/inputs/ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionArgs.java @@ -0,0 +1,410 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.redis.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionArgs extends com.pulumi.resources.ResourceArgs { + + public static final ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionArgs Empty = new ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionArgs(); + + /** + * The IP allocated on the consumer network for the PSC forwarding rule. + * + */ + @Import(name="address", required=true) + private Output address; + + /** + * @return The IP allocated on the consumer network for the PSC forwarding rule. + * + */ + public Output address() { + return this.address; + } + + /** + * (Output) + * Output Only. Type of a PSC Connection. + * Possible values: + * CONNECTION_TYPE_DISCOVERY + * CONNECTION_TYPE_PRIMARY + * CONNECTION_TYPE_READER + * + */ + @Import(name="connectionType") + private @Nullable Output connectionType; + + /** + * @return (Output) + * Output Only. Type of a PSC Connection. + * Possible values: + * CONNECTION_TYPE_DISCOVERY + * CONNECTION_TYPE_PRIMARY + * CONNECTION_TYPE_READER + * + */ + public Optional> connectionType() { + return Optional.ofNullable(this.connectionType); + } + + /** + * The URI of the consumer side forwarding rule. + * Format: + * projects/{project}/regions/{region}/forwardingRules/{forwarding_rule} + * + */ + @Import(name="forwardingRule", required=true) + private Output forwardingRule; + + /** + * @return The URI of the consumer side forwarding rule. + * Format: + * projects/{project}/regions/{region}/forwardingRules/{forwarding_rule} + * + */ + public Output forwardingRule() { + return this.forwardingRule; + } + + /** + * The consumer network where the IP address resides, in the form of + * projects/{project_id}/global/networks/{network_id}. + * + */ + @Import(name="network", required=true) + private Output network; + + /** + * @return The consumer network where the IP address resides, in the form of + * projects/{project_id}/global/networks/{network_id}. + * + */ + public Output network() { + return this.network; + } + + /** + * The consumer project_id where the forwarding rule is created from. + * + */ + @Import(name="projectId") + private @Nullable Output projectId; + + /** + * @return The consumer project_id where the forwarding rule is created from. + * + */ + public Optional> projectId() { + return Optional.ofNullable(this.projectId); + } + + /** + * The PSC connection id of the forwarding rule connected to the + * service attachment. + * + */ + @Import(name="pscConnectionId", required=true) + private Output pscConnectionId; + + /** + * @return The PSC connection id of the forwarding rule connected to the + * service attachment. + * + */ + public Output pscConnectionId() { + return this.pscConnectionId; + } + + /** + * (Output) + * Output Only. The status of the PSC connection: whether a connection exists and ACTIVE or it no longer exists. + * Possible values: + * ACTIVE + * NOT_FOUND + * + */ + @Import(name="pscConnectionStatus") + private @Nullable Output pscConnectionStatus; + + /** + * @return (Output) + * Output Only. The status of the PSC connection: whether a connection exists and ACTIVE or it no longer exists. + * Possible values: + * ACTIVE + * NOT_FOUND + * + */ + public Optional> pscConnectionStatus() { + return Optional.ofNullable(this.pscConnectionStatus); + } + + /** + * The service attachment which is the target of the PSC connection, in the form of projects/{project-id}/regions/{region}/serviceAttachments/{service-attachment-id}. + * + */ + @Import(name="serviceAttachment", required=true) + private Output serviceAttachment; + + /** + * @return The service attachment which is the target of the PSC connection, in the form of projects/{project-id}/regions/{region}/serviceAttachments/{service-attachment-id}. + * + */ + public Output serviceAttachment() { + return this.serviceAttachment; + } + + private ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionArgs() {} + + private ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionArgs(ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionArgs $) { + this.address = $.address; + this.connectionType = $.connectionType; + this.forwardingRule = $.forwardingRule; + this.network = $.network; + this.projectId = $.projectId; + this.pscConnectionId = $.pscConnectionId; + this.pscConnectionStatus = $.pscConnectionStatus; + this.serviceAttachment = $.serviceAttachment; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionArgs $; + + public Builder() { + $ = new ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionArgs(); + } + + public Builder(ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionArgs defaults) { + $ = new ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param address The IP allocated on the consumer network for the PSC forwarding rule. + * + * @return builder + * + */ + public Builder address(Output address) { + $.address = address; + return this; + } + + /** + * @param address The IP allocated on the consumer network for the PSC forwarding rule. + * + * @return builder + * + */ + public Builder address(String address) { + return address(Output.of(address)); + } + + /** + * @param connectionType (Output) + * Output Only. Type of a PSC Connection. + * Possible values: + * CONNECTION_TYPE_DISCOVERY + * CONNECTION_TYPE_PRIMARY + * CONNECTION_TYPE_READER + * + * @return builder + * + */ + public Builder connectionType(@Nullable Output connectionType) { + $.connectionType = connectionType; + return this; + } + + /** + * @param connectionType (Output) + * Output Only. Type of a PSC Connection. + * Possible values: + * CONNECTION_TYPE_DISCOVERY + * CONNECTION_TYPE_PRIMARY + * CONNECTION_TYPE_READER + * + * @return builder + * + */ + public Builder connectionType(String connectionType) { + return connectionType(Output.of(connectionType)); + } + + /** + * @param forwardingRule The URI of the consumer side forwarding rule. + * Format: + * projects/{project}/regions/{region}/forwardingRules/{forwarding_rule} + * + * @return builder + * + */ + public Builder forwardingRule(Output forwardingRule) { + $.forwardingRule = forwardingRule; + return this; + } + + /** + * @param forwardingRule The URI of the consumer side forwarding rule. + * Format: + * projects/{project}/regions/{region}/forwardingRules/{forwarding_rule} + * + * @return builder + * + */ + public Builder forwardingRule(String forwardingRule) { + return forwardingRule(Output.of(forwardingRule)); + } + + /** + * @param network The consumer network where the IP address resides, in the form of + * projects/{project_id}/global/networks/{network_id}. + * + * @return builder + * + */ + public Builder network(Output network) { + $.network = network; + return this; + } + + /** + * @param network The consumer network where the IP address resides, in the form of + * projects/{project_id}/global/networks/{network_id}. + * + * @return builder + * + */ + public Builder network(String network) { + return network(Output.of(network)); + } + + /** + * @param projectId The consumer project_id where the forwarding rule is created from. + * + * @return builder + * + */ + public Builder projectId(@Nullable Output projectId) { + $.projectId = projectId; + return this; + } + + /** + * @param projectId The consumer project_id where the forwarding rule is created from. + * + * @return builder + * + */ + public Builder projectId(String projectId) { + return projectId(Output.of(projectId)); + } + + /** + * @param pscConnectionId The PSC connection id of the forwarding rule connected to the + * service attachment. + * + * @return builder + * + */ + public Builder pscConnectionId(Output pscConnectionId) { + $.pscConnectionId = pscConnectionId; + return this; + } + + /** + * @param pscConnectionId The PSC connection id of the forwarding rule connected to the + * service attachment. + * + * @return builder + * + */ + public Builder pscConnectionId(String pscConnectionId) { + return pscConnectionId(Output.of(pscConnectionId)); + } + + /** + * @param pscConnectionStatus (Output) + * Output Only. The status of the PSC connection: whether a connection exists and ACTIVE or it no longer exists. + * Possible values: + * ACTIVE + * NOT_FOUND + * + * @return builder + * + */ + public Builder pscConnectionStatus(@Nullable Output pscConnectionStatus) { + $.pscConnectionStatus = pscConnectionStatus; + return this; + } + + /** + * @param pscConnectionStatus (Output) + * Output Only. The status of the PSC connection: whether a connection exists and ACTIVE or it no longer exists. + * Possible values: + * ACTIVE + * NOT_FOUND + * + * @return builder + * + */ + public Builder pscConnectionStatus(String pscConnectionStatus) { + return pscConnectionStatus(Output.of(pscConnectionStatus)); + } + + /** + * @param serviceAttachment The service attachment which is the target of the PSC connection, in the form of projects/{project-id}/regions/{region}/serviceAttachments/{service-attachment-id}. + * + * @return builder + * + */ + public Builder serviceAttachment(Output serviceAttachment) { + $.serviceAttachment = serviceAttachment; + return this; + } + + /** + * @param serviceAttachment The service attachment which is the target of the PSC connection, in the form of projects/{project-id}/regions/{region}/serviceAttachments/{service-attachment-id}. + * + * @return builder + * + */ + public Builder serviceAttachment(String serviceAttachment) { + return serviceAttachment(Output.of(serviceAttachment)); + } + + public ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionArgs build() { + if ($.address == null) { + throw new MissingRequiredPropertyException("ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionArgs", "address"); + } + if ($.forwardingRule == null) { + throw new MissingRequiredPropertyException("ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionArgs", "forwardingRule"); + } + if ($.network == null) { + throw new MissingRequiredPropertyException("ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionArgs", "network"); + } + if ($.pscConnectionId == null) { + throw new MissingRequiredPropertyException("ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionArgs", "pscConnectionId"); + } + if ($.serviceAttachment == null) { + throw new MissingRequiredPropertyException("ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionArgs", "serviceAttachment"); + } + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/redis/inputs/ClusterUserCreatedConnectionsState.java b/sdk/java/src/main/java/com/pulumi/gcp/redis/inputs/ClusterUserCreatedConnectionsState.java new file mode 100644 index 0000000000..2848c27ade --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/redis/inputs/ClusterUserCreatedConnectionsState.java @@ -0,0 +1,223 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.redis.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.gcp.redis.inputs.ClusterUserCreatedConnectionsClusterEndpointArgs; +import java.lang.String; +import java.util.List; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class ClusterUserCreatedConnectionsState extends com.pulumi.resources.ResourceArgs { + + public static final ClusterUserCreatedConnectionsState Empty = new ClusterUserCreatedConnectionsState(); + + /** + * A list of cluster endpoints + * Structure is documented below. + * + */ + @Import(name="clusterEndpoints") + private @Nullable Output> clusterEndpoints; + + /** + * @return A list of cluster endpoints + * Structure is documented below. + * + */ + public Optional>> clusterEndpoints() { + return Optional.ofNullable(this.clusterEndpoints); + } + + /** + * The name of the Redis cluster these endpoints should be added to. + * + */ + @Import(name="name") + private @Nullable Output name; + + /** + * @return The name of the Redis cluster these endpoints should be added to. + * + */ + public Optional> name() { + return Optional.ofNullable(this.name); + } + + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the provider project is used. + * + */ + @Import(name="project") + private @Nullable Output project; + + /** + * @return The ID of the project in which the resource belongs. + * If it is not provided, the provider project is used. + * + */ + public Optional> project() { + return Optional.ofNullable(this.project); + } + + /** + * The name of the region of the Redis cluster these endpoints should be added to. + * + * *** + * + */ + @Import(name="region") + private @Nullable Output region; + + /** + * @return The name of the region of the Redis cluster these endpoints should be added to. + * + * *** + * + */ + public Optional> region() { + return Optional.ofNullable(this.region); + } + + private ClusterUserCreatedConnectionsState() {} + + private ClusterUserCreatedConnectionsState(ClusterUserCreatedConnectionsState $) { + this.clusterEndpoints = $.clusterEndpoints; + this.name = $.name; + this.project = $.project; + this.region = $.region; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(ClusterUserCreatedConnectionsState defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private ClusterUserCreatedConnectionsState $; + + public Builder() { + $ = new ClusterUserCreatedConnectionsState(); + } + + public Builder(ClusterUserCreatedConnectionsState defaults) { + $ = new ClusterUserCreatedConnectionsState(Objects.requireNonNull(defaults)); + } + + /** + * @param clusterEndpoints A list of cluster endpoints + * Structure is documented below. + * + * @return builder + * + */ + public Builder clusterEndpoints(@Nullable Output> clusterEndpoints) { + $.clusterEndpoints = clusterEndpoints; + return this; + } + + /** + * @param clusterEndpoints A list of cluster endpoints + * Structure is documented below. + * + * @return builder + * + */ + public Builder clusterEndpoints(List clusterEndpoints) { + return clusterEndpoints(Output.of(clusterEndpoints)); + } + + /** + * @param clusterEndpoints A list of cluster endpoints + * Structure is documented below. + * + * @return builder + * + */ + public Builder clusterEndpoints(ClusterUserCreatedConnectionsClusterEndpointArgs... clusterEndpoints) { + return clusterEndpoints(List.of(clusterEndpoints)); + } + + /** + * @param name The name of the Redis cluster these endpoints should be added to. + * + * @return builder + * + */ + public Builder name(@Nullable Output name) { + $.name = name; + return this; + } + + /** + * @param name The name of the Redis cluster these endpoints should be added to. + * + * @return builder + * + */ + public Builder name(String name) { + return name(Output.of(name)); + } + + /** + * @param project The ID of the project in which the resource belongs. + * If it is not provided, the provider project is used. + * + * @return builder + * + */ + public Builder project(@Nullable Output project) { + $.project = project; + return this; + } + + /** + * @param project The ID of the project in which the resource belongs. + * If it is not provided, the provider project is used. + * + * @return builder + * + */ + public Builder project(String project) { + return project(Output.of(project)); + } + + /** + * @param region The name of the region of the Redis cluster these endpoints should be added to. + * + * *** + * + * @return builder + * + */ + public Builder region(@Nullable Output region) { + $.region = region; + return this; + } + + /** + * @param region The name of the region of the Redis cluster these endpoints should be added to. + * + * *** + * + * @return builder + * + */ + public Builder region(String region) { + return region(Output.of(region)); + } + + public ClusterUserCreatedConnectionsState build() { + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/redis/outputs/ClusterPscConfig.java b/sdk/java/src/main/java/com/pulumi/gcp/redis/outputs/ClusterPscConfig.java index 9aa00d118c..2e185be7d6 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/redis/outputs/ClusterPscConfig.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/redis/outputs/ClusterPscConfig.java @@ -15,8 +15,6 @@ public final class ClusterPscConfig { * the discovery endpoint will be reserved, in the form of * projects/{network_project_id_or_number}/global/networks/{network_id}. * - * *** - * */ private String network; @@ -26,8 +24,6 @@ private ClusterPscConfig() {} * the discovery endpoint will be reserved, in the form of * projects/{network_project_id_or_number}/global/networks/{network_id}. * - * *** - * */ public String network() { return this.network; diff --git a/sdk/java/src/main/java/com/pulumi/gcp/redis/outputs/ClusterPscServiceAttachment.java b/sdk/java/src/main/java/com/pulumi/gcp/redis/outputs/ClusterPscServiceAttachment.java new file mode 100644 index 0000000000..d5300de314 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/redis/outputs/ClusterPscServiceAttachment.java @@ -0,0 +1,82 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.redis.outputs; + +import com.pulumi.core.annotations.CustomType; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + +@CustomType +public final class ClusterPscServiceAttachment { + /** + * @return (Output) + * Type of a PSC connection targeting this service attachment. + * + */ + private @Nullable String connectionType; + /** + * @return (Output) + * Service attachment URI which your self-created PscConnection should use as + * + */ + private @Nullable String serviceAttachment; + + private ClusterPscServiceAttachment() {} + /** + * @return (Output) + * Type of a PSC connection targeting this service attachment. + * + */ + public Optional connectionType() { + return Optional.ofNullable(this.connectionType); + } + /** + * @return (Output) + * Service attachment URI which your self-created PscConnection should use as + * + */ + public Optional serviceAttachment() { + return Optional.ofNullable(this.serviceAttachment); + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(ClusterPscServiceAttachment defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private @Nullable String connectionType; + private @Nullable String serviceAttachment; + public Builder() {} + public Builder(ClusterPscServiceAttachment defaults) { + Objects.requireNonNull(defaults); + this.connectionType = defaults.connectionType; + this.serviceAttachment = defaults.serviceAttachment; + } + + @CustomType.Setter + public Builder connectionType(@Nullable String connectionType) { + + this.connectionType = connectionType; + return this; + } + @CustomType.Setter + public Builder serviceAttachment(@Nullable String serviceAttachment) { + + this.serviceAttachment = serviceAttachment; + return this; + } + public ClusterPscServiceAttachment build() { + final var _resultValue = new ClusterPscServiceAttachment(); + _resultValue.connectionType = connectionType; + _resultValue.serviceAttachment = serviceAttachment; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/redis/outputs/ClusterUserCreatedConnectionsClusterEndpoint.java b/sdk/java/src/main/java/com/pulumi/gcp/redis/outputs/ClusterUserCreatedConnectionsClusterEndpoint.java new file mode 100644 index 0000000000..687d4da8c8 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/redis/outputs/ClusterUserCreatedConnectionsClusterEndpoint.java @@ -0,0 +1,60 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.redis.outputs; + +import com.pulumi.core.annotations.CustomType; +import com.pulumi.gcp.redis.outputs.ClusterUserCreatedConnectionsClusterEndpointConnection; +import java.util.List; +import java.util.Objects; +import javax.annotation.Nullable; + +@CustomType +public final class ClusterUserCreatedConnectionsClusterEndpoint { + /** + * @return Structure is documented below. + * + */ + private @Nullable List connections; + + private ClusterUserCreatedConnectionsClusterEndpoint() {} + /** + * @return Structure is documented below. + * + */ + public List connections() { + return this.connections == null ? List.of() : this.connections; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(ClusterUserCreatedConnectionsClusterEndpoint defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private @Nullable List connections; + public Builder() {} + public Builder(ClusterUserCreatedConnectionsClusterEndpoint defaults) { + Objects.requireNonNull(defaults); + this.connections = defaults.connections; + } + + @CustomType.Setter + public Builder connections(@Nullable List connections) { + + this.connections = connections; + return this; + } + public Builder connections(ClusterUserCreatedConnectionsClusterEndpointConnection... connections) { + return connections(List.of(connections)); + } + public ClusterUserCreatedConnectionsClusterEndpoint build() { + final var _resultValue = new ClusterUserCreatedConnectionsClusterEndpoint(); + _resultValue.connections = connections; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/redis/outputs/ClusterUserCreatedConnectionsClusterEndpointConnection.java b/sdk/java/src/main/java/com/pulumi/gcp/redis/outputs/ClusterUserCreatedConnectionsClusterEndpointConnection.java new file mode 100644 index 0000000000..79a7b1c265 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/redis/outputs/ClusterUserCreatedConnectionsClusterEndpointConnection.java @@ -0,0 +1,61 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.redis.outputs; + +import com.pulumi.core.annotations.CustomType; +import com.pulumi.gcp.redis.outputs.ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnection; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + +@CustomType +public final class ClusterUserCreatedConnectionsClusterEndpointConnection { + /** + * @return Detailed information of a PSC connection that is created by the customer + * who owns the cluster. + * Structure is documented below. + * + */ + private @Nullable ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnection pscConnection; + + private ClusterUserCreatedConnectionsClusterEndpointConnection() {} + /** + * @return Detailed information of a PSC connection that is created by the customer + * who owns the cluster. + * Structure is documented below. + * + */ + public Optional pscConnection() { + return Optional.ofNullable(this.pscConnection); + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(ClusterUserCreatedConnectionsClusterEndpointConnection defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private @Nullable ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnection pscConnection; + public Builder() {} + public Builder(ClusterUserCreatedConnectionsClusterEndpointConnection defaults) { + Objects.requireNonNull(defaults); + this.pscConnection = defaults.pscConnection; + } + + @CustomType.Setter + public Builder pscConnection(@Nullable ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnection pscConnection) { + + this.pscConnection = pscConnection; + return this; + } + public ClusterUserCreatedConnectionsClusterEndpointConnection build() { + final var _resultValue = new ClusterUserCreatedConnectionsClusterEndpointConnection(); + _resultValue.pscConnection = pscConnection; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/redis/outputs/ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnection.java b/sdk/java/src/main/java/com/pulumi/gcp/redis/outputs/ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnection.java new file mode 100644 index 0000000000..dbd136ff3a --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/redis/outputs/ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnection.java @@ -0,0 +1,241 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.redis.outputs; + +import com.pulumi.core.annotations.CustomType; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + +@CustomType +public final class ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnection { + /** + * @return The IP allocated on the consumer network for the PSC forwarding rule. + * + */ + private String address; + /** + * @return (Output) + * Output Only. Type of a PSC Connection. + * Possible values: + * CONNECTION_TYPE_DISCOVERY + * CONNECTION_TYPE_PRIMARY + * CONNECTION_TYPE_READER + * + */ + private @Nullable String connectionType; + /** + * @return The URI of the consumer side forwarding rule. + * Format: + * projects/{project}/regions/{region}/forwardingRules/{forwarding_rule} + * + */ + private String forwardingRule; + /** + * @return The consumer network where the IP address resides, in the form of + * projects/{project_id}/global/networks/{network_id}. + * + */ + private String network; + /** + * @return The consumer project_id where the forwarding rule is created from. + * + */ + private @Nullable String projectId; + /** + * @return The PSC connection id of the forwarding rule connected to the + * service attachment. + * + */ + private String pscConnectionId; + /** + * @return (Output) + * Output Only. The status of the PSC connection: whether a connection exists and ACTIVE or it no longer exists. + * Possible values: + * ACTIVE + * NOT_FOUND + * + */ + private @Nullable String pscConnectionStatus; + /** + * @return The service attachment which is the target of the PSC connection, in the form of projects/{project-id}/regions/{region}/serviceAttachments/{service-attachment-id}. + * + */ + private String serviceAttachment; + + private ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnection() {} + /** + * @return The IP allocated on the consumer network for the PSC forwarding rule. + * + */ + public String address() { + return this.address; + } + /** + * @return (Output) + * Output Only. Type of a PSC Connection. + * Possible values: + * CONNECTION_TYPE_DISCOVERY + * CONNECTION_TYPE_PRIMARY + * CONNECTION_TYPE_READER + * + */ + public Optional connectionType() { + return Optional.ofNullable(this.connectionType); + } + /** + * @return The URI of the consumer side forwarding rule. + * Format: + * projects/{project}/regions/{region}/forwardingRules/{forwarding_rule} + * + */ + public String forwardingRule() { + return this.forwardingRule; + } + /** + * @return The consumer network where the IP address resides, in the form of + * projects/{project_id}/global/networks/{network_id}. + * + */ + public String network() { + return this.network; + } + /** + * @return The consumer project_id where the forwarding rule is created from. + * + */ + public Optional projectId() { + return Optional.ofNullable(this.projectId); + } + /** + * @return The PSC connection id of the forwarding rule connected to the + * service attachment. + * + */ + public String pscConnectionId() { + return this.pscConnectionId; + } + /** + * @return (Output) + * Output Only. The status of the PSC connection: whether a connection exists and ACTIVE or it no longer exists. + * Possible values: + * ACTIVE + * NOT_FOUND + * + */ + public Optional pscConnectionStatus() { + return Optional.ofNullable(this.pscConnectionStatus); + } + /** + * @return The service attachment which is the target of the PSC connection, in the form of projects/{project-id}/regions/{region}/serviceAttachments/{service-attachment-id}. + * + */ + public String serviceAttachment() { + return this.serviceAttachment; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnection defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private String address; + private @Nullable String connectionType; + private String forwardingRule; + private String network; + private @Nullable String projectId; + private String pscConnectionId; + private @Nullable String pscConnectionStatus; + private String serviceAttachment; + public Builder() {} + public Builder(ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnection defaults) { + Objects.requireNonNull(defaults); + this.address = defaults.address; + this.connectionType = defaults.connectionType; + this.forwardingRule = defaults.forwardingRule; + this.network = defaults.network; + this.projectId = defaults.projectId; + this.pscConnectionId = defaults.pscConnectionId; + this.pscConnectionStatus = defaults.pscConnectionStatus; + this.serviceAttachment = defaults.serviceAttachment; + } + + @CustomType.Setter + public Builder address(String address) { + if (address == null) { + throw new MissingRequiredPropertyException("ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnection", "address"); + } + this.address = address; + return this; + } + @CustomType.Setter + public Builder connectionType(@Nullable String connectionType) { + + this.connectionType = connectionType; + return this; + } + @CustomType.Setter + public Builder forwardingRule(String forwardingRule) { + if (forwardingRule == null) { + throw new MissingRequiredPropertyException("ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnection", "forwardingRule"); + } + this.forwardingRule = forwardingRule; + return this; + } + @CustomType.Setter + public Builder network(String network) { + if (network == null) { + throw new MissingRequiredPropertyException("ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnection", "network"); + } + this.network = network; + return this; + } + @CustomType.Setter + public Builder projectId(@Nullable String projectId) { + + this.projectId = projectId; + return this; + } + @CustomType.Setter + public Builder pscConnectionId(String pscConnectionId) { + if (pscConnectionId == null) { + throw new MissingRequiredPropertyException("ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnection", "pscConnectionId"); + } + this.pscConnectionId = pscConnectionId; + return this; + } + @CustomType.Setter + public Builder pscConnectionStatus(@Nullable String pscConnectionStatus) { + + this.pscConnectionStatus = pscConnectionStatus; + return this; + } + @CustomType.Setter + public Builder serviceAttachment(String serviceAttachment) { + if (serviceAttachment == null) { + throw new MissingRequiredPropertyException("ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnection", "serviceAttachment"); + } + this.serviceAttachment = serviceAttachment; + return this; + } + public ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnection build() { + final var _resultValue = new ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnection(); + _resultValue.address = address; + _resultValue.connectionType = connectionType; + _resultValue.forwardingRule = forwardingRule; + _resultValue.network = network; + _resultValue.projectId = projectId; + _resultValue.pscConnectionId = pscConnectionId; + _resultValue.pscConnectionStatus = pscConnectionStatus; + _resultValue.serviceAttachment = serviceAttachment; + return _resultValue; + } + } +} diff --git a/sdk/nodejs/alloydb/cluster.ts b/sdk/nodejs/alloydb/cluster.ts index 91f6b2474e..8b735a1e9f 100644 --- a/sdk/nodejs/alloydb/cluster.ts +++ b/sdk/nodejs/alloydb/cluster.ts @@ -226,7 +226,8 @@ export class Cluster extends pulumi.CustomResource { */ public /*out*/ readonly continuousBackupInfos!: pulumi.Output; /** - * The database engine major version. This is an optional field and it's populated at the Cluster creation time. This field cannot be changed after cluster creation. + * The database engine major version. This is an optional field and it's populated at the Cluster creation time. + * Note: Changing this field to a higer version results in upgrading the AlloyDB cluster which is an irreversible change. */ public readonly databaseVersion!: pulumi.Output; /** @@ -333,6 +334,12 @@ export class Cluster extends pulumi.CustomResource { * Structure is documented below. */ public readonly secondaryConfig!: pulumi.Output; + /** + * Set to true to skip awaiting on the major version upgrade of the cluster. + * Possible values: true, false + * Default value: "true" + */ + public readonly skipAwaitMajorVersionUpgrade!: pulumi.Output; /** * Output only. The current serving state of the cluster. */ @@ -394,6 +401,7 @@ export class Cluster extends pulumi.CustomResource { resourceInputs["restoreBackupSource"] = state ? state.restoreBackupSource : undefined; resourceInputs["restoreContinuousBackupSource"] = state ? state.restoreContinuousBackupSource : undefined; resourceInputs["secondaryConfig"] = state ? state.secondaryConfig : undefined; + resourceInputs["skipAwaitMajorVersionUpgrade"] = state ? state.skipAwaitMajorVersionUpgrade : undefined; resourceInputs["state"] = state ? state.state : undefined; resourceInputs["subscriptionType"] = state ? state.subscriptionType : undefined; resourceInputs["trialMetadatas"] = state ? state.trialMetadatas : undefined; @@ -426,6 +434,7 @@ export class Cluster extends pulumi.CustomResource { resourceInputs["restoreBackupSource"] = args ? args.restoreBackupSource : undefined; resourceInputs["restoreContinuousBackupSource"] = args ? args.restoreContinuousBackupSource : undefined; resourceInputs["secondaryConfig"] = args ? args.secondaryConfig : undefined; + resourceInputs["skipAwaitMajorVersionUpgrade"] = args ? args.skipAwaitMajorVersionUpgrade : undefined; resourceInputs["subscriptionType"] = args ? args.subscriptionType : undefined; resourceInputs["backupSources"] = undefined /*out*/; resourceInputs["continuousBackupInfos"] = undefined /*out*/; @@ -491,7 +500,8 @@ export interface ClusterState { */ continuousBackupInfos?: pulumi.Input[]>; /** - * The database engine major version. This is an optional field and it's populated at the Cluster creation time. This field cannot be changed after cluster creation. + * The database engine major version. This is an optional field and it's populated at the Cluster creation time. + * Note: Changing this field to a higer version results in upgrading the AlloyDB cluster which is an irreversible change. */ databaseVersion?: pulumi.Input; /** @@ -598,6 +608,12 @@ export interface ClusterState { * Structure is documented below. */ secondaryConfig?: pulumi.Input; + /** + * Set to true to skip awaiting on the major version upgrade of the cluster. + * Possible values: true, false + * Default value: "true" + */ + skipAwaitMajorVersionUpgrade?: pulumi.Input; /** * Output only. The current serving state of the cluster. */ @@ -652,7 +668,8 @@ export interface ClusterArgs { */ continuousBackupConfig?: pulumi.Input; /** - * The database engine major version. This is an optional field and it's populated at the Cluster creation time. This field cannot be changed after cluster creation. + * The database engine major version. This is an optional field and it's populated at the Cluster creation time. + * Note: Changing this field to a higer version results in upgrading the AlloyDB cluster which is an irreversible change. */ databaseVersion?: pulumi.Input; /** @@ -728,6 +745,12 @@ export interface ClusterArgs { * Structure is documented below. */ secondaryConfig?: pulumi.Input; + /** + * Set to true to skip awaiting on the major version upgrade of the cluster. + * Possible values: true, false + * Default value: "true" + */ + skipAwaitMajorVersionUpgrade?: pulumi.Input; /** * The subscrition type of cluster. * Possible values are: `TRIAL`, `STANDARD`. diff --git a/sdk/nodejs/apigee/endpointAttachment.ts b/sdk/nodejs/apigee/endpointAttachment.ts index a1efaecbc2..a1f9684710 100644 --- a/sdk/nodejs/apigee/endpointAttachment.ts +++ b/sdk/nodejs/apigee/endpointAttachment.ts @@ -13,43 +13,6 @@ import * as utilities from "../utilities"; * * How-to Guides * * [Creating an environment](https://cloud.google.com/apigee/docs/api-platform/get-started/create-environment) * - * ## Example Usage - * - * ### Apigee Endpoint Attachment Basic - * - * ```typescript - * import * as pulumi from "@pulumi/pulumi"; - * import * as gcp from "@pulumi/gcp"; - * - * const current = gcp.organizations.getClientConfig({}); - * const apigeeNetwork = new gcp.compute.Network("apigee_network", {name: "apigee-network"}); - * const apigeeRange = new gcp.compute.GlobalAddress("apigee_range", { - * name: "apigee-range", - * purpose: "VPC_PEERING", - * addressType: "INTERNAL", - * prefixLength: 16, - * network: apigeeNetwork.id, - * }); - * const apigeeVpcConnection = new gcp.servicenetworking.Connection("apigee_vpc_connection", { - * network: apigeeNetwork.id, - * service: "servicenetworking.googleapis.com", - * reservedPeeringRanges: [apigeeRange.name], - * }); - * const apigeeOrg = new gcp.apigee.Organization("apigee_org", { - * analyticsRegion: "us-central1", - * projectId: current.then(current => current.project), - * authorizedNetwork: apigeeNetwork.id, - * }, { - * dependsOn: [apigeeVpcConnection], - * }); - * const apigeeEndpointAttachment = new gcp.apigee.EndpointAttachment("apigee_endpoint_attachment", { - * orgId: apigeeOrg.id, - * endpointAttachmentId: "test1", - * location: "{google_compute_service_attachment location}", - * serviceAttachment: "{google_compute_service_attachment id}", - * }); - * ``` - * * ## Import * * EndpointAttachment can be imported using any of these accepted formats: diff --git a/sdk/nodejs/apigee/environment.ts b/sdk/nodejs/apigee/environment.ts index 1a9e769b54..2420121fc4 100644 --- a/sdk/nodejs/apigee/environment.ts +++ b/sdk/nodejs/apigee/environment.ts @@ -144,6 +144,11 @@ export class Environment extends pulumi.CustomResource { * - - - */ public readonly orgId!: pulumi.Output; + /** + * Key-value pairs that may be used for customizing the environment. + * Structure is documented below. + */ + public readonly properties!: pulumi.Output; /** * Types that can be selected for an Environment. Each of the types are * limited by capability and capacity. Refer to Apigee's public documentation @@ -174,6 +179,7 @@ export class Environment extends pulumi.CustomResource { resourceInputs["name"] = state ? state.name : undefined; resourceInputs["nodeConfig"] = state ? state.nodeConfig : undefined; resourceInputs["orgId"] = state ? state.orgId : undefined; + resourceInputs["properties"] = state ? state.properties : undefined; resourceInputs["type"] = state ? state.type : undefined; } else { const args = argsOrState as EnvironmentArgs | undefined; @@ -188,6 +194,7 @@ export class Environment extends pulumi.CustomResource { resourceInputs["name"] = args ? args.name : undefined; resourceInputs["nodeConfig"] = args ? args.nodeConfig : undefined; resourceInputs["orgId"] = args ? args.orgId : undefined; + resourceInputs["properties"] = args ? args.properties : undefined; resourceInputs["type"] = args ? args.type : undefined; } opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts); @@ -245,6 +252,11 @@ export interface EnvironmentState { * - - - */ orgId?: pulumi.Input; + /** + * Key-value pairs that may be used for customizing the environment. + * Structure is documented below. + */ + properties?: pulumi.Input; /** * Types that can be selected for an Environment. Each of the types are * limited by capability and capacity. Refer to Apigee's public documentation @@ -305,6 +317,11 @@ export interface EnvironmentArgs { * - - - */ orgId: pulumi.Input; + /** + * Key-value pairs that may be used for customizing the environment. + * Structure is documented below. + */ + properties?: pulumi.Input; /** * Types that can be selected for an Environment. Each of the types are * limited by capability and capacity. Refer to Apigee's public documentation diff --git a/sdk/nodejs/apihub/apiHubInstance.ts b/sdk/nodejs/apihub/apiHubInstance.ts new file mode 100644 index 0000000000..55156d92e4 --- /dev/null +++ b/sdk/nodejs/apihub/apiHubInstance.ts @@ -0,0 +1,329 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +import * as pulumi from "@pulumi/pulumi"; +import * as inputs from "../types/input"; +import * as outputs from "../types/output"; +import * as utilities from "../utilities"; + +/** + * An ApiHubInstance represents the instance resources of the API Hub. + * Currently, only one ApiHub instance is allowed for each project. + * Currently, updation/deletion of ApiHub instance is not allowed. + * + * ## Example Usage + * + * ### Apihub Api Hub Instance Basic + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const apihub_instance_without_search = new gcp.apihub.ApiHubInstance("apihub-instance-without-search", { + * location: "us-central1", + * config: { + * disableSearch: true, + * }, + * }); + * ``` + * ### Apihub Api Hub Instance Full + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const apihub_instance_search = new gcp.apihub.ApiHubInstance("apihub-instance-search", { + * project: "my-project", + * apiHubInstanceId: "test-instance-full", + * description: "Test API hub instance", + * location: "us-central1", + * config: { + * encryptionType: "CMEK", + * cmekKeyName: "projects/my-project/locations/us-central1/keyRings/apihub/cryptoKeys/apihub-key", + * disableSearch: false, + * vertexLocation: "us", + * }, + * labels: { + * environment: "dev", + * }, + * }); + * ``` + * + * ## Import + * + * ApiHubInstance can be imported using any of these accepted formats: + * + * * `projects/{{project}}/locations/{{location}}/apiHubInstances/{{api_hub_instance_id}}` + * + * * `{{project}}/{{location}}/{{api_hub_instance_id}}` + * + * * `{{location}}/{{api_hub_instance_id}}` + * + * When using the `pulumi import` command, ApiHubInstance can be imported using one of the formats above. For example: + * + * ```sh + * $ pulumi import gcp:apihub/apiHubInstance:ApiHubInstance default projects/{{project}}/locations/{{location}}/apiHubInstances/{{api_hub_instance_id}} + * ``` + * + * ```sh + * $ pulumi import gcp:apihub/apiHubInstance:ApiHubInstance default {{project}}/{{location}}/{{api_hub_instance_id}} + * ``` + * + * ```sh + * $ pulumi import gcp:apihub/apiHubInstance:ApiHubInstance default {{location}}/{{api_hub_instance_id}} + * ``` + */ +export class ApiHubInstance extends pulumi.CustomResource { + /** + * Get an existing ApiHubInstance resource's state with the given name, ID, and optional extra + * properties used to qualify the lookup. + * + * @param name The _unique_ name of the resulting resource. + * @param id The _unique_ provider ID of the resource to lookup. + * @param state Any extra arguments used during the lookup. + * @param opts Optional settings to control the behavior of the CustomResource. + */ + public static get(name: string, id: pulumi.Input, state?: ApiHubInstanceState, opts?: pulumi.CustomResourceOptions): ApiHubInstance { + return new ApiHubInstance(name, state, { ...opts, id: id }); + } + + /** @internal */ + public static readonly __pulumiType = 'gcp:apihub/apiHubInstance:ApiHubInstance'; + + /** + * Returns true if the given object is an instance of ApiHubInstance. This is designed to work even + * when multiple copies of the Pulumi SDK have been loaded into the same process. + */ + public static isInstance(obj: any): obj is ApiHubInstance { + if (obj === undefined || obj === null) { + return false; + } + return obj['__pulumiType'] === ApiHubInstance.__pulumiType; + } + + /** + * Optional. Identifier to assign to the Api Hub instance. Must be unique within scope of the parent resource. If the field + * is not provided, system generated id will be used. This value should be 4-40 characters, and valid characters are + * '/a-z[0-9]-_/'. + */ + public readonly apiHubInstanceId!: pulumi.Output; + /** + * Available configurations to provision an ApiHub Instance. + * Structure is documented below. + */ + public readonly config!: pulumi.Output; + /** + * Output only. Creation timestamp. + */ + public /*out*/ readonly createTime!: pulumi.Output; + /** + * Optional. Description of the ApiHub instance. + */ + public readonly description!: pulumi.Output; + /** + * All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. + */ + public /*out*/ readonly effectiveLabels!: pulumi.Output<{[key: string]: string}>; + /** + * Optional. Instance labels to represent user-provided metadata. Refer to cloud documentation on labels for more details. + * https://cloud.google.com/compute/docs/labeling-resources **Note**: This field is non-authoritative, and will only manage + * the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels present on + * the resource. + */ + public readonly labels!: pulumi.Output<{[key: string]: string} | undefined>; + /** + * Resource ID segment making up resource `name`. It identifies the resource within its parent collection as described in https://google.aip.dev/122. + */ + public readonly location!: pulumi.Output; + /** + * Identifier. Format: + * `projects/{project}/locations/{location}/apiHubInstances/{apiHubInstance}`. + */ + public /*out*/ readonly name!: pulumi.Output; + public readonly project!: pulumi.Output; + /** + * The combination of labels configured directly on the resource + * and default labels configured on the provider. + */ + public /*out*/ readonly pulumiLabels!: pulumi.Output<{[key: string]: string}>; + /** + * Output only. The current state of the ApiHub instance. + * Possible values: + * STATE_UNSPECIFIED + * INACTIVE + * CREATING + * ACTIVE + * UPDATING + * DELETING + * FAILED + */ + public /*out*/ readonly state!: pulumi.Output; + /** + * Output only. Extra information about ApiHub instance state. Currently the message + * would be populated when state is `FAILED`. + */ + public /*out*/ readonly stateMessage!: pulumi.Output; + /** + * Output only. Last update timestamp. + */ + public /*out*/ readonly updateTime!: pulumi.Output; + + /** + * Create a ApiHubInstance resource with the given unique name, arguments, and options. + * + * @param name The _unique_ name of the resource. + * @param args The arguments to use to populate this resource's properties. + * @param opts A bag of options that control this resource's behavior. + */ + constructor(name: string, args: ApiHubInstanceArgs, opts?: pulumi.CustomResourceOptions) + constructor(name: string, argsOrState?: ApiHubInstanceArgs | ApiHubInstanceState, opts?: pulumi.CustomResourceOptions) { + let resourceInputs: pulumi.Inputs = {}; + opts = opts || {}; + if (opts.id) { + const state = argsOrState as ApiHubInstanceState | undefined; + resourceInputs["apiHubInstanceId"] = state ? state.apiHubInstanceId : undefined; + resourceInputs["config"] = state ? state.config : undefined; + resourceInputs["createTime"] = state ? state.createTime : undefined; + resourceInputs["description"] = state ? state.description : undefined; + resourceInputs["effectiveLabels"] = state ? state.effectiveLabels : undefined; + resourceInputs["labels"] = state ? state.labels : undefined; + resourceInputs["location"] = state ? state.location : undefined; + resourceInputs["name"] = state ? state.name : undefined; + resourceInputs["project"] = state ? state.project : undefined; + resourceInputs["pulumiLabels"] = state ? state.pulumiLabels : undefined; + resourceInputs["state"] = state ? state.state : undefined; + resourceInputs["stateMessage"] = state ? state.stateMessage : undefined; + resourceInputs["updateTime"] = state ? state.updateTime : undefined; + } else { + const args = argsOrState as ApiHubInstanceArgs | undefined; + if ((!args || args.config === undefined) && !opts.urn) { + throw new Error("Missing required property 'config'"); + } + if ((!args || args.location === undefined) && !opts.urn) { + throw new Error("Missing required property 'location'"); + } + resourceInputs["apiHubInstanceId"] = args ? args.apiHubInstanceId : undefined; + resourceInputs["config"] = args ? args.config : undefined; + resourceInputs["description"] = args ? args.description : undefined; + resourceInputs["labels"] = args ? args.labels : undefined; + resourceInputs["location"] = args ? args.location : undefined; + resourceInputs["project"] = args ? args.project : undefined; + resourceInputs["createTime"] = undefined /*out*/; + resourceInputs["effectiveLabels"] = undefined /*out*/; + resourceInputs["name"] = undefined /*out*/; + resourceInputs["pulumiLabels"] = undefined /*out*/; + resourceInputs["state"] = undefined /*out*/; + resourceInputs["stateMessage"] = undefined /*out*/; + resourceInputs["updateTime"] = undefined /*out*/; + } + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts); + const secretOpts = { additionalSecretOutputs: ["effectiveLabels", "pulumiLabels"] }; + opts = pulumi.mergeOptions(opts, secretOpts); + super(ApiHubInstance.__pulumiType, name, resourceInputs, opts); + } +} + +/** + * Input properties used for looking up and filtering ApiHubInstance resources. + */ +export interface ApiHubInstanceState { + /** + * Optional. Identifier to assign to the Api Hub instance. Must be unique within scope of the parent resource. If the field + * is not provided, system generated id will be used. This value should be 4-40 characters, and valid characters are + * '/a-z[0-9]-_/'. + */ + apiHubInstanceId?: pulumi.Input; + /** + * Available configurations to provision an ApiHub Instance. + * Structure is documented below. + */ + config?: pulumi.Input; + /** + * Output only. Creation timestamp. + */ + createTime?: pulumi.Input; + /** + * Optional. Description of the ApiHub instance. + */ + description?: pulumi.Input; + /** + * All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. + */ + effectiveLabels?: pulumi.Input<{[key: string]: pulumi.Input}>; + /** + * Optional. Instance labels to represent user-provided metadata. Refer to cloud documentation on labels for more details. + * https://cloud.google.com/compute/docs/labeling-resources **Note**: This field is non-authoritative, and will only manage + * the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels present on + * the resource. + */ + labels?: pulumi.Input<{[key: string]: pulumi.Input}>; + /** + * Resource ID segment making up resource `name`. It identifies the resource within its parent collection as described in https://google.aip.dev/122. + */ + location?: pulumi.Input; + /** + * Identifier. Format: + * `projects/{project}/locations/{location}/apiHubInstances/{apiHubInstance}`. + */ + name?: pulumi.Input; + project?: pulumi.Input; + /** + * The combination of labels configured directly on the resource + * and default labels configured on the provider. + */ + pulumiLabels?: pulumi.Input<{[key: string]: pulumi.Input}>; + /** + * Output only. The current state of the ApiHub instance. + * Possible values: + * STATE_UNSPECIFIED + * INACTIVE + * CREATING + * ACTIVE + * UPDATING + * DELETING + * FAILED + */ + state?: pulumi.Input; + /** + * Output only. Extra information about ApiHub instance state. Currently the message + * would be populated when state is `FAILED`. + */ + stateMessage?: pulumi.Input; + /** + * Output only. Last update timestamp. + */ + updateTime?: pulumi.Input; +} + +/** + * The set of arguments for constructing a ApiHubInstance resource. + */ +export interface ApiHubInstanceArgs { + /** + * Optional. Identifier to assign to the Api Hub instance. Must be unique within scope of the parent resource. If the field + * is not provided, system generated id will be used. This value should be 4-40 characters, and valid characters are + * '/a-z[0-9]-_/'. + */ + apiHubInstanceId?: pulumi.Input; + /** + * Available configurations to provision an ApiHub Instance. + * Structure is documented below. + */ + config: pulumi.Input; + /** + * Optional. Description of the ApiHub instance. + */ + description?: pulumi.Input; + /** + * Optional. Instance labels to represent user-provided metadata. Refer to cloud documentation on labels for more details. + * https://cloud.google.com/compute/docs/labeling-resources **Note**: This field is non-authoritative, and will only manage + * the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels present on + * the resource. + */ + labels?: pulumi.Input<{[key: string]: pulumi.Input}>; + /** + * Resource ID segment making up resource `name`. It identifies the resource within its parent collection as described in https://google.aip.dev/122. + */ + location: pulumi.Input; + project?: pulumi.Input; +} diff --git a/sdk/nodejs/apihub/index.ts b/sdk/nodejs/apihub/index.ts new file mode 100644 index 0000000000..c1c4b7a009 --- /dev/null +++ b/sdk/nodejs/apihub/index.ts @@ -0,0 +1,25 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +import * as pulumi from "@pulumi/pulumi"; +import * as utilities from "../utilities"; + +// Export members: +export { ApiHubInstanceArgs, ApiHubInstanceState } from "./apiHubInstance"; +export type ApiHubInstance = import("./apiHubInstance").ApiHubInstance; +export const ApiHubInstance: typeof import("./apiHubInstance").ApiHubInstance = null as any; +utilities.lazyLoad(exports, ["ApiHubInstance"], () => require("./apiHubInstance")); + + +const _module = { + version: utilities.getVersion(), + construct: (name: string, type: string, urn: string): pulumi.Resource => { + switch (type) { + case "gcp:apihub/apiHubInstance:ApiHubInstance": + return new ApiHubInstance(name, undefined, { urn }) + default: + throw new Error(`unknown resource type ${type}`); + } + }, +}; +pulumi.runtime.registerResourceModule("gcp", "apihub/apiHubInstance", _module) diff --git a/sdk/nodejs/chronicle/index.ts b/sdk/nodejs/chronicle/index.ts index c3af1e35e7..c59f72c996 100644 --- a/sdk/nodejs/chronicle/index.ts +++ b/sdk/nodejs/chronicle/index.ts @@ -20,6 +20,11 @@ export type ReferenceList = import("./referenceList").ReferenceList; export const ReferenceList: typeof import("./referenceList").ReferenceList = null as any; utilities.lazyLoad(exports, ["ReferenceList"], () => require("./referenceList")); +export { RetrohuntArgs, RetrohuntState } from "./retrohunt"; +export type Retrohunt = import("./retrohunt").Retrohunt; +export const Retrohunt: typeof import("./retrohunt").Retrohunt = null as any; +utilities.lazyLoad(exports, ["Retrohunt"], () => require("./retrohunt")); + export { RuleArgs, RuleState } from "./rule"; export type Rule = import("./rule").Rule; export const Rule: typeof import("./rule").Rule = null as any; @@ -46,6 +51,8 @@ const _module = { return new DataAccessScope(name, undefined, { urn }) case "gcp:chronicle/referenceList:ReferenceList": return new ReferenceList(name, undefined, { urn }) + case "gcp:chronicle/retrohunt:Retrohunt": + return new Retrohunt(name, undefined, { urn }) case "gcp:chronicle/rule:Rule": return new Rule(name, undefined, { urn }) case "gcp:chronicle/ruleDeployment:RuleDeployment": @@ -60,6 +67,7 @@ const _module = { pulumi.runtime.registerResourceModule("gcp", "chronicle/dataAccessLabel", _module) pulumi.runtime.registerResourceModule("gcp", "chronicle/dataAccessScope", _module) pulumi.runtime.registerResourceModule("gcp", "chronicle/referenceList", _module) +pulumi.runtime.registerResourceModule("gcp", "chronicle/retrohunt", _module) pulumi.runtime.registerResourceModule("gcp", "chronicle/rule", _module) pulumi.runtime.registerResourceModule("gcp", "chronicle/ruleDeployment", _module) pulumi.runtime.registerResourceModule("gcp", "chronicle/watchlist", _module) diff --git a/sdk/nodejs/chronicle/retrohunt.ts b/sdk/nodejs/chronicle/retrohunt.ts new file mode 100644 index 0000000000..2914246d99 --- /dev/null +++ b/sdk/nodejs/chronicle/retrohunt.ts @@ -0,0 +1,274 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +import * as pulumi from "@pulumi/pulumi"; +import * as inputs from "../types/input"; +import * as outputs from "../types/output"; +import * as utilities from "../utilities"; + +/** + * Retrohunt is an execution of a Rule over a time range in the past. + * + * To get more information about Retrohunt, see: + * + * * [API documentation](https://cloud.google.com/chronicle/docs/reference/rest/v1alpha/projects.locations.instances.rules.retrohunts) + * * How-to Guides + * * [Google SecOps Guides](https://cloud.google.com/chronicle/docs/secops/secops-overview) + * + * ## Example Usage + * + * ## Import + * + * Retrohunt can be imported using any of these accepted formats: + * + * * `projects/{{project}}/locations/{{location}}/instances/{{instance}}/rules/{{rule}}/retrohunts/{{retrohunt}}` + * + * * `{{project}}/{{location}}/{{instance}}/{{rule}}/{{retrohunt}}` + * + * * `{{location}}/{{instance}}/{{rule}}/{{retrohunt}}` + * + * When using the `pulumi import` command, Retrohunt can be imported using one of the formats above. For example: + * + * ```sh + * $ pulumi import gcp:chronicle/retrohunt:Retrohunt default projects/{{project}}/locations/{{location}}/instances/{{instance}}/rules/{{rule}}/retrohunts/{{retrohunt}} + * ``` + * + * ```sh + * $ pulumi import gcp:chronicle/retrohunt:Retrohunt default {{project}}/{{location}}/{{instance}}/{{rule}}/{{retrohunt}} + * ``` + * + * ```sh + * $ pulumi import gcp:chronicle/retrohunt:Retrohunt default {{location}}/{{instance}}/{{rule}}/{{retrohunt}} + * ``` + */ +export class Retrohunt extends pulumi.CustomResource { + /** + * Get an existing Retrohunt resource's state with the given name, ID, and optional extra + * properties used to qualify the lookup. + * + * @param name The _unique_ name of the resulting resource. + * @param id The _unique_ provider ID of the resource to lookup. + * @param state Any extra arguments used during the lookup. + * @param opts Optional settings to control the behavior of the CustomResource. + */ + public static get(name: string, id: pulumi.Input, state?: RetrohuntState, opts?: pulumi.CustomResourceOptions): Retrohunt { + return new Retrohunt(name, state, { ...opts, id: id }); + } + + /** @internal */ + public static readonly __pulumiType = 'gcp:chronicle/retrohunt:Retrohunt'; + + /** + * Returns true if the given object is an instance of Retrohunt. This is designed to work even + * when multiple copies of the Pulumi SDK have been loaded into the same process. + */ + public static isInstance(obj: any): obj is Retrohunt { + if (obj === undefined || obj === null) { + return false; + } + return obj['__pulumiType'] === Retrohunt.__pulumiType; + } + + /** + * The retrohunt ID of the Retrohunt. A retrohunt is an execution of a Rule over a time range in the past. + */ + public readonly RetrohuntId!: pulumi.Output; + /** + * Represents a time interval, encoded as a Timestamp start (inclusive) and a + * Timestamp end (exclusive). + * The start must be less than or equal to the end. + * When the start equals the end, the interval is empty (matches no time). + * When both start and end are unspecified, the interval matches any time. + * Structure is documented below. + */ + public /*out*/ readonly executionIntervals!: pulumi.Output; + /** + * The unique identifier for the Chronicle instance, which is the same as the customer ID. + */ + public readonly instance!: pulumi.Output; + /** + * The location of the resource. This is the geographical region where the Chronicle instance resides, such as "us" or "europe-west2". + */ + public readonly location!: pulumi.Output; + /** + * The resource name of the retrohunt. + * Retrohunt is the child of a rule revision. {rule} in the format below is + * structured as {rule_id@revision_id}. + * Format: + * projects/{project}/locations/{location}/instances/{instance}/rules/{rule}/retrohunts/{retrohunt} + */ + public /*out*/ readonly name!: pulumi.Output; + /** + * Represents a time interval, encoded as a Timestamp start (inclusive) and a + * Timestamp end (exclusive). + * The start must be less than or equal to the end. + * When the start equals the end, the interval is empty (matches no time). + * When both start and end are unspecified, the interval matches any time. + * Structure is documented below. + */ + public readonly processInterval!: pulumi.Output; + /** + * Output only. Percent progress of the retrohunt towards completion, from 0.00 to 100.00. + */ + public /*out*/ readonly progressPercentage!: pulumi.Output; + public readonly project!: pulumi.Output; + /** + * The Rule ID of the rule. + */ + public readonly rule!: pulumi.Output; + /** + * Output only. The state of the retrohunt. + * Possible values: + * RUNNING + * DONE + * CANCELLED + * FAILED + */ + public /*out*/ readonly state!: pulumi.Output; + + /** + * Create a Retrohunt resource with the given unique name, arguments, and options. + * + * @param name The _unique_ name of the resource. + * @param args The arguments to use to populate this resource's properties. + * @param opts A bag of options that control this resource's behavior. + */ + constructor(name: string, args: RetrohuntArgs, opts?: pulumi.CustomResourceOptions) + constructor(name: string, argsOrState?: RetrohuntArgs | RetrohuntState, opts?: pulumi.CustomResourceOptions) { + let resourceInputs: pulumi.Inputs = {}; + opts = opts || {}; + if (opts.id) { + const state = argsOrState as RetrohuntState | undefined; + resourceInputs["RetrohuntId"] = state ? state.RetrohuntId : undefined; + resourceInputs["executionIntervals"] = state ? state.executionIntervals : undefined; + resourceInputs["instance"] = state ? state.instance : undefined; + resourceInputs["location"] = state ? state.location : undefined; + resourceInputs["name"] = state ? state.name : undefined; + resourceInputs["processInterval"] = state ? state.processInterval : undefined; + resourceInputs["progressPercentage"] = state ? state.progressPercentage : undefined; + resourceInputs["project"] = state ? state.project : undefined; + resourceInputs["rule"] = state ? state.rule : undefined; + resourceInputs["state"] = state ? state.state : undefined; + } else { + const args = argsOrState as RetrohuntArgs | undefined; + if ((!args || args.instance === undefined) && !opts.urn) { + throw new Error("Missing required property 'instance'"); + } + if ((!args || args.location === undefined) && !opts.urn) { + throw new Error("Missing required property 'location'"); + } + if ((!args || args.processInterval === undefined) && !opts.urn) { + throw new Error("Missing required property 'processInterval'"); + } + if ((!args || args.rule === undefined) && !opts.urn) { + throw new Error("Missing required property 'rule'"); + } + resourceInputs["RetrohuntId"] = args ? args.RetrohuntId : undefined; + resourceInputs["instance"] = args ? args.instance : undefined; + resourceInputs["location"] = args ? args.location : undefined; + resourceInputs["processInterval"] = args ? args.processInterval : undefined; + resourceInputs["project"] = args ? args.project : undefined; + resourceInputs["rule"] = args ? args.rule : undefined; + resourceInputs["executionIntervals"] = undefined /*out*/; + resourceInputs["name"] = undefined /*out*/; + resourceInputs["progressPercentage"] = undefined /*out*/; + resourceInputs["state"] = undefined /*out*/; + } + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts); + super(Retrohunt.__pulumiType, name, resourceInputs, opts); + } +} + +/** + * Input properties used for looking up and filtering Retrohunt resources. + */ +export interface RetrohuntState { + /** + * The retrohunt ID of the Retrohunt. A retrohunt is an execution of a Rule over a time range in the past. + */ + RetrohuntId?: pulumi.Input; + /** + * Represents a time interval, encoded as a Timestamp start (inclusive) and a + * Timestamp end (exclusive). + * The start must be less than or equal to the end. + * When the start equals the end, the interval is empty (matches no time). + * When both start and end are unspecified, the interval matches any time. + * Structure is documented below. + */ + executionIntervals?: pulumi.Input[]>; + /** + * The unique identifier for the Chronicle instance, which is the same as the customer ID. + */ + instance?: pulumi.Input; + /** + * The location of the resource. This is the geographical region where the Chronicle instance resides, such as "us" or "europe-west2". + */ + location?: pulumi.Input; + /** + * The resource name of the retrohunt. + * Retrohunt is the child of a rule revision. {rule} in the format below is + * structured as {rule_id@revision_id}. + * Format: + * projects/{project}/locations/{location}/instances/{instance}/rules/{rule}/retrohunts/{retrohunt} + */ + name?: pulumi.Input; + /** + * Represents a time interval, encoded as a Timestamp start (inclusive) and a + * Timestamp end (exclusive). + * The start must be less than or equal to the end. + * When the start equals the end, the interval is empty (matches no time). + * When both start and end are unspecified, the interval matches any time. + * Structure is documented below. + */ + processInterval?: pulumi.Input; + /** + * Output only. Percent progress of the retrohunt towards completion, from 0.00 to 100.00. + */ + progressPercentage?: pulumi.Input; + project?: pulumi.Input; + /** + * The Rule ID of the rule. + */ + rule?: pulumi.Input; + /** + * Output only. The state of the retrohunt. + * Possible values: + * RUNNING + * DONE + * CANCELLED + * FAILED + */ + state?: pulumi.Input; +} + +/** + * The set of arguments for constructing a Retrohunt resource. + */ +export interface RetrohuntArgs { + /** + * The retrohunt ID of the Retrohunt. A retrohunt is an execution of a Rule over a time range in the past. + */ + RetrohuntId?: pulumi.Input; + /** + * The unique identifier for the Chronicle instance, which is the same as the customer ID. + */ + instance: pulumi.Input; + /** + * The location of the resource. This is the geographical region where the Chronicle instance resides, such as "us" or "europe-west2". + */ + location: pulumi.Input; + /** + * Represents a time interval, encoded as a Timestamp start (inclusive) and a + * Timestamp end (exclusive). + * The start must be less than or equal to the end. + * When the start equals the end, the interval is empty (matches no time). + * When both start and end are unspecified, the interval matches any time. + * Structure is documented below. + */ + processInterval: pulumi.Input; + project?: pulumi.Input; + /** + * The Rule ID of the rule. + */ + rule: pulumi.Input; +} diff --git a/sdk/nodejs/cloudrunv2/getService.ts b/sdk/nodejs/cloudrunv2/getService.ts index 9831557450..2f07caee60 100644 --- a/sdk/nodejs/cloudrunv2/getService.ts +++ b/sdk/nodejs/cloudrunv2/getService.ts @@ -59,6 +59,7 @@ export interface GetServiceArgs { export interface GetServiceResult { readonly annotations: {[key: string]: string}; readonly binaryAuthorizations: outputs.cloudrunv2.GetServiceBinaryAuthorization[]; + readonly buildConfigs: outputs.cloudrunv2.GetServiceBuildConfig[]; readonly client: string; readonly clientVersion: string; readonly conditions: outputs.cloudrunv2.GetServiceCondition[]; diff --git a/sdk/nodejs/cloudrunv2/service.ts b/sdk/nodejs/cloudrunv2/service.ts index c1aa788579..1ea4350bda 100644 --- a/sdk/nodejs/cloudrunv2/service.ts +++ b/sdk/nodejs/cloudrunv2/service.ts @@ -505,6 +505,64 @@ import * as utilities from "../utilities"; * }, * }); * ``` + * ### Cloudrunv2 Service Function + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const project = gcp.organizations.getProject({}); + * const bucket = new gcp.storage.Bucket("bucket", { + * name: project.then(project => `${project.projectId}-gcf-source`), + * location: "US", + * uniformBucketLevelAccess: true, + * }); + * const object = new gcp.storage.BucketObject("object", { + * name: "function-source.zip", + * bucket: bucket.name, + * source: new pulumi.asset.FileAsset("function_source.zip"), + * }); + * const cloudbuildServiceAccount = new gcp.serviceaccount.Account("cloudbuild_service_account", {accountId: "build-sa"}); + * const actAs = new gcp.projects.IAMMember("act_as", { + * project: project.then(project => project.projectId), + * role: "roles/iam.serviceAccountUser", + * member: pulumi.interpolate`serviceAccount:${cloudbuildServiceAccount.email}`, + * }); + * const logsWriter = new gcp.projects.IAMMember("logs_writer", { + * project: project.then(project => project.projectId), + * role: "roles/logging.logWriter", + * member: pulumi.interpolate`serviceAccount:${cloudbuildServiceAccount.email}`, + * }); + * const _default = new gcp.cloudrunv2.Service("default", { + * name: "cloudrun-service", + * location: "us-central1", + * deletionProtection: false, + * ingress: "INGRESS_TRAFFIC_ALL", + * template: { + * containers: [{ + * image: "us-docker.pkg.dev/cloudrun/container/hello", + * }], + * }, + * buildConfig: { + * sourceLocation: pulumi.interpolate`gs://${bucket.name}/${object.name}`, + * functionTarget: "helloHttp", + * imageUri: "us-docker.pkg.dev/cloudrun/container/hello", + * baseImage: "us-central1-docker.pkg.dev/serverless-runtimes/google-22-full/runtimes/nodejs22", + * enableAutomaticUpdates: true, + * workerPool: "worker-pool", + * environmentVariables: { + * FOO_KEY: "FOO_VALUE", + * BAR_KEY: "BAR_VALUE", + * }, + * serviceAccount: cloudbuildServiceAccount.id, + * }, + * }, { + * dependsOn: [ + * actAs, + * logsWriter, + * ], + * }); + * ``` * * ## Import * @@ -572,6 +630,10 @@ export class Service extends pulumi.CustomResource { * Settings for the Binary Authorization feature. */ public readonly binaryAuthorization!: pulumi.Output; + /** + * Configuration for building a Cloud Run function. + */ + public readonly buildConfig!: pulumi.Output; /** * Arbitrary identifier for the API client. */ @@ -754,6 +816,7 @@ export class Service extends pulumi.CustomResource { const state = argsOrState as ServiceState | undefined; resourceInputs["annotations"] = state ? state.annotations : undefined; resourceInputs["binaryAuthorization"] = state ? state.binaryAuthorization : undefined; + resourceInputs["buildConfig"] = state ? state.buildConfig : undefined; resourceInputs["client"] = state ? state.client : undefined; resourceInputs["clientVersion"] = state ? state.clientVersion : undefined; resourceInputs["conditions"] = state ? state.conditions : undefined; @@ -801,6 +864,7 @@ export class Service extends pulumi.CustomResource { } resourceInputs["annotations"] = args ? args.annotations : undefined; resourceInputs["binaryAuthorization"] = args ? args.binaryAuthorization : undefined; + resourceInputs["buildConfig"] = args ? args.buildConfig : undefined; resourceInputs["client"] = args ? args.client : undefined; resourceInputs["clientVersion"] = args ? args.clientVersion : undefined; resourceInputs["customAudiences"] = args ? args.customAudiences : undefined; @@ -864,6 +928,10 @@ export interface ServiceState { * Settings for the Binary Authorization feature. */ binaryAuthorization?: pulumi.Input; + /** + * Configuration for building a Cloud Run function. + */ + buildConfig?: pulumi.Input; /** * Arbitrary identifier for the API client. */ @@ -1050,6 +1118,10 @@ export interface ServiceArgs { * Settings for the Binary Authorization feature. */ binaryAuthorization?: pulumi.Input; + /** + * Configuration for building a Cloud Run function. + */ + buildConfig?: pulumi.Input; /** * Arbitrary identifier for the API client. */ diff --git a/sdk/nodejs/colab/getRuntimeTemplateIamPolicy.ts b/sdk/nodejs/colab/getRuntimeTemplateIamPolicy.ts new file mode 100644 index 0000000000..f740fe3ff9 --- /dev/null +++ b/sdk/nodejs/colab/getRuntimeTemplateIamPolicy.ts @@ -0,0 +1,118 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +import * as pulumi from "@pulumi/pulumi"; +import * as utilities from "../utilities"; + +/** + * Retrieves the current IAM policy data for runtimetemplate + * + * ## example + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const policy = gcp.colab.getRuntimeTemplateIamPolicy({ + * project: runtime_template.project, + * location: runtime_template.location, + * runtimeTemplate: runtime_template.name, + * }); + * ``` + */ +export function getRuntimeTemplateIamPolicy(args: GetRuntimeTemplateIamPolicyArgs, opts?: pulumi.InvokeOptions): Promise { + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); + return pulumi.runtime.invoke("gcp:colab/getRuntimeTemplateIamPolicy:getRuntimeTemplateIamPolicy", { + "location": args.location, + "project": args.project, + "runtimeTemplate": args.runtimeTemplate, + }, opts); +} + +/** + * A collection of arguments for invoking getRuntimeTemplateIamPolicy. + */ +export interface GetRuntimeTemplateIamPolicyArgs { + /** + * The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + * the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + * location is specified, it is taken from the provider configuration. + */ + location?: string; + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + */ + project?: string; + /** + * Used to find the parent resource to bind the IAM policy to + */ + runtimeTemplate: string; +} + +/** + * A collection of values returned by getRuntimeTemplateIamPolicy. + */ +export interface GetRuntimeTemplateIamPolicyResult { + /** + * (Computed) The etag of the IAM policy. + */ + readonly etag: string; + /** + * The provider-assigned unique ID for this managed resource. + */ + readonly id: string; + readonly location: string; + /** + * (Required only by `gcp.colab.RuntimeTemplateIamPolicy`) The policy data generated by + * a `gcp.organizations.getIAMPolicy` data source. + */ + readonly policyData: string; + readonly project: string; + readonly runtimeTemplate: string; +} +/** + * Retrieves the current IAM policy data for runtimetemplate + * + * ## example + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const policy = gcp.colab.getRuntimeTemplateIamPolicy({ + * project: runtime_template.project, + * location: runtime_template.location, + * runtimeTemplate: runtime_template.name, + * }); + * ``` + */ +export function getRuntimeTemplateIamPolicyOutput(args: GetRuntimeTemplateIamPolicyOutputArgs, opts?: pulumi.InvokeOutputOptions): pulumi.Output { + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); + return pulumi.runtime.invokeOutput("gcp:colab/getRuntimeTemplateIamPolicy:getRuntimeTemplateIamPolicy", { + "location": args.location, + "project": args.project, + "runtimeTemplate": args.runtimeTemplate, + }, opts); +} + +/** + * A collection of arguments for invoking getRuntimeTemplateIamPolicy. + */ +export interface GetRuntimeTemplateIamPolicyOutputArgs { + /** + * The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + * the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + * location is specified, it is taken from the provider configuration. + */ + location?: pulumi.Input; + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + */ + project?: pulumi.Input; + /** + * Used to find the parent resource to bind the IAM policy to + */ + runtimeTemplate: pulumi.Input; +} diff --git a/sdk/nodejs/colab/index.ts b/sdk/nodejs/colab/index.ts index 88d3d7f08e..2b752fe4c8 100644 --- a/sdk/nodejs/colab/index.ts +++ b/sdk/nodejs/colab/index.ts @@ -5,21 +5,58 @@ import * as pulumi from "@pulumi/pulumi"; import * as utilities from "../utilities"; // Export members: +export { GetRuntimeTemplateIamPolicyArgs, GetRuntimeTemplateIamPolicyResult, GetRuntimeTemplateIamPolicyOutputArgs } from "./getRuntimeTemplateIamPolicy"; +export const getRuntimeTemplateIamPolicy: typeof import("./getRuntimeTemplateIamPolicy").getRuntimeTemplateIamPolicy = null as any; +export const getRuntimeTemplateIamPolicyOutput: typeof import("./getRuntimeTemplateIamPolicy").getRuntimeTemplateIamPolicyOutput = null as any; +utilities.lazyLoad(exports, ["getRuntimeTemplateIamPolicy","getRuntimeTemplateIamPolicyOutput"], () => require("./getRuntimeTemplateIamPolicy")); + +export { RuntimeArgs, RuntimeState } from "./runtime"; +export type Runtime = import("./runtime").Runtime; +export const Runtime: typeof import("./runtime").Runtime = null as any; +utilities.lazyLoad(exports, ["Runtime"], () => require("./runtime")); + export { RuntimeTemplateArgs, RuntimeTemplateState } from "./runtimeTemplate"; export type RuntimeTemplate = import("./runtimeTemplate").RuntimeTemplate; export const RuntimeTemplate: typeof import("./runtimeTemplate").RuntimeTemplate = null as any; utilities.lazyLoad(exports, ["RuntimeTemplate"], () => require("./runtimeTemplate")); +export { RuntimeTemplateIamBindingArgs, RuntimeTemplateIamBindingState } from "./runtimeTemplateIamBinding"; +export type RuntimeTemplateIamBinding = import("./runtimeTemplateIamBinding").RuntimeTemplateIamBinding; +export const RuntimeTemplateIamBinding: typeof import("./runtimeTemplateIamBinding").RuntimeTemplateIamBinding = null as any; +utilities.lazyLoad(exports, ["RuntimeTemplateIamBinding"], () => require("./runtimeTemplateIamBinding")); + +export { RuntimeTemplateIamMemberArgs, RuntimeTemplateIamMemberState } from "./runtimeTemplateIamMember"; +export type RuntimeTemplateIamMember = import("./runtimeTemplateIamMember").RuntimeTemplateIamMember; +export const RuntimeTemplateIamMember: typeof import("./runtimeTemplateIamMember").RuntimeTemplateIamMember = null as any; +utilities.lazyLoad(exports, ["RuntimeTemplateIamMember"], () => require("./runtimeTemplateIamMember")); + +export { RuntimeTemplateIamPolicyArgs, RuntimeTemplateIamPolicyState } from "./runtimeTemplateIamPolicy"; +export type RuntimeTemplateIamPolicy = import("./runtimeTemplateIamPolicy").RuntimeTemplateIamPolicy; +export const RuntimeTemplateIamPolicy: typeof import("./runtimeTemplateIamPolicy").RuntimeTemplateIamPolicy = null as any; +utilities.lazyLoad(exports, ["RuntimeTemplateIamPolicy"], () => require("./runtimeTemplateIamPolicy")); + const _module = { version: utilities.getVersion(), construct: (name: string, type: string, urn: string): pulumi.Resource => { switch (type) { + case "gcp:colab/runtime:Runtime": + return new Runtime(name, undefined, { urn }) case "gcp:colab/runtimeTemplate:RuntimeTemplate": return new RuntimeTemplate(name, undefined, { urn }) + case "gcp:colab/runtimeTemplateIamBinding:RuntimeTemplateIamBinding": + return new RuntimeTemplateIamBinding(name, undefined, { urn }) + case "gcp:colab/runtimeTemplateIamMember:RuntimeTemplateIamMember": + return new RuntimeTemplateIamMember(name, undefined, { urn }) + case "gcp:colab/runtimeTemplateIamPolicy:RuntimeTemplateIamPolicy": + return new RuntimeTemplateIamPolicy(name, undefined, { urn }) default: throw new Error(`unknown resource type ${type}`); } }, }; +pulumi.runtime.registerResourceModule("gcp", "colab/runtime", _module) pulumi.runtime.registerResourceModule("gcp", "colab/runtimeTemplate", _module) +pulumi.runtime.registerResourceModule("gcp", "colab/runtimeTemplateIamBinding", _module) +pulumi.runtime.registerResourceModule("gcp", "colab/runtimeTemplateIamMember", _module) +pulumi.runtime.registerResourceModule("gcp", "colab/runtimeTemplateIamPolicy", _module) diff --git a/sdk/nodejs/colab/runtime.ts b/sdk/nodejs/colab/runtime.ts new file mode 100644 index 0000000000..37593e3ca8 --- /dev/null +++ b/sdk/nodejs/colab/runtime.ts @@ -0,0 +1,312 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +import * as pulumi from "@pulumi/pulumi"; +import * as inputs from "../types/input"; +import * as outputs from "../types/output"; +import * as utilities from "../utilities"; + +/** + * 'A runtime is a Google-provisioned virtual machine (VM) that can run the code in your notebook (IPYNB file).' + * + * To get more information about Runtime, see: + * + * * [API documentation](https://cloud.google.com/vertex-ai/docs/reference/rest/v1/projects.locations.notebookRuntimes) + * * How-to Guides + * * [Create a runtime](https://cloud.google.com/colab/docs/create-runtime) + * + * ## Example Usage + * + * ### Colab Runtime Basic + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const myTemplate = new gcp.colab.RuntimeTemplate("my_template", { + * name: "colab-runtime", + * displayName: "Runtime template basic", + * location: "us-central1", + * machineSpec: { + * machineType: "e2-standard-4", + * }, + * networkSpec: { + * enableInternetAccess: true, + * }, + * }); + * const runtime = new gcp.colab.Runtime("runtime", { + * name: "colab-runtime", + * location: "us-central1", + * notebookRuntimeTemplateRef: { + * notebookRuntimeTemplate: myTemplate.id, + * }, + * displayName: "Runtime basic", + * runtimeUser: "gterraformtestuser@gmail.com", + * }, { + * dependsOn: [myTemplate], + * }); + * ``` + * ### Colab Runtime Full + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const myTemplate = new gcp.colab.RuntimeTemplate("my_template", { + * name: "colab-runtime", + * displayName: "Runtime template full", + * location: "us-central1", + * description: "Full runtime template", + * machineSpec: { + * machineType: "n1-standard-2", + * acceleratorType: "NVIDIA_TESLA_T4", + * acceleratorCount: 1, + * }, + * dataPersistentDiskSpec: { + * diskType: "pd-standard", + * diskSizeGb: "200", + * }, + * networkSpec: { + * enableInternetAccess: true, + * }, + * labels: { + * k: "val", + * }, + * idleShutdownConfig: { + * idleTimeout: "3600s", + * }, + * eucConfig: { + * eucDisabled: true, + * }, + * shieldedVmConfig: { + * enableSecureBoot: true, + * }, + * networkTags: [ + * "abc", + * "def", + * ], + * encryptionSpec: { + * kmsKeyName: "my-crypto-key", + * }, + * }); + * const runtime = new gcp.colab.Runtime("runtime", { + * name: "colab-runtime", + * location: "us-central1", + * notebookRuntimeTemplateRef: { + * notebookRuntimeTemplate: myTemplate.id, + * }, + * displayName: "Runtime full", + * runtimeUser: "gterraformtestuser@gmail.com", + * description: "Full runtime", + * }, { + * dependsOn: [myTemplate], + * }); + * ``` + * + * ## Import + * + * Runtime can be imported using any of these accepted formats: + * + * * `projects/{{project}}/locations/{{location}}/notebookRuntimes/{{name}}` + * + * * `{{project}}/{{location}}/{{name}}` + * + * * `{{location}}/{{name}}` + * + * When using the `pulumi import` command, Runtime can be imported using one of the formats above. For example: + * + * ```sh + * $ pulumi import gcp:colab/runtime:Runtime default projects/{{project}}/locations/{{location}}/notebookRuntimes/{{name}} + * ``` + * + * ```sh + * $ pulumi import gcp:colab/runtime:Runtime default {{project}}/{{location}}/{{name}} + * ``` + * + * ```sh + * $ pulumi import gcp:colab/runtime:Runtime default {{location}}/{{name}} + * ``` + */ +export class Runtime extends pulumi.CustomResource { + /** + * Get an existing Runtime resource's state with the given name, ID, and optional extra + * properties used to qualify the lookup. + * + * @param name The _unique_ name of the resulting resource. + * @param id The _unique_ provider ID of the resource to lookup. + * @param state Any extra arguments used during the lookup. + * @param opts Optional settings to control the behavior of the CustomResource. + */ + public static get(name: string, id: pulumi.Input, state?: RuntimeState, opts?: pulumi.CustomResourceOptions): Runtime { + return new Runtime(name, state, { ...opts, id: id }); + } + + /** @internal */ + public static readonly __pulumiType = 'gcp:colab/runtime:Runtime'; + + /** + * Returns true if the given object is an instance of Runtime. This is designed to work even + * when multiple copies of the Pulumi SDK have been loaded into the same process. + */ + public static isInstance(obj: any): obj is Runtime { + if (obj === undefined || obj === null) { + return false; + } + return obj['__pulumiType'] === Runtime.__pulumiType; + } + + /** + * The description of the Runtime. + */ + public readonly description!: pulumi.Output; + /** + * Required. The display name of the Runtime. + */ + public readonly displayName!: pulumi.Output; + /** + * The location for the resource: https://cloud.google.com/colab/docs/locations + * + * + * - - - + */ + public readonly location!: pulumi.Output; + /** + * The resource name of the Runtime + */ + public readonly name!: pulumi.Output; + /** + * 'Runtime specific information used for NotebookRuntime creation.' + * Structure is documented below. + */ + public readonly notebookRuntimeTemplateRef!: pulumi.Output; + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the provider project is used. + */ + public readonly project!: pulumi.Output; + /** + * The user email of the NotebookRuntime. + */ + public readonly runtimeUser!: pulumi.Output; + + /** + * Create a Runtime resource with the given unique name, arguments, and options. + * + * @param name The _unique_ name of the resource. + * @param args The arguments to use to populate this resource's properties. + * @param opts A bag of options that control this resource's behavior. + */ + constructor(name: string, args: RuntimeArgs, opts?: pulumi.CustomResourceOptions) + constructor(name: string, argsOrState?: RuntimeArgs | RuntimeState, opts?: pulumi.CustomResourceOptions) { + let resourceInputs: pulumi.Inputs = {}; + opts = opts || {}; + if (opts.id) { + const state = argsOrState as RuntimeState | undefined; + resourceInputs["description"] = state ? state.description : undefined; + resourceInputs["displayName"] = state ? state.displayName : undefined; + resourceInputs["location"] = state ? state.location : undefined; + resourceInputs["name"] = state ? state.name : undefined; + resourceInputs["notebookRuntimeTemplateRef"] = state ? state.notebookRuntimeTemplateRef : undefined; + resourceInputs["project"] = state ? state.project : undefined; + resourceInputs["runtimeUser"] = state ? state.runtimeUser : undefined; + } else { + const args = argsOrState as RuntimeArgs | undefined; + if ((!args || args.displayName === undefined) && !opts.urn) { + throw new Error("Missing required property 'displayName'"); + } + if ((!args || args.location === undefined) && !opts.urn) { + throw new Error("Missing required property 'location'"); + } + if ((!args || args.runtimeUser === undefined) && !opts.urn) { + throw new Error("Missing required property 'runtimeUser'"); + } + resourceInputs["description"] = args ? args.description : undefined; + resourceInputs["displayName"] = args ? args.displayName : undefined; + resourceInputs["location"] = args ? args.location : undefined; + resourceInputs["name"] = args ? args.name : undefined; + resourceInputs["notebookRuntimeTemplateRef"] = args ? args.notebookRuntimeTemplateRef : undefined; + resourceInputs["project"] = args ? args.project : undefined; + resourceInputs["runtimeUser"] = args ? args.runtimeUser : undefined; + } + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts); + super(Runtime.__pulumiType, name, resourceInputs, opts); + } +} + +/** + * Input properties used for looking up and filtering Runtime resources. + */ +export interface RuntimeState { + /** + * The description of the Runtime. + */ + description?: pulumi.Input; + /** + * Required. The display name of the Runtime. + */ + displayName?: pulumi.Input; + /** + * The location for the resource: https://cloud.google.com/colab/docs/locations + * + * + * - - - + */ + location?: pulumi.Input; + /** + * The resource name of the Runtime + */ + name?: pulumi.Input; + /** + * 'Runtime specific information used for NotebookRuntime creation.' + * Structure is documented below. + */ + notebookRuntimeTemplateRef?: pulumi.Input; + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the provider project is used. + */ + project?: pulumi.Input; + /** + * The user email of the NotebookRuntime. + */ + runtimeUser?: pulumi.Input; +} + +/** + * The set of arguments for constructing a Runtime resource. + */ +export interface RuntimeArgs { + /** + * The description of the Runtime. + */ + description?: pulumi.Input; + /** + * Required. The display name of the Runtime. + */ + displayName: pulumi.Input; + /** + * The location for the resource: https://cloud.google.com/colab/docs/locations + * + * + * - - - + */ + location: pulumi.Input; + /** + * The resource name of the Runtime + */ + name?: pulumi.Input; + /** + * 'Runtime specific information used for NotebookRuntime creation.' + * Structure is documented below. + */ + notebookRuntimeTemplateRef?: pulumi.Input; + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the provider project is used. + */ + project?: pulumi.Input; + /** + * The user email of the NotebookRuntime. + */ + runtimeUser: pulumi.Input; +} diff --git a/sdk/nodejs/colab/runtimeTemplateIamBinding.ts b/sdk/nodejs/colab/runtimeTemplateIamBinding.ts new file mode 100644 index 0000000000..a1fbc05d30 --- /dev/null +++ b/sdk/nodejs/colab/runtimeTemplateIamBinding.ts @@ -0,0 +1,380 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +import * as pulumi from "@pulumi/pulumi"; +import * as inputs from "../types/input"; +import * as outputs from "../types/output"; +import * as utilities from "../utilities"; + +/** + * Three different resources help you manage your IAM policy for Colab Enterprise RuntimeTemplate. Each of these resources serves a different use case: + * + * * `gcp.colab.RuntimeTemplateIamPolicy`: Authoritative. Sets the IAM policy for the runtimetemplate and replaces any existing policy already attached. + * * `gcp.colab.RuntimeTemplateIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the runtimetemplate are preserved. + * * `gcp.colab.RuntimeTemplateIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the runtimetemplate are preserved. + * + * A data source can be used to retrieve policy data in advent you do not need creation + * + * * `gcp.colab.RuntimeTemplateIamPolicy`: Retrieves the IAM policy for the runtimetemplate + * + * > **Note:** `gcp.colab.RuntimeTemplateIamPolicy` **cannot** be used in conjunction with `gcp.colab.RuntimeTemplateIamBinding` and `gcp.colab.RuntimeTemplateIamMember` or they will fight over what your policy should be. + * + * > **Note:** `gcp.colab.RuntimeTemplateIamBinding` resources **can be** used in conjunction with `gcp.colab.RuntimeTemplateIamMember` resources **only if** they do not grant privilege to the same role. + * + * ## gcp.colab.RuntimeTemplateIamPolicy + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const admin = gcp.organizations.getIAMPolicy({ + * bindings: [{ + * role: "roles/viewer", + * members: ["user:jane@example.com"], + * }], + * }); + * const policy = new gcp.colab.RuntimeTemplateIamPolicy("policy", { + * project: runtime_template.project, + * location: runtime_template.location, + * runtimeTemplate: runtime_template.name, + * policyData: admin.then(admin => admin.policyData), + * }); + * ``` + * + * ## gcp.colab.RuntimeTemplateIamBinding + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const binding = new gcp.colab.RuntimeTemplateIamBinding("binding", { + * project: runtime_template.project, + * location: runtime_template.location, + * runtimeTemplate: runtime_template.name, + * role: "roles/viewer", + * members: ["user:jane@example.com"], + * }); + * ``` + * + * ## gcp.colab.RuntimeTemplateIamMember + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const member = new gcp.colab.RuntimeTemplateIamMember("member", { + * project: runtime_template.project, + * location: runtime_template.location, + * runtimeTemplate: runtime_template.name, + * role: "roles/viewer", + * member: "user:jane@example.com", + * }); + * ``` + * + * ## This resource supports User Project Overrides. + * + * - + * + * # IAM policy for Colab Enterprise RuntimeTemplate + * Three different resources help you manage your IAM policy for Colab Enterprise RuntimeTemplate. Each of these resources serves a different use case: + * + * * `gcp.colab.RuntimeTemplateIamPolicy`: Authoritative. Sets the IAM policy for the runtimetemplate and replaces any existing policy already attached. + * * `gcp.colab.RuntimeTemplateIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the runtimetemplate are preserved. + * * `gcp.colab.RuntimeTemplateIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the runtimetemplate are preserved. + * + * A data source can be used to retrieve policy data in advent you do not need creation + * + * * `gcp.colab.RuntimeTemplateIamPolicy`: Retrieves the IAM policy for the runtimetemplate + * + * > **Note:** `gcp.colab.RuntimeTemplateIamPolicy` **cannot** be used in conjunction with `gcp.colab.RuntimeTemplateIamBinding` and `gcp.colab.RuntimeTemplateIamMember` or they will fight over what your policy should be. + * + * > **Note:** `gcp.colab.RuntimeTemplateIamBinding` resources **can be** used in conjunction with `gcp.colab.RuntimeTemplateIamMember` resources **only if** they do not grant privilege to the same role. + * + * ## gcp.colab.RuntimeTemplateIamPolicy + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const admin = gcp.organizations.getIAMPolicy({ + * bindings: [{ + * role: "roles/viewer", + * members: ["user:jane@example.com"], + * }], + * }); + * const policy = new gcp.colab.RuntimeTemplateIamPolicy("policy", { + * project: runtime_template.project, + * location: runtime_template.location, + * runtimeTemplate: runtime_template.name, + * policyData: admin.then(admin => admin.policyData), + * }); + * ``` + * + * ## gcp.colab.RuntimeTemplateIamBinding + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const binding = new gcp.colab.RuntimeTemplateIamBinding("binding", { + * project: runtime_template.project, + * location: runtime_template.location, + * runtimeTemplate: runtime_template.name, + * role: "roles/viewer", + * members: ["user:jane@example.com"], + * }); + * ``` + * + * ## gcp.colab.RuntimeTemplateIamMember + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const member = new gcp.colab.RuntimeTemplateIamMember("member", { + * project: runtime_template.project, + * location: runtime_template.location, + * runtimeTemplate: runtime_template.name, + * role: "roles/viewer", + * member: "user:jane@example.com", + * }); + * ``` + * + * ## Import + * + * For all import syntaxes, the "resource in question" can take any of the following forms: + * + * * projects/{{project}}/locations/{{location}}/notebookRuntimeTemplates/{{runtime_template}} + * + * * {{project}}/{{location}}/{{runtime_template}} + * + * * {{location}}/{{runtime_template}} + * + * * {{runtime_template}} + * + * Any variables not passed in the import command will be taken from the provider configuration. + * + * Colab Enterprise runtimetemplate IAM resources can be imported using the resource identifiers, role, and member. + * + * IAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g. + * + * ```sh + * $ pulumi import gcp:colab/runtimeTemplateIamBinding:RuntimeTemplateIamBinding editor "projects/{{project}}/locations/{{location}}/notebookRuntimeTemplates/{{runtime_template}} roles/viewer user:jane@example.com" + * ``` + * + * IAM binding imports use space-delimited identifiers: the resource in question and the role, e.g. + * + * ```sh + * $ pulumi import gcp:colab/runtimeTemplateIamBinding:RuntimeTemplateIamBinding editor "projects/{{project}}/locations/{{location}}/notebookRuntimeTemplates/{{runtime_template}} roles/viewer" + * ``` + * + * IAM policy imports use the identifier of the resource in question, e.g. + * + * ```sh + * $ pulumi import gcp:colab/runtimeTemplateIamBinding:RuntimeTemplateIamBinding editor projects/{{project}}/locations/{{location}}/notebookRuntimeTemplates/{{runtime_template}} + * ``` + * + * -> **Custom Roles** If you're importing a IAM resource with a custom role, make sure to use the + * + * full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`. + */ +export class RuntimeTemplateIamBinding extends pulumi.CustomResource { + /** + * Get an existing RuntimeTemplateIamBinding resource's state with the given name, ID, and optional extra + * properties used to qualify the lookup. + * + * @param name The _unique_ name of the resulting resource. + * @param id The _unique_ provider ID of the resource to lookup. + * @param state Any extra arguments used during the lookup. + * @param opts Optional settings to control the behavior of the CustomResource. + */ + public static get(name: string, id: pulumi.Input, state?: RuntimeTemplateIamBindingState, opts?: pulumi.CustomResourceOptions): RuntimeTemplateIamBinding { + return new RuntimeTemplateIamBinding(name, state, { ...opts, id: id }); + } + + /** @internal */ + public static readonly __pulumiType = 'gcp:colab/runtimeTemplateIamBinding:RuntimeTemplateIamBinding'; + + /** + * Returns true if the given object is an instance of RuntimeTemplateIamBinding. This is designed to work even + * when multiple copies of the Pulumi SDK have been loaded into the same process. + */ + public static isInstance(obj: any): obj is RuntimeTemplateIamBinding { + if (obj === undefined || obj === null) { + return false; + } + return obj['__pulumiType'] === RuntimeTemplateIamBinding.__pulumiType; + } + + public readonly condition!: pulumi.Output; + /** + * (Computed) The etag of the IAM policy. + */ + public /*out*/ readonly etag!: pulumi.Output; + /** + * The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + * the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + * location is specified, it is taken from the provider configuration. + */ + public readonly location!: pulumi.Output; + /** + * Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + */ + public readonly members!: pulumi.Output; + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + */ + public readonly project!: pulumi.Output; + /** + * The role that should be applied. Only one + * `gcp.colab.RuntimeTemplateIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + */ + public readonly role!: pulumi.Output; + /** + * Used to find the parent resource to bind the IAM policy to + */ + public readonly runtimeTemplate!: pulumi.Output; + + /** + * Create a RuntimeTemplateIamBinding resource with the given unique name, arguments, and options. + * + * @param name The _unique_ name of the resource. + * @param args The arguments to use to populate this resource's properties. + * @param opts A bag of options that control this resource's behavior. + */ + constructor(name: string, args: RuntimeTemplateIamBindingArgs, opts?: pulumi.CustomResourceOptions) + constructor(name: string, argsOrState?: RuntimeTemplateIamBindingArgs | RuntimeTemplateIamBindingState, opts?: pulumi.CustomResourceOptions) { + let resourceInputs: pulumi.Inputs = {}; + opts = opts || {}; + if (opts.id) { + const state = argsOrState as RuntimeTemplateIamBindingState | undefined; + resourceInputs["condition"] = state ? state.condition : undefined; + resourceInputs["etag"] = state ? state.etag : undefined; + resourceInputs["location"] = state ? state.location : undefined; + resourceInputs["members"] = state ? state.members : undefined; + resourceInputs["project"] = state ? state.project : undefined; + resourceInputs["role"] = state ? state.role : undefined; + resourceInputs["runtimeTemplate"] = state ? state.runtimeTemplate : undefined; + } else { + const args = argsOrState as RuntimeTemplateIamBindingArgs | undefined; + if ((!args || args.members === undefined) && !opts.urn) { + throw new Error("Missing required property 'members'"); + } + if ((!args || args.role === undefined) && !opts.urn) { + throw new Error("Missing required property 'role'"); + } + if ((!args || args.runtimeTemplate === undefined) && !opts.urn) { + throw new Error("Missing required property 'runtimeTemplate'"); + } + resourceInputs["condition"] = args ? args.condition : undefined; + resourceInputs["location"] = args ? args.location : undefined; + resourceInputs["members"] = args ? args.members : undefined; + resourceInputs["project"] = args ? args.project : undefined; + resourceInputs["role"] = args ? args.role : undefined; + resourceInputs["runtimeTemplate"] = args ? args.runtimeTemplate : undefined; + resourceInputs["etag"] = undefined /*out*/; + } + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts); + super(RuntimeTemplateIamBinding.__pulumiType, name, resourceInputs, opts); + } +} + +/** + * Input properties used for looking up and filtering RuntimeTemplateIamBinding resources. + */ +export interface RuntimeTemplateIamBindingState { + condition?: pulumi.Input; + /** + * (Computed) The etag of the IAM policy. + */ + etag?: pulumi.Input; + /** + * The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + * the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + * location is specified, it is taken from the provider configuration. + */ + location?: pulumi.Input; + /** + * Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + */ + members?: pulumi.Input[]>; + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + */ + project?: pulumi.Input; + /** + * The role that should be applied. Only one + * `gcp.colab.RuntimeTemplateIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + */ + role?: pulumi.Input; + /** + * Used to find the parent resource to bind the IAM policy to + */ + runtimeTemplate?: pulumi.Input; +} + +/** + * The set of arguments for constructing a RuntimeTemplateIamBinding resource. + */ +export interface RuntimeTemplateIamBindingArgs { + condition?: pulumi.Input; + /** + * The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + * the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + * location is specified, it is taken from the provider configuration. + */ + location?: pulumi.Input; + /** + * Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + */ + members: pulumi.Input[]>; + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + */ + project?: pulumi.Input; + /** + * The role that should be applied. Only one + * `gcp.colab.RuntimeTemplateIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + */ + role: pulumi.Input; + /** + * Used to find the parent resource to bind the IAM policy to + */ + runtimeTemplate: pulumi.Input; +} diff --git a/sdk/nodejs/colab/runtimeTemplateIamMember.ts b/sdk/nodejs/colab/runtimeTemplateIamMember.ts new file mode 100644 index 0000000000..1a72506e04 --- /dev/null +++ b/sdk/nodejs/colab/runtimeTemplateIamMember.ts @@ -0,0 +1,380 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +import * as pulumi from "@pulumi/pulumi"; +import * as inputs from "../types/input"; +import * as outputs from "../types/output"; +import * as utilities from "../utilities"; + +/** + * Three different resources help you manage your IAM policy for Colab Enterprise RuntimeTemplate. Each of these resources serves a different use case: + * + * * `gcp.colab.RuntimeTemplateIamPolicy`: Authoritative. Sets the IAM policy for the runtimetemplate and replaces any existing policy already attached. + * * `gcp.colab.RuntimeTemplateIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the runtimetemplate are preserved. + * * `gcp.colab.RuntimeTemplateIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the runtimetemplate are preserved. + * + * A data source can be used to retrieve policy data in advent you do not need creation + * + * * `gcp.colab.RuntimeTemplateIamPolicy`: Retrieves the IAM policy for the runtimetemplate + * + * > **Note:** `gcp.colab.RuntimeTemplateIamPolicy` **cannot** be used in conjunction with `gcp.colab.RuntimeTemplateIamBinding` and `gcp.colab.RuntimeTemplateIamMember` or they will fight over what your policy should be. + * + * > **Note:** `gcp.colab.RuntimeTemplateIamBinding` resources **can be** used in conjunction with `gcp.colab.RuntimeTemplateIamMember` resources **only if** they do not grant privilege to the same role. + * + * ## gcp.colab.RuntimeTemplateIamPolicy + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const admin = gcp.organizations.getIAMPolicy({ + * bindings: [{ + * role: "roles/viewer", + * members: ["user:jane@example.com"], + * }], + * }); + * const policy = new gcp.colab.RuntimeTemplateIamPolicy("policy", { + * project: runtime_template.project, + * location: runtime_template.location, + * runtimeTemplate: runtime_template.name, + * policyData: admin.then(admin => admin.policyData), + * }); + * ``` + * + * ## gcp.colab.RuntimeTemplateIamBinding + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const binding = new gcp.colab.RuntimeTemplateIamBinding("binding", { + * project: runtime_template.project, + * location: runtime_template.location, + * runtimeTemplate: runtime_template.name, + * role: "roles/viewer", + * members: ["user:jane@example.com"], + * }); + * ``` + * + * ## gcp.colab.RuntimeTemplateIamMember + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const member = new gcp.colab.RuntimeTemplateIamMember("member", { + * project: runtime_template.project, + * location: runtime_template.location, + * runtimeTemplate: runtime_template.name, + * role: "roles/viewer", + * member: "user:jane@example.com", + * }); + * ``` + * + * ## This resource supports User Project Overrides. + * + * - + * + * # IAM policy for Colab Enterprise RuntimeTemplate + * Three different resources help you manage your IAM policy for Colab Enterprise RuntimeTemplate. Each of these resources serves a different use case: + * + * * `gcp.colab.RuntimeTemplateIamPolicy`: Authoritative. Sets the IAM policy for the runtimetemplate and replaces any existing policy already attached. + * * `gcp.colab.RuntimeTemplateIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the runtimetemplate are preserved. + * * `gcp.colab.RuntimeTemplateIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the runtimetemplate are preserved. + * + * A data source can be used to retrieve policy data in advent you do not need creation + * + * * `gcp.colab.RuntimeTemplateIamPolicy`: Retrieves the IAM policy for the runtimetemplate + * + * > **Note:** `gcp.colab.RuntimeTemplateIamPolicy` **cannot** be used in conjunction with `gcp.colab.RuntimeTemplateIamBinding` and `gcp.colab.RuntimeTemplateIamMember` or they will fight over what your policy should be. + * + * > **Note:** `gcp.colab.RuntimeTemplateIamBinding` resources **can be** used in conjunction with `gcp.colab.RuntimeTemplateIamMember` resources **only if** they do not grant privilege to the same role. + * + * ## gcp.colab.RuntimeTemplateIamPolicy + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const admin = gcp.organizations.getIAMPolicy({ + * bindings: [{ + * role: "roles/viewer", + * members: ["user:jane@example.com"], + * }], + * }); + * const policy = new gcp.colab.RuntimeTemplateIamPolicy("policy", { + * project: runtime_template.project, + * location: runtime_template.location, + * runtimeTemplate: runtime_template.name, + * policyData: admin.then(admin => admin.policyData), + * }); + * ``` + * + * ## gcp.colab.RuntimeTemplateIamBinding + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const binding = new gcp.colab.RuntimeTemplateIamBinding("binding", { + * project: runtime_template.project, + * location: runtime_template.location, + * runtimeTemplate: runtime_template.name, + * role: "roles/viewer", + * members: ["user:jane@example.com"], + * }); + * ``` + * + * ## gcp.colab.RuntimeTemplateIamMember + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const member = new gcp.colab.RuntimeTemplateIamMember("member", { + * project: runtime_template.project, + * location: runtime_template.location, + * runtimeTemplate: runtime_template.name, + * role: "roles/viewer", + * member: "user:jane@example.com", + * }); + * ``` + * + * ## Import + * + * For all import syntaxes, the "resource in question" can take any of the following forms: + * + * * projects/{{project}}/locations/{{location}}/notebookRuntimeTemplates/{{runtime_template}} + * + * * {{project}}/{{location}}/{{runtime_template}} + * + * * {{location}}/{{runtime_template}} + * + * * {{runtime_template}} + * + * Any variables not passed in the import command will be taken from the provider configuration. + * + * Colab Enterprise runtimetemplate IAM resources can be imported using the resource identifiers, role, and member. + * + * IAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g. + * + * ```sh + * $ pulumi import gcp:colab/runtimeTemplateIamMember:RuntimeTemplateIamMember editor "projects/{{project}}/locations/{{location}}/notebookRuntimeTemplates/{{runtime_template}} roles/viewer user:jane@example.com" + * ``` + * + * IAM binding imports use space-delimited identifiers: the resource in question and the role, e.g. + * + * ```sh + * $ pulumi import gcp:colab/runtimeTemplateIamMember:RuntimeTemplateIamMember editor "projects/{{project}}/locations/{{location}}/notebookRuntimeTemplates/{{runtime_template}} roles/viewer" + * ``` + * + * IAM policy imports use the identifier of the resource in question, e.g. + * + * ```sh + * $ pulumi import gcp:colab/runtimeTemplateIamMember:RuntimeTemplateIamMember editor projects/{{project}}/locations/{{location}}/notebookRuntimeTemplates/{{runtime_template}} + * ``` + * + * -> **Custom Roles** If you're importing a IAM resource with a custom role, make sure to use the + * + * full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`. + */ +export class RuntimeTemplateIamMember extends pulumi.CustomResource { + /** + * Get an existing RuntimeTemplateIamMember resource's state with the given name, ID, and optional extra + * properties used to qualify the lookup. + * + * @param name The _unique_ name of the resulting resource. + * @param id The _unique_ provider ID of the resource to lookup. + * @param state Any extra arguments used during the lookup. + * @param opts Optional settings to control the behavior of the CustomResource. + */ + public static get(name: string, id: pulumi.Input, state?: RuntimeTemplateIamMemberState, opts?: pulumi.CustomResourceOptions): RuntimeTemplateIamMember { + return new RuntimeTemplateIamMember(name, state, { ...opts, id: id }); + } + + /** @internal */ + public static readonly __pulumiType = 'gcp:colab/runtimeTemplateIamMember:RuntimeTemplateIamMember'; + + /** + * Returns true if the given object is an instance of RuntimeTemplateIamMember. This is designed to work even + * when multiple copies of the Pulumi SDK have been loaded into the same process. + */ + public static isInstance(obj: any): obj is RuntimeTemplateIamMember { + if (obj === undefined || obj === null) { + return false; + } + return obj['__pulumiType'] === RuntimeTemplateIamMember.__pulumiType; + } + + public readonly condition!: pulumi.Output; + /** + * (Computed) The etag of the IAM policy. + */ + public /*out*/ readonly etag!: pulumi.Output; + /** + * The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + * the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + * location is specified, it is taken from the provider configuration. + */ + public readonly location!: pulumi.Output; + /** + * Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + */ + public readonly member!: pulumi.Output; + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + */ + public readonly project!: pulumi.Output; + /** + * The role that should be applied. Only one + * `gcp.colab.RuntimeTemplateIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + */ + public readonly role!: pulumi.Output; + /** + * Used to find the parent resource to bind the IAM policy to + */ + public readonly runtimeTemplate!: pulumi.Output; + + /** + * Create a RuntimeTemplateIamMember resource with the given unique name, arguments, and options. + * + * @param name The _unique_ name of the resource. + * @param args The arguments to use to populate this resource's properties. + * @param opts A bag of options that control this resource's behavior. + */ + constructor(name: string, args: RuntimeTemplateIamMemberArgs, opts?: pulumi.CustomResourceOptions) + constructor(name: string, argsOrState?: RuntimeTemplateIamMemberArgs | RuntimeTemplateIamMemberState, opts?: pulumi.CustomResourceOptions) { + let resourceInputs: pulumi.Inputs = {}; + opts = opts || {}; + if (opts.id) { + const state = argsOrState as RuntimeTemplateIamMemberState | undefined; + resourceInputs["condition"] = state ? state.condition : undefined; + resourceInputs["etag"] = state ? state.etag : undefined; + resourceInputs["location"] = state ? state.location : undefined; + resourceInputs["member"] = state ? state.member : undefined; + resourceInputs["project"] = state ? state.project : undefined; + resourceInputs["role"] = state ? state.role : undefined; + resourceInputs["runtimeTemplate"] = state ? state.runtimeTemplate : undefined; + } else { + const args = argsOrState as RuntimeTemplateIamMemberArgs | undefined; + if ((!args || args.member === undefined) && !opts.urn) { + throw new Error("Missing required property 'member'"); + } + if ((!args || args.role === undefined) && !opts.urn) { + throw new Error("Missing required property 'role'"); + } + if ((!args || args.runtimeTemplate === undefined) && !opts.urn) { + throw new Error("Missing required property 'runtimeTemplate'"); + } + resourceInputs["condition"] = args ? args.condition : undefined; + resourceInputs["location"] = args ? args.location : undefined; + resourceInputs["member"] = args ? args.member : undefined; + resourceInputs["project"] = args ? args.project : undefined; + resourceInputs["role"] = args ? args.role : undefined; + resourceInputs["runtimeTemplate"] = args ? args.runtimeTemplate : undefined; + resourceInputs["etag"] = undefined /*out*/; + } + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts); + super(RuntimeTemplateIamMember.__pulumiType, name, resourceInputs, opts); + } +} + +/** + * Input properties used for looking up and filtering RuntimeTemplateIamMember resources. + */ +export interface RuntimeTemplateIamMemberState { + condition?: pulumi.Input; + /** + * (Computed) The etag of the IAM policy. + */ + etag?: pulumi.Input; + /** + * The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + * the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + * location is specified, it is taken from the provider configuration. + */ + location?: pulumi.Input; + /** + * Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + */ + member?: pulumi.Input; + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + */ + project?: pulumi.Input; + /** + * The role that should be applied. Only one + * `gcp.colab.RuntimeTemplateIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + */ + role?: pulumi.Input; + /** + * Used to find the parent resource to bind the IAM policy to + */ + runtimeTemplate?: pulumi.Input; +} + +/** + * The set of arguments for constructing a RuntimeTemplateIamMember resource. + */ +export interface RuntimeTemplateIamMemberArgs { + condition?: pulumi.Input; + /** + * The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + * the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + * location is specified, it is taken from the provider configuration. + */ + location?: pulumi.Input; + /** + * Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + */ + member: pulumi.Input; + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + */ + project?: pulumi.Input; + /** + * The role that should be applied. Only one + * `gcp.colab.RuntimeTemplateIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + */ + role: pulumi.Input; + /** + * Used to find the parent resource to bind the IAM policy to + */ + runtimeTemplate: pulumi.Input; +} diff --git a/sdk/nodejs/colab/runtimeTemplateIamPolicy.ts b/sdk/nodejs/colab/runtimeTemplateIamPolicy.ts new file mode 100644 index 0000000000..9d9cba4fe8 --- /dev/null +++ b/sdk/nodejs/colab/runtimeTemplateIamPolicy.ts @@ -0,0 +1,323 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +import * as pulumi from "@pulumi/pulumi"; +import * as utilities from "../utilities"; + +/** + * Three different resources help you manage your IAM policy for Colab Enterprise RuntimeTemplate. Each of these resources serves a different use case: + * + * * `gcp.colab.RuntimeTemplateIamPolicy`: Authoritative. Sets the IAM policy for the runtimetemplate and replaces any existing policy already attached. + * * `gcp.colab.RuntimeTemplateIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the runtimetemplate are preserved. + * * `gcp.colab.RuntimeTemplateIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the runtimetemplate are preserved. + * + * A data source can be used to retrieve policy data in advent you do not need creation + * + * * `gcp.colab.RuntimeTemplateIamPolicy`: Retrieves the IAM policy for the runtimetemplate + * + * > **Note:** `gcp.colab.RuntimeTemplateIamPolicy` **cannot** be used in conjunction with `gcp.colab.RuntimeTemplateIamBinding` and `gcp.colab.RuntimeTemplateIamMember` or they will fight over what your policy should be. + * + * > **Note:** `gcp.colab.RuntimeTemplateIamBinding` resources **can be** used in conjunction with `gcp.colab.RuntimeTemplateIamMember` resources **only if** they do not grant privilege to the same role. + * + * ## gcp.colab.RuntimeTemplateIamPolicy + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const admin = gcp.organizations.getIAMPolicy({ + * bindings: [{ + * role: "roles/viewer", + * members: ["user:jane@example.com"], + * }], + * }); + * const policy = new gcp.colab.RuntimeTemplateIamPolicy("policy", { + * project: runtime_template.project, + * location: runtime_template.location, + * runtimeTemplate: runtime_template.name, + * policyData: admin.then(admin => admin.policyData), + * }); + * ``` + * + * ## gcp.colab.RuntimeTemplateIamBinding + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const binding = new gcp.colab.RuntimeTemplateIamBinding("binding", { + * project: runtime_template.project, + * location: runtime_template.location, + * runtimeTemplate: runtime_template.name, + * role: "roles/viewer", + * members: ["user:jane@example.com"], + * }); + * ``` + * + * ## gcp.colab.RuntimeTemplateIamMember + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const member = new gcp.colab.RuntimeTemplateIamMember("member", { + * project: runtime_template.project, + * location: runtime_template.location, + * runtimeTemplate: runtime_template.name, + * role: "roles/viewer", + * member: "user:jane@example.com", + * }); + * ``` + * + * ## This resource supports User Project Overrides. + * + * - + * + * # IAM policy for Colab Enterprise RuntimeTemplate + * Three different resources help you manage your IAM policy for Colab Enterprise RuntimeTemplate. Each of these resources serves a different use case: + * + * * `gcp.colab.RuntimeTemplateIamPolicy`: Authoritative. Sets the IAM policy for the runtimetemplate and replaces any existing policy already attached. + * * `gcp.colab.RuntimeTemplateIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the runtimetemplate are preserved. + * * `gcp.colab.RuntimeTemplateIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the runtimetemplate are preserved. + * + * A data source can be used to retrieve policy data in advent you do not need creation + * + * * `gcp.colab.RuntimeTemplateIamPolicy`: Retrieves the IAM policy for the runtimetemplate + * + * > **Note:** `gcp.colab.RuntimeTemplateIamPolicy` **cannot** be used in conjunction with `gcp.colab.RuntimeTemplateIamBinding` and `gcp.colab.RuntimeTemplateIamMember` or they will fight over what your policy should be. + * + * > **Note:** `gcp.colab.RuntimeTemplateIamBinding` resources **can be** used in conjunction with `gcp.colab.RuntimeTemplateIamMember` resources **only if** they do not grant privilege to the same role. + * + * ## gcp.colab.RuntimeTemplateIamPolicy + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const admin = gcp.organizations.getIAMPolicy({ + * bindings: [{ + * role: "roles/viewer", + * members: ["user:jane@example.com"], + * }], + * }); + * const policy = new gcp.colab.RuntimeTemplateIamPolicy("policy", { + * project: runtime_template.project, + * location: runtime_template.location, + * runtimeTemplate: runtime_template.name, + * policyData: admin.then(admin => admin.policyData), + * }); + * ``` + * + * ## gcp.colab.RuntimeTemplateIamBinding + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const binding = new gcp.colab.RuntimeTemplateIamBinding("binding", { + * project: runtime_template.project, + * location: runtime_template.location, + * runtimeTemplate: runtime_template.name, + * role: "roles/viewer", + * members: ["user:jane@example.com"], + * }); + * ``` + * + * ## gcp.colab.RuntimeTemplateIamMember + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const member = new gcp.colab.RuntimeTemplateIamMember("member", { + * project: runtime_template.project, + * location: runtime_template.location, + * runtimeTemplate: runtime_template.name, + * role: "roles/viewer", + * member: "user:jane@example.com", + * }); + * ``` + * + * ## Import + * + * For all import syntaxes, the "resource in question" can take any of the following forms: + * + * * projects/{{project}}/locations/{{location}}/notebookRuntimeTemplates/{{runtime_template}} + * + * * {{project}}/{{location}}/{{runtime_template}} + * + * * {{location}}/{{runtime_template}} + * + * * {{runtime_template}} + * + * Any variables not passed in the import command will be taken from the provider configuration. + * + * Colab Enterprise runtimetemplate IAM resources can be imported using the resource identifiers, role, and member. + * + * IAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g. + * + * ```sh + * $ pulumi import gcp:colab/runtimeTemplateIamPolicy:RuntimeTemplateIamPolicy editor "projects/{{project}}/locations/{{location}}/notebookRuntimeTemplates/{{runtime_template}} roles/viewer user:jane@example.com" + * ``` + * + * IAM binding imports use space-delimited identifiers: the resource in question and the role, e.g. + * + * ```sh + * $ pulumi import gcp:colab/runtimeTemplateIamPolicy:RuntimeTemplateIamPolicy editor "projects/{{project}}/locations/{{location}}/notebookRuntimeTemplates/{{runtime_template}} roles/viewer" + * ``` + * + * IAM policy imports use the identifier of the resource in question, e.g. + * + * ```sh + * $ pulumi import gcp:colab/runtimeTemplateIamPolicy:RuntimeTemplateIamPolicy editor projects/{{project}}/locations/{{location}}/notebookRuntimeTemplates/{{runtime_template}} + * ``` + * + * -> **Custom Roles** If you're importing a IAM resource with a custom role, make sure to use the + * + * full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`. + */ +export class RuntimeTemplateIamPolicy extends pulumi.CustomResource { + /** + * Get an existing RuntimeTemplateIamPolicy resource's state with the given name, ID, and optional extra + * properties used to qualify the lookup. + * + * @param name The _unique_ name of the resulting resource. + * @param id The _unique_ provider ID of the resource to lookup. + * @param state Any extra arguments used during the lookup. + * @param opts Optional settings to control the behavior of the CustomResource. + */ + public static get(name: string, id: pulumi.Input, state?: RuntimeTemplateIamPolicyState, opts?: pulumi.CustomResourceOptions): RuntimeTemplateIamPolicy { + return new RuntimeTemplateIamPolicy(name, state, { ...opts, id: id }); + } + + /** @internal */ + public static readonly __pulumiType = 'gcp:colab/runtimeTemplateIamPolicy:RuntimeTemplateIamPolicy'; + + /** + * Returns true if the given object is an instance of RuntimeTemplateIamPolicy. This is designed to work even + * when multiple copies of the Pulumi SDK have been loaded into the same process. + */ + public static isInstance(obj: any): obj is RuntimeTemplateIamPolicy { + if (obj === undefined || obj === null) { + return false; + } + return obj['__pulumiType'] === RuntimeTemplateIamPolicy.__pulumiType; + } + + /** + * (Computed) The etag of the IAM policy. + */ + public /*out*/ readonly etag!: pulumi.Output; + /** + * The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + * the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + * location is specified, it is taken from the provider configuration. + */ + public readonly location!: pulumi.Output; + /** + * The policy data generated by + * a `gcp.organizations.getIAMPolicy` data source. + */ + public readonly policyData!: pulumi.Output; + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + */ + public readonly project!: pulumi.Output; + /** + * Used to find the parent resource to bind the IAM policy to + */ + public readonly runtimeTemplate!: pulumi.Output; + + /** + * Create a RuntimeTemplateIamPolicy resource with the given unique name, arguments, and options. + * + * @param name The _unique_ name of the resource. + * @param args The arguments to use to populate this resource's properties. + * @param opts A bag of options that control this resource's behavior. + */ + constructor(name: string, args: RuntimeTemplateIamPolicyArgs, opts?: pulumi.CustomResourceOptions) + constructor(name: string, argsOrState?: RuntimeTemplateIamPolicyArgs | RuntimeTemplateIamPolicyState, opts?: pulumi.CustomResourceOptions) { + let resourceInputs: pulumi.Inputs = {}; + opts = opts || {}; + if (opts.id) { + const state = argsOrState as RuntimeTemplateIamPolicyState | undefined; + resourceInputs["etag"] = state ? state.etag : undefined; + resourceInputs["location"] = state ? state.location : undefined; + resourceInputs["policyData"] = state ? state.policyData : undefined; + resourceInputs["project"] = state ? state.project : undefined; + resourceInputs["runtimeTemplate"] = state ? state.runtimeTemplate : undefined; + } else { + const args = argsOrState as RuntimeTemplateIamPolicyArgs | undefined; + if ((!args || args.policyData === undefined) && !opts.urn) { + throw new Error("Missing required property 'policyData'"); + } + if ((!args || args.runtimeTemplate === undefined) && !opts.urn) { + throw new Error("Missing required property 'runtimeTemplate'"); + } + resourceInputs["location"] = args ? args.location : undefined; + resourceInputs["policyData"] = args ? args.policyData : undefined; + resourceInputs["project"] = args ? args.project : undefined; + resourceInputs["runtimeTemplate"] = args ? args.runtimeTemplate : undefined; + resourceInputs["etag"] = undefined /*out*/; + } + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts); + super(RuntimeTemplateIamPolicy.__pulumiType, name, resourceInputs, opts); + } +} + +/** + * Input properties used for looking up and filtering RuntimeTemplateIamPolicy resources. + */ +export interface RuntimeTemplateIamPolicyState { + /** + * (Computed) The etag of the IAM policy. + */ + etag?: pulumi.Input; + /** + * The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + * the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + * location is specified, it is taken from the provider configuration. + */ + location?: pulumi.Input; + /** + * The policy data generated by + * a `gcp.organizations.getIAMPolicy` data source. + */ + policyData?: pulumi.Input; + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + */ + project?: pulumi.Input; + /** + * Used to find the parent resource to bind the IAM policy to + */ + runtimeTemplate?: pulumi.Input; +} + +/** + * The set of arguments for constructing a RuntimeTemplateIamPolicy resource. + */ +export interface RuntimeTemplateIamPolicyArgs { + /** + * The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + * the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + * location is specified, it is taken from the provider configuration. + */ + location?: pulumi.Input; + /** + * The policy data generated by + * a `gcp.organizations.getIAMPolicy` data source. + */ + policyData: pulumi.Input; + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + */ + project?: pulumi.Input; + /** + * Used to find the parent resource to bind the IAM policy to + */ + runtimeTemplate: pulumi.Input; +} diff --git a/sdk/nodejs/compute/firewallPolicyRule.ts b/sdk/nodejs/compute/firewallPolicyRule.ts index 0861f8ab98..1dc4e3c67c 100644 --- a/sdk/nodejs/compute/firewallPolicyRule.ts +++ b/sdk/nodejs/compute/firewallPolicyRule.ts @@ -22,7 +22,7 @@ import * as utilities from "../utilities"; * import * as gcp from "@pulumi/gcp"; * * const basicGlobalNetworksecurityAddressGroup = new gcp.networksecurity.AddressGroup("basic_global_networksecurity_address_group", { - * name: "address", + * name: "address-group", * parent: "organizations/123456789", * description: "Sample global networksecurity_address_group", * location: "global", @@ -37,10 +37,10 @@ import * as utilities from "../utilities"; * }); * const _default = new gcp.compute.FirewallPolicy("default", { * parent: folder.id, - * shortName: "policy", + * shortName: "fw-policy", * description: "Resource created for Terraform acceptance testing", * }); - * const policyRule = new gcp.compute.FirewallPolicyRule("policy_rule", { + * const primary = new gcp.compute.FirewallPolicyRule("primary", { * firewallPolicy: _default.name, * description: "Resource created for Terraform acceptance testing", * priority: 9000, @@ -48,7 +48,59 @@ import * as utilities from "../utilities"; * action: "allow", * direction: "EGRESS", * disabled: false, + * targetServiceAccounts: ["my@service-account.com"], * match: { + * destIpRanges: ["11.100.0.1/32"], + * destFqdns: [], + * destRegionCodes: ["US"], + * destThreatIntelligences: ["iplist-known-malicious-ips"], + * srcAddressGroups: [], + * destAddressGroups: [basicGlobalNetworksecurityAddressGroup.id], + * destNetworkScope: "INTERNET", + * layer4Configs: [ + * { + * ipProtocol: "tcp", + * ports: ["8080"], + * }, + * { + * ipProtocol: "udp", + * ports: ["22"], + * }, + * ], + * }, + * }); + * ``` + * ### Firewall Policy Rule Network Scope + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const folder = new gcp.organizations.Folder("folder", { + * displayName: "folder", + * parent: "organizations/123456789", + * deletionProtection: false, + * }); + * const _default = new gcp.compute.FirewallPolicy("default", { + * parent: folder.id, + * shortName: "fw-policy", + * description: "Firewall policy", + * }); + * const network = new gcp.compute.Network("network", { + * name: "network", + * autoCreateSubnetworks: false, + * }); + * const primary = new gcp.compute.FirewallPolicyRule("primary", { + * firewallPolicy: _default.name, + * description: "Firewall policy rule with network scope", + * priority: 9000, + * action: "allow", + * direction: "INGRESS", + * disabled: false, + * match: { + * srcIpRanges: ["11.100.0.1/32"], + * srcNetworkScope: "VPC_NETWORKS", + * srcNetworks: [network.id], * layer4Configs: [ * { * ipProtocol: "tcp", @@ -59,14 +111,7 @@ import * as utilities from "../utilities"; * ports: ["22"], * }, * ], - * destIpRanges: ["11.100.0.1/32"], - * destFqdns: [], - * destRegionCodes: ["US"], - * destThreatIntelligences: ["iplist-known-malicious-ips"], - * srcAddressGroups: [], - * destAddressGroups: [basicGlobalNetworksecurityAddressGroup.id], * }, - * targetServiceAccounts: ["my@service-account.com"], * }); * ``` * diff --git a/sdk/nodejs/compute/firewallPolicyWithRules.ts b/sdk/nodejs/compute/firewallPolicyWithRules.ts index 8ad74af5db..3aae295e28 100644 --- a/sdk/nodejs/compute/firewallPolicyWithRules.ts +++ b/sdk/nodejs/compute/firewallPolicyWithRules.ts @@ -17,7 +17,7 @@ import * as utilities from "../utilities"; * * const project = gcp.organizations.getProject({}); * const addressGroup1 = new gcp.networksecurity.AddressGroup("address_group_1", { - * name: "tf-address-group", + * name: "address-group", * parent: "organizations/123456789", * description: "Global address group", * location: "global", @@ -26,19 +26,23 @@ import * as utilities from "../utilities"; * capacity: 100, * }); * const securityProfile1 = new gcp.networksecurity.SecurityProfile("security_profile_1", { - * name: "tf-security-profile", + * name: "sp", * type: "THREAT_PREVENTION", * parent: "organizations/123456789", * location: "global", * }); * const securityProfileGroup1 = new gcp.networksecurity.SecurityProfileGroup("security_profile_group_1", { - * name: "tf-security-profile-group", + * name: "spg", * parent: "organizations/123456789", * description: "my description", * threatPreventionProfile: securityProfile1.id, * }); - * const firewall_policy_with_rules = new gcp.compute.FirewallPolicyWithRules("firewall-policy-with-rules", { - * shortName: "tf-fw-org-policy-with-rules", + * const network = new gcp.compute.Network("network", { + * name: "network", + * autoCreateSubnetworks: false, + * }); + * const primary = new gcp.compute.FirewallPolicyWithRules("primary", { + * shortName: "fw-policy", * description: "Terraform test", * parent: "organizations/123456789", * rules: [ @@ -48,14 +52,8 @@ import * as utilities from "../utilities"; * enableLogging: true, * action: "allow", * direction: "EGRESS", + * targetResources: [project.then(project => `https://www.googleapis.com/compute/beta/projects/${project.name}/global/networks/default`)], * match: { - * layer4Configs: [{ - * ipProtocol: "tcp", - * ports: [ - * "8080", - * "7070", - * ], - * }], * destIpRanges: ["11.100.0.1/32"], * destFqdns: [ * "www.yyy.com", @@ -70,8 +68,14 @@ import * as utilities from "../utilities"; * "iplist-tor-exit-nodes", * ], * destAddressGroups: [addressGroup1.id], + * layer4Configs: [{ + * ipProtocol: "tcp", + * ports: [ + * "8080", + * "7070", + * ], + * }], * }, - * targetResources: [project.then(project => `https://www.googleapis.com/compute/beta/projects/${project.name}/global/networks/default`)], * }, * { * description: "udp rule", @@ -79,10 +83,8 @@ import * as utilities from "../utilities"; * enableLogging: false, * action: "deny", * direction: "INGRESS", + * disabled: true, * match: { - * layer4Configs: [{ - * ipProtocol: "udp", - * }], * srcIpRanges: ["0.0.0.0/0"], * srcFqdns: [ * "www.abc.com", @@ -97,8 +99,10 @@ import * as utilities from "../utilities"; * "iplist-public-clouds", * ], * srcAddressGroups: [addressGroup1.id], + * layer4Configs: [{ + * ipProtocol: "udp", + * }], * }, - * disabled: true, * }, * { * description: "security profile group rule", @@ -107,15 +111,48 @@ import * as utilities from "../utilities"; * enableLogging: false, * action: "apply_security_profile_group", * direction: "INGRESS", + * targetServiceAccounts: ["test@google.com"], + * securityProfileGroup: pulumi.interpolate`//networksecurity.googleapis.com/${securityProfileGroup1.id}`, + * tlsInspect: true, * match: { + * srcIpRanges: ["0.0.0.0/0"], * layer4Configs: [{ * ipProtocol: "tcp", * }], - * srcIpRanges: ["0.0.0.0/0"], * }, - * targetServiceAccounts: ["test@google.com"], - * securityProfileGroup: pulumi.interpolate`//networksecurity.googleapis.com/${securityProfileGroup1.id}`, - * tlsInspect: true, + * }, + * { + * description: "network scope rule 1", + * ruleName: "network scope 1", + * priority: 4000, + * enableLogging: false, + * action: "allow", + * direction: "INGRESS", + * match: { + * srcIpRanges: ["11.100.0.1/32"], + * srcNetworkScope: "VPC_NETWORKS", + * srcNetworks: [network.id], + * layer4Configs: [{ + * ipProtocol: "tcp", + * ports: ["8080"], + * }], + * }, + * }, + * { + * description: "network scope rule 2", + * ruleName: "network scope 2", + * priority: 5000, + * enableLogging: false, + * action: "allow", + * direction: "EGRESS", + * match: { + * destIpRanges: ["0.0.0.0/0"], + * destNetworkScope: "INTERNET", + * layer4Configs: [{ + * ipProtocol: "tcp", + * ports: ["8080"], + * }], + * }, * }, * ], * }); diff --git a/sdk/nodejs/compute/getInstanceTemplateIamPolicy.ts b/sdk/nodejs/compute/getInstanceTemplateIamPolicy.ts new file mode 100644 index 0000000000..b8bf32aa34 --- /dev/null +++ b/sdk/nodejs/compute/getInstanceTemplateIamPolicy.ts @@ -0,0 +1,101 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +import * as pulumi from "@pulumi/pulumi"; +import * as utilities from "../utilities"; + +/** + * Retrieves the current IAM policy data for instancetemplate + * + * ## example + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const policy = gcp.compute.getInstanceTemplateIamPolicy({ + * project: _default.project, + * name: _default.name, + * }); + * ``` + */ +export function getInstanceTemplateIamPolicy(args: GetInstanceTemplateIamPolicyArgs, opts?: pulumi.InvokeOptions): Promise { + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); + return pulumi.runtime.invoke("gcp:compute/getInstanceTemplateIamPolicy:getInstanceTemplateIamPolicy", { + "name": args.name, + "project": args.project, + }, opts); +} + +/** + * A collection of arguments for invoking getInstanceTemplateIamPolicy. + */ +export interface GetInstanceTemplateIamPolicyArgs { + /** + * Used to find the parent resource to bind the IAM policy to + */ + name: string; + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + */ + project?: string; +} + +/** + * A collection of values returned by getInstanceTemplateIamPolicy. + */ +export interface GetInstanceTemplateIamPolicyResult { + /** + * (Computed) The etag of the IAM policy. + */ + readonly etag: string; + /** + * The provider-assigned unique ID for this managed resource. + */ + readonly id: string; + readonly name: string; + /** + * (Required only by `gcp.compute.InstanceTemplateIamPolicy`) The policy data generated by + * a `gcp.organizations.getIAMPolicy` data source. + */ + readonly policyData: string; + readonly project: string; +} +/** + * Retrieves the current IAM policy data for instancetemplate + * + * ## example + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const policy = gcp.compute.getInstanceTemplateIamPolicy({ + * project: _default.project, + * name: _default.name, + * }); + * ``` + */ +export function getInstanceTemplateIamPolicyOutput(args: GetInstanceTemplateIamPolicyOutputArgs, opts?: pulumi.InvokeOutputOptions): pulumi.Output { + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); + return pulumi.runtime.invokeOutput("gcp:compute/getInstanceTemplateIamPolicy:getInstanceTemplateIamPolicy", { + "name": args.name, + "project": args.project, + }, opts); +} + +/** + * A collection of arguments for invoking getInstanceTemplateIamPolicy. + */ +export interface GetInstanceTemplateIamPolicyOutputArgs { + /** + * Used to find the parent resource to bind the IAM policy to + */ + name: pulumi.Input; + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + */ + project?: pulumi.Input; +} diff --git a/sdk/nodejs/compute/index.ts b/sdk/nodejs/compute/index.ts index f6c2df9ba2..85b901cd9d 100644 --- a/sdk/nodejs/compute/index.ts +++ b/sdk/nodejs/compute/index.ts @@ -265,6 +265,11 @@ export const getInstanceTemplate: typeof import("./getInstanceTemplate").getInst export const getInstanceTemplateOutput: typeof import("./getInstanceTemplate").getInstanceTemplateOutput = null as any; utilities.lazyLoad(exports, ["getInstanceTemplate","getInstanceTemplateOutput"], () => require("./getInstanceTemplate")); +export { GetInstanceTemplateIamPolicyArgs, GetInstanceTemplateIamPolicyResult, GetInstanceTemplateIamPolicyOutputArgs } from "./getInstanceTemplateIamPolicy"; +export const getInstanceTemplateIamPolicy: typeof import("./getInstanceTemplateIamPolicy").getInstanceTemplateIamPolicy = null as any; +export const getInstanceTemplateIamPolicyOutput: typeof import("./getInstanceTemplateIamPolicy").getInstanceTemplateIamPolicyOutput = null as any; +utilities.lazyLoad(exports, ["getInstanceTemplateIamPolicy","getInstanceTemplateIamPolicyOutput"], () => require("./getInstanceTemplateIamPolicy")); + export { GetLBIPRangesResult } from "./getLBIPRanges"; export const getLBIPRanges: typeof import("./getLBIPRanges").getLBIPRanges = null as any; export const getLBIPRangesOutput: typeof import("./getLBIPRanges").getLBIPRangesOutput = null as any; @@ -545,6 +550,21 @@ export type InstanceTemplate = import("./instanceTemplate").InstanceTemplate; export const InstanceTemplate: typeof import("./instanceTemplate").InstanceTemplate = null as any; utilities.lazyLoad(exports, ["InstanceTemplate"], () => require("./instanceTemplate")); +export { InstanceTemplateIamBindingArgs, InstanceTemplateIamBindingState } from "./instanceTemplateIamBinding"; +export type InstanceTemplateIamBinding = import("./instanceTemplateIamBinding").InstanceTemplateIamBinding; +export const InstanceTemplateIamBinding: typeof import("./instanceTemplateIamBinding").InstanceTemplateIamBinding = null as any; +utilities.lazyLoad(exports, ["InstanceTemplateIamBinding"], () => require("./instanceTemplateIamBinding")); + +export { InstanceTemplateIamMemberArgs, InstanceTemplateIamMemberState } from "./instanceTemplateIamMember"; +export type InstanceTemplateIamMember = import("./instanceTemplateIamMember").InstanceTemplateIamMember; +export const InstanceTemplateIamMember: typeof import("./instanceTemplateIamMember").InstanceTemplateIamMember = null as any; +utilities.lazyLoad(exports, ["InstanceTemplateIamMember"], () => require("./instanceTemplateIamMember")); + +export { InstanceTemplateIamPolicyArgs, InstanceTemplateIamPolicyState } from "./instanceTemplateIamPolicy"; +export type InstanceTemplateIamPolicy = import("./instanceTemplateIamPolicy").InstanceTemplateIamPolicy; +export const InstanceTemplateIamPolicy: typeof import("./instanceTemplateIamPolicy").InstanceTemplateIamPolicy = null as any; +utilities.lazyLoad(exports, ["InstanceTemplateIamPolicy"], () => require("./instanceTemplateIamPolicy")); + export { InterconnectArgs, InterconnectState } from "./interconnect"; export type Interconnect = import("./interconnect").Interconnect; export const Interconnect: typeof import("./interconnect").Interconnect = null as any; @@ -1152,6 +1172,12 @@ const _module = { return new InstanceSettings(name, undefined, { urn }) case "gcp:compute/instanceTemplate:InstanceTemplate": return new InstanceTemplate(name, undefined, { urn }) + case "gcp:compute/instanceTemplateIamBinding:InstanceTemplateIamBinding": + return new InstanceTemplateIamBinding(name, undefined, { urn }) + case "gcp:compute/instanceTemplateIamMember:InstanceTemplateIamMember": + return new InstanceTemplateIamMember(name, undefined, { urn }) + case "gcp:compute/instanceTemplateIamPolicy:InstanceTemplateIamPolicy": + return new InstanceTemplateIamPolicy(name, undefined, { urn }) case "gcp:compute/interconnect:Interconnect": return new Interconnect(name, undefined, { urn }) case "gcp:compute/interconnectAttachment:InterconnectAttachment": @@ -1406,6 +1432,9 @@ pulumi.runtime.registerResourceModule("gcp", "compute/instanceIAMMember", _modul pulumi.runtime.registerResourceModule("gcp", "compute/instanceIAMPolicy", _module) pulumi.runtime.registerResourceModule("gcp", "compute/instanceSettings", _module) pulumi.runtime.registerResourceModule("gcp", "compute/instanceTemplate", _module) +pulumi.runtime.registerResourceModule("gcp", "compute/instanceTemplateIamBinding", _module) +pulumi.runtime.registerResourceModule("gcp", "compute/instanceTemplateIamMember", _module) +pulumi.runtime.registerResourceModule("gcp", "compute/instanceTemplateIamPolicy", _module) pulumi.runtime.registerResourceModule("gcp", "compute/interconnect", _module) pulumi.runtime.registerResourceModule("gcp", "compute/interconnectAttachment", _module) pulumi.runtime.registerResourceModule("gcp", "compute/machineImage", _module) diff --git a/sdk/nodejs/compute/instanceTemplateIamBinding.ts b/sdk/nodejs/compute/instanceTemplateIamBinding.ts new file mode 100644 index 0000000000..050f29927c --- /dev/null +++ b/sdk/nodejs/compute/instanceTemplateIamBinding.ts @@ -0,0 +1,485 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +import * as pulumi from "@pulumi/pulumi"; +import * as inputs from "../types/input"; +import * as outputs from "../types/output"; +import * as utilities from "../utilities"; + +/** + * Three different resources help you manage your IAM policy for Compute Engine InstanceTemplate. Each of these resources serves a different use case: + * + * * `gcp.compute.InstanceTemplateIamPolicy`: Authoritative. Sets the IAM policy for the instancetemplate and replaces any existing policy already attached. + * * `gcp.compute.InstanceTemplateIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the instancetemplate are preserved. + * * `gcp.compute.InstanceTemplateIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the instancetemplate are preserved. + * + * A data source can be used to retrieve policy data in advent you do not need creation + * + * * `gcp.compute.InstanceTemplateIamPolicy`: Retrieves the IAM policy for the instancetemplate + * + * > **Note:** `gcp.compute.InstanceTemplateIamPolicy` **cannot** be used in conjunction with `gcp.compute.InstanceTemplateIamBinding` and `gcp.compute.InstanceTemplateIamMember` or they will fight over what your policy should be. + * + * > **Note:** `gcp.compute.InstanceTemplateIamBinding` resources **can be** used in conjunction with `gcp.compute.InstanceTemplateIamMember` resources **only if** they do not grant privilege to the same role. + * + * > **Note:** This resource supports IAM Conditions but they have some known limitations which can be found [here](https://cloud.google.com/iam/docs/conditions-overview#limitations). Please review this article if you are having issues with IAM Conditions. + * + * ## gcp.compute.InstanceTemplateIamPolicy + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const admin = gcp.organizations.getIAMPolicy({ + * bindings: [{ + * role: "roles/compute.instanceAdmin", + * members: ["user:jane@example.com"], + * }], + * }); + * const policy = new gcp.compute.InstanceTemplateIamPolicy("policy", { + * project: _default.project, + * name: _default.name, + * policyData: admin.then(admin => admin.policyData), + * }); + * ``` + * + * With IAM Conditions: + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const admin = gcp.organizations.getIAMPolicy({ + * bindings: [{ + * role: "roles/compute.instanceAdmin", + * members: ["user:jane@example.com"], + * condition: { + * title: "expires_after_2019_12_31", + * description: "Expiring at midnight of 2019-12-31", + * expression: "request.time < timestamp(\"2020-01-01T00:00:00Z\")", + * }, + * }], + * }); + * const policy = new gcp.compute.InstanceTemplateIamPolicy("policy", { + * project: _default.project, + * name: _default.name, + * policyData: admin.then(admin => admin.policyData), + * }); + * ``` + * ## gcp.compute.InstanceTemplateIamBinding + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const binding = new gcp.compute.InstanceTemplateIamBinding("binding", { + * project: _default.project, + * name: _default.name, + * role: "roles/compute.instanceAdmin", + * members: ["user:jane@example.com"], + * }); + * ``` + * + * With IAM Conditions: + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const binding = new gcp.compute.InstanceTemplateIamBinding("binding", { + * project: _default.project, + * name: _default.name, + * role: "roles/compute.instanceAdmin", + * members: ["user:jane@example.com"], + * condition: { + * title: "expires_after_2019_12_31", + * description: "Expiring at midnight of 2019-12-31", + * expression: "request.time < timestamp(\"2020-01-01T00:00:00Z\")", + * }, + * }); + * ``` + * ## gcp.compute.InstanceTemplateIamMember + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const member = new gcp.compute.InstanceTemplateIamMember("member", { + * project: _default.project, + * name: _default.name, + * role: "roles/compute.instanceAdmin", + * member: "user:jane@example.com", + * }); + * ``` + * + * With IAM Conditions: + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const member = new gcp.compute.InstanceTemplateIamMember("member", { + * project: _default.project, + * name: _default.name, + * role: "roles/compute.instanceAdmin", + * member: "user:jane@example.com", + * condition: { + * title: "expires_after_2019_12_31", + * description: "Expiring at midnight of 2019-12-31", + * expression: "request.time < timestamp(\"2020-01-01T00:00:00Z\")", + * }, + * }); + * ``` + * + * ## This resource supports User Project Overrides. + * + * - + * + * # IAM policy for Compute Engine InstanceTemplate + * Three different resources help you manage your IAM policy for Compute Engine InstanceTemplate. Each of these resources serves a different use case: + * + * * `gcp.compute.InstanceTemplateIamPolicy`: Authoritative. Sets the IAM policy for the instancetemplate and replaces any existing policy already attached. + * * `gcp.compute.InstanceTemplateIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the instancetemplate are preserved. + * * `gcp.compute.InstanceTemplateIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the instancetemplate are preserved. + * + * A data source can be used to retrieve policy data in advent you do not need creation + * + * * `gcp.compute.InstanceTemplateIamPolicy`: Retrieves the IAM policy for the instancetemplate + * + * > **Note:** `gcp.compute.InstanceTemplateIamPolicy` **cannot** be used in conjunction with `gcp.compute.InstanceTemplateIamBinding` and `gcp.compute.InstanceTemplateIamMember` or they will fight over what your policy should be. + * + * > **Note:** `gcp.compute.InstanceTemplateIamBinding` resources **can be** used in conjunction with `gcp.compute.InstanceTemplateIamMember` resources **only if** they do not grant privilege to the same role. + * + * > **Note:** This resource supports IAM Conditions but they have some known limitations which can be found [here](https://cloud.google.com/iam/docs/conditions-overview#limitations). Please review this article if you are having issues with IAM Conditions. + * + * ## gcp.compute.InstanceTemplateIamPolicy + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const admin = gcp.organizations.getIAMPolicy({ + * bindings: [{ + * role: "roles/compute.instanceAdmin", + * members: ["user:jane@example.com"], + * }], + * }); + * const policy = new gcp.compute.InstanceTemplateIamPolicy("policy", { + * project: _default.project, + * name: _default.name, + * policyData: admin.then(admin => admin.policyData), + * }); + * ``` + * + * With IAM Conditions: + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const admin = gcp.organizations.getIAMPolicy({ + * bindings: [{ + * role: "roles/compute.instanceAdmin", + * members: ["user:jane@example.com"], + * condition: { + * title: "expires_after_2019_12_31", + * description: "Expiring at midnight of 2019-12-31", + * expression: "request.time < timestamp(\"2020-01-01T00:00:00Z\")", + * }, + * }], + * }); + * const policy = new gcp.compute.InstanceTemplateIamPolicy("policy", { + * project: _default.project, + * name: _default.name, + * policyData: admin.then(admin => admin.policyData), + * }); + * ``` + * ## gcp.compute.InstanceTemplateIamBinding + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const binding = new gcp.compute.InstanceTemplateIamBinding("binding", { + * project: _default.project, + * name: _default.name, + * role: "roles/compute.instanceAdmin", + * members: ["user:jane@example.com"], + * }); + * ``` + * + * With IAM Conditions: + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const binding = new gcp.compute.InstanceTemplateIamBinding("binding", { + * project: _default.project, + * name: _default.name, + * role: "roles/compute.instanceAdmin", + * members: ["user:jane@example.com"], + * condition: { + * title: "expires_after_2019_12_31", + * description: "Expiring at midnight of 2019-12-31", + * expression: "request.time < timestamp(\"2020-01-01T00:00:00Z\")", + * }, + * }); + * ``` + * ## gcp.compute.InstanceTemplateIamMember + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const member = new gcp.compute.InstanceTemplateIamMember("member", { + * project: _default.project, + * name: _default.name, + * role: "roles/compute.instanceAdmin", + * member: "user:jane@example.com", + * }); + * ``` + * + * With IAM Conditions: + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const member = new gcp.compute.InstanceTemplateIamMember("member", { + * project: _default.project, + * name: _default.name, + * role: "roles/compute.instanceAdmin", + * member: "user:jane@example.com", + * condition: { + * title: "expires_after_2019_12_31", + * description: "Expiring at midnight of 2019-12-31", + * expression: "request.time < timestamp(\"2020-01-01T00:00:00Z\")", + * }, + * }); + * ``` + * + * ## Import + * + * For all import syntaxes, the "resource in question" can take any of the following forms: + * + * * projects/{{project}}/global/instanceTemplates/{{name}} + * + * * {{project}}/{{name}} + * + * * {{name}} + * + * Any variables not passed in the import command will be taken from the provider configuration. + * + * Compute Engine instancetemplate IAM resources can be imported using the resource identifiers, role, and member. + * + * IAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g. + * + * ```sh + * $ pulumi import gcp:compute/instanceTemplateIamBinding:InstanceTemplateIamBinding editor "projects/{{project}}/global/instanceTemplates/{{instance_template}} roles/compute.instanceAdmin user:jane@example.com" + * ``` + * + * IAM binding imports use space-delimited identifiers: the resource in question and the role, e.g. + * + * ```sh + * $ pulumi import gcp:compute/instanceTemplateIamBinding:InstanceTemplateIamBinding editor "projects/{{project}}/global/instanceTemplates/{{instance_template}} roles/compute.instanceAdmin" + * ``` + * + * IAM policy imports use the identifier of the resource in question, e.g. + * + * ```sh + * $ pulumi import gcp:compute/instanceTemplateIamBinding:InstanceTemplateIamBinding editor projects/{{project}}/global/instanceTemplates/{{instance_template}} + * ``` + * + * -> **Custom Roles** If you're importing a IAM resource with a custom role, make sure to use the + * + * full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`. + */ +export class InstanceTemplateIamBinding extends pulumi.CustomResource { + /** + * Get an existing InstanceTemplateIamBinding resource's state with the given name, ID, and optional extra + * properties used to qualify the lookup. + * + * @param name The _unique_ name of the resulting resource. + * @param id The _unique_ provider ID of the resource to lookup. + * @param state Any extra arguments used during the lookup. + * @param opts Optional settings to control the behavior of the CustomResource. + */ + public static get(name: string, id: pulumi.Input, state?: InstanceTemplateIamBindingState, opts?: pulumi.CustomResourceOptions): InstanceTemplateIamBinding { + return new InstanceTemplateIamBinding(name, state, { ...opts, id: id }); + } + + /** @internal */ + public static readonly __pulumiType = 'gcp:compute/instanceTemplateIamBinding:InstanceTemplateIamBinding'; + + /** + * Returns true if the given object is an instance of InstanceTemplateIamBinding. This is designed to work even + * when multiple copies of the Pulumi SDK have been loaded into the same process. + */ + public static isInstance(obj: any): obj is InstanceTemplateIamBinding { + if (obj === undefined || obj === null) { + return false; + } + return obj['__pulumiType'] === InstanceTemplateIamBinding.__pulumiType; + } + + /** + * An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding. + * Structure is documented below. + */ + public readonly condition!: pulumi.Output; + /** + * (Computed) The etag of the IAM policy. + */ + public /*out*/ readonly etag!: pulumi.Output; + /** + * Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + */ + public readonly members!: pulumi.Output; + /** + * Used to find the parent resource to bind the IAM policy to + */ + public readonly name!: pulumi.Output; + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + */ + public readonly project!: pulumi.Output; + /** + * The role that should be applied. Only one + * `gcp.compute.InstanceTemplateIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + */ + public readonly role!: pulumi.Output; + + /** + * Create a InstanceTemplateIamBinding resource with the given unique name, arguments, and options. + * + * @param name The _unique_ name of the resource. + * @param args The arguments to use to populate this resource's properties. + * @param opts A bag of options that control this resource's behavior. + */ + constructor(name: string, args: InstanceTemplateIamBindingArgs, opts?: pulumi.CustomResourceOptions) + constructor(name: string, argsOrState?: InstanceTemplateIamBindingArgs | InstanceTemplateIamBindingState, opts?: pulumi.CustomResourceOptions) { + let resourceInputs: pulumi.Inputs = {}; + opts = opts || {}; + if (opts.id) { + const state = argsOrState as InstanceTemplateIamBindingState | undefined; + resourceInputs["condition"] = state ? state.condition : undefined; + resourceInputs["etag"] = state ? state.etag : undefined; + resourceInputs["members"] = state ? state.members : undefined; + resourceInputs["name"] = state ? state.name : undefined; + resourceInputs["project"] = state ? state.project : undefined; + resourceInputs["role"] = state ? state.role : undefined; + } else { + const args = argsOrState as InstanceTemplateIamBindingArgs | undefined; + if ((!args || args.members === undefined) && !opts.urn) { + throw new Error("Missing required property 'members'"); + } + if ((!args || args.role === undefined) && !opts.urn) { + throw new Error("Missing required property 'role'"); + } + resourceInputs["condition"] = args ? args.condition : undefined; + resourceInputs["members"] = args ? args.members : undefined; + resourceInputs["name"] = args ? args.name : undefined; + resourceInputs["project"] = args ? args.project : undefined; + resourceInputs["role"] = args ? args.role : undefined; + resourceInputs["etag"] = undefined /*out*/; + } + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts); + super(InstanceTemplateIamBinding.__pulumiType, name, resourceInputs, opts); + } +} + +/** + * Input properties used for looking up and filtering InstanceTemplateIamBinding resources. + */ +export interface InstanceTemplateIamBindingState { + /** + * An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding. + * Structure is documented below. + */ + condition?: pulumi.Input; + /** + * (Computed) The etag of the IAM policy. + */ + etag?: pulumi.Input; + /** + * Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + */ + members?: pulumi.Input[]>; + /** + * Used to find the parent resource to bind the IAM policy to + */ + name?: pulumi.Input; + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + */ + project?: pulumi.Input; + /** + * The role that should be applied. Only one + * `gcp.compute.InstanceTemplateIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + */ + role?: pulumi.Input; +} + +/** + * The set of arguments for constructing a InstanceTemplateIamBinding resource. + */ +export interface InstanceTemplateIamBindingArgs { + /** + * An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding. + * Structure is documented below. + */ + condition?: pulumi.Input; + /** + * Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + */ + members: pulumi.Input[]>; + /** + * Used to find the parent resource to bind the IAM policy to + */ + name?: pulumi.Input; + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + */ + project?: pulumi.Input; + /** + * The role that should be applied. Only one + * `gcp.compute.InstanceTemplateIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + */ + role: pulumi.Input; +} diff --git a/sdk/nodejs/compute/instanceTemplateIamMember.ts b/sdk/nodejs/compute/instanceTemplateIamMember.ts new file mode 100644 index 0000000000..436a34a70f --- /dev/null +++ b/sdk/nodejs/compute/instanceTemplateIamMember.ts @@ -0,0 +1,485 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +import * as pulumi from "@pulumi/pulumi"; +import * as inputs from "../types/input"; +import * as outputs from "../types/output"; +import * as utilities from "../utilities"; + +/** + * Three different resources help you manage your IAM policy for Compute Engine InstanceTemplate. Each of these resources serves a different use case: + * + * * `gcp.compute.InstanceTemplateIamPolicy`: Authoritative. Sets the IAM policy for the instancetemplate and replaces any existing policy already attached. + * * `gcp.compute.InstanceTemplateIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the instancetemplate are preserved. + * * `gcp.compute.InstanceTemplateIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the instancetemplate are preserved. + * + * A data source can be used to retrieve policy data in advent you do not need creation + * + * * `gcp.compute.InstanceTemplateIamPolicy`: Retrieves the IAM policy for the instancetemplate + * + * > **Note:** `gcp.compute.InstanceTemplateIamPolicy` **cannot** be used in conjunction with `gcp.compute.InstanceTemplateIamBinding` and `gcp.compute.InstanceTemplateIamMember` or they will fight over what your policy should be. + * + * > **Note:** `gcp.compute.InstanceTemplateIamBinding` resources **can be** used in conjunction with `gcp.compute.InstanceTemplateIamMember` resources **only if** they do not grant privilege to the same role. + * + * > **Note:** This resource supports IAM Conditions but they have some known limitations which can be found [here](https://cloud.google.com/iam/docs/conditions-overview#limitations). Please review this article if you are having issues with IAM Conditions. + * + * ## gcp.compute.InstanceTemplateIamPolicy + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const admin = gcp.organizations.getIAMPolicy({ + * bindings: [{ + * role: "roles/compute.instanceAdmin", + * members: ["user:jane@example.com"], + * }], + * }); + * const policy = new gcp.compute.InstanceTemplateIamPolicy("policy", { + * project: _default.project, + * name: _default.name, + * policyData: admin.then(admin => admin.policyData), + * }); + * ``` + * + * With IAM Conditions: + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const admin = gcp.organizations.getIAMPolicy({ + * bindings: [{ + * role: "roles/compute.instanceAdmin", + * members: ["user:jane@example.com"], + * condition: { + * title: "expires_after_2019_12_31", + * description: "Expiring at midnight of 2019-12-31", + * expression: "request.time < timestamp(\"2020-01-01T00:00:00Z\")", + * }, + * }], + * }); + * const policy = new gcp.compute.InstanceTemplateIamPolicy("policy", { + * project: _default.project, + * name: _default.name, + * policyData: admin.then(admin => admin.policyData), + * }); + * ``` + * ## gcp.compute.InstanceTemplateIamBinding + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const binding = new gcp.compute.InstanceTemplateIamBinding("binding", { + * project: _default.project, + * name: _default.name, + * role: "roles/compute.instanceAdmin", + * members: ["user:jane@example.com"], + * }); + * ``` + * + * With IAM Conditions: + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const binding = new gcp.compute.InstanceTemplateIamBinding("binding", { + * project: _default.project, + * name: _default.name, + * role: "roles/compute.instanceAdmin", + * members: ["user:jane@example.com"], + * condition: { + * title: "expires_after_2019_12_31", + * description: "Expiring at midnight of 2019-12-31", + * expression: "request.time < timestamp(\"2020-01-01T00:00:00Z\")", + * }, + * }); + * ``` + * ## gcp.compute.InstanceTemplateIamMember + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const member = new gcp.compute.InstanceTemplateIamMember("member", { + * project: _default.project, + * name: _default.name, + * role: "roles/compute.instanceAdmin", + * member: "user:jane@example.com", + * }); + * ``` + * + * With IAM Conditions: + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const member = new gcp.compute.InstanceTemplateIamMember("member", { + * project: _default.project, + * name: _default.name, + * role: "roles/compute.instanceAdmin", + * member: "user:jane@example.com", + * condition: { + * title: "expires_after_2019_12_31", + * description: "Expiring at midnight of 2019-12-31", + * expression: "request.time < timestamp(\"2020-01-01T00:00:00Z\")", + * }, + * }); + * ``` + * + * ## This resource supports User Project Overrides. + * + * - + * + * # IAM policy for Compute Engine InstanceTemplate + * Three different resources help you manage your IAM policy for Compute Engine InstanceTemplate. Each of these resources serves a different use case: + * + * * `gcp.compute.InstanceTemplateIamPolicy`: Authoritative. Sets the IAM policy for the instancetemplate and replaces any existing policy already attached. + * * `gcp.compute.InstanceTemplateIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the instancetemplate are preserved. + * * `gcp.compute.InstanceTemplateIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the instancetemplate are preserved. + * + * A data source can be used to retrieve policy data in advent you do not need creation + * + * * `gcp.compute.InstanceTemplateIamPolicy`: Retrieves the IAM policy for the instancetemplate + * + * > **Note:** `gcp.compute.InstanceTemplateIamPolicy` **cannot** be used in conjunction with `gcp.compute.InstanceTemplateIamBinding` and `gcp.compute.InstanceTemplateIamMember` or they will fight over what your policy should be. + * + * > **Note:** `gcp.compute.InstanceTemplateIamBinding` resources **can be** used in conjunction with `gcp.compute.InstanceTemplateIamMember` resources **only if** they do not grant privilege to the same role. + * + * > **Note:** This resource supports IAM Conditions but they have some known limitations which can be found [here](https://cloud.google.com/iam/docs/conditions-overview#limitations). Please review this article if you are having issues with IAM Conditions. + * + * ## gcp.compute.InstanceTemplateIamPolicy + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const admin = gcp.organizations.getIAMPolicy({ + * bindings: [{ + * role: "roles/compute.instanceAdmin", + * members: ["user:jane@example.com"], + * }], + * }); + * const policy = new gcp.compute.InstanceTemplateIamPolicy("policy", { + * project: _default.project, + * name: _default.name, + * policyData: admin.then(admin => admin.policyData), + * }); + * ``` + * + * With IAM Conditions: + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const admin = gcp.organizations.getIAMPolicy({ + * bindings: [{ + * role: "roles/compute.instanceAdmin", + * members: ["user:jane@example.com"], + * condition: { + * title: "expires_after_2019_12_31", + * description: "Expiring at midnight of 2019-12-31", + * expression: "request.time < timestamp(\"2020-01-01T00:00:00Z\")", + * }, + * }], + * }); + * const policy = new gcp.compute.InstanceTemplateIamPolicy("policy", { + * project: _default.project, + * name: _default.name, + * policyData: admin.then(admin => admin.policyData), + * }); + * ``` + * ## gcp.compute.InstanceTemplateIamBinding + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const binding = new gcp.compute.InstanceTemplateIamBinding("binding", { + * project: _default.project, + * name: _default.name, + * role: "roles/compute.instanceAdmin", + * members: ["user:jane@example.com"], + * }); + * ``` + * + * With IAM Conditions: + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const binding = new gcp.compute.InstanceTemplateIamBinding("binding", { + * project: _default.project, + * name: _default.name, + * role: "roles/compute.instanceAdmin", + * members: ["user:jane@example.com"], + * condition: { + * title: "expires_after_2019_12_31", + * description: "Expiring at midnight of 2019-12-31", + * expression: "request.time < timestamp(\"2020-01-01T00:00:00Z\")", + * }, + * }); + * ``` + * ## gcp.compute.InstanceTemplateIamMember + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const member = new gcp.compute.InstanceTemplateIamMember("member", { + * project: _default.project, + * name: _default.name, + * role: "roles/compute.instanceAdmin", + * member: "user:jane@example.com", + * }); + * ``` + * + * With IAM Conditions: + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const member = new gcp.compute.InstanceTemplateIamMember("member", { + * project: _default.project, + * name: _default.name, + * role: "roles/compute.instanceAdmin", + * member: "user:jane@example.com", + * condition: { + * title: "expires_after_2019_12_31", + * description: "Expiring at midnight of 2019-12-31", + * expression: "request.time < timestamp(\"2020-01-01T00:00:00Z\")", + * }, + * }); + * ``` + * + * ## Import + * + * For all import syntaxes, the "resource in question" can take any of the following forms: + * + * * projects/{{project}}/global/instanceTemplates/{{name}} + * + * * {{project}}/{{name}} + * + * * {{name}} + * + * Any variables not passed in the import command will be taken from the provider configuration. + * + * Compute Engine instancetemplate IAM resources can be imported using the resource identifiers, role, and member. + * + * IAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g. + * + * ```sh + * $ pulumi import gcp:compute/instanceTemplateIamMember:InstanceTemplateIamMember editor "projects/{{project}}/global/instanceTemplates/{{instance_template}} roles/compute.instanceAdmin user:jane@example.com" + * ``` + * + * IAM binding imports use space-delimited identifiers: the resource in question and the role, e.g. + * + * ```sh + * $ pulumi import gcp:compute/instanceTemplateIamMember:InstanceTemplateIamMember editor "projects/{{project}}/global/instanceTemplates/{{instance_template}} roles/compute.instanceAdmin" + * ``` + * + * IAM policy imports use the identifier of the resource in question, e.g. + * + * ```sh + * $ pulumi import gcp:compute/instanceTemplateIamMember:InstanceTemplateIamMember editor projects/{{project}}/global/instanceTemplates/{{instance_template}} + * ``` + * + * -> **Custom Roles** If you're importing a IAM resource with a custom role, make sure to use the + * + * full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`. + */ +export class InstanceTemplateIamMember extends pulumi.CustomResource { + /** + * Get an existing InstanceTemplateIamMember resource's state with the given name, ID, and optional extra + * properties used to qualify the lookup. + * + * @param name The _unique_ name of the resulting resource. + * @param id The _unique_ provider ID of the resource to lookup. + * @param state Any extra arguments used during the lookup. + * @param opts Optional settings to control the behavior of the CustomResource. + */ + public static get(name: string, id: pulumi.Input, state?: InstanceTemplateIamMemberState, opts?: pulumi.CustomResourceOptions): InstanceTemplateIamMember { + return new InstanceTemplateIamMember(name, state, { ...opts, id: id }); + } + + /** @internal */ + public static readonly __pulumiType = 'gcp:compute/instanceTemplateIamMember:InstanceTemplateIamMember'; + + /** + * Returns true if the given object is an instance of InstanceTemplateIamMember. This is designed to work even + * when multiple copies of the Pulumi SDK have been loaded into the same process. + */ + public static isInstance(obj: any): obj is InstanceTemplateIamMember { + if (obj === undefined || obj === null) { + return false; + } + return obj['__pulumiType'] === InstanceTemplateIamMember.__pulumiType; + } + + /** + * An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding. + * Structure is documented below. + */ + public readonly condition!: pulumi.Output; + /** + * (Computed) The etag of the IAM policy. + */ + public /*out*/ readonly etag!: pulumi.Output; + /** + * Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + */ + public readonly member!: pulumi.Output; + /** + * Used to find the parent resource to bind the IAM policy to + */ + public readonly name!: pulumi.Output; + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + */ + public readonly project!: pulumi.Output; + /** + * The role that should be applied. Only one + * `gcp.compute.InstanceTemplateIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + */ + public readonly role!: pulumi.Output; + + /** + * Create a InstanceTemplateIamMember resource with the given unique name, arguments, and options. + * + * @param name The _unique_ name of the resource. + * @param args The arguments to use to populate this resource's properties. + * @param opts A bag of options that control this resource's behavior. + */ + constructor(name: string, args: InstanceTemplateIamMemberArgs, opts?: pulumi.CustomResourceOptions) + constructor(name: string, argsOrState?: InstanceTemplateIamMemberArgs | InstanceTemplateIamMemberState, opts?: pulumi.CustomResourceOptions) { + let resourceInputs: pulumi.Inputs = {}; + opts = opts || {}; + if (opts.id) { + const state = argsOrState as InstanceTemplateIamMemberState | undefined; + resourceInputs["condition"] = state ? state.condition : undefined; + resourceInputs["etag"] = state ? state.etag : undefined; + resourceInputs["member"] = state ? state.member : undefined; + resourceInputs["name"] = state ? state.name : undefined; + resourceInputs["project"] = state ? state.project : undefined; + resourceInputs["role"] = state ? state.role : undefined; + } else { + const args = argsOrState as InstanceTemplateIamMemberArgs | undefined; + if ((!args || args.member === undefined) && !opts.urn) { + throw new Error("Missing required property 'member'"); + } + if ((!args || args.role === undefined) && !opts.urn) { + throw new Error("Missing required property 'role'"); + } + resourceInputs["condition"] = args ? args.condition : undefined; + resourceInputs["member"] = args ? args.member : undefined; + resourceInputs["name"] = args ? args.name : undefined; + resourceInputs["project"] = args ? args.project : undefined; + resourceInputs["role"] = args ? args.role : undefined; + resourceInputs["etag"] = undefined /*out*/; + } + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts); + super(InstanceTemplateIamMember.__pulumiType, name, resourceInputs, opts); + } +} + +/** + * Input properties used for looking up and filtering InstanceTemplateIamMember resources. + */ +export interface InstanceTemplateIamMemberState { + /** + * An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding. + * Structure is documented below. + */ + condition?: pulumi.Input; + /** + * (Computed) The etag of the IAM policy. + */ + etag?: pulumi.Input; + /** + * Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + */ + member?: pulumi.Input; + /** + * Used to find the parent resource to bind the IAM policy to + */ + name?: pulumi.Input; + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + */ + project?: pulumi.Input; + /** + * The role that should be applied. Only one + * `gcp.compute.InstanceTemplateIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + */ + role?: pulumi.Input; +} + +/** + * The set of arguments for constructing a InstanceTemplateIamMember resource. + */ +export interface InstanceTemplateIamMemberArgs { + /** + * An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding. + * Structure is documented below. + */ + condition?: pulumi.Input; + /** + * Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + */ + member: pulumi.Input; + /** + * Used to find the parent resource to bind the IAM policy to + */ + name?: pulumi.Input; + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + */ + project?: pulumi.Input; + /** + * The role that should be applied. Only one + * `gcp.compute.InstanceTemplateIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + */ + role: pulumi.Input; +} diff --git a/sdk/nodejs/compute/instanceTemplateIamPolicy.ts b/sdk/nodejs/compute/instanceTemplateIamPolicy.ts new file mode 100644 index 0000000000..5f6989c3ce --- /dev/null +++ b/sdk/nodejs/compute/instanceTemplateIamPolicy.ts @@ -0,0 +1,416 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +import * as pulumi from "@pulumi/pulumi"; +import * as utilities from "../utilities"; + +/** + * Three different resources help you manage your IAM policy for Compute Engine InstanceTemplate. Each of these resources serves a different use case: + * + * * `gcp.compute.InstanceTemplateIamPolicy`: Authoritative. Sets the IAM policy for the instancetemplate and replaces any existing policy already attached. + * * `gcp.compute.InstanceTemplateIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the instancetemplate are preserved. + * * `gcp.compute.InstanceTemplateIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the instancetemplate are preserved. + * + * A data source can be used to retrieve policy data in advent you do not need creation + * + * * `gcp.compute.InstanceTemplateIamPolicy`: Retrieves the IAM policy for the instancetemplate + * + * > **Note:** `gcp.compute.InstanceTemplateIamPolicy` **cannot** be used in conjunction with `gcp.compute.InstanceTemplateIamBinding` and `gcp.compute.InstanceTemplateIamMember` or they will fight over what your policy should be. + * + * > **Note:** `gcp.compute.InstanceTemplateIamBinding` resources **can be** used in conjunction with `gcp.compute.InstanceTemplateIamMember` resources **only if** they do not grant privilege to the same role. + * + * > **Note:** This resource supports IAM Conditions but they have some known limitations which can be found [here](https://cloud.google.com/iam/docs/conditions-overview#limitations). Please review this article if you are having issues with IAM Conditions. + * + * ## gcp.compute.InstanceTemplateIamPolicy + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const admin = gcp.organizations.getIAMPolicy({ + * bindings: [{ + * role: "roles/compute.instanceAdmin", + * members: ["user:jane@example.com"], + * }], + * }); + * const policy = new gcp.compute.InstanceTemplateIamPolicy("policy", { + * project: _default.project, + * name: _default.name, + * policyData: admin.then(admin => admin.policyData), + * }); + * ``` + * + * With IAM Conditions: + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const admin = gcp.organizations.getIAMPolicy({ + * bindings: [{ + * role: "roles/compute.instanceAdmin", + * members: ["user:jane@example.com"], + * condition: { + * title: "expires_after_2019_12_31", + * description: "Expiring at midnight of 2019-12-31", + * expression: "request.time < timestamp(\"2020-01-01T00:00:00Z\")", + * }, + * }], + * }); + * const policy = new gcp.compute.InstanceTemplateIamPolicy("policy", { + * project: _default.project, + * name: _default.name, + * policyData: admin.then(admin => admin.policyData), + * }); + * ``` + * ## gcp.compute.InstanceTemplateIamBinding + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const binding = new gcp.compute.InstanceTemplateIamBinding("binding", { + * project: _default.project, + * name: _default.name, + * role: "roles/compute.instanceAdmin", + * members: ["user:jane@example.com"], + * }); + * ``` + * + * With IAM Conditions: + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const binding = new gcp.compute.InstanceTemplateIamBinding("binding", { + * project: _default.project, + * name: _default.name, + * role: "roles/compute.instanceAdmin", + * members: ["user:jane@example.com"], + * condition: { + * title: "expires_after_2019_12_31", + * description: "Expiring at midnight of 2019-12-31", + * expression: "request.time < timestamp(\"2020-01-01T00:00:00Z\")", + * }, + * }); + * ``` + * ## gcp.compute.InstanceTemplateIamMember + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const member = new gcp.compute.InstanceTemplateIamMember("member", { + * project: _default.project, + * name: _default.name, + * role: "roles/compute.instanceAdmin", + * member: "user:jane@example.com", + * }); + * ``` + * + * With IAM Conditions: + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const member = new gcp.compute.InstanceTemplateIamMember("member", { + * project: _default.project, + * name: _default.name, + * role: "roles/compute.instanceAdmin", + * member: "user:jane@example.com", + * condition: { + * title: "expires_after_2019_12_31", + * description: "Expiring at midnight of 2019-12-31", + * expression: "request.time < timestamp(\"2020-01-01T00:00:00Z\")", + * }, + * }); + * ``` + * + * ## This resource supports User Project Overrides. + * + * - + * + * # IAM policy for Compute Engine InstanceTemplate + * Three different resources help you manage your IAM policy for Compute Engine InstanceTemplate. Each of these resources serves a different use case: + * + * * `gcp.compute.InstanceTemplateIamPolicy`: Authoritative. Sets the IAM policy for the instancetemplate and replaces any existing policy already attached. + * * `gcp.compute.InstanceTemplateIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the instancetemplate are preserved. + * * `gcp.compute.InstanceTemplateIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the instancetemplate are preserved. + * + * A data source can be used to retrieve policy data in advent you do not need creation + * + * * `gcp.compute.InstanceTemplateIamPolicy`: Retrieves the IAM policy for the instancetemplate + * + * > **Note:** `gcp.compute.InstanceTemplateIamPolicy` **cannot** be used in conjunction with `gcp.compute.InstanceTemplateIamBinding` and `gcp.compute.InstanceTemplateIamMember` or they will fight over what your policy should be. + * + * > **Note:** `gcp.compute.InstanceTemplateIamBinding` resources **can be** used in conjunction with `gcp.compute.InstanceTemplateIamMember` resources **only if** they do not grant privilege to the same role. + * + * > **Note:** This resource supports IAM Conditions but they have some known limitations which can be found [here](https://cloud.google.com/iam/docs/conditions-overview#limitations). Please review this article if you are having issues with IAM Conditions. + * + * ## gcp.compute.InstanceTemplateIamPolicy + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const admin = gcp.organizations.getIAMPolicy({ + * bindings: [{ + * role: "roles/compute.instanceAdmin", + * members: ["user:jane@example.com"], + * }], + * }); + * const policy = new gcp.compute.InstanceTemplateIamPolicy("policy", { + * project: _default.project, + * name: _default.name, + * policyData: admin.then(admin => admin.policyData), + * }); + * ``` + * + * With IAM Conditions: + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const admin = gcp.organizations.getIAMPolicy({ + * bindings: [{ + * role: "roles/compute.instanceAdmin", + * members: ["user:jane@example.com"], + * condition: { + * title: "expires_after_2019_12_31", + * description: "Expiring at midnight of 2019-12-31", + * expression: "request.time < timestamp(\"2020-01-01T00:00:00Z\")", + * }, + * }], + * }); + * const policy = new gcp.compute.InstanceTemplateIamPolicy("policy", { + * project: _default.project, + * name: _default.name, + * policyData: admin.then(admin => admin.policyData), + * }); + * ``` + * ## gcp.compute.InstanceTemplateIamBinding + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const binding = new gcp.compute.InstanceTemplateIamBinding("binding", { + * project: _default.project, + * name: _default.name, + * role: "roles/compute.instanceAdmin", + * members: ["user:jane@example.com"], + * }); + * ``` + * + * With IAM Conditions: + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const binding = new gcp.compute.InstanceTemplateIamBinding("binding", { + * project: _default.project, + * name: _default.name, + * role: "roles/compute.instanceAdmin", + * members: ["user:jane@example.com"], + * condition: { + * title: "expires_after_2019_12_31", + * description: "Expiring at midnight of 2019-12-31", + * expression: "request.time < timestamp(\"2020-01-01T00:00:00Z\")", + * }, + * }); + * ``` + * ## gcp.compute.InstanceTemplateIamMember + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const member = new gcp.compute.InstanceTemplateIamMember("member", { + * project: _default.project, + * name: _default.name, + * role: "roles/compute.instanceAdmin", + * member: "user:jane@example.com", + * }); + * ``` + * + * With IAM Conditions: + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const member = new gcp.compute.InstanceTemplateIamMember("member", { + * project: _default.project, + * name: _default.name, + * role: "roles/compute.instanceAdmin", + * member: "user:jane@example.com", + * condition: { + * title: "expires_after_2019_12_31", + * description: "Expiring at midnight of 2019-12-31", + * expression: "request.time < timestamp(\"2020-01-01T00:00:00Z\")", + * }, + * }); + * ``` + * + * ## Import + * + * For all import syntaxes, the "resource in question" can take any of the following forms: + * + * * projects/{{project}}/global/instanceTemplates/{{name}} + * + * * {{project}}/{{name}} + * + * * {{name}} + * + * Any variables not passed in the import command will be taken from the provider configuration. + * + * Compute Engine instancetemplate IAM resources can be imported using the resource identifiers, role, and member. + * + * IAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g. + * + * ```sh + * $ pulumi import gcp:compute/instanceTemplateIamPolicy:InstanceTemplateIamPolicy editor "projects/{{project}}/global/instanceTemplates/{{instance_template}} roles/compute.instanceAdmin user:jane@example.com" + * ``` + * + * IAM binding imports use space-delimited identifiers: the resource in question and the role, e.g. + * + * ```sh + * $ pulumi import gcp:compute/instanceTemplateIamPolicy:InstanceTemplateIamPolicy editor "projects/{{project}}/global/instanceTemplates/{{instance_template}} roles/compute.instanceAdmin" + * ``` + * + * IAM policy imports use the identifier of the resource in question, e.g. + * + * ```sh + * $ pulumi import gcp:compute/instanceTemplateIamPolicy:InstanceTemplateIamPolicy editor projects/{{project}}/global/instanceTemplates/{{instance_template}} + * ``` + * + * -> **Custom Roles** If you're importing a IAM resource with a custom role, make sure to use the + * + * full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`. + */ +export class InstanceTemplateIamPolicy extends pulumi.CustomResource { + /** + * Get an existing InstanceTemplateIamPolicy resource's state with the given name, ID, and optional extra + * properties used to qualify the lookup. + * + * @param name The _unique_ name of the resulting resource. + * @param id The _unique_ provider ID of the resource to lookup. + * @param state Any extra arguments used during the lookup. + * @param opts Optional settings to control the behavior of the CustomResource. + */ + public static get(name: string, id: pulumi.Input, state?: InstanceTemplateIamPolicyState, opts?: pulumi.CustomResourceOptions): InstanceTemplateIamPolicy { + return new InstanceTemplateIamPolicy(name, state, { ...opts, id: id }); + } + + /** @internal */ + public static readonly __pulumiType = 'gcp:compute/instanceTemplateIamPolicy:InstanceTemplateIamPolicy'; + + /** + * Returns true if the given object is an instance of InstanceTemplateIamPolicy. This is designed to work even + * when multiple copies of the Pulumi SDK have been loaded into the same process. + */ + public static isInstance(obj: any): obj is InstanceTemplateIamPolicy { + if (obj === undefined || obj === null) { + return false; + } + return obj['__pulumiType'] === InstanceTemplateIamPolicy.__pulumiType; + } + + /** + * (Computed) The etag of the IAM policy. + */ + public /*out*/ readonly etag!: pulumi.Output; + /** + * Used to find the parent resource to bind the IAM policy to + */ + public readonly name!: pulumi.Output; + /** + * The policy data generated by + * a `gcp.organizations.getIAMPolicy` data source. + */ + public readonly policyData!: pulumi.Output; + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + */ + public readonly project!: pulumi.Output; + + /** + * Create a InstanceTemplateIamPolicy resource with the given unique name, arguments, and options. + * + * @param name The _unique_ name of the resource. + * @param args The arguments to use to populate this resource's properties. + * @param opts A bag of options that control this resource's behavior. + */ + constructor(name: string, args: InstanceTemplateIamPolicyArgs, opts?: pulumi.CustomResourceOptions) + constructor(name: string, argsOrState?: InstanceTemplateIamPolicyArgs | InstanceTemplateIamPolicyState, opts?: pulumi.CustomResourceOptions) { + let resourceInputs: pulumi.Inputs = {}; + opts = opts || {}; + if (opts.id) { + const state = argsOrState as InstanceTemplateIamPolicyState | undefined; + resourceInputs["etag"] = state ? state.etag : undefined; + resourceInputs["name"] = state ? state.name : undefined; + resourceInputs["policyData"] = state ? state.policyData : undefined; + resourceInputs["project"] = state ? state.project : undefined; + } else { + const args = argsOrState as InstanceTemplateIamPolicyArgs | undefined; + if ((!args || args.policyData === undefined) && !opts.urn) { + throw new Error("Missing required property 'policyData'"); + } + resourceInputs["name"] = args ? args.name : undefined; + resourceInputs["policyData"] = args ? args.policyData : undefined; + resourceInputs["project"] = args ? args.project : undefined; + resourceInputs["etag"] = undefined /*out*/; + } + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts); + super(InstanceTemplateIamPolicy.__pulumiType, name, resourceInputs, opts); + } +} + +/** + * Input properties used for looking up and filtering InstanceTemplateIamPolicy resources. + */ +export interface InstanceTemplateIamPolicyState { + /** + * (Computed) The etag of the IAM policy. + */ + etag?: pulumi.Input; + /** + * Used to find the parent resource to bind the IAM policy to + */ + name?: pulumi.Input; + /** + * The policy data generated by + * a `gcp.organizations.getIAMPolicy` data source. + */ + policyData?: pulumi.Input; + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + */ + project?: pulumi.Input; +} + +/** + * The set of arguments for constructing a InstanceTemplateIamPolicy resource. + */ +export interface InstanceTemplateIamPolicyArgs { + /** + * Used to find the parent resource to bind the IAM policy to + */ + name?: pulumi.Input; + /** + * The policy data generated by + * a `gcp.organizations.getIAMPolicy` data source. + */ + policyData: pulumi.Input; + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + */ + project?: pulumi.Input; +} diff --git a/sdk/nodejs/compute/interconnectAttachment.ts b/sdk/nodejs/compute/interconnectAttachment.ts index 1c814261e9..3ab735a967 100644 --- a/sdk/nodejs/compute/interconnectAttachment.ts +++ b/sdk/nodejs/compute/interconnectAttachment.ts @@ -35,6 +35,9 @@ import * as utilities from "../utilities"; * type: "PARTNER", * router: foobar.id, * mtu: "1500", + * labels: { + * mykey: "myvalue", + * }, * }); * ``` * ### Compute Interconnect Attachment Ipsec Encryption @@ -192,6 +195,10 @@ export class InterconnectAttachment extends pulumi.CustomResource { * domain. If not specified, the value will default to AVAILABILITY_DOMAIN_ANY. */ public readonly edgeAvailabilityDomain!: pulumi.Output; + /** + * All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. + */ + public /*out*/ readonly effectiveLabels!: pulumi.Output<{[key: string]: string}>; /** * Indicates the user-supplied encryption option of this interconnect * attachment. Can only be specified at attachment creation for PARTNER or @@ -237,6 +244,22 @@ export class InterconnectAttachment extends pulumi.CustomResource { * allocated from regional external IP address pool. */ public readonly ipsecInternalAddresses!: pulumi.Output; + /** + * A fingerprint for the labels being applied to this Interconnect, which is essentially a hash + * of the labels set used for optimistic locking. The fingerprint is initially generated by + * Compute Engine and changes after every request to modify or update labels. + * You must always provide an up-to-date fingerprint hash in order to update or change labels, + * otherwise the request will fail with error 412 conditionNotMet. + */ + public /*out*/ readonly labelFingerprint!: pulumi.Output; + /** + * Labels for this resource. These can only be added or modified by the setLabels + * method. Each label key/value pair must comply with RFC1035. Label values may be empty. + * + * **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. + * Please refer to the field `effectiveLabels` for all of the labels present on the resource. + */ + public readonly labels!: pulumi.Output<{[key: string]: string} | undefined>; /** * Maximum Transmission Unit (MTU), in bytes, of packets passing through * this interconnect attachment. Currently, only 1440 and 1500 are allowed. If not specified, the value will default to 1440. @@ -277,6 +300,11 @@ export class InterconnectAttachment extends pulumi.CustomResource { * If it is not provided, the provider project is used. */ public readonly project!: pulumi.Output; + /** + * The combination of labels configured directly on the resource + * and default labels configured on the provider. + */ + public /*out*/ readonly pulumiLabels!: pulumi.Output<{[key: string]: string}>; /** * Region where the regional interconnect attachment resides. */ @@ -348,16 +376,20 @@ export class InterconnectAttachment extends pulumi.CustomResource { resourceInputs["customerRouterIpv6Address"] = state ? state.customerRouterIpv6Address : undefined; resourceInputs["description"] = state ? state.description : undefined; resourceInputs["edgeAvailabilityDomain"] = state ? state.edgeAvailabilityDomain : undefined; + resourceInputs["effectiveLabels"] = state ? state.effectiveLabels : undefined; resourceInputs["encryption"] = state ? state.encryption : undefined; resourceInputs["googleReferenceId"] = state ? state.googleReferenceId : undefined; resourceInputs["interconnect"] = state ? state.interconnect : undefined; resourceInputs["ipsecInternalAddresses"] = state ? state.ipsecInternalAddresses : undefined; + resourceInputs["labelFingerprint"] = state ? state.labelFingerprint : undefined; + resourceInputs["labels"] = state ? state.labels : undefined; resourceInputs["mtu"] = state ? state.mtu : undefined; resourceInputs["name"] = state ? state.name : undefined; resourceInputs["pairingKey"] = state ? state.pairingKey : undefined; resourceInputs["partnerAsn"] = state ? state.partnerAsn : undefined; resourceInputs["privateInterconnectInfos"] = state ? state.privateInterconnectInfos : undefined; resourceInputs["project"] = state ? state.project : undefined; + resourceInputs["pulumiLabels"] = state ? state.pulumiLabels : undefined; resourceInputs["region"] = state ? state.region : undefined; resourceInputs["router"] = state ? state.router : undefined; resourceInputs["selfLink"] = state ? state.selfLink : undefined; @@ -379,6 +411,7 @@ export class InterconnectAttachment extends pulumi.CustomResource { resourceInputs["encryption"] = args ? args.encryption : undefined; resourceInputs["interconnect"] = args ? args.interconnect : undefined; resourceInputs["ipsecInternalAddresses"] = args ? args.ipsecInternalAddresses : undefined; + resourceInputs["labels"] = args ? args.labels : undefined; resourceInputs["mtu"] = args ? args.mtu : undefined; resourceInputs["name"] = args ? args.name : undefined; resourceInputs["project"] = args ? args.project : undefined; @@ -393,14 +426,19 @@ export class InterconnectAttachment extends pulumi.CustomResource { resourceInputs["creationTimestamp"] = undefined /*out*/; resourceInputs["customerRouterIpAddress"] = undefined /*out*/; resourceInputs["customerRouterIpv6Address"] = undefined /*out*/; + resourceInputs["effectiveLabels"] = undefined /*out*/; resourceInputs["googleReferenceId"] = undefined /*out*/; + resourceInputs["labelFingerprint"] = undefined /*out*/; resourceInputs["pairingKey"] = undefined /*out*/; resourceInputs["partnerAsn"] = undefined /*out*/; resourceInputs["privateInterconnectInfos"] = undefined /*out*/; + resourceInputs["pulumiLabels"] = undefined /*out*/; resourceInputs["selfLink"] = undefined /*out*/; resourceInputs["state"] = undefined /*out*/; } opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts); + const secretOpts = { additionalSecretOutputs: ["effectiveLabels", "pulumiLabels"] }; + opts = pulumi.mergeOptions(opts, secretOpts); super(InterconnectAttachment.__pulumiType, name, resourceInputs, opts); } } @@ -470,6 +508,10 @@ export interface InterconnectAttachmentState { * domain. If not specified, the value will default to AVAILABILITY_DOMAIN_ANY. */ edgeAvailabilityDomain?: pulumi.Input; + /** + * All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. + */ + effectiveLabels?: pulumi.Input<{[key: string]: pulumi.Input}>; /** * Indicates the user-supplied encryption option of this interconnect * attachment. Can only be specified at attachment creation for PARTNER or @@ -515,6 +557,22 @@ export interface InterconnectAttachmentState { * allocated from regional external IP address pool. */ ipsecInternalAddresses?: pulumi.Input[]>; + /** + * A fingerprint for the labels being applied to this Interconnect, which is essentially a hash + * of the labels set used for optimistic locking. The fingerprint is initially generated by + * Compute Engine and changes after every request to modify or update labels. + * You must always provide an up-to-date fingerprint hash in order to update or change labels, + * otherwise the request will fail with error 412 conditionNotMet. + */ + labelFingerprint?: pulumi.Input; + /** + * Labels for this resource. These can only be added or modified by the setLabels + * method. Each label key/value pair must comply with RFC1035. Label values may be empty. + * + * **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. + * Please refer to the field `effectiveLabels` for all of the labels present on the resource. + */ + labels?: pulumi.Input<{[key: string]: pulumi.Input}>; /** * Maximum Transmission Unit (MTU), in bytes, of packets passing through * this interconnect attachment. Currently, only 1440 and 1500 are allowed. If not specified, the value will default to 1440. @@ -555,6 +613,11 @@ export interface InterconnectAttachmentState { * If it is not provided, the provider project is used. */ project?: pulumi.Input; + /** + * The combination of labels configured directly on the resource + * and default labels configured on the provider. + */ + pulumiLabels?: pulumi.Input<{[key: string]: pulumi.Input}>; /** * Region where the regional interconnect attachment resides. */ @@ -685,6 +748,14 @@ export interface InterconnectAttachmentArgs { * allocated from regional external IP address pool. */ ipsecInternalAddresses?: pulumi.Input[]>; + /** + * Labels for this resource. These can only be added or modified by the setLabels + * method. Each label key/value pair must comply with RFC1035. Label values may be empty. + * + * **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. + * Please refer to the field `effectiveLabels` for all of the labels present on the resource. + */ + labels?: pulumi.Input<{[key: string]: pulumi.Input}>; /** * Maximum Transmission Unit (MTU), in bytes, of packets passing through * this interconnect attachment. Currently, only 1440 and 1500 are allowed. If not specified, the value will default to 1440. diff --git a/sdk/nodejs/compute/networkFirewallPolicyRule.ts b/sdk/nodejs/compute/networkFirewallPolicyRule.ts index a8ac982fed..2c9d9ff5d7 100644 --- a/sdk/nodejs/compute/networkFirewallPolicyRule.ts +++ b/sdk/nodejs/compute/networkFirewallPolicyRule.ts @@ -22,7 +22,7 @@ import * as utilities from "../utilities"; * import * as gcp from "@pulumi/gcp"; * * const basicGlobalNetworksecurityAddressGroup = new gcp.networksecurity.AddressGroup("basic_global_networksecurity_address_group", { - * name: "address", + * name: "address-group", * parent: "projects/my-project-name", * description: "Sample global networksecurity_address_group", * location: "global", @@ -31,7 +31,7 @@ import * as utilities from "../utilities"; * capacity: 100, * }); * const basicNetworkFirewallPolicy = new gcp.compute.NetworkFirewallPolicy("basic_network_firewall_policy", { - * name: "policy", + * name: "fw-policy", * description: "Sample global network firewall policy", * project: "my-project-name", * }); @@ -40,7 +40,7 @@ import * as utilities from "../utilities"; * description: "For keyname resources.", * parent: "organizations/123456789", * purpose: "GCE_FIREWALL", - * shortName: "tagkey", + * shortName: "tag-key", * purposeData: { * network: pulumi.interpolate`my-project-name/${basicNetwork.name}`, * }, @@ -48,7 +48,7 @@ import * as utilities from "../utilities"; * const basicValue = new gcp.tags.TagValue("basic_value", { * description: "For valuename resources.", * parent: basicKey.id, - * shortName: "tagvalue", + * shortName: "tag-value", * }); * const primary = new gcp.compute.NetworkFirewallPolicyRule("primary", { * action: "allow", @@ -61,6 +61,7 @@ import * as utilities from "../utilities"; * ruleName: "test-rule", * targetServiceAccounts: ["my@service-account.com"], * match: { + * srcAddressGroups: [basicGlobalNetworksecurityAddressGroup.id], * srcIpRanges: ["10.100.0.1/32"], * srcFqdns: ["google.com"], * srcRegionCodes: ["US"], @@ -71,7 +72,66 @@ import * as utilities from "../utilities"; * layer4Configs: [{ * ipProtocol: "all", * }], - * srcAddressGroups: [basicGlobalNetworksecurityAddressGroup.id], + * }, + * }); + * ``` + * ### Network Firewall Policy Rule Network Scope Egress + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const basicNetworkFirewallPolicy = new gcp.compute.NetworkFirewallPolicy("basic_network_firewall_policy", { + * name: "fw-policy", + * description: "Sample global network firewall policy", + * project: "my-project-name", + * }); + * const primary = new gcp.compute.NetworkFirewallPolicyRule("primary", { + * action: "allow", + * description: "This is a simple rule description", + * direction: "EGRESS", + * disabled: false, + * enableLogging: true, + * firewallPolicy: basicNetworkFirewallPolicy.name, + * priority: 1000, + * ruleName: "test-rule", + * match: { + * destIpRanges: ["10.100.0.1/32"], + * destNetworkScope: "INTERNET", + * layer4Configs: [{ + * ipProtocol: "all", + * }], + * }, + * }); + * ``` + * ### Network Firewall Policy Rule Network Scope Ingress + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const basicNetworkFirewallPolicy = new gcp.compute.NetworkFirewallPolicy("basic_network_firewall_policy", { + * name: "fw-policy", + * description: "Sample global network firewall policy", + * project: "my-project-name", + * }); + * const network = new gcp.compute.Network("network", {name: "network"}); + * const primary = new gcp.compute.NetworkFirewallPolicyRule("primary", { + * action: "allow", + * description: "This is a simple rule description", + * direction: "INGRESS", + * disabled: false, + * enableLogging: true, + * firewallPolicy: basicNetworkFirewallPolicy.name, + * priority: 1000, + * ruleName: "test-rule", + * match: { + * srcIpRanges: ["11.100.0.1/32"], + * srcNetworkScope: "VPC_NETWORKS", + * srcNetworks: [network.id], + * layer4Configs: [{ + * ipProtocol: "all", + * }], * }, * }); * ``` diff --git a/sdk/nodejs/compute/networkFirewallPolicyWithRules.ts b/sdk/nodejs/compute/networkFirewallPolicyWithRules.ts index cfd60cd92f..b095196fea 100644 --- a/sdk/nodejs/compute/networkFirewallPolicyWithRules.ts +++ b/sdk/nodejs/compute/networkFirewallPolicyWithRules.ts @@ -17,7 +17,7 @@ import * as utilities from "../utilities"; * * const project = gcp.organizations.getProject({}); * const addressGroup1 = new gcp.networksecurity.AddressGroup("address_group_1", { - * name: "tf-address-group", + * name: "address-group", * parent: project.then(project => project.id), * description: "Global address group", * location: "global", @@ -29,7 +29,7 @@ import * as utilities from "../utilities"; * description: "Tag key", * parent: project.then(project => project.id), * purpose: "GCE_FIREWALL", - * shortName: "tf-tag-key", + * shortName: "tag-key", * purposeData: { * network: project.then(project => `${project.name}/default`), * }, @@ -37,22 +37,26 @@ import * as utilities from "../utilities"; * const secureTagValue1 = new gcp.tags.TagValue("secure_tag_value_1", { * description: "Tag value", * parent: secureTagKey1.id, - * shortName: "tf-tag-value", + * shortName: "tag-value", * }); * const securityProfile1 = new gcp.networksecurity.SecurityProfile("security_profile_1", { - * name: "tf-security-profile", + * name: "sp", * type: "THREAT_PREVENTION", * parent: "organizations/123456789", * location: "global", * }); * const securityProfileGroup1 = new gcp.networksecurity.SecurityProfileGroup("security_profile_group_1", { - * name: "tf-security-profile-group", + * name: "spg", * parent: "organizations/123456789", * description: "my description", * threatPreventionProfile: securityProfile1.id, * }); - * const network_firewall_policy_with_rules = new gcp.compute.NetworkFirewallPolicyWithRules("network-firewall-policy-with-rules", { - * name: "tf-fw-policy-with-rules", + * const network = new gcp.compute.Network("network", { + * name: "network", + * autoCreateSubnetworks: false, + * }); + * const primary = new gcp.compute.NetworkFirewallPolicyWithRules("primary", { + * name: "fw-policy", * description: "Terraform test", * rules: [ * { @@ -62,13 +66,6 @@ import * as utilities from "../utilities"; * action: "allow", * direction: "EGRESS", * match: { - * layer4Configs: [{ - * ipProtocol: "tcp", - * ports: [ - * "8080", - * "7070", - * ], - * }], * destIpRanges: ["11.100.0.1/32"], * destFqdns: [ * "www.yyy.com", @@ -83,6 +80,13 @@ import * as utilities from "../utilities"; * "iplist-tor-exit-nodes", * ], * destAddressGroups: [addressGroup1.id], + * layer4Configs: [{ + * ipProtocol: "tcp", + * ports: [ + * "8080", + * "7070", + * ], + * }], * }, * targetSecureTags: [{ * name: secureTagValue1.id, @@ -94,10 +98,8 @@ import * as utilities from "../utilities"; * enableLogging: false, * action: "deny", * direction: "INGRESS", + * disabled: true, * match: { - * layer4Configs: [{ - * ipProtocol: "udp", - * }], * srcIpRanges: ["0.0.0.0/0"], * srcFqdns: [ * "www.abc.com", @@ -115,8 +117,10 @@ import * as utilities from "../utilities"; * srcSecureTags: [{ * name: secureTagValue1.id, * }], + * layer4Configs: [{ + * ipProtocol: "udp", + * }], * }, - * disabled: true, * }, * { * description: "security profile group rule", @@ -125,15 +129,48 @@ import * as utilities from "../utilities"; * enableLogging: false, * action: "apply_security_profile_group", * direction: "INGRESS", + * targetServiceAccounts: ["test@google.com"], + * securityProfileGroup: pulumi.interpolate`//networksecurity.googleapis.com/${securityProfileGroup1.id}`, + * tlsInspect: true, * match: { + * srcIpRanges: ["0.0.0.0/0"], * layer4Configs: [{ * ipProtocol: "tcp", * }], - * srcIpRanges: ["0.0.0.0/0"], * }, - * targetServiceAccounts: ["test@google.com"], - * securityProfileGroup: pulumi.interpolate`//networksecurity.googleapis.com/${securityProfileGroup1.id}`, - * tlsInspect: true, + * }, + * { + * description: "network scope rule 1", + * ruleName: "network scope 1", + * priority: 4000, + * enableLogging: false, + * action: "allow", + * direction: "INGRESS", + * match: { + * srcIpRanges: ["11.100.0.1/32"], + * srcNetworkScope: "VPC_NETWORKS", + * srcNetworks: [network.id], + * layer4Configs: [{ + * ipProtocol: "tcp", + * ports: ["8080"], + * }], + * }, + * }, + * { + * description: "network scope rule 2", + * ruleName: "network scope 2", + * priority: 5000, + * enableLogging: false, + * action: "allow", + * direction: "EGRESS", + * match: { + * destIpRanges: ["0.0.0.0/0"], + * destNetworkScope: "INTERNET", + * layer4Configs: [{ + * ipProtocol: "tcp", + * ports: ["8080"], + * }], + * }, * }, * ], * }); diff --git a/sdk/nodejs/compute/projectMetadataItem.ts b/sdk/nodejs/compute/projectMetadataItem.ts index fea7b5ac01..5e94f82515 100644 --- a/sdk/nodejs/compute/projectMetadataItem.ts +++ b/sdk/nodejs/compute/projectMetadataItem.ts @@ -28,11 +28,17 @@ import * as utilities from "../utilities"; * * * `{{key}}` * + * * `projects/{{project}}/meta-data/{{key}}` + * * When using the `pulumi import` command, project metadata items can be imported using one of the formats above. For example: * * ```sh * $ pulumi import gcp:compute/projectMetadataItem:ProjectMetadataItem default {{key}} * ``` + * + * ```sh + * $ pulumi import gcp:compute/projectMetadataItem:ProjectMetadataItem default projects/{{project}}/meta-data/{{key}} + * ``` */ export class ProjectMetadataItem extends pulumi.CustomResource { /** diff --git a/sdk/nodejs/compute/publicAdvertisedPrefix.ts b/sdk/nodejs/compute/publicAdvertisedPrefix.ts index f44c123f15..efa37c05ba 100644 --- a/sdk/nodejs/compute/publicAdvertisedPrefix.ts +++ b/sdk/nodejs/compute/publicAdvertisedPrefix.ts @@ -28,6 +28,20 @@ import * as utilities from "../utilities"; * ipCidrRange: "127.127.0.0/16", * }); * ``` + * ### Public Advertised Prefixes Pdp Scope + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const prefixes = new gcp.compute.PublicAdvertisedPrefix("prefixes", { + * name: "my-pap", + * description: "description", + * dnsVerificationIp: "127.127.0.0", + * ipCidrRange: "127.127.0.0/16", + * pdpScope: "REGIONAL", + * }); + * ``` * * ## Import * @@ -105,6 +119,12 @@ export class PublicAdvertisedPrefix extends pulumi.CustomResource { * except the last character, which cannot be a dash. */ public readonly name!: pulumi.Output; + /** + * Specifies how child public delegated prefix will be scoped. pdpScope + * must be one of: GLOBAL, REGIONAL + * Possible values are: `GLOBAL`, `REGIONAL`. + */ + public readonly pdpScope!: pulumi.Output; /** * The ID of the project in which the resource belongs. * If it is not provided, the provider project is used. @@ -136,6 +156,7 @@ export class PublicAdvertisedPrefix extends pulumi.CustomResource { resourceInputs["dnsVerificationIp"] = state ? state.dnsVerificationIp : undefined; resourceInputs["ipCidrRange"] = state ? state.ipCidrRange : undefined; resourceInputs["name"] = state ? state.name : undefined; + resourceInputs["pdpScope"] = state ? state.pdpScope : undefined; resourceInputs["project"] = state ? state.project : undefined; resourceInputs["selfLink"] = state ? state.selfLink : undefined; resourceInputs["sharedSecret"] = state ? state.sharedSecret : undefined; @@ -151,6 +172,7 @@ export class PublicAdvertisedPrefix extends pulumi.CustomResource { resourceInputs["dnsVerificationIp"] = args ? args.dnsVerificationIp : undefined; resourceInputs["ipCidrRange"] = args ? args.ipCidrRange : undefined; resourceInputs["name"] = args ? args.name : undefined; + resourceInputs["pdpScope"] = args ? args.pdpScope : undefined; resourceInputs["project"] = args ? args.project : undefined; resourceInputs["selfLink"] = undefined /*out*/; resourceInputs["sharedSecret"] = undefined /*out*/; @@ -188,6 +210,12 @@ export interface PublicAdvertisedPrefixState { * except the last character, which cannot be a dash. */ name?: pulumi.Input; + /** + * Specifies how child public delegated prefix will be scoped. pdpScope + * must be one of: GLOBAL, REGIONAL + * Possible values are: `GLOBAL`, `REGIONAL`. + */ + pdpScope?: pulumi.Input; /** * The ID of the project in which the resource belongs. * If it is not provided, the provider project is used. @@ -231,6 +259,12 @@ export interface PublicAdvertisedPrefixArgs { * except the last character, which cannot be a dash. */ name?: pulumi.Input; + /** + * Specifies how child public delegated prefix will be scoped. pdpScope + * must be one of: GLOBAL, REGIONAL + * Possible values are: `GLOBAL`, `REGIONAL`. + */ + pdpScope?: pulumi.Input; /** * The ID of the project in which the resource belongs. * If it is not provided, the provider project is used. diff --git a/sdk/nodejs/compute/regionNetworkFirewallPolicyRule.ts b/sdk/nodejs/compute/regionNetworkFirewallPolicyRule.ts index 96b3e4bca1..329e4a3c1a 100644 --- a/sdk/nodejs/compute/regionNetworkFirewallPolicyRule.ts +++ b/sdk/nodejs/compute/regionNetworkFirewallPolicyRule.ts @@ -22,7 +22,7 @@ import * as utilities from "../utilities"; * import * as gcp from "@pulumi/gcp"; * * const basicRegionalNetworksecurityAddressGroup = new gcp.networksecurity.AddressGroup("basic_regional_networksecurity_address_group", { - * name: "address", + * name: "address-group", * parent: "projects/my-project-name", * description: "Sample regional networksecurity_address_group", * location: "us-west1", @@ -31,7 +31,7 @@ import * as utilities from "../utilities"; * capacity: 100, * }); * const basicRegionalNetworkFirewallPolicy = new gcp.compute.RegionNetworkFirewallPolicy("basic_regional_network_firewall_policy", { - * name: "policy", + * name: "fw-policy", * description: "Sample regional network firewall policy", * project: "my-project-name", * region: "us-west1", @@ -41,7 +41,7 @@ import * as utilities from "../utilities"; * description: "For keyname resources.", * parent: "organizations/123456789", * purpose: "GCE_FIREWALL", - * shortName: "tagkey", + * shortName: "tag-key", * purposeData: { * network: pulumi.interpolate`my-project-name/${basicNetwork.name}`, * }, @@ -49,7 +49,7 @@ import * as utilities from "../utilities"; * const basicValue = new gcp.tags.TagValue("basic_value", { * description: "For valuename resources.", * parent: basicKey.id, - * shortName: "tagvalue", + * shortName: "tag-value", * }); * const primary = new gcp.compute.RegionNetworkFirewallPolicyRule("primary", { * action: "allow", @@ -63,6 +63,7 @@ import * as utilities from "../utilities"; * ruleName: "test-rule", * targetServiceAccounts: ["my@service-account.com"], * match: { + * srcAddressGroups: [basicRegionalNetworksecurityAddressGroup.id], * srcIpRanges: ["10.100.0.1/32"], * srcFqdns: ["example.com"], * srcRegionCodes: ["US"], @@ -73,7 +74,70 @@ import * as utilities from "../utilities"; * srcSecureTags: [{ * name: basicValue.id, * }], - * srcAddressGroups: [basicRegionalNetworksecurityAddressGroup.id], + * }, + * }); + * ``` + * ### Region Network Firewall Policy Rule Network Scope Egress + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const basicRegionalNetworkFirewallPolicy = new gcp.compute.RegionNetworkFirewallPolicy("basic_regional_network_firewall_policy", { + * name: "fw-policy", + * description: "Sample regional network firewall policy", + * project: "my-project-name", + * region: "us-west1", + * }); + * const primary = new gcp.compute.RegionNetworkFirewallPolicyRule("primary", { + * action: "allow", + * description: "This is a simple rule description", + * direction: "EGRESS", + * disabled: false, + * enableLogging: true, + * firewallPolicy: basicRegionalNetworkFirewallPolicy.name, + * priority: 1000, + * region: "us-west1", + * ruleName: "test-rule", + * match: { + * destIpRanges: ["10.100.0.1/32"], + * destNetworkScope: "INTERNET", + * layer4Configs: [{ + * ipProtocol: "all", + * }], + * }, + * }); + * ``` + * ### Region Network Firewall Policy Rule Network Scope Ingress + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const basicRegionalNetworkFirewallPolicy = new gcp.compute.RegionNetworkFirewallPolicy("basic_regional_network_firewall_policy", { + * name: "fw-policy", + * description: "Sample regional network firewall policy", + * project: "my-project-name", + * region: "us-west1", + * }); + * const network = new gcp.compute.Network("network", {name: "network"}); + * const primary = new gcp.compute.RegionNetworkFirewallPolicyRule("primary", { + * action: "allow", + * description: "This is a simple rule description", + * direction: "INGRESS", + * disabled: false, + * enableLogging: true, + * firewallPolicy: basicRegionalNetworkFirewallPolicy.name, + * priority: 1000, + * region: "us-west1", + * ruleName: "test-rule", + * match: { + * srcIpRanges: ["10.100.0.1/32"], + * srcNetworkScope: "VPC_NETWORKS", + * srcNetworks: [network.id], + * layer4Configs: [{ + * ipProtocol: "all", + * }], * }, * }); * ``` diff --git a/sdk/nodejs/compute/regionNetworkFirewallPolicyWithRules.ts b/sdk/nodejs/compute/regionNetworkFirewallPolicyWithRules.ts index ab4f52c4e9..6b39fbdb53 100644 --- a/sdk/nodejs/compute/regionNetworkFirewallPolicyWithRules.ts +++ b/sdk/nodejs/compute/regionNetworkFirewallPolicyWithRules.ts @@ -17,7 +17,7 @@ import * as utilities from "../utilities"; * * const project = gcp.organizations.getProject({}); * const addressGroup1 = new gcp.networksecurity.AddressGroup("address_group_1", { - * name: "tf-address-group", + * name: "address-group", * parent: project.then(project => project.id), * description: "Regional address group", * location: "us-west2", @@ -29,7 +29,7 @@ import * as utilities from "../utilities"; * description: "Tag key", * parent: project.then(project => project.id), * purpose: "GCE_FIREWALL", - * shortName: "tf-tag-key", + * shortName: "tag-key", * purposeData: { * network: project.then(project => `${project.name}/default`), * }, @@ -37,10 +37,14 @@ import * as utilities from "../utilities"; * const secureTagValue1 = new gcp.tags.TagValue("secure_tag_value_1", { * description: "Tag value", * parent: secureTagKey1.id, - * shortName: "tf-tag-value", + * shortName: "tag-value", * }); - * const region_network_firewall_policy_with_rules = new gcp.compute.RegionNetworkFirewallPolicyWithRules("region-network-firewall-policy-with-rules", { - * name: "tf-region-fw-policy-with-rules", + * const network = new gcp.compute.Network("network", { + * name: "network", + * autoCreateSubnetworks: false, + * }); + * const primary = new gcp.compute.RegionNetworkFirewallPolicyWithRules("primary", { + * name: "fw-policy", * region: "us-west2", * description: "Terraform test", * rules: [ @@ -51,13 +55,6 @@ import * as utilities from "../utilities"; * action: "allow", * direction: "EGRESS", * match: { - * layer4Configs: [{ - * ipProtocol: "tcp", - * ports: [ - * "8080", - * "7070", - * ], - * }], * destIpRanges: ["11.100.0.1/32"], * destFqdns: [ * "www.yyy.com", @@ -72,6 +69,13 @@ import * as utilities from "../utilities"; * "iplist-tor-exit-nodes", * ], * destAddressGroups: [addressGroup1.id], + * layer4Configs: [{ + * ipProtocol: "tcp", + * ports: [ + * "8080", + * "7070", + * ], + * }], * }, * targetSecureTags: [{ * name: secureTagValue1.id, @@ -84,10 +88,8 @@ import * as utilities from "../utilities"; * enableLogging: false, * action: "deny", * direction: "INGRESS", + * disabled: true, * match: { - * layer4Configs: [{ - * ipProtocol: "udp", - * }], * srcIpRanges: ["0.0.0.0/0"], * srcFqdns: [ * "www.abc.com", @@ -105,8 +107,43 @@ import * as utilities from "../utilities"; * srcSecureTags: [{ * name: secureTagValue1.id, * }], + * layer4Configs: [{ + * ipProtocol: "udp", + * }], + * }, + * }, + * { + * description: "network scope rule 1", + * ruleName: "network scope 1", + * priority: 4000, + * enableLogging: false, + * action: "allow", + * direction: "INGRESS", + * match: { + * srcIpRanges: ["11.100.0.1/32"], + * srcNetworkScope: "VPC_NETWORKS", + * srcNetworks: [network.id], + * layer4Configs: [{ + * ipProtocol: "tcp", + * ports: ["8080"], + * }], + * }, + * }, + * { + * description: "network scope rule 2", + * ruleName: "network scope 2", + * priority: 5000, + * enableLogging: false, + * action: "allow", + * direction: "EGRESS", + * match: { + * destIpRanges: ["0.0.0.0/0"], + * destNetworkScope: "NON_INTERNET", + * layer4Configs: [{ + * ipProtocol: "tcp", + * ports: ["8080"], + * }], * }, - * disabled: true, * }, * ], * }); diff --git a/sdk/nodejs/compute/routerPeer.ts b/sdk/nodejs/compute/routerPeer.ts index 26da394d4b..5ca213ab5e 100644 --- a/sdk/nodejs/compute/routerPeer.ts +++ b/sdk/nodejs/compute/routerPeer.ts @@ -74,6 +74,22 @@ import * as utilities from "../utilities"; * }, * }); * ``` + * ### Router Zero Custom Learend Route Priority + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const peer = new gcp.compute.RouterPeer("peer", { + * name: "my-router-peer", + * router: "my-router", + * region: "us-central1", + * "interface": "interface-1", + * peerAsn: 65513, + * customLearnedRoutePriority: 0, + * zeroCustomLearnedRoutePriority: true, + * }); + * ``` * ### Router Peer Router Appliance * * ```typescript @@ -469,6 +485,10 @@ export class RouterPeer extends pulumi.CustomResource { * assigns unused addresses from the 2600:2d00:0:2::/64 or 2600:2d00:0:3::/64 range for you. */ public readonly ipv6NexthopAddress!: pulumi.Output; + /** + * An internal boolean field for provider use. + */ + public /*out*/ readonly isCustomLearnedPrioritySet!: pulumi.Output; /** * The resource that configures and manages this BGP peer. * * `MANAGED_BY_USER` is the default value and can be managed by @@ -540,6 +560,11 @@ export class RouterPeer extends pulumi.CustomResource { * this Cloud Router. The VM instance is the peer side of the BGP session. */ public readonly routerApplianceInstance!: pulumi.Output; + /** + * The user-defined zero-custom-learned-route-priority for a custom-learned-route-priority in BGP session. + * This value has to be set true to force the customLearnedRoutePriority to be 0. + */ + public readonly zeroCustomLearnedRoutePriority!: pulumi.Output; /** * Create a RouterPeer resource with the given unique name, arguments, and options. @@ -570,6 +595,7 @@ export class RouterPeer extends pulumi.CustomResource { resourceInputs["ipAddress"] = state ? state.ipAddress : undefined; resourceInputs["ipv4NexthopAddress"] = state ? state.ipv4NexthopAddress : undefined; resourceInputs["ipv6NexthopAddress"] = state ? state.ipv6NexthopAddress : undefined; + resourceInputs["isCustomLearnedPrioritySet"] = state ? state.isCustomLearnedPrioritySet : undefined; resourceInputs["managementType"] = state ? state.managementType : undefined; resourceInputs["md5AuthenticationKey"] = state ? state.md5AuthenticationKey : undefined; resourceInputs["name"] = state ? state.name : undefined; @@ -581,6 +607,7 @@ export class RouterPeer extends pulumi.CustomResource { resourceInputs["region"] = state ? state.region : undefined; resourceInputs["router"] = state ? state.router : undefined; resourceInputs["routerApplianceInstance"] = state ? state.routerApplianceInstance : undefined; + resourceInputs["zeroCustomLearnedRoutePriority"] = state ? state.zeroCustomLearnedRoutePriority : undefined; } else { const args = argsOrState as RouterPeerArgs | undefined; if ((!args || args.interface === undefined) && !opts.urn) { @@ -618,6 +645,8 @@ export class RouterPeer extends pulumi.CustomResource { resourceInputs["region"] = args ? args.region : undefined; resourceInputs["router"] = args ? args.router : undefined; resourceInputs["routerApplianceInstance"] = args ? args.routerApplianceInstance : undefined; + resourceInputs["zeroCustomLearnedRoutePriority"] = args ? args.zeroCustomLearnedRoutePriority : undefined; + resourceInputs["isCustomLearnedPrioritySet"] = undefined /*out*/; resourceInputs["managementType"] = undefined /*out*/; } opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts); @@ -728,6 +757,10 @@ export interface RouterPeerState { * assigns unused addresses from the 2600:2d00:0:2::/64 or 2600:2d00:0:3::/64 range for you. */ ipv6NexthopAddress?: pulumi.Input; + /** + * An internal boolean field for provider use. + */ + isCustomLearnedPrioritySet?: pulumi.Input; /** * The resource that configures and manages this BGP peer. * * `MANAGED_BY_USER` is the default value and can be managed by @@ -799,6 +832,11 @@ export interface RouterPeerState { * this Cloud Router. The VM instance is the peer side of the BGP session. */ routerApplianceInstance?: pulumi.Input; + /** + * The user-defined zero-custom-learned-route-priority for a custom-learned-route-priority in BGP session. + * This value has to be set true to force the customLearnedRoutePriority to be 0. + */ + zeroCustomLearnedRoutePriority?: pulumi.Input; } /** @@ -963,4 +1001,9 @@ export interface RouterPeerArgs { * this Cloud Router. The VM instance is the peer side of the BGP session. */ routerApplianceInstance?: pulumi.Input; + /** + * The user-defined zero-custom-learned-route-priority for a custom-learned-route-priority in BGP session. + * This value has to be set true to force the customLearnedRoutePriority to be 0. + */ + zeroCustomLearnedRoutePriority?: pulumi.Input; } diff --git a/sdk/nodejs/config/vars.ts b/sdk/nodejs/config/vars.ts index ed5512b661..0165f8a8f7 100644 --- a/sdk/nodejs/config/vars.ts +++ b/sdk/nodejs/config/vars.ts @@ -73,6 +73,14 @@ Object.defineProperty(exports, "apigeeCustomEndpoint", { enumerable: true, }); +export declare const apihubCustomEndpoint: string | undefined; +Object.defineProperty(exports, "apihubCustomEndpoint", { + get() { + return __config.get("apihubCustomEndpoint"); + }, + enumerable: true, +}); + export declare const apikeysCustomEndpoint: string | undefined; Object.defineProperty(exports, "apikeysCustomEndpoint", { get() { diff --git a/sdk/nodejs/filestore/getInstance.ts b/sdk/nodejs/filestore/getInstance.ts index 2f201129cb..da429f6a51 100644 --- a/sdk/nodejs/filestore/getInstance.ts +++ b/sdk/nodejs/filestore/getInstance.ts @@ -79,6 +79,7 @@ export interface GetInstanceResult { readonly project?: string; readonly protocol: string; readonly pulumiLabels: {[key: string]: string}; + readonly tags: {[key: string]: string}; readonly tier: string; readonly zone: string; } diff --git a/sdk/nodejs/filestore/instance.ts b/sdk/nodejs/filestore/instance.ts index a9d427c5d7..b490d2f3ab 100644 --- a/sdk/nodejs/filestore/instance.ts +++ b/sdk/nodejs/filestore/instance.ts @@ -248,6 +248,14 @@ export class Instance extends pulumi.CustomResource { * and default labels configured on the provider. */ public /*out*/ readonly pulumiLabels!: pulumi.Output<{[key: string]: string}>; + /** + * A map of resource manager tags. Resource manager tag keys and values have the same definition as resource manager tags. + * Keys must be in the format tagKeys/{tag_key_id}, and values are in the format tagValues/456. The field is ignored when + * empty. The field is immutable and causes resource replacement when mutated. This field is only set at create time and + * modifying this field after creation will trigger recreation. To apply tags to an existing resource, see the + * 'google_tags_tag_value' resource. + */ + public readonly tags!: pulumi.Output<{[key: string]: string} | undefined>; /** * The service tier of the instance. * Possible values include: STANDARD, PREMIUM, BASIC_HDD, BASIC_SSD, HIGH_SCALE_SSD, ZONAL, REGIONAL and ENTERPRISE @@ -289,6 +297,7 @@ export class Instance extends pulumi.CustomResource { resourceInputs["project"] = state ? state.project : undefined; resourceInputs["protocol"] = state ? state.protocol : undefined; resourceInputs["pulumiLabels"] = state ? state.pulumiLabels : undefined; + resourceInputs["tags"] = state ? state.tags : undefined; resourceInputs["tier"] = state ? state.tier : undefined; resourceInputs["zone"] = state ? state.zone : undefined; } else { @@ -314,6 +323,7 @@ export class Instance extends pulumi.CustomResource { resourceInputs["performanceConfig"] = args ? args.performanceConfig : undefined; resourceInputs["project"] = args ? args.project : undefined; resourceInputs["protocol"] = args ? args.protocol : undefined; + resourceInputs["tags"] = args ? args.tags : undefined; resourceInputs["tier"] = args ? args.tier : undefined; resourceInputs["zone"] = args ? args.zone : undefined; resourceInputs["createTime"] = undefined /*out*/; @@ -403,6 +413,14 @@ export interface InstanceState { * and default labels configured on the provider. */ pulumiLabels?: pulumi.Input<{[key: string]: pulumi.Input}>; + /** + * A map of resource manager tags. Resource manager tag keys and values have the same definition as resource manager tags. + * Keys must be in the format tagKeys/{tag_key_id}, and values are in the format tagValues/456. The field is ignored when + * empty. The field is immutable and causes resource replacement when mutated. This field is only set at create time and + * modifying this field after creation will trigger recreation. To apply tags to an existing resource, see the + * 'google_tags_tag_value' resource. + */ + tags?: pulumi.Input<{[key: string]: pulumi.Input}>; /** * The service tier of the instance. * Possible values include: STANDARD, PREMIUM, BASIC_HDD, BASIC_SSD, HIGH_SCALE_SSD, ZONAL, REGIONAL and ENTERPRISE @@ -473,6 +491,14 @@ export interface InstanceArgs { * "NFS_V3" Possible values: ["NFS_V3", "NFS_V4_1"] */ protocol?: pulumi.Input; + /** + * A map of resource manager tags. Resource manager tag keys and values have the same definition as resource manager tags. + * Keys must be in the format tagKeys/{tag_key_id}, and values are in the format tagValues/456. The field is ignored when + * empty. The field is immutable and causes resource replacement when mutated. This field is only set at create time and + * modifying this field after creation will trigger recreation. To apply tags to an existing resource, see the + * 'google_tags_tag_value' resource. + */ + tags?: pulumi.Input<{[key: string]: pulumi.Input}>; /** * The service tier of the instance. * Possible values include: STANDARD, PREMIUM, BASIC_HDD, BASIC_SSD, HIGH_SCALE_SSD, ZONAL, REGIONAL and ENTERPRISE diff --git a/sdk/nodejs/gemini/codeRepositoryIndex.ts b/sdk/nodejs/gemini/codeRepositoryIndex.ts index b993de07c8..c998555f94 100644 --- a/sdk/nodejs/gemini/codeRepositoryIndex.ts +++ b/sdk/nodejs/gemini/codeRepositoryIndex.ts @@ -5,6 +5,14 @@ import * as pulumi from "@pulumi/pulumi"; import * as utilities from "../utilities"; /** + * The resource for managing Code Repository Index for Gemini Code Assist. + * + * To get more information about CodeRepositoryIndex, see: + * + * * [API documentation](https://cloud.google.com/gemini/docs/api/reference/rest/v1/projects.locations.codeRepositoryIndexes) + * * How-to Guides + * * [Gemini Code Assist overview](https://cloud.google.com/gemini/docs/codeassist/overview) + * * ## Example Usage * * ### Gemini Code Repository Index Basic @@ -15,7 +23,7 @@ import * as utilities from "../utilities"; * * const example = new gcp.gemini.CodeRepositoryIndex("example", { * location: "us-central1", - * codeRepositoryIndexId: "", + * codeRepositoryIndexId: "code-repository-index-example", * kmsKey: "projects/projectExample/locations/locationExample/keyRings/keyRingExample/cryptoKeys/cryptoKeyExample", * }); * ``` @@ -93,7 +101,7 @@ export class CodeRepositoryIndex extends pulumi.CustomResource { public readonly forceDestroy!: pulumi.Output; /** * Optional. Immutable. Customer-managed encryption key name, in the format - * projects/*/locations/*/keyRings/*/cryptoKeys/*. + * `projects/*/locations/*/keyRings/*/cryptoKeys/*`. */ public readonly kmsKey!: pulumi.Output; /** @@ -122,12 +130,7 @@ export class CodeRepositoryIndex extends pulumi.CustomResource { public /*out*/ readonly pulumiLabels!: pulumi.Output<{[key: string]: string}>; /** * Output only. Code Repository Index instance State. - * Possible values: - * STATE_UNSPECIFIED - * CREATING - * ACTIVE - * DELETING - * SUSPENDED + * Possible values are: `STATE_UNSPECIFIED`, `CREATING`, `ACTIVE`, `DELETING`, `SUSPENDED`. */ public /*out*/ readonly state!: pulumi.Output; /** @@ -213,7 +216,7 @@ export interface CodeRepositoryIndexState { forceDestroy?: pulumi.Input; /** * Optional. Immutable. Customer-managed encryption key name, in the format - * projects/*/locations/*/keyRings/*/cryptoKeys/*. + * `projects/*/locations/*/keyRings/*/cryptoKeys/*`. */ kmsKey?: pulumi.Input; /** @@ -242,12 +245,7 @@ export interface CodeRepositoryIndexState { pulumiLabels?: pulumi.Input<{[key: string]: pulumi.Input}>; /** * Output only. Code Repository Index instance State. - * Possible values: - * STATE_UNSPECIFIED - * CREATING - * ACTIVE - * DELETING - * SUSPENDED + * Possible values are: `STATE_UNSPECIFIED`, `CREATING`, `ACTIVE`, `DELETING`, `SUSPENDED`. */ state?: pulumi.Input; /** @@ -273,7 +271,7 @@ export interface CodeRepositoryIndexArgs { forceDestroy?: pulumi.Input; /** * Optional. Immutable. Customer-managed encryption key name, in the format - * projects/*/locations/*/keyRings/*/cryptoKeys/*. + * `projects/*/locations/*/keyRings/*/cryptoKeys/*`. */ kmsKey?: pulumi.Input; /** diff --git a/sdk/nodejs/gemini/getRepositoryGroupIamPolicy.ts b/sdk/nodejs/gemini/getRepositoryGroupIamPolicy.ts index 068422955d..314be776b4 100644 --- a/sdk/nodejs/gemini/getRepositoryGroupIamPolicy.ts +++ b/sdk/nodejs/gemini/getRepositoryGroupIamPolicy.ts @@ -4,6 +4,23 @@ import * as pulumi from "@pulumi/pulumi"; import * as utilities from "../utilities"; +/** + * Retrieves the current IAM policy data for repositorygroup + * + * ## example + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const policy = gcp.gemini.getRepositoryGroupIamPolicy({ + * project: example.project, + * location: example.location, + * codeRepositoryIndex: example.codeRepositoryIndex, + * repositoryGroupId: example.repositoryGroupId, + * }); + * ``` + */ export function getRepositoryGroupIamPolicy(args: GetRepositoryGroupIamPolicyArgs, opts?: pulumi.InvokeOptions): Promise { opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); return pulumi.runtime.invoke("gcp:gemini/getRepositoryGroupIamPolicy:getRepositoryGroupIamPolicy", { @@ -55,6 +72,23 @@ export interface GetRepositoryGroupIamPolicyResult { readonly project: string; readonly repositoryGroupId: string; } +/** + * Retrieves the current IAM policy data for repositorygroup + * + * ## example + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const policy = gcp.gemini.getRepositoryGroupIamPolicy({ + * project: example.project, + * location: example.location, + * codeRepositoryIndex: example.codeRepositoryIndex, + * repositoryGroupId: example.repositoryGroupId, + * }); + * ``` + */ export function getRepositoryGroupIamPolicyOutput(args: GetRepositoryGroupIamPolicyOutputArgs, opts?: pulumi.InvokeOutputOptions): pulumi.Output { opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); return pulumi.runtime.invokeOutput("gcp:gemini/getRepositoryGroupIamPolicy:getRepositoryGroupIamPolicy", { diff --git a/sdk/nodejs/gemini/repositoryGroup.ts b/sdk/nodejs/gemini/repositoryGroup.ts index cd1afd3f87..6e1163796e 100644 --- a/sdk/nodejs/gemini/repositoryGroup.ts +++ b/sdk/nodejs/gemini/repositoryGroup.ts @@ -7,8 +7,34 @@ import * as outputs from "../types/output"; import * as utilities from "../utilities"; /** + * The resource for managing Repository Group for Gemini Code Assist. + * + * To get more information about RepositoryGroup, see: + * + * * [API documentation](https://cloud.google.com/gemini/docs/api/reference/rest/v1/projects.locations.codeRepositoryIndexes.repositoryGroups) + * * ## Example Usage * + * ### Gemini Repository Group Basic + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const example = new gcp.gemini.RepositoryGroup("example", { + * location: "us-central1", + * codeRepositoryIndex: "example-cri", + * repositoryGroupId: "example-repository-group", + * repositories: [{ + * resource: "projects/example-project/locations/us-central1/connections/example-connection/gitRepositoryLinks/example-repo", + * branchPattern: "main", + * }], + * labels: { + * label1: "value1", + * }, + * }); + * ``` + * * ## Import * * RepositoryGroup can be imported using any of these accepted formats: @@ -66,7 +92,7 @@ export class RepositoryGroup extends pulumi.CustomResource { */ public readonly codeRepositoryIndex!: pulumi.Output; /** - * Output only. Create time stamp + * Output only. Create time stamp. */ public /*out*/ readonly createTime!: pulumi.Output; /** @@ -74,7 +100,7 @@ export class RepositoryGroup extends pulumi.CustomResource { */ public /*out*/ readonly effectiveLabels!: pulumi.Output<{[key: string]: string}>; /** - * Optional. Labels as key value pairs **Note**: This field is non-authoritative, and will only manage the labels present + * Optional. Labels as key value pairs. **Note**: This field is non-authoritative, and will only manage the labels present * in your configuration. Please refer to the field 'effective_labels' for all of the labels present on the resource. */ public readonly labels!: pulumi.Output<{[key: string]: string} | undefined>; @@ -83,7 +109,7 @@ export class RepositoryGroup extends pulumi.CustomResource { */ public readonly location!: pulumi.Output; /** - * Immutable. Identifier. name of resource + * Immutable. Identifier. Name of Repository Group. */ public /*out*/ readonly name!: pulumi.Output; public readonly project!: pulumi.Output; @@ -93,7 +119,7 @@ export class RepositoryGroup extends pulumi.CustomResource { */ public /*out*/ readonly pulumiLabels!: pulumi.Output<{[key: string]: string}>; /** - * Required. List of repositories to group + * Required. List of repositories to group. * Structure is documented below. */ public readonly repositories!: pulumi.Output; @@ -102,7 +128,7 @@ export class RepositoryGroup extends pulumi.CustomResource { */ public readonly repositoryGroupId!: pulumi.Output; /** - * Output only. Update time stamp + * Output only. Update time stamp. */ public /*out*/ readonly updateTime!: pulumi.Output; @@ -172,7 +198,7 @@ export interface RepositoryGroupState { */ codeRepositoryIndex?: pulumi.Input; /** - * Output only. Create time stamp + * Output only. Create time stamp. */ createTime?: pulumi.Input; /** @@ -180,7 +206,7 @@ export interface RepositoryGroupState { */ effectiveLabels?: pulumi.Input<{[key: string]: pulumi.Input}>; /** - * Optional. Labels as key value pairs **Note**: This field is non-authoritative, and will only manage the labels present + * Optional. Labels as key value pairs. **Note**: This field is non-authoritative, and will only manage the labels present * in your configuration. Please refer to the field 'effective_labels' for all of the labels present on the resource. */ labels?: pulumi.Input<{[key: string]: pulumi.Input}>; @@ -189,7 +215,7 @@ export interface RepositoryGroupState { */ location?: pulumi.Input; /** - * Immutable. Identifier. name of resource + * Immutable. Identifier. Name of Repository Group. */ name?: pulumi.Input; project?: pulumi.Input; @@ -199,7 +225,7 @@ export interface RepositoryGroupState { */ pulumiLabels?: pulumi.Input<{[key: string]: pulumi.Input}>; /** - * Required. List of repositories to group + * Required. List of repositories to group. * Structure is documented below. */ repositories?: pulumi.Input[]>; @@ -208,7 +234,7 @@ export interface RepositoryGroupState { */ repositoryGroupId?: pulumi.Input; /** - * Output only. Update time stamp + * Output only. Update time stamp. */ updateTime?: pulumi.Input; } @@ -222,7 +248,7 @@ export interface RepositoryGroupArgs { */ codeRepositoryIndex: pulumi.Input; /** - * Optional. Labels as key value pairs **Note**: This field is non-authoritative, and will only manage the labels present + * Optional. Labels as key value pairs. **Note**: This field is non-authoritative, and will only manage the labels present * in your configuration. Please refer to the field 'effective_labels' for all of the labels present on the resource. */ labels?: pulumi.Input<{[key: string]: pulumi.Input}>; @@ -232,7 +258,7 @@ export interface RepositoryGroupArgs { location: pulumi.Input; project?: pulumi.Input; /** - * Required. List of repositories to group + * Required. List of repositories to group. * Structure is documented below. */ repositories: pulumi.Input[]>; diff --git a/sdk/nodejs/gemini/repositoryGroupIamBinding.ts b/sdk/nodejs/gemini/repositoryGroupIamBinding.ts index a9c4bd1b99..837b921e29 100644 --- a/sdk/nodejs/gemini/repositoryGroupIamBinding.ts +++ b/sdk/nodejs/gemini/repositoryGroupIamBinding.ts @@ -7,6 +7,145 @@ import * as outputs from "../types/output"; import * as utilities from "../utilities"; /** + * Three different resources help you manage your IAM policy for Gemini for Google Cloud RepositoryGroup. Each of these resources serves a different use case: + * + * * `gcp.gemini.RepositoryGroupIamPolicy`: Authoritative. Sets the IAM policy for the repositorygroup and replaces any existing policy already attached. + * * `gcp.gemini.RepositoryGroupIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the repositorygroup are preserved. + * * `gcp.gemini.RepositoryGroupIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the repositorygroup are preserved. + * + * A data source can be used to retrieve policy data in advent you do not need creation + * + * * `gcp.gemini.RepositoryGroupIamPolicy`: Retrieves the IAM policy for the repositorygroup + * + * > **Note:** `gcp.gemini.RepositoryGroupIamPolicy` **cannot** be used in conjunction with `gcp.gemini.RepositoryGroupIamBinding` and `gcp.gemini.RepositoryGroupIamMember` or they will fight over what your policy should be. + * + * > **Note:** `gcp.gemini.RepositoryGroupIamBinding` resources **can be** used in conjunction with `gcp.gemini.RepositoryGroupIamMember` resources **only if** they do not grant privilege to the same role. + * + * ## gcp.gemini.RepositoryGroupIamPolicy + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const admin = gcp.organizations.getIAMPolicy({ + * bindings: [{ + * role: "roles/cloudaicompanion.repositoryGroupsUser", + * members: ["user:jane@example.com"], + * }], + * }); + * const policy = new gcp.gemini.RepositoryGroupIamPolicy("policy", { + * project: example.project, + * location: example.location, + * codeRepositoryIndex: example.codeRepositoryIndex, + * repositoryGroupId: example.repositoryGroupId, + * policyData: admin.then(admin => admin.policyData), + * }); + * ``` + * + * ## gcp.gemini.RepositoryGroupIamBinding + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const binding = new gcp.gemini.RepositoryGroupIamBinding("binding", { + * project: example.project, + * location: example.location, + * codeRepositoryIndex: example.codeRepositoryIndex, + * repositoryGroupId: example.repositoryGroupId, + * role: "roles/cloudaicompanion.repositoryGroupsUser", + * members: ["user:jane@example.com"], + * }); + * ``` + * + * ## gcp.gemini.RepositoryGroupIamMember + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const member = new gcp.gemini.RepositoryGroupIamMember("member", { + * project: example.project, + * location: example.location, + * codeRepositoryIndex: example.codeRepositoryIndex, + * repositoryGroupId: example.repositoryGroupId, + * role: "roles/cloudaicompanion.repositoryGroupsUser", + * member: "user:jane@example.com", + * }); + * ``` + * + * ## This resource supports User Project Overrides. + * + * - + * + * # IAM policy for Gemini for Google Cloud RepositoryGroup + * Three different resources help you manage your IAM policy for Gemini for Google Cloud RepositoryGroup. Each of these resources serves a different use case: + * + * * `gcp.gemini.RepositoryGroupIamPolicy`: Authoritative. Sets the IAM policy for the repositorygroup and replaces any existing policy already attached. + * * `gcp.gemini.RepositoryGroupIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the repositorygroup are preserved. + * * `gcp.gemini.RepositoryGroupIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the repositorygroup are preserved. + * + * A data source can be used to retrieve policy data in advent you do not need creation + * + * * `gcp.gemini.RepositoryGroupIamPolicy`: Retrieves the IAM policy for the repositorygroup + * + * > **Note:** `gcp.gemini.RepositoryGroupIamPolicy` **cannot** be used in conjunction with `gcp.gemini.RepositoryGroupIamBinding` and `gcp.gemini.RepositoryGroupIamMember` or they will fight over what your policy should be. + * + * > **Note:** `gcp.gemini.RepositoryGroupIamBinding` resources **can be** used in conjunction with `gcp.gemini.RepositoryGroupIamMember` resources **only if** they do not grant privilege to the same role. + * + * ## gcp.gemini.RepositoryGroupIamPolicy + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const admin = gcp.organizations.getIAMPolicy({ + * bindings: [{ + * role: "roles/cloudaicompanion.repositoryGroupsUser", + * members: ["user:jane@example.com"], + * }], + * }); + * const policy = new gcp.gemini.RepositoryGroupIamPolicy("policy", { + * project: example.project, + * location: example.location, + * codeRepositoryIndex: example.codeRepositoryIndex, + * repositoryGroupId: example.repositoryGroupId, + * policyData: admin.then(admin => admin.policyData), + * }); + * ``` + * + * ## gcp.gemini.RepositoryGroupIamBinding + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const binding = new gcp.gemini.RepositoryGroupIamBinding("binding", { + * project: example.project, + * location: example.location, + * codeRepositoryIndex: example.codeRepositoryIndex, + * repositoryGroupId: example.repositoryGroupId, + * role: "roles/cloudaicompanion.repositoryGroupsUser", + * members: ["user:jane@example.com"], + * }); + * ``` + * + * ## gcp.gemini.RepositoryGroupIamMember + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const member = new gcp.gemini.RepositoryGroupIamMember("member", { + * project: example.project, + * location: example.location, + * codeRepositoryIndex: example.codeRepositoryIndex, + * repositoryGroupId: example.repositoryGroupId, + * role: "roles/cloudaicompanion.repositoryGroupsUser", + * member: "user:jane@example.com", + * }); + * ``` + * * ## Import * * For all import syntaxes, the "resource in question" can take any of the following forms: diff --git a/sdk/nodejs/gemini/repositoryGroupIamMember.ts b/sdk/nodejs/gemini/repositoryGroupIamMember.ts index 4f0d95c9b9..9fbe67e34c 100644 --- a/sdk/nodejs/gemini/repositoryGroupIamMember.ts +++ b/sdk/nodejs/gemini/repositoryGroupIamMember.ts @@ -7,6 +7,145 @@ import * as outputs from "../types/output"; import * as utilities from "../utilities"; /** + * Three different resources help you manage your IAM policy for Gemini for Google Cloud RepositoryGroup. Each of these resources serves a different use case: + * + * * `gcp.gemini.RepositoryGroupIamPolicy`: Authoritative. Sets the IAM policy for the repositorygroup and replaces any existing policy already attached. + * * `gcp.gemini.RepositoryGroupIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the repositorygroup are preserved. + * * `gcp.gemini.RepositoryGroupIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the repositorygroup are preserved. + * + * A data source can be used to retrieve policy data in advent you do not need creation + * + * * `gcp.gemini.RepositoryGroupIamPolicy`: Retrieves the IAM policy for the repositorygroup + * + * > **Note:** `gcp.gemini.RepositoryGroupIamPolicy` **cannot** be used in conjunction with `gcp.gemini.RepositoryGroupIamBinding` and `gcp.gemini.RepositoryGroupIamMember` or they will fight over what your policy should be. + * + * > **Note:** `gcp.gemini.RepositoryGroupIamBinding` resources **can be** used in conjunction with `gcp.gemini.RepositoryGroupIamMember` resources **only if** they do not grant privilege to the same role. + * + * ## gcp.gemini.RepositoryGroupIamPolicy + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const admin = gcp.organizations.getIAMPolicy({ + * bindings: [{ + * role: "roles/cloudaicompanion.repositoryGroupsUser", + * members: ["user:jane@example.com"], + * }], + * }); + * const policy = new gcp.gemini.RepositoryGroupIamPolicy("policy", { + * project: example.project, + * location: example.location, + * codeRepositoryIndex: example.codeRepositoryIndex, + * repositoryGroupId: example.repositoryGroupId, + * policyData: admin.then(admin => admin.policyData), + * }); + * ``` + * + * ## gcp.gemini.RepositoryGroupIamBinding + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const binding = new gcp.gemini.RepositoryGroupIamBinding("binding", { + * project: example.project, + * location: example.location, + * codeRepositoryIndex: example.codeRepositoryIndex, + * repositoryGroupId: example.repositoryGroupId, + * role: "roles/cloudaicompanion.repositoryGroupsUser", + * members: ["user:jane@example.com"], + * }); + * ``` + * + * ## gcp.gemini.RepositoryGroupIamMember + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const member = new gcp.gemini.RepositoryGroupIamMember("member", { + * project: example.project, + * location: example.location, + * codeRepositoryIndex: example.codeRepositoryIndex, + * repositoryGroupId: example.repositoryGroupId, + * role: "roles/cloudaicompanion.repositoryGroupsUser", + * member: "user:jane@example.com", + * }); + * ``` + * + * ## This resource supports User Project Overrides. + * + * - + * + * # IAM policy for Gemini for Google Cloud RepositoryGroup + * Three different resources help you manage your IAM policy for Gemini for Google Cloud RepositoryGroup. Each of these resources serves a different use case: + * + * * `gcp.gemini.RepositoryGroupIamPolicy`: Authoritative. Sets the IAM policy for the repositorygroup and replaces any existing policy already attached. + * * `gcp.gemini.RepositoryGroupIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the repositorygroup are preserved. + * * `gcp.gemini.RepositoryGroupIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the repositorygroup are preserved. + * + * A data source can be used to retrieve policy data in advent you do not need creation + * + * * `gcp.gemini.RepositoryGroupIamPolicy`: Retrieves the IAM policy for the repositorygroup + * + * > **Note:** `gcp.gemini.RepositoryGroupIamPolicy` **cannot** be used in conjunction with `gcp.gemini.RepositoryGroupIamBinding` and `gcp.gemini.RepositoryGroupIamMember` or they will fight over what your policy should be. + * + * > **Note:** `gcp.gemini.RepositoryGroupIamBinding` resources **can be** used in conjunction with `gcp.gemini.RepositoryGroupIamMember` resources **only if** they do not grant privilege to the same role. + * + * ## gcp.gemini.RepositoryGroupIamPolicy + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const admin = gcp.organizations.getIAMPolicy({ + * bindings: [{ + * role: "roles/cloudaicompanion.repositoryGroupsUser", + * members: ["user:jane@example.com"], + * }], + * }); + * const policy = new gcp.gemini.RepositoryGroupIamPolicy("policy", { + * project: example.project, + * location: example.location, + * codeRepositoryIndex: example.codeRepositoryIndex, + * repositoryGroupId: example.repositoryGroupId, + * policyData: admin.then(admin => admin.policyData), + * }); + * ``` + * + * ## gcp.gemini.RepositoryGroupIamBinding + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const binding = new gcp.gemini.RepositoryGroupIamBinding("binding", { + * project: example.project, + * location: example.location, + * codeRepositoryIndex: example.codeRepositoryIndex, + * repositoryGroupId: example.repositoryGroupId, + * role: "roles/cloudaicompanion.repositoryGroupsUser", + * members: ["user:jane@example.com"], + * }); + * ``` + * + * ## gcp.gemini.RepositoryGroupIamMember + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const member = new gcp.gemini.RepositoryGroupIamMember("member", { + * project: example.project, + * location: example.location, + * codeRepositoryIndex: example.codeRepositoryIndex, + * repositoryGroupId: example.repositoryGroupId, + * role: "roles/cloudaicompanion.repositoryGroupsUser", + * member: "user:jane@example.com", + * }); + * ``` + * * ## Import * * For all import syntaxes, the "resource in question" can take any of the following forms: diff --git a/sdk/nodejs/gemini/repositoryGroupIamPolicy.ts b/sdk/nodejs/gemini/repositoryGroupIamPolicy.ts index eb416aee33..55df7a9086 100644 --- a/sdk/nodejs/gemini/repositoryGroupIamPolicy.ts +++ b/sdk/nodejs/gemini/repositoryGroupIamPolicy.ts @@ -5,6 +5,145 @@ import * as pulumi from "@pulumi/pulumi"; import * as utilities from "../utilities"; /** + * Three different resources help you manage your IAM policy for Gemini for Google Cloud RepositoryGroup. Each of these resources serves a different use case: + * + * * `gcp.gemini.RepositoryGroupIamPolicy`: Authoritative. Sets the IAM policy for the repositorygroup and replaces any existing policy already attached. + * * `gcp.gemini.RepositoryGroupIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the repositorygroup are preserved. + * * `gcp.gemini.RepositoryGroupIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the repositorygroup are preserved. + * + * A data source can be used to retrieve policy data in advent you do not need creation + * + * * `gcp.gemini.RepositoryGroupIamPolicy`: Retrieves the IAM policy for the repositorygroup + * + * > **Note:** `gcp.gemini.RepositoryGroupIamPolicy` **cannot** be used in conjunction with `gcp.gemini.RepositoryGroupIamBinding` and `gcp.gemini.RepositoryGroupIamMember` or they will fight over what your policy should be. + * + * > **Note:** `gcp.gemini.RepositoryGroupIamBinding` resources **can be** used in conjunction with `gcp.gemini.RepositoryGroupIamMember` resources **only if** they do not grant privilege to the same role. + * + * ## gcp.gemini.RepositoryGroupIamPolicy + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const admin = gcp.organizations.getIAMPolicy({ + * bindings: [{ + * role: "roles/cloudaicompanion.repositoryGroupsUser", + * members: ["user:jane@example.com"], + * }], + * }); + * const policy = new gcp.gemini.RepositoryGroupIamPolicy("policy", { + * project: example.project, + * location: example.location, + * codeRepositoryIndex: example.codeRepositoryIndex, + * repositoryGroupId: example.repositoryGroupId, + * policyData: admin.then(admin => admin.policyData), + * }); + * ``` + * + * ## gcp.gemini.RepositoryGroupIamBinding + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const binding = new gcp.gemini.RepositoryGroupIamBinding("binding", { + * project: example.project, + * location: example.location, + * codeRepositoryIndex: example.codeRepositoryIndex, + * repositoryGroupId: example.repositoryGroupId, + * role: "roles/cloudaicompanion.repositoryGroupsUser", + * members: ["user:jane@example.com"], + * }); + * ``` + * + * ## gcp.gemini.RepositoryGroupIamMember + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const member = new gcp.gemini.RepositoryGroupIamMember("member", { + * project: example.project, + * location: example.location, + * codeRepositoryIndex: example.codeRepositoryIndex, + * repositoryGroupId: example.repositoryGroupId, + * role: "roles/cloudaicompanion.repositoryGroupsUser", + * member: "user:jane@example.com", + * }); + * ``` + * + * ## This resource supports User Project Overrides. + * + * - + * + * # IAM policy for Gemini for Google Cloud RepositoryGroup + * Three different resources help you manage your IAM policy for Gemini for Google Cloud RepositoryGroup. Each of these resources serves a different use case: + * + * * `gcp.gemini.RepositoryGroupIamPolicy`: Authoritative. Sets the IAM policy for the repositorygroup and replaces any existing policy already attached. + * * `gcp.gemini.RepositoryGroupIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the repositorygroup are preserved. + * * `gcp.gemini.RepositoryGroupIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the repositorygroup are preserved. + * + * A data source can be used to retrieve policy data in advent you do not need creation + * + * * `gcp.gemini.RepositoryGroupIamPolicy`: Retrieves the IAM policy for the repositorygroup + * + * > **Note:** `gcp.gemini.RepositoryGroupIamPolicy` **cannot** be used in conjunction with `gcp.gemini.RepositoryGroupIamBinding` and `gcp.gemini.RepositoryGroupIamMember` or they will fight over what your policy should be. + * + * > **Note:** `gcp.gemini.RepositoryGroupIamBinding` resources **can be** used in conjunction with `gcp.gemini.RepositoryGroupIamMember` resources **only if** they do not grant privilege to the same role. + * + * ## gcp.gemini.RepositoryGroupIamPolicy + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const admin = gcp.organizations.getIAMPolicy({ + * bindings: [{ + * role: "roles/cloudaicompanion.repositoryGroupsUser", + * members: ["user:jane@example.com"], + * }], + * }); + * const policy = new gcp.gemini.RepositoryGroupIamPolicy("policy", { + * project: example.project, + * location: example.location, + * codeRepositoryIndex: example.codeRepositoryIndex, + * repositoryGroupId: example.repositoryGroupId, + * policyData: admin.then(admin => admin.policyData), + * }); + * ``` + * + * ## gcp.gemini.RepositoryGroupIamBinding + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const binding = new gcp.gemini.RepositoryGroupIamBinding("binding", { + * project: example.project, + * location: example.location, + * codeRepositoryIndex: example.codeRepositoryIndex, + * repositoryGroupId: example.repositoryGroupId, + * role: "roles/cloudaicompanion.repositoryGroupsUser", + * members: ["user:jane@example.com"], + * }); + * ``` + * + * ## gcp.gemini.RepositoryGroupIamMember + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const member = new gcp.gemini.RepositoryGroupIamMember("member", { + * project: example.project, + * location: example.location, + * codeRepositoryIndex: example.codeRepositoryIndex, + * repositoryGroupId: example.repositoryGroupId, + * role: "roles/cloudaicompanion.repositoryGroupsUser", + * member: "user:jane@example.com", + * }); + * ``` + * * ## Import * * For all import syntaxes, the "resource in question" can take any of the following forms: diff --git a/sdk/nodejs/index.ts b/sdk/nodejs/index.ts index d6ec9b32be..40c2f8963c 100644 --- a/sdk/nodejs/index.ts +++ b/sdk/nodejs/index.ts @@ -19,6 +19,7 @@ import * as activedirectory from "./activedirectory"; import * as alloydb from "./alloydb"; import * as apigateway from "./apigateway"; import * as apigee from "./apigee"; +import * as apihub from "./apihub"; import * as appengine from "./appengine"; import * as apphub from "./apphub"; import * as applicationintegration from "./applicationintegration"; @@ -150,6 +151,7 @@ export { alloydb, apigateway, apigee, + apihub, appengine, apphub, applicationintegration, diff --git a/sdk/nodejs/kms/getKeyHandles.ts b/sdk/nodejs/kms/getKeyHandles.ts new file mode 100644 index 0000000000..5e237129c1 --- /dev/null +++ b/sdk/nodejs/kms/getKeyHandles.ts @@ -0,0 +1,119 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +import * as pulumi from "@pulumi/pulumi"; +import * as inputs from "../types/input"; +import * as outputs from "../types/output"; +import * as utilities from "../utilities"; + +/** + * ## Example Usage + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const myKeyHandles = gcp.kms.getKeyHandles({ + * project: "resource-project-id", + * location: "us-central1", + * resourceTypeSelector: "storage.googleapis.com/Bucket", + * }); + * ``` + */ +export function getKeyHandles(args: GetKeyHandlesArgs, opts?: pulumi.InvokeOptions): Promise { + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); + return pulumi.runtime.invoke("gcp:kms/getKeyHandles:getKeyHandles", { + "location": args.location, + "project": args.project, + "resourceTypeSelector": args.resourceTypeSelector, + }, opts); +} + +/** + * A collection of arguments for invoking getKeyHandles. + */ +export interface GetKeyHandlesArgs { + /** + * The Google Cloud Platform location for the KeyHandle. + * A full list of valid locations can be found by running `gcloud kms locations list`. + */ + location: string; + /** + * The project in which the resource belongs. If it + * is not provided, the provider project is used. + */ + project?: string; + /** + * The resource type by which to filter KeyHandle e.g. {SERVICE}.googleapis.com/{TYPE}. See documentation for supported resource types. + * + * - - - + */ + resourceTypeSelector: string; +} + +/** + * A collection of values returned by getKeyHandles. + */ +export interface GetKeyHandlesResult { + /** + * The provider-assigned unique ID for this managed resource. + */ + readonly id: string; + readonly keyHandles: outputs.kms.GetKeyHandlesKeyHandle[]; + /** + * The location of the KMS Key and KeyHandle. + */ + readonly location: string; + /** + * The identifier of the project where KMS KeyHandle is created. + */ + readonly project?: string; + /** + * Indicates the resource type that the resulting CryptoKey is meant to protect, e.g. {SERVICE}.googleapis.com/{TYPE}. See documentation for supported resource types. + */ + readonly resourceTypeSelector: string; +} +/** + * ## Example Usage + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const myKeyHandles = gcp.kms.getKeyHandles({ + * project: "resource-project-id", + * location: "us-central1", + * resourceTypeSelector: "storage.googleapis.com/Bucket", + * }); + * ``` + */ +export function getKeyHandlesOutput(args: GetKeyHandlesOutputArgs, opts?: pulumi.InvokeOutputOptions): pulumi.Output { + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); + return pulumi.runtime.invokeOutput("gcp:kms/getKeyHandles:getKeyHandles", { + "location": args.location, + "project": args.project, + "resourceTypeSelector": args.resourceTypeSelector, + }, opts); +} + +/** + * A collection of arguments for invoking getKeyHandles. + */ +export interface GetKeyHandlesOutputArgs { + /** + * The Google Cloud Platform location for the KeyHandle. + * A full list of valid locations can be found by running `gcloud kms locations list`. + */ + location: pulumi.Input; + /** + * The project in which the resource belongs. If it + * is not provided, the provider project is used. + */ + project?: pulumi.Input; + /** + * The resource type by which to filter KeyHandle e.g. {SERVICE}.googleapis.com/{TYPE}. See documentation for supported resource types. + * + * - - - + */ + resourceTypeSelector: pulumi.Input; +} diff --git a/sdk/nodejs/kms/index.ts b/sdk/nodejs/kms/index.ts index 1ad8ac30a0..1682bb2775 100644 --- a/sdk/nodejs/kms/index.ts +++ b/sdk/nodejs/kms/index.ts @@ -120,6 +120,11 @@ export const getKeyHandle: typeof import("./getKeyHandle").getKeyHandle = null a export const getKeyHandleOutput: typeof import("./getKeyHandle").getKeyHandleOutput = null as any; utilities.lazyLoad(exports, ["getKeyHandle","getKeyHandleOutput"], () => require("./getKeyHandle")); +export { GetKeyHandlesArgs, GetKeyHandlesResult, GetKeyHandlesOutputArgs } from "./getKeyHandles"; +export const getKeyHandles: typeof import("./getKeyHandles").getKeyHandles = null as any; +export const getKeyHandlesOutput: typeof import("./getKeyHandles").getKeyHandlesOutput = null as any; +utilities.lazyLoad(exports, ["getKeyHandles","getKeyHandlesOutput"], () => require("./getKeyHandles")); + export { GetKeyRingIamPolicyArgs, GetKeyRingIamPolicyResult, GetKeyRingIamPolicyOutputArgs } from "./getKeyRingIamPolicy"; export const getKeyRingIamPolicy: typeof import("./getKeyRingIamPolicy").getKeyRingIamPolicy = null as any; export const getKeyRingIamPolicyOutput: typeof import("./getKeyRingIamPolicy").getKeyRingIamPolicyOutput = null as any; diff --git a/sdk/nodejs/networksecurity/securityProfile.ts b/sdk/nodejs/networksecurity/securityProfile.ts index 06286537c8..45027302be 100644 --- a/sdk/nodejs/networksecurity/securityProfile.ts +++ b/sdk/nodejs/networksecurity/securityProfile.ts @@ -62,6 +62,66 @@ import * as utilities from "../utilities"; * }, * }); * ``` + * ### Network Security Security Profile Mirroring + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const _default = new gcp.compute.Network("default", { + * name: "my-network", + * autoCreateSubnetworks: false, + * }); + * const defaultMirroringDeploymentGroup = new gcp.networksecurity.MirroringDeploymentGroup("default", { + * mirroringDeploymentGroupId: "my-dg", + * location: "global", + * network: _default.id, + * }); + * const defaultMirroringEndpointGroup = new gcp.networksecurity.MirroringEndpointGroup("default", { + * mirroringEndpointGroupId: "my-eg", + * location: "global", + * mirroringDeploymentGroup: defaultMirroringDeploymentGroup.id, + * }); + * const defaultSecurityProfile = new gcp.networksecurity.SecurityProfile("default", { + * name: "my-security-profile", + * parent: "organizations/123456789", + * description: "my description", + * type: "CUSTOM_MIRRORING", + * customMirroringProfile: { + * mirroringEndpointGroup: defaultMirroringEndpointGroup.id, + * }, + * }); + * ``` + * ### Network Security Security Profile Intercept + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const _default = new gcp.compute.Network("default", { + * name: "my-network", + * autoCreateSubnetworks: false, + * }); + * const defaultInterceptDeploymentGroup = new gcp.networksecurity.InterceptDeploymentGroup("default", { + * interceptDeploymentGroupId: "my-dg", + * location: "global", + * network: _default.id, + * }); + * const defaultInterceptEndpointGroup = new gcp.networksecurity.InterceptEndpointGroup("default", { + * interceptEndpointGroupId: "my-eg", + * location: "global", + * interceptDeploymentGroup: defaultInterceptDeploymentGroup.id, + * }); + * const defaultSecurityProfile = new gcp.networksecurity.SecurityProfile("default", { + * name: "my-security-profile", + * parent: "organizations/123456789", + * description: "my description", + * type: "CUSTOM_INTERCEPT", + * customInterceptProfile: { + * interceptEndpointGroup: defaultInterceptEndpointGroup.id, + * }, + * }); + * ``` * * ## Import * @@ -107,6 +167,18 @@ export class SecurityProfile extends pulumi.CustomResource { * Time the security profile was created in UTC. */ public /*out*/ readonly createTime!: pulumi.Output; + /** + * The configuration for defining the Intercept Endpoint Group used to + * intercept traffic to third-party firewall appliances. + * Structure is documented below. + */ + public readonly customInterceptProfile!: pulumi.Output; + /** + * The configuration for defining the Mirroring Endpoint Group used to + * mirror traffic to third-party collectors. + * Structure is documented below. + */ + public readonly customMirroringProfile!: pulumi.Output; /** * An optional description of the security profile. The Max length is 512 characters. */ @@ -161,7 +233,7 @@ export class SecurityProfile extends pulumi.CustomResource { public readonly threatPreventionProfile!: pulumi.Output; /** * The type of security profile. - * Possible values are: `THREAT_PREVENTION`. + * Possible values are: `THREAT_PREVENTION`, `CUSTOM_MIRRORING`, `CUSTOM_INTERCEPT`. */ public readonly type!: pulumi.Output; /** @@ -183,6 +255,8 @@ export class SecurityProfile extends pulumi.CustomResource { if (opts.id) { const state = argsOrState as SecurityProfileState | undefined; resourceInputs["createTime"] = state ? state.createTime : undefined; + resourceInputs["customInterceptProfile"] = state ? state.customInterceptProfile : undefined; + resourceInputs["customMirroringProfile"] = state ? state.customMirroringProfile : undefined; resourceInputs["description"] = state ? state.description : undefined; resourceInputs["effectiveLabels"] = state ? state.effectiveLabels : undefined; resourceInputs["etag"] = state ? state.etag : undefined; @@ -200,6 +274,8 @@ export class SecurityProfile extends pulumi.CustomResource { if ((!args || args.type === undefined) && !opts.urn) { throw new Error("Missing required property 'type'"); } + resourceInputs["customInterceptProfile"] = args ? args.customInterceptProfile : undefined; + resourceInputs["customMirroringProfile"] = args ? args.customMirroringProfile : undefined; resourceInputs["description"] = args ? args.description : undefined; resourceInputs["labels"] = args ? args.labels : undefined; resourceInputs["location"] = args ? args.location : undefined; @@ -229,6 +305,18 @@ export interface SecurityProfileState { * Time the security profile was created in UTC. */ createTime?: pulumi.Input; + /** + * The configuration for defining the Intercept Endpoint Group used to + * intercept traffic to third-party firewall appliances. + * Structure is documented below. + */ + customInterceptProfile?: pulumi.Input; + /** + * The configuration for defining the Mirroring Endpoint Group used to + * mirror traffic to third-party collectors. + * Structure is documented below. + */ + customMirroringProfile?: pulumi.Input; /** * An optional description of the security profile. The Max length is 512 characters. */ @@ -283,7 +371,7 @@ export interface SecurityProfileState { threatPreventionProfile?: pulumi.Input; /** * The type of security profile. - * Possible values are: `THREAT_PREVENTION`. + * Possible values are: `THREAT_PREVENTION`, `CUSTOM_MIRRORING`, `CUSTOM_INTERCEPT`. */ type?: pulumi.Input; /** @@ -296,6 +384,18 @@ export interface SecurityProfileState { * The set of arguments for constructing a SecurityProfile resource. */ export interface SecurityProfileArgs { + /** + * The configuration for defining the Intercept Endpoint Group used to + * intercept traffic to third-party firewall appliances. + * Structure is documented below. + */ + customInterceptProfile?: pulumi.Input; + /** + * The configuration for defining the Mirroring Endpoint Group used to + * mirror traffic to third-party collectors. + * Structure is documented below. + */ + customMirroringProfile?: pulumi.Input; /** * An optional description of the security profile. The Max length is 512 characters. */ @@ -331,7 +431,7 @@ export interface SecurityProfileArgs { threatPreventionProfile?: pulumi.Input; /** * The type of security profile. - * Possible values are: `THREAT_PREVENTION`. + * Possible values are: `THREAT_PREVENTION`, `CUSTOM_MIRRORING`, `CUSTOM_INTERCEPT`. */ type: pulumi.Input; } diff --git a/sdk/nodejs/networksecurity/securityProfileGroup.ts b/sdk/nodejs/networksecurity/securityProfileGroup.ts index f52defd711..672b0d15f0 100644 --- a/sdk/nodejs/networksecurity/securityProfileGroup.ts +++ b/sdk/nodejs/networksecurity/securityProfileGroup.ts @@ -38,6 +38,78 @@ import * as utilities from "../utilities"; * }, * }); * ``` + * ### Network Security Security Profile Group Mirroring + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const _default = new gcp.compute.Network("default", { + * name: "network", + * autoCreateSubnetworks: false, + * }); + * const defaultMirroringDeploymentGroup = new gcp.networksecurity.MirroringDeploymentGroup("default", { + * mirroringDeploymentGroupId: "deployment-group", + * location: "global", + * network: _default.id, + * }); + * const defaultMirroringEndpointGroup = new gcp.networksecurity.MirroringEndpointGroup("default", { + * mirroringEndpointGroupId: "endpoint-group", + * location: "global", + * mirroringDeploymentGroup: defaultMirroringDeploymentGroup.id, + * }); + * const defaultSecurityProfile = new gcp.networksecurity.SecurityProfile("default", { + * name: "sec-profile", + * parent: "organizations/123456789", + * description: "my description", + * type: "CUSTOM_MIRRORING", + * customMirroringProfile: { + * mirroringEndpointGroup: defaultMirroringEndpointGroup.id, + * }, + * }); + * const defaultSecurityProfileGroup = new gcp.networksecurity.SecurityProfileGroup("default", { + * name: "sec-profile-group", + * parent: "organizations/123456789", + * description: "my description", + * customMirroringProfile: defaultSecurityProfile.id, + * }); + * ``` + * ### Network Security Security Profile Group Intercept + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const _default = new gcp.compute.Network("default", { + * name: "network", + * autoCreateSubnetworks: false, + * }); + * const defaultInterceptDeploymentGroup = new gcp.networksecurity.InterceptDeploymentGroup("default", { + * interceptDeploymentGroupId: "deployment-group", + * location: "global", + * network: _default.id, + * }); + * const defaultInterceptEndpointGroup = new gcp.networksecurity.InterceptEndpointGroup("default", { + * interceptEndpointGroupId: "endpoint-group", + * location: "global", + * interceptDeploymentGroup: defaultInterceptDeploymentGroup.id, + * }); + * const defaultSecurityProfile = new gcp.networksecurity.SecurityProfile("default", { + * name: "sec-profile", + * parent: "organizations/123456789", + * description: "my description", + * type: "CUSTOM_INTERCEPT", + * customInterceptProfile: { + * interceptEndpointGroup: defaultInterceptEndpointGroup.id, + * }, + * }); + * const defaultSecurityProfileGroup = new gcp.networksecurity.SecurityProfileGroup("default", { + * name: "sec-profile-group", + * parent: "organizations/123456789", + * description: "my description", + * customInterceptProfile: defaultSecurityProfile.id, + * }); + * ``` * * ## Import * @@ -83,6 +155,14 @@ export class SecurityProfileGroup extends pulumi.CustomResource { * Time the security profile group was created in UTC. */ public /*out*/ readonly createTime!: pulumi.Output; + /** + * Reference to a SecurityProfile with the CustomIntercept configuration. + */ + public readonly customInterceptProfile!: pulumi.Output; + /** + * Reference to a SecurityProfile with the custom mirroring configuration for the SecurityProfileGroup. + */ + public readonly customMirroringProfile!: pulumi.Output; /** * An optional description of the profile. The Max length is 512 characters. */ @@ -149,6 +229,8 @@ export class SecurityProfileGroup extends pulumi.CustomResource { if (opts.id) { const state = argsOrState as SecurityProfileGroupState | undefined; resourceInputs["createTime"] = state ? state.createTime : undefined; + resourceInputs["customInterceptProfile"] = state ? state.customInterceptProfile : undefined; + resourceInputs["customMirroringProfile"] = state ? state.customMirroringProfile : undefined; resourceInputs["description"] = state ? state.description : undefined; resourceInputs["effectiveLabels"] = state ? state.effectiveLabels : undefined; resourceInputs["etag"] = state ? state.etag : undefined; @@ -161,6 +243,8 @@ export class SecurityProfileGroup extends pulumi.CustomResource { resourceInputs["updateTime"] = state ? state.updateTime : undefined; } else { const args = argsOrState as SecurityProfileGroupArgs | undefined; + resourceInputs["customInterceptProfile"] = args ? args.customInterceptProfile : undefined; + resourceInputs["customMirroringProfile"] = args ? args.customMirroringProfile : undefined; resourceInputs["description"] = args ? args.description : undefined; resourceInputs["labels"] = args ? args.labels : undefined; resourceInputs["location"] = args ? args.location : undefined; @@ -188,6 +272,14 @@ export interface SecurityProfileGroupState { * Time the security profile group was created in UTC. */ createTime?: pulumi.Input; + /** + * Reference to a SecurityProfile with the CustomIntercept configuration. + */ + customInterceptProfile?: pulumi.Input; + /** + * Reference to a SecurityProfile with the custom mirroring configuration for the SecurityProfileGroup. + */ + customMirroringProfile?: pulumi.Input; /** * An optional description of the profile. The Max length is 512 characters. */ @@ -245,6 +337,14 @@ export interface SecurityProfileGroupState { * The set of arguments for constructing a SecurityProfileGroup resource. */ export interface SecurityProfileGroupArgs { + /** + * Reference to a SecurityProfile with the CustomIntercept configuration. + */ + customInterceptProfile?: pulumi.Input; + /** + * Reference to a SecurityProfile with the custom mirroring configuration for the SecurityProfileGroup. + */ + customMirroringProfile?: pulumi.Input; /** * An optional description of the profile. The Max length is 512 characters. */ diff --git a/sdk/nodejs/organizations/getS.ts b/sdk/nodejs/organizations/getS.ts new file mode 100644 index 0000000000..95f552ab63 --- /dev/null +++ b/sdk/nodejs/organizations/getS.ts @@ -0,0 +1,89 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +import * as pulumi from "@pulumi/pulumi"; +import * as inputs from "../types/input"; +import * as outputs from "../types/output"; +import * as utilities from "../utilities"; + +/** + * Gets a list of all organizations. + * See [the official documentation](https://cloud.google.com/resource-manager/docs/creating-managing-organization) + * and [API](https://cloud.google.com/resource-manager/reference/rest/v1/organizations/search). + * + * ## Example Usage + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const example = gcp.organizations.getS({ + * filter: "domain:example.com", + * }); + * ``` + */ +export function getS(args?: GetSArgs, opts?: pulumi.InvokeOptions): Promise { + args = args || {}; + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); + return pulumi.runtime.invoke("gcp:organizations/getS:getS", { + "filter": args.filter, + }, opts); +} + +/** + * A collection of arguments for invoking getS. + */ +export interface GetSArgs { + /** + * An optional query string used to filter the Organizations to return in the response. Filter rules are case-insensitive. Further information can be found in the [REST API](https://cloud.google.com/resource-manager/reference/rest/v1/organizations/search#request-body). + */ + filter?: string; +} + +/** + * A collection of values returned by getS. + */ +export interface GetSResult { + readonly filter?: string; + /** + * The provider-assigned unique ID for this managed resource. + */ + readonly id: string; + /** + * A list of all retrieved organizations. Structure is defined below. + */ + readonly organizations: outputs.organizations.GetSOrganization[]; +} +/** + * Gets a list of all organizations. + * See [the official documentation](https://cloud.google.com/resource-manager/docs/creating-managing-organization) + * and [API](https://cloud.google.com/resource-manager/reference/rest/v1/organizations/search). + * + * ## Example Usage + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const example = gcp.organizations.getS({ + * filter: "domain:example.com", + * }); + * ``` + */ +export function getSOutput(args?: GetSOutputArgs, opts?: pulumi.InvokeOutputOptions): pulumi.Output { + args = args || {}; + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); + return pulumi.runtime.invokeOutput("gcp:organizations/getS:getS", { + "filter": args.filter, + }, opts); +} + +/** + * A collection of arguments for invoking getS. + */ +export interface GetSOutputArgs { + /** + * An optional query string used to filter the Organizations to return in the response. Filter rules are case-insensitive. Further information can be found in the [REST API](https://cloud.google.com/resource-manager/reference/rest/v1/organizations/search#request-body). + */ + filter?: pulumi.Input; +} diff --git a/sdk/nodejs/organizations/index.ts b/sdk/nodejs/organizations/index.ts index 0d3f7804ea..02bb1d265c 100644 --- a/sdk/nodejs/organizations/index.ts +++ b/sdk/nodejs/organizations/index.ts @@ -60,6 +60,11 @@ export const getProject: typeof import("./getProject").getProject = null as any; export const getProjectOutput: typeof import("./getProject").getProjectOutput = null as any; utilities.lazyLoad(exports, ["getProject","getProjectOutput"], () => require("./getProject")); +export { GetSArgs, GetSResult, GetSOutputArgs } from "./getS"; +export const getS: typeof import("./getS").getS = null as any; +export const getSOutput: typeof import("./getS").getSOutput = null as any; +utilities.lazyLoad(exports, ["getS","getSOutput"], () => require("./getS")); + export { IamAuditConfigArgs, IamAuditConfigState } from "./iamAuditConfig"; export type IamAuditConfig = import("./iamAuditConfig").IamAuditConfig; export const IamAuditConfig: typeof import("./iamAuditConfig").IamAuditConfig = null as any; diff --git a/sdk/nodejs/parametermanager/getParameter.ts b/sdk/nodejs/parametermanager/getParameter.ts new file mode 100644 index 0000000000..c64f717419 --- /dev/null +++ b/sdk/nodejs/parametermanager/getParameter.ts @@ -0,0 +1,94 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +import * as pulumi from "@pulumi/pulumi"; +import * as inputs from "../types/input"; +import * as outputs from "../types/output"; +import * as utilities from "../utilities"; + +/** + * ## Example Usage + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const parameterDatasource = gcp.parametermanager.getParameter({ + * parameterId: "foobar", + * }); + * ``` + */ +export function getParameter(args: GetParameterArgs, opts?: pulumi.InvokeOptions): Promise { + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); + return pulumi.runtime.invoke("gcp:parametermanager/getParameter:getParameter", { + "parameterId": args.parameterId, + "project": args.project, + }, opts); +} + +/** + * A collection of arguments for invoking getParameter. + */ +export interface GetParameterArgs { + /** + * The name of the parameter. + */ + parameterId: string; + /** + * The ID of the project in which the resource belongs. + */ + project?: string; +} + +/** + * A collection of values returned by getParameter. + */ +export interface GetParameterResult { + readonly createTime: string; + readonly effectiveLabels: {[key: string]: string}; + readonly format: string; + /** + * The provider-assigned unique ID for this managed resource. + */ + readonly id: string; + readonly labels: {[key: string]: string}; + readonly name: string; + readonly parameterId: string; + readonly policyMembers: outputs.parametermanager.GetParameterPolicyMember[]; + readonly project?: string; + readonly pulumiLabels: {[key: string]: string}; + readonly updateTime: string; +} +/** + * ## Example Usage + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const parameterDatasource = gcp.parametermanager.getParameter({ + * parameterId: "foobar", + * }); + * ``` + */ +export function getParameterOutput(args: GetParameterOutputArgs, opts?: pulumi.InvokeOutputOptions): pulumi.Output { + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); + return pulumi.runtime.invokeOutput("gcp:parametermanager/getParameter:getParameter", { + "parameterId": args.parameterId, + "project": args.project, + }, opts); +} + +/** + * A collection of arguments for invoking getParameter. + */ +export interface GetParameterOutputArgs { + /** + * The name of the parameter. + */ + parameterId: pulumi.Input; + /** + * The ID of the project in which the resource belongs. + */ + project?: pulumi.Input; +} diff --git a/sdk/nodejs/parametermanager/getRegionalParameters.ts b/sdk/nodejs/parametermanager/getRegionalParameters.ts new file mode 100644 index 0000000000..56ff8100b2 --- /dev/null +++ b/sdk/nodejs/parametermanager/getRegionalParameters.ts @@ -0,0 +1,104 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +import * as pulumi from "@pulumi/pulumi"; +import * as inputs from "../types/input"; +import * as outputs from "../types/output"; +import * as utilities from "../utilities"; + +/** + * ## Example Usage + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const regional-parameters = gcp.parametermanager.getRegionalParameters({ + * location: "us-central1", + * }); + * ``` + */ +export function getRegionalParameters(args: GetRegionalParametersArgs, opts?: pulumi.InvokeOptions): Promise { + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); + return pulumi.runtime.invoke("gcp:parametermanager/getRegionalParameters:getRegionalParameters", { + "filter": args.filter, + "location": args.location, + "project": args.project, + }, opts); +} + +/** + * A collection of arguments for invoking getRegionalParameters. + */ +export interface GetRegionalParametersArgs { + /** + * Filter string, adhering to the rules in List-operation filtering. List only parameters matching the filter. If filter is empty, all regional parameters are listed. + */ + filter?: string; + /** + * The location of regional parameter. + */ + location: string; + /** + * The ID of the project. + */ + project?: string; +} + +/** + * A collection of values returned by getRegionalParameters. + */ +export interface GetRegionalParametersResult { + readonly filter?: string; + /** + * The provider-assigned unique ID for this managed resource. + */ + readonly id: string; + readonly location: string; + /** + * A list of regional parameters matching the filter. Structure is defined below. + */ + readonly parameters: outputs.parametermanager.GetRegionalParametersParameter[]; + /** + * The ID of the project in which the resource belongs. + */ + readonly project: string; +} +/** + * ## Example Usage + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const regional-parameters = gcp.parametermanager.getRegionalParameters({ + * location: "us-central1", + * }); + * ``` + */ +export function getRegionalParametersOutput(args: GetRegionalParametersOutputArgs, opts?: pulumi.InvokeOutputOptions): pulumi.Output { + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); + return pulumi.runtime.invokeOutput("gcp:parametermanager/getRegionalParameters:getRegionalParameters", { + "filter": args.filter, + "location": args.location, + "project": args.project, + }, opts); +} + +/** + * A collection of arguments for invoking getRegionalParameters. + */ +export interface GetRegionalParametersOutputArgs { + /** + * Filter string, adhering to the rules in List-operation filtering. List only parameters matching the filter. If filter is empty, all regional parameters are listed. + */ + filter?: pulumi.Input; + /** + * The location of regional parameter. + */ + location: pulumi.Input; + /** + * The ID of the project. + */ + project?: pulumi.Input; +} diff --git a/sdk/nodejs/parametermanager/index.ts b/sdk/nodejs/parametermanager/index.ts index 66f2c2af4e..b76599a2a5 100644 --- a/sdk/nodejs/parametermanager/index.ts +++ b/sdk/nodejs/parametermanager/index.ts @@ -5,16 +5,31 @@ import * as pulumi from "@pulumi/pulumi"; import * as utilities from "../utilities"; // Export members: +export { GetParameterArgs, GetParameterResult, GetParameterOutputArgs } from "./getParameter"; +export const getParameter: typeof import("./getParameter").getParameter = null as any; +export const getParameterOutput: typeof import("./getParameter").getParameterOutput = null as any; +utilities.lazyLoad(exports, ["getParameter","getParameterOutput"], () => require("./getParameter")); + export { GetRegionalParameterArgs, GetRegionalParameterResult, GetRegionalParameterOutputArgs } from "./getRegionalParameter"; export const getRegionalParameter: typeof import("./getRegionalParameter").getRegionalParameter = null as any; export const getRegionalParameterOutput: typeof import("./getRegionalParameter").getRegionalParameterOutput = null as any; utilities.lazyLoad(exports, ["getRegionalParameter","getRegionalParameterOutput"], () => require("./getRegionalParameter")); +export { GetRegionalParametersArgs, GetRegionalParametersResult, GetRegionalParametersOutputArgs } from "./getRegionalParameters"; +export const getRegionalParameters: typeof import("./getRegionalParameters").getRegionalParameters = null as any; +export const getRegionalParametersOutput: typeof import("./getRegionalParameters").getRegionalParametersOutput = null as any; +utilities.lazyLoad(exports, ["getRegionalParameters","getRegionalParametersOutput"], () => require("./getRegionalParameters")); + export { ParameterArgs, ParameterState } from "./parameter"; export type Parameter = import("./parameter").Parameter; export const Parameter: typeof import("./parameter").Parameter = null as any; utilities.lazyLoad(exports, ["Parameter"], () => require("./parameter")); +export { ParameterVersionArgs, ParameterVersionState } from "./parameterVersion"; +export type ParameterVersion = import("./parameterVersion").ParameterVersion; +export const ParameterVersion: typeof import("./parameterVersion").ParameterVersion = null as any; +utilities.lazyLoad(exports, ["ParameterVersion"], () => require("./parameterVersion")); + export { RegionalParameterArgs, RegionalParameterState } from "./regionalParameter"; export type RegionalParameter = import("./regionalParameter").RegionalParameter; export const RegionalParameter: typeof import("./regionalParameter").RegionalParameter = null as any; @@ -32,6 +47,8 @@ const _module = { switch (type) { case "gcp:parametermanager/parameter:Parameter": return new Parameter(name, undefined, { urn }) + case "gcp:parametermanager/parameterVersion:ParameterVersion": + return new ParameterVersion(name, undefined, { urn }) case "gcp:parametermanager/regionalParameter:RegionalParameter": return new RegionalParameter(name, undefined, { urn }) case "gcp:parametermanager/regionalParameterVersion:RegionalParameterVersion": @@ -42,5 +59,6 @@ const _module = { }, }; pulumi.runtime.registerResourceModule("gcp", "parametermanager/parameter", _module) +pulumi.runtime.registerResourceModule("gcp", "parametermanager/parameterVersion", _module) pulumi.runtime.registerResourceModule("gcp", "parametermanager/regionalParameter", _module) pulumi.runtime.registerResourceModule("gcp", "parametermanager/regionalParameterVersion", _module) diff --git a/sdk/nodejs/parametermanager/parameterVersion.ts b/sdk/nodejs/parametermanager/parameterVersion.ts new file mode 100644 index 0000000000..86957ab94c --- /dev/null +++ b/sdk/nodejs/parametermanager/parameterVersion.ts @@ -0,0 +1,225 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +import * as pulumi from "@pulumi/pulumi"; +import * as utilities from "../utilities"; + +/** + * ## Example Usage + * + * ### Parameter Version Basic + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const parameter_basic = new gcp.parametermanager.Parameter("parameter-basic", {parameterId: "parameter"}); + * const parameter_version_basic = new gcp.parametermanager.ParameterVersion("parameter-version-basic", { + * parameter: parameter_basic.id, + * parameterVersionId: "parameter_version", + * parameterData: "app-parameter-version-data", + * }); + * ``` + * ### Parameter Version With Json Format + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const parameter_basic = new gcp.parametermanager.Parameter("parameter-basic", { + * parameterId: "parameter", + * format: "JSON", + * }); + * const parameter_version_with_json_format = new gcp.parametermanager.ParameterVersion("parameter-version-with-json-format", { + * parameter: parameter_basic.id, + * parameterVersionId: "parameter_version", + * parameterData: JSON.stringify({ + * key1: "val1", + * key2: "val2", + * }), + * }); + * ``` + * ## Import + * + * ParameterVersion can be imported using any of these accepted formats: + * + * * `projects/{{project}}/locations/global/parameters/{{parameter_id}}/versions/{{parameter_version_id}}` + * + * When using the `pulumi import` command, ParameterVersion can be imported using one of the formats above. For example: + * + * ```sh + * $ pulumi import gcp:parametermanager/parameterVersion:ParameterVersion default projects/{{project}}/locations/global/parameters/{{parameter_id}}/versions/{{parameter_version_id}} + * ``` + */ +export class ParameterVersion extends pulumi.CustomResource { + /** + * Get an existing ParameterVersion resource's state with the given name, ID, and optional extra + * properties used to qualify the lookup. + * + * @param name The _unique_ name of the resulting resource. + * @param id The _unique_ provider ID of the resource to lookup. + * @param state Any extra arguments used during the lookup. + * @param opts Optional settings to control the behavior of the CustomResource. + */ + public static get(name: string, id: pulumi.Input, state?: ParameterVersionState, opts?: pulumi.CustomResourceOptions): ParameterVersion { + return new ParameterVersion(name, state, { ...opts, id: id }); + } + + /** @internal */ + public static readonly __pulumiType = 'gcp:parametermanager/parameterVersion:ParameterVersion'; + + /** + * Returns true if the given object is an instance of ParameterVersion. This is designed to work even + * when multiple copies of the Pulumi SDK have been loaded into the same process. + */ + public static isInstance(obj: any): obj is ParameterVersion { + if (obj === undefined || obj === null) { + return false; + } + return obj['__pulumiType'] === ParameterVersion.__pulumiType; + } + + /** + * The time at which the Parameter Version was created. + */ + public /*out*/ readonly createTime!: pulumi.Output; + /** + * The current state of Parameter Version. This field is only applicable for updating Parameter Version. + */ + public readonly disabled!: pulumi.Output; + /** + * The resource name of the Parameter Version. Format: + * `projects/{{project}}/locations/global/parameters/{{parameter_id}}/versions/{{parameter_version_id}}` + */ + public /*out*/ readonly name!: pulumi.Output; + /** + * Parameter Manager Parameter resource. + */ + public readonly parameter!: pulumi.Output; + /** + * The Parameter data. + * **Note**: This property is sensitive and will not be displayed in the plan. + */ + public readonly parameterData!: pulumi.Output; + /** + * Version ID of the Parameter Version Resource. This must be unique within the Parameter. + * + * + * - - - + */ + public readonly parameterVersionId!: pulumi.Output; + /** + * The time at which the Parameter Version was updated. + */ + public /*out*/ readonly updateTime!: pulumi.Output; + + /** + * Create a ParameterVersion resource with the given unique name, arguments, and options. + * + * @param name The _unique_ name of the resource. + * @param args The arguments to use to populate this resource's properties. + * @param opts A bag of options that control this resource's behavior. + */ + constructor(name: string, args: ParameterVersionArgs, opts?: pulumi.CustomResourceOptions) + constructor(name: string, argsOrState?: ParameterVersionArgs | ParameterVersionState, opts?: pulumi.CustomResourceOptions) { + let resourceInputs: pulumi.Inputs = {}; + opts = opts || {}; + if (opts.id) { + const state = argsOrState as ParameterVersionState | undefined; + resourceInputs["createTime"] = state ? state.createTime : undefined; + resourceInputs["disabled"] = state ? state.disabled : undefined; + resourceInputs["name"] = state ? state.name : undefined; + resourceInputs["parameter"] = state ? state.parameter : undefined; + resourceInputs["parameterData"] = state ? state.parameterData : undefined; + resourceInputs["parameterVersionId"] = state ? state.parameterVersionId : undefined; + resourceInputs["updateTime"] = state ? state.updateTime : undefined; + } else { + const args = argsOrState as ParameterVersionArgs | undefined; + if ((!args || args.parameter === undefined) && !opts.urn) { + throw new Error("Missing required property 'parameter'"); + } + if ((!args || args.parameterData === undefined) && !opts.urn) { + throw new Error("Missing required property 'parameterData'"); + } + if ((!args || args.parameterVersionId === undefined) && !opts.urn) { + throw new Error("Missing required property 'parameterVersionId'"); + } + resourceInputs["disabled"] = args ? args.disabled : undefined; + resourceInputs["parameter"] = args ? args.parameter : undefined; + resourceInputs["parameterData"] = args?.parameterData ? pulumi.secret(args.parameterData) : undefined; + resourceInputs["parameterVersionId"] = args ? args.parameterVersionId : undefined; + resourceInputs["createTime"] = undefined /*out*/; + resourceInputs["name"] = undefined /*out*/; + resourceInputs["updateTime"] = undefined /*out*/; + } + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts); + const secretOpts = { additionalSecretOutputs: ["parameterData"] }; + opts = pulumi.mergeOptions(opts, secretOpts); + super(ParameterVersion.__pulumiType, name, resourceInputs, opts); + } +} + +/** + * Input properties used for looking up and filtering ParameterVersion resources. + */ +export interface ParameterVersionState { + /** + * The time at which the Parameter Version was created. + */ + createTime?: pulumi.Input; + /** + * The current state of Parameter Version. This field is only applicable for updating Parameter Version. + */ + disabled?: pulumi.Input; + /** + * The resource name of the Parameter Version. Format: + * `projects/{{project}}/locations/global/parameters/{{parameter_id}}/versions/{{parameter_version_id}}` + */ + name?: pulumi.Input; + /** + * Parameter Manager Parameter resource. + */ + parameter?: pulumi.Input; + /** + * The Parameter data. + * **Note**: This property is sensitive and will not be displayed in the plan. + */ + parameterData?: pulumi.Input; + /** + * Version ID of the Parameter Version Resource. This must be unique within the Parameter. + * + * + * - - - + */ + parameterVersionId?: pulumi.Input; + /** + * The time at which the Parameter Version was updated. + */ + updateTime?: pulumi.Input; +} + +/** + * The set of arguments for constructing a ParameterVersion resource. + */ +export interface ParameterVersionArgs { + /** + * The current state of Parameter Version. This field is only applicable for updating Parameter Version. + */ + disabled?: pulumi.Input; + /** + * Parameter Manager Parameter resource. + */ + parameter: pulumi.Input; + /** + * The Parameter data. + * **Note**: This property is sensitive and will not be displayed in the plan. + */ + parameterData: pulumi.Input; + /** + * Version ID of the Parameter Version Resource. This must be unique within the Parameter. + * + * + * - - - + */ + parameterVersionId: pulumi.Input; +} diff --git a/sdk/nodejs/parametermanager/regionalParameterVersion.ts b/sdk/nodejs/parametermanager/regionalParameterVersion.ts index 795ac7e703..689cd91f9a 100644 --- a/sdk/nodejs/parametermanager/regionalParameterVersion.ts +++ b/sdk/nodejs/parametermanager/regionalParameterVersion.ts @@ -28,7 +28,6 @@ import * as utilities from "../utilities"; * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as gcp from "@pulumi/gcp"; - * import * as std from "@pulumi/std"; * * const regional_parameter_basic = new gcp.parametermanager.RegionalParameter("regional-parameter-basic", { * parameterId: "regional_parameter", @@ -38,32 +37,12 @@ import * as utilities from "../utilities"; * const regional_parameter_version_with_json_format = new gcp.parametermanager.RegionalParameterVersion("regional-parameter-version-with-json-format", { * parameter: regional_parameter_basic.id, * parameterVersionId: "regional_parameter_version", - * parameterData: std.file({ - * input: "parameter_data_json_format.yaml", - * }).then(invoke => invoke.result), + * parameterData: JSON.stringify({ + * key1: "val1", + * key2: "val2", + * }), * }); * ``` - * ### Regional Parameter Version With Yaml Format - * - * ```typescript - * import * as pulumi from "@pulumi/pulumi"; - * import * as gcp from "@pulumi/gcp"; - * import * as std from "@pulumi/std"; - * - * const regional_parameter_basic = new gcp.parametermanager.RegionalParameter("regional-parameter-basic", { - * parameterId: "regional_parameter", - * format: "YAML", - * location: "us-central1", - * }); - * const regional_parameter_version_with_yaml_format = new gcp.parametermanager.RegionalParameterVersion("regional-parameter-version-with-yaml-format", { - * parameter: regional_parameter_basic.id, - * parameterVersionId: "regional_parameter_version", - * parameterData: std.file({ - * input: "parameter_data_yaml_format.yaml", - * }).then(invoke => invoke.result), - * }); - * ``` - * * ## Import * * RegionalParameterVersion can be imported using any of these accepted formats: diff --git a/sdk/nodejs/provider.ts b/sdk/nodejs/provider.ts index 244547aeb7..bd9fe4c308 100644 --- a/sdk/nodejs/provider.ts +++ b/sdk/nodejs/provider.ts @@ -34,6 +34,7 @@ export class Provider extends pulumi.ProviderResource { public readonly alloydbCustomEndpoint!: pulumi.Output; public readonly apiGatewayCustomEndpoint!: pulumi.Output; public readonly apigeeCustomEndpoint!: pulumi.Output; + public readonly apihubCustomEndpoint!: pulumi.Output; public readonly apikeysCustomEndpoint!: pulumi.Output; public readonly appEngineCustomEndpoint!: pulumi.Output; public readonly apphubCustomEndpoint!: pulumi.Output; @@ -224,6 +225,7 @@ export class Provider extends pulumi.ProviderResource { resourceInputs["alloydbCustomEndpoint"] = args ? args.alloydbCustomEndpoint : undefined; resourceInputs["apiGatewayCustomEndpoint"] = args ? args.apiGatewayCustomEndpoint : undefined; resourceInputs["apigeeCustomEndpoint"] = args ? args.apigeeCustomEndpoint : undefined; + resourceInputs["apihubCustomEndpoint"] = args ? args.apihubCustomEndpoint : undefined; resourceInputs["apikeysCustomEndpoint"] = args ? args.apikeysCustomEndpoint : undefined; resourceInputs["appEngineCustomEndpoint"] = args ? args.appEngineCustomEndpoint : undefined; resourceInputs["apphubCustomEndpoint"] = args ? args.apphubCustomEndpoint : undefined; @@ -420,6 +422,7 @@ export interface ProviderArgs { alloydbCustomEndpoint?: pulumi.Input; apiGatewayCustomEndpoint?: pulumi.Input; apigeeCustomEndpoint?: pulumi.Input; + apihubCustomEndpoint?: pulumi.Input; apikeysCustomEndpoint?: pulumi.Input; appEngineCustomEndpoint?: pulumi.Input; apphubCustomEndpoint?: pulumi.Input; diff --git a/sdk/nodejs/pubsub/topic.ts b/sdk/nodejs/pubsub/topic.ts index 02b4ba2737..16940c9349 100644 --- a/sdk/nodejs/pubsub/topic.ts +++ b/sdk/nodejs/pubsub/topic.ts @@ -63,6 +63,7 @@ import * as utilities from "../utilities"; * name: "example-topic", * messageStoragePolicy: { * allowedPersistenceRegions: ["europe-west3"], + * enforceInTransit: true, * }, * }); * ``` @@ -142,6 +143,27 @@ import * as utilities from "../utilities"; * }, * }); * ``` + * ### Pubsub Topic Ingestion Azure Event Hubs + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const example = new gcp.pubsub.Topic("example", { + * name: "example-topic", + * ingestionDataSourceSettings: { + * azureEventHubs: { + * resourceGroup: "azure-ingestion-resource-group", + * namespace: "azure-ingestion-namespace", + * eventHub: "azure-ingestion-event-hub", + * clientId: "aZZZZZZZ-YYYY-HHHH-GGGG-abcdef569123", + * tenantId: "0XXXXXXX-YYYY-HHHH-GGGG-123456789123", + * subscriptionId: "bXXXXXXX-YYYY-HHHH-GGGG-123456789123", + * gcpServiceAccount: "fake-service-account@fake-gcp-project.iam.gserviceaccount.com", + * }, + * }, + * }); + * ``` * * ## Import * diff --git a/sdk/nodejs/redis/cluster.ts b/sdk/nodejs/redis/cluster.ts index 4f3ac8b7d0..de45c79224 100644 --- a/sdk/nodejs/redis/cluster.ts +++ b/sdk/nodejs/redis/cluster.ts @@ -442,8 +442,8 @@ export class Cluster extends pulumi.CustomResource { /** * Optional. The authorization mode of the Redis cluster. If not provided, auth feature is disabled for the cluster. - * Default value: "AUTH_MODE_DISABLED" Possible values: ["AUTH_MODE_UNSPECIFIED", "AUTH_MODE_IAM_AUTH", - * "AUTH_MODE_DISABLED"] + * Default value is `AUTH_MODE_DISABLED`. + * Possible values are: `AUTH_MODE_UNSPECIFIED`, `AUTH_MODE_IAM_AUTH`, `AUTH_MODE_DISABLED`. */ public readonly authorizationMode!: pulumi.Output; /** @@ -454,11 +454,13 @@ export class Cluster extends pulumi.CustomResource { public /*out*/ readonly createTime!: pulumi.Output; /** * Cross cluster replication config + * Structure is documented below. */ public readonly crossClusterReplicationConfig!: pulumi.Output; /** - * Optional. Indicates if the cluster is deletion protected or not. If the value if set to true, any delete cluster - * operation will fail. Default value is true. + * Optional. Indicates if the cluster is deletion protected or not. + * If the value if set to true, any delete cluster operation will fail. + * Default value is true. */ public readonly deletionProtectionEnabled!: pulumi.Output; /** @@ -470,6 +472,7 @@ export class Cluster extends pulumi.CustomResource { public /*out*/ readonly discoveryEndpoints!: pulumi.Output; /** * Maintenance policy for a cluster + * Structure is documented below. */ public readonly maintenancePolicy!: pulumi.Output; /** @@ -480,21 +483,30 @@ export class Cluster extends pulumi.CustomResource { /** * Unique name of the resource in this scope including project and location using the form: * projects/{projectId}/locations/{locationId}/clusters/{clusterId} + * + * + * - - - */ public readonly name!: pulumi.Output; /** - * The nodeType for the Redis cluster. If not provided, REDIS_HIGHMEM_MEDIUM will be used as default Possible values: - * ["REDIS_SHARED_CORE_NANO", "REDIS_HIGHMEM_MEDIUM", "REDIS_HIGHMEM_XLARGE", "REDIS_STANDARD_SMALL"] + * The nodeType for the Redis cluster. + * If not provided, REDIS_HIGHMEM_MEDIUM will be used as default + * Possible values are: `REDIS_SHARED_CORE_NANO`, `REDIS_HIGHMEM_MEDIUM`, `REDIS_HIGHMEM_XLARGE`, `REDIS_STANDARD_SMALL`. */ public readonly nodeType!: pulumi.Output; /** * Persistence config (RDB, AOF) for the cluster. + * Structure is documented below. */ public readonly persistenceConfig!: pulumi.Output; /** * Output only. Redis memory precise size in GB for the entire cluster. */ public /*out*/ readonly preciseSizeGb!: pulumi.Output; + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the provider project is used. + */ public readonly project!: pulumi.Output; /** * Required. Each PscConfig configures the consumer network where two @@ -502,15 +514,20 @@ export class Cluster extends pulumi.CustomResource { * Currently, only one PscConfig is supported. * Structure is documented below. */ - public readonly pscConfigs!: pulumi.Output; + public readonly pscConfigs!: pulumi.Output; /** * Output only. PSC connections for discovery of the cluster topology and accessing the cluster. * Structure is documented below. */ public /*out*/ readonly pscConnections!: pulumi.Output; /** - * Configure Redis Cluster behavior using a subset of native Redis configuration parameters. Please check Memorystore - * documentation for the list of supported parameters: + * Service attachment details to configure Psc connections. + * Structure is documented below. + */ + public /*out*/ readonly pscServiceAttachments!: pulumi.Output; + /** + * Configure Redis Cluster behavior using a subset of native Redis configuration parameters. + * Please check Memorystore documentation for the list of supported parameters: * https://cloud.google.com/memorystore/docs/cluster/supported-instance-configurations */ public readonly redisConfigs!: pulumi.Output<{[key: string]: string} | undefined>; @@ -540,9 +557,10 @@ export class Cluster extends pulumi.CustomResource { */ public /*out*/ readonly stateInfos!: pulumi.Output; /** - * Optional. The in-transit encryption for the Redis cluster. If not provided, encryption is disabled for the cluster. - * Default value: "TRANSIT_ENCRYPTION_MODE_DISABLED" Possible values: ["TRANSIT_ENCRYPTION_MODE_UNSPECIFIED", - * "TRANSIT_ENCRYPTION_MODE_DISABLED", "TRANSIT_ENCRYPTION_MODE_SERVER_AUTHENTICATION"] + * Optional. The in-transit encryption for the Redis cluster. + * If not provided, encryption is disabled for the cluster. + * Default value is `TRANSIT_ENCRYPTION_MODE_DISABLED`. + * Possible values are: `TRANSIT_ENCRYPTION_MODE_UNSPECIFIED`, `TRANSIT_ENCRYPTION_MODE_DISABLED`, `TRANSIT_ENCRYPTION_MODE_SERVER_AUTHENTICATION`. */ public readonly transitEncryptionMode!: pulumi.Output; /** @@ -551,8 +569,9 @@ export class Cluster extends pulumi.CustomResource { public /*out*/ readonly uid!: pulumi.Output; /** * Immutable. Zone distribution config for Memorystore Redis cluster. + * Structure is documented below. */ - public readonly zoneDistributionConfig!: pulumi.Output; + public readonly zoneDistributionConfig!: pulumi.Output; /** * Create a Cluster resource with the given unique name, arguments, and options. @@ -581,6 +600,7 @@ export class Cluster extends pulumi.CustomResource { resourceInputs["project"] = state ? state.project : undefined; resourceInputs["pscConfigs"] = state ? state.pscConfigs : undefined; resourceInputs["pscConnections"] = state ? state.pscConnections : undefined; + resourceInputs["pscServiceAttachments"] = state ? state.pscServiceAttachments : undefined; resourceInputs["redisConfigs"] = state ? state.redisConfigs : undefined; resourceInputs["region"] = state ? state.region : undefined; resourceInputs["replicaCount"] = state ? state.replicaCount : undefined; @@ -593,9 +613,6 @@ export class Cluster extends pulumi.CustomResource { resourceInputs["zoneDistributionConfig"] = state ? state.zoneDistributionConfig : undefined; } else { const args = argsOrState as ClusterArgs | undefined; - if ((!args || args.pscConfigs === undefined) && !opts.urn) { - throw new Error("Missing required property 'pscConfigs'"); - } if ((!args || args.shardCount === undefined) && !opts.urn) { throw new Error("Missing required property 'shardCount'"); } @@ -619,6 +636,7 @@ export class Cluster extends pulumi.CustomResource { resourceInputs["maintenanceSchedules"] = undefined /*out*/; resourceInputs["preciseSizeGb"] = undefined /*out*/; resourceInputs["pscConnections"] = undefined /*out*/; + resourceInputs["pscServiceAttachments"] = undefined /*out*/; resourceInputs["sizeGb"] = undefined /*out*/; resourceInputs["state"] = undefined /*out*/; resourceInputs["stateInfos"] = undefined /*out*/; @@ -635,8 +653,8 @@ export class Cluster extends pulumi.CustomResource { export interface ClusterState { /** * Optional. The authorization mode of the Redis cluster. If not provided, auth feature is disabled for the cluster. - * Default value: "AUTH_MODE_DISABLED" Possible values: ["AUTH_MODE_UNSPECIFIED", "AUTH_MODE_IAM_AUTH", - * "AUTH_MODE_DISABLED"] + * Default value is `AUTH_MODE_DISABLED`. + * Possible values are: `AUTH_MODE_UNSPECIFIED`, `AUTH_MODE_IAM_AUTH`, `AUTH_MODE_DISABLED`. */ authorizationMode?: pulumi.Input; /** @@ -647,11 +665,13 @@ export interface ClusterState { createTime?: pulumi.Input; /** * Cross cluster replication config + * Structure is documented below. */ crossClusterReplicationConfig?: pulumi.Input; /** - * Optional. Indicates if the cluster is deletion protected or not. If the value if set to true, any delete cluster - * operation will fail. Default value is true. + * Optional. Indicates if the cluster is deletion protected or not. + * If the value if set to true, any delete cluster operation will fail. + * Default value is true. */ deletionProtectionEnabled?: pulumi.Input; /** @@ -663,6 +683,7 @@ export interface ClusterState { discoveryEndpoints?: pulumi.Input[]>; /** * Maintenance policy for a cluster + * Structure is documented below. */ maintenancePolicy?: pulumi.Input; /** @@ -673,21 +694,30 @@ export interface ClusterState { /** * Unique name of the resource in this scope including project and location using the form: * projects/{projectId}/locations/{locationId}/clusters/{clusterId} + * + * + * - - - */ name?: pulumi.Input; /** - * The nodeType for the Redis cluster. If not provided, REDIS_HIGHMEM_MEDIUM will be used as default Possible values: - * ["REDIS_SHARED_CORE_NANO", "REDIS_HIGHMEM_MEDIUM", "REDIS_HIGHMEM_XLARGE", "REDIS_STANDARD_SMALL"] + * The nodeType for the Redis cluster. + * If not provided, REDIS_HIGHMEM_MEDIUM will be used as default + * Possible values are: `REDIS_SHARED_CORE_NANO`, `REDIS_HIGHMEM_MEDIUM`, `REDIS_HIGHMEM_XLARGE`, `REDIS_STANDARD_SMALL`. */ nodeType?: pulumi.Input; /** * Persistence config (RDB, AOF) for the cluster. + * Structure is documented below. */ persistenceConfig?: pulumi.Input; /** * Output only. Redis memory precise size in GB for the entire cluster. */ preciseSizeGb?: pulumi.Input; + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the provider project is used. + */ project?: pulumi.Input; /** * Required. Each PscConfig configures the consumer network where two @@ -702,8 +732,13 @@ export interface ClusterState { */ pscConnections?: pulumi.Input[]>; /** - * Configure Redis Cluster behavior using a subset of native Redis configuration parameters. Please check Memorystore - * documentation for the list of supported parameters: + * Service attachment details to configure Psc connections. + * Structure is documented below. + */ + pscServiceAttachments?: pulumi.Input[]>; + /** + * Configure Redis Cluster behavior using a subset of native Redis configuration parameters. + * Please check Memorystore documentation for the list of supported parameters: * https://cloud.google.com/memorystore/docs/cluster/supported-instance-configurations */ redisConfigs?: pulumi.Input<{[key: string]: pulumi.Input}>; @@ -733,9 +768,10 @@ export interface ClusterState { */ stateInfos?: pulumi.Input[]>; /** - * Optional. The in-transit encryption for the Redis cluster. If not provided, encryption is disabled for the cluster. - * Default value: "TRANSIT_ENCRYPTION_MODE_DISABLED" Possible values: ["TRANSIT_ENCRYPTION_MODE_UNSPECIFIED", - * "TRANSIT_ENCRYPTION_MODE_DISABLED", "TRANSIT_ENCRYPTION_MODE_SERVER_AUTHENTICATION"] + * Optional. The in-transit encryption for the Redis cluster. + * If not provided, encryption is disabled for the cluster. + * Default value is `TRANSIT_ENCRYPTION_MODE_DISABLED`. + * Possible values are: `TRANSIT_ENCRYPTION_MODE_UNSPECIFIED`, `TRANSIT_ENCRYPTION_MODE_DISABLED`, `TRANSIT_ENCRYPTION_MODE_SERVER_AUTHENTICATION`. */ transitEncryptionMode?: pulumi.Input; /** @@ -744,6 +780,7 @@ export interface ClusterState { uid?: pulumi.Input; /** * Immutable. Zone distribution config for Memorystore Redis cluster. + * Structure is documented below. */ zoneDistributionConfig?: pulumi.Input; } @@ -754,37 +791,49 @@ export interface ClusterState { export interface ClusterArgs { /** * Optional. The authorization mode of the Redis cluster. If not provided, auth feature is disabled for the cluster. - * Default value: "AUTH_MODE_DISABLED" Possible values: ["AUTH_MODE_UNSPECIFIED", "AUTH_MODE_IAM_AUTH", - * "AUTH_MODE_DISABLED"] + * Default value is `AUTH_MODE_DISABLED`. + * Possible values are: `AUTH_MODE_UNSPECIFIED`, `AUTH_MODE_IAM_AUTH`, `AUTH_MODE_DISABLED`. */ authorizationMode?: pulumi.Input; /** * Cross cluster replication config + * Structure is documented below. */ crossClusterReplicationConfig?: pulumi.Input; /** - * Optional. Indicates if the cluster is deletion protected or not. If the value if set to true, any delete cluster - * operation will fail. Default value is true. + * Optional. Indicates if the cluster is deletion protected or not. + * If the value if set to true, any delete cluster operation will fail. + * Default value is true. */ deletionProtectionEnabled?: pulumi.Input; /** * Maintenance policy for a cluster + * Structure is documented below. */ maintenancePolicy?: pulumi.Input; /** * Unique name of the resource in this scope including project and location using the form: * projects/{projectId}/locations/{locationId}/clusters/{clusterId} + * + * + * - - - */ name?: pulumi.Input; /** - * The nodeType for the Redis cluster. If not provided, REDIS_HIGHMEM_MEDIUM will be used as default Possible values: - * ["REDIS_SHARED_CORE_NANO", "REDIS_HIGHMEM_MEDIUM", "REDIS_HIGHMEM_XLARGE", "REDIS_STANDARD_SMALL"] + * The nodeType for the Redis cluster. + * If not provided, REDIS_HIGHMEM_MEDIUM will be used as default + * Possible values are: `REDIS_SHARED_CORE_NANO`, `REDIS_HIGHMEM_MEDIUM`, `REDIS_HIGHMEM_XLARGE`, `REDIS_STANDARD_SMALL`. */ nodeType?: pulumi.Input; /** * Persistence config (RDB, AOF) for the cluster. + * Structure is documented below. */ persistenceConfig?: pulumi.Input; + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the provider project is used. + */ project?: pulumi.Input; /** * Required. Each PscConfig configures the consumer network where two @@ -792,10 +841,10 @@ export interface ClusterArgs { * Currently, only one PscConfig is supported. * Structure is documented below. */ - pscConfigs: pulumi.Input[]>; + pscConfigs?: pulumi.Input[]>; /** - * Configure Redis Cluster behavior using a subset of native Redis configuration parameters. Please check Memorystore - * documentation for the list of supported parameters: + * Configure Redis Cluster behavior using a subset of native Redis configuration parameters. + * Please check Memorystore documentation for the list of supported parameters: * https://cloud.google.com/memorystore/docs/cluster/supported-instance-configurations */ redisConfigs?: pulumi.Input<{[key: string]: pulumi.Input}>; @@ -812,13 +861,15 @@ export interface ClusterArgs { */ shardCount: pulumi.Input; /** - * Optional. The in-transit encryption for the Redis cluster. If not provided, encryption is disabled for the cluster. - * Default value: "TRANSIT_ENCRYPTION_MODE_DISABLED" Possible values: ["TRANSIT_ENCRYPTION_MODE_UNSPECIFIED", - * "TRANSIT_ENCRYPTION_MODE_DISABLED", "TRANSIT_ENCRYPTION_MODE_SERVER_AUTHENTICATION"] + * Optional. The in-transit encryption for the Redis cluster. + * If not provided, encryption is disabled for the cluster. + * Default value is `TRANSIT_ENCRYPTION_MODE_DISABLED`. + * Possible values are: `TRANSIT_ENCRYPTION_MODE_UNSPECIFIED`, `TRANSIT_ENCRYPTION_MODE_DISABLED`, `TRANSIT_ENCRYPTION_MODE_SERVER_AUTHENTICATION`. */ transitEncryptionMode?: pulumi.Input; /** * Immutable. Zone distribution config for Memorystore Redis cluster. + * Structure is documented below. */ zoneDistributionConfig?: pulumi.Input; } diff --git a/sdk/nodejs/redis/clusterUserCreatedConnections.ts b/sdk/nodejs/redis/clusterUserCreatedConnections.ts new file mode 100644 index 0000000000..fff5e29444 --- /dev/null +++ b/sdk/nodejs/redis/clusterUserCreatedConnections.ts @@ -0,0 +1,430 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +import * as pulumi from "@pulumi/pulumi"; +import * as inputs from "../types/input"; +import * as outputs from "../types/output"; +import * as utilities from "../utilities"; + +/** + * ## Example Usage + * + * ### Redis Cluster User Created Connections + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const network1 = new gcp.compute.Network("network1", { + * name: "net1", + * autoCreateSubnetworks: false, + * }); + * const subnetNetwork1 = new gcp.compute.Subnetwork("subnet_network1", { + * name: "subnet-net1", + * ipCidrRange: "10.0.0.248/29", + * region: "us-central1", + * network: network1.id, + * }); + * const ip1Network1 = new gcp.compute.Address("ip1_network1", { + * name: "ip1-net1", + * region: "us-central1", + * subnetwork: subnetNetwork1.id, + * addressType: "INTERNAL", + * purpose: "GCE_ENDPOINT", + * }); + * // redis cluster without endpoint + * const cluster_user_connCluster = new gcp.redis.Cluster("cluster-user-conn", { + * name: "cluster-user-conn", + * shardCount: 3, + * region: "us-central1", + * replicaCount: 0, + * deletionProtectionEnabled: false, + * }); + * const forwardingRule1Network1 = new gcp.compute.ForwardingRule("forwarding_rule1_network1", { + * name: "fwd1-net1", + * region: "us-central1", + * ipAddress: ip1Network1.id, + * loadBalancingScheme: "", + * network: network1.id, + * target: cluster_user_connCluster.pscServiceAttachments.apply(pscServiceAttachments => pscServiceAttachments[0].serviceAttachment), + * }); + * const ip2Network1 = new gcp.compute.Address("ip2_network1", { + * name: "ip2-net1", + * region: "us-central1", + * subnetwork: subnetNetwork1.id, + * addressType: "INTERNAL", + * purpose: "GCE_ENDPOINT", + * }); + * const forwardingRule2Network1 = new gcp.compute.ForwardingRule("forwarding_rule2_network1", { + * name: "fwd2-net1", + * region: "us-central1", + * ipAddress: ip2Network1.id, + * loadBalancingScheme: "", + * network: network1.id, + * target: cluster_user_connCluster.pscServiceAttachments.apply(pscServiceAttachments => pscServiceAttachments[1].serviceAttachment), + * }); + * const network2 = new gcp.compute.Network("network2", { + * name: "network2", + * autoCreateSubnetworks: false, + * }); + * const subnetNetwork2 = new gcp.compute.Subnetwork("subnet_network2", { + * name: "subnet-net2", + * ipCidrRange: "10.0.0.248/29", + * region: "us-central1", + * network: network2.id, + * }); + * const ip1Network2 = new gcp.compute.Address("ip1_network2", { + * name: "ip1-net2", + * region: "us-central1", + * subnetwork: subnetNetwork2.id, + * addressType: "INTERNAL", + * purpose: "GCE_ENDPOINT", + * }); + * const forwardingRule1Network2 = new gcp.compute.ForwardingRule("forwarding_rule1_network2", { + * name: "fwd1-net2", + * region: "us-central1", + * ipAddress: ip1Network2.id, + * loadBalancingScheme: "", + * network: network2.id, + * target: cluster_user_connCluster.pscServiceAttachments.apply(pscServiceAttachments => pscServiceAttachments[0].serviceAttachment), + * }); + * const ip2Network2 = new gcp.compute.Address("ip2_network2", { + * name: "ip2-net2", + * region: "us-central1", + * subnetwork: subnetNetwork2.id, + * addressType: "INTERNAL", + * purpose: "GCE_ENDPOINT", + * }); + * const forwardingRule2Network2 = new gcp.compute.ForwardingRule("forwarding_rule2_network2", { + * name: "fwd2-net2", + * region: "us-central1", + * ipAddress: ip2Network2.id, + * loadBalancingScheme: "", + * network: network2.id, + * target: cluster_user_connCluster.pscServiceAttachments.apply(pscServiceAttachments => pscServiceAttachments[1].serviceAttachment), + * }); + * const project = gcp.organizations.getProject({}); + * const cluster_user_conn = new gcp.redis.ClusterUserCreatedConnections("cluster-user-conn", { + * name: "cluster-user-conn", + * region: "us-central1", + * clusterEndpoints: [ + * { + * connections: [ + * { + * pscConnection: { + * pscConnectionId: forwardingRule1Network1.pscConnectionId, + * address: ip1Network1.address, + * forwardingRule: forwardingRule1Network1.id, + * network: network1.id, + * projectId: project.then(project => project.projectId), + * serviceAttachment: cluster_user_connCluster.pscServiceAttachments.apply(pscServiceAttachments => pscServiceAttachments[0].serviceAttachment), + * }, + * }, + * { + * pscConnection: { + * pscConnectionId: forwardingRule2Network1.pscConnectionId, + * address: ip2Network1.address, + * forwardingRule: forwardingRule2Network1.id, + * network: network1.id, + * serviceAttachment: cluster_user_connCluster.pscServiceAttachments.apply(pscServiceAttachments => pscServiceAttachments[1].serviceAttachment), + * }, + * }, + * ], + * }, + * { + * connections: [ + * { + * pscConnection: { + * pscConnectionId: forwardingRule1Network2.pscConnectionId, + * address: ip1Network2.address, + * forwardingRule: forwardingRule1Network2.id, + * network: network2.id, + * serviceAttachment: cluster_user_connCluster.pscServiceAttachments.apply(pscServiceAttachments => pscServiceAttachments[0].serviceAttachment), + * }, + * }, + * { + * pscConnection: { + * pscConnectionId: forwardingRule2Network2.pscConnectionId, + * address: ip2Network2.address, + * forwardingRule: forwardingRule2Network2.id, + * network: network2.id, + * serviceAttachment: cluster_user_connCluster.pscServiceAttachments.apply(pscServiceAttachments => pscServiceAttachments[1].serviceAttachment), + * }, + * }, + * ], + * }, + * ], + * }); + * ``` + * ### Redis Cluster User And Auto Created Connections + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const network2 = new gcp.compute.Network("network2", { + * name: "network2", + * autoCreateSubnetworks: false, + * }); + * const subnetNetwork2 = new gcp.compute.Subnetwork("subnet_network2", { + * name: "subnet-net2", + * ipCidrRange: "10.0.0.248/29", + * region: "us-central1", + * network: network2.id, + * }); + * const ip1Network2 = new gcp.compute.Address("ip1_network2", { + * name: "ip1-net2", + * region: "us-central1", + * subnetwork: subnetNetwork2.id, + * addressType: "INTERNAL", + * purpose: "GCE_ENDPOINT", + * }); + * const network1 = new gcp.compute.Network("network1", { + * name: "net1", + * autoCreateSubnetworks: false, + * }); + * const subnetNetwork1 = new gcp.compute.Subnetwork("subnet_network1", { + * name: "subnet-net1", + * ipCidrRange: "10.0.0.248/29", + * region: "us-central1", + * network: network1.id, + * }); + * const _default = new gcp.networkconnectivity.ServiceConnectionPolicy("default", { + * name: "scpolicy", + * location: "us-central1", + * serviceClass: "gcp-memorystore-redis", + * description: "my basic service connection policy", + * network: network1.id, + * pscConfig: { + * subnetworks: [subnetNetwork1.id], + * }, + * }); + * // redis cluster without endpoint + * const cluster_user_auto_connCluster = new gcp.redis.Cluster("cluster-user-auto-conn", { + * name: "cluster-user-auto-conn", + * shardCount: 3, + * region: "us-central1", + * replicaCount: 0, + * deletionProtectionEnabled: false, + * pscConfigs: [{ + * network: network1.id, + * }], + * }, { + * dependsOn: [_default], + * }); + * const forwardingRule1Network2 = new gcp.compute.ForwardingRule("forwarding_rule1_network2", { + * name: "fwd1-net2", + * region: "us-central1", + * ipAddress: ip1Network2.id, + * loadBalancingScheme: "", + * network: network2.id, + * target: cluster_user_auto_connCluster.pscServiceAttachments.apply(pscServiceAttachments => pscServiceAttachments[0].serviceAttachment), + * }); + * const ip2Network2 = new gcp.compute.Address("ip2_network2", { + * name: "ip2-net2", + * region: "us-central1", + * subnetwork: subnetNetwork2.id, + * addressType: "INTERNAL", + * purpose: "GCE_ENDPOINT", + * }); + * const forwardingRule2Network2 = new gcp.compute.ForwardingRule("forwarding_rule2_network2", { + * name: "fwd2-net2", + * region: "us-central1", + * ipAddress: ip2Network2.id, + * loadBalancingScheme: "", + * network: network2.id, + * target: cluster_user_auto_connCluster.pscServiceAttachments.apply(pscServiceAttachments => pscServiceAttachments[1].serviceAttachment), + * }); + * const cluster_user_auto_conn = new gcp.redis.ClusterUserCreatedConnections("cluster-user-auto-conn", { + * name: "cluster-user-auto-conn", + * region: "us-central1", + * clusterEndpoints: [{ + * connections: [ + * { + * pscConnection: { + * pscConnectionId: forwardingRule1Network2.pscConnectionId, + * address: ip1Network2.address, + * forwardingRule: forwardingRule1Network2.id, + * network: network2.id, + * serviceAttachment: cluster_user_auto_connCluster.pscServiceAttachments.apply(pscServiceAttachments => pscServiceAttachments[0].serviceAttachment), + * }, + * }, + * { + * pscConnection: { + * pscConnectionId: forwardingRule2Network2.pscConnectionId, + * address: ip2Network2.address, + * forwardingRule: forwardingRule2Network2.id, + * network: network2.id, + * serviceAttachment: cluster_user_auto_connCluster.pscServiceAttachments.apply(pscServiceAttachments => pscServiceAttachments[1].serviceAttachment), + * }, + * }, + * ], + * }], + * }); + * ``` + * + * ## Import + * + * ClusterUserCreatedConnections can be imported using any of these accepted formats: + * + * * `projects/{{project}}/locations/{{region}}/clusters/{{name}}` + * + * * `{{project}}/{{region}}/{{name}}` + * + * * `{{region}}/{{name}}` + * + * * `{{name}}` + * + * When using the `pulumi import` command, ClusterUserCreatedConnections can be imported using one of the formats above. For example: + * + * ```sh + * $ pulumi import gcp:redis/clusterUserCreatedConnections:ClusterUserCreatedConnections default projects/{{project}}/locations/{{region}}/clusters/{{name}} + * ``` + * + * ```sh + * $ pulumi import gcp:redis/clusterUserCreatedConnections:ClusterUserCreatedConnections default {{project}}/{{region}}/{{name}} + * ``` + * + * ```sh + * $ pulumi import gcp:redis/clusterUserCreatedConnections:ClusterUserCreatedConnections default {{region}}/{{name}} + * ``` + * + * ```sh + * $ pulumi import gcp:redis/clusterUserCreatedConnections:ClusterUserCreatedConnections default {{name}} + * ``` + */ +export class ClusterUserCreatedConnections extends pulumi.CustomResource { + /** + * Get an existing ClusterUserCreatedConnections resource's state with the given name, ID, and optional extra + * properties used to qualify the lookup. + * + * @param name The _unique_ name of the resulting resource. + * @param id The _unique_ provider ID of the resource to lookup. + * @param state Any extra arguments used during the lookup. + * @param opts Optional settings to control the behavior of the CustomResource. + */ + public static get(name: string, id: pulumi.Input, state?: ClusterUserCreatedConnectionsState, opts?: pulumi.CustomResourceOptions): ClusterUserCreatedConnections { + return new ClusterUserCreatedConnections(name, state, { ...opts, id: id }); + } + + /** @internal */ + public static readonly __pulumiType = 'gcp:redis/clusterUserCreatedConnections:ClusterUserCreatedConnections'; + + /** + * Returns true if the given object is an instance of ClusterUserCreatedConnections. This is designed to work even + * when multiple copies of the Pulumi SDK have been loaded into the same process. + */ + public static isInstance(obj: any): obj is ClusterUserCreatedConnections { + if (obj === undefined || obj === null) { + return false; + } + return obj['__pulumiType'] === ClusterUserCreatedConnections.__pulumiType; + } + + /** + * A list of cluster endpoints + * Structure is documented below. + */ + public readonly clusterEndpoints!: pulumi.Output; + /** + * The name of the Redis cluster these endpoints should be added to. + */ + public readonly name!: pulumi.Output; + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the provider project is used. + */ + public readonly project!: pulumi.Output; + /** + * The name of the region of the Redis cluster these endpoints should be added to. + * + * + * - - - + */ + public readonly region!: pulumi.Output; + + /** + * Create a ClusterUserCreatedConnections resource with the given unique name, arguments, and options. + * + * @param name The _unique_ name of the resource. + * @param args The arguments to use to populate this resource's properties. + * @param opts A bag of options that control this resource's behavior. + */ + constructor(name: string, args: ClusterUserCreatedConnectionsArgs, opts?: pulumi.CustomResourceOptions) + constructor(name: string, argsOrState?: ClusterUserCreatedConnectionsArgs | ClusterUserCreatedConnectionsState, opts?: pulumi.CustomResourceOptions) { + let resourceInputs: pulumi.Inputs = {}; + opts = opts || {}; + if (opts.id) { + const state = argsOrState as ClusterUserCreatedConnectionsState | undefined; + resourceInputs["clusterEndpoints"] = state ? state.clusterEndpoints : undefined; + resourceInputs["name"] = state ? state.name : undefined; + resourceInputs["project"] = state ? state.project : undefined; + resourceInputs["region"] = state ? state.region : undefined; + } else { + const args = argsOrState as ClusterUserCreatedConnectionsArgs | undefined; + if ((!args || args.region === undefined) && !opts.urn) { + throw new Error("Missing required property 'region'"); + } + resourceInputs["clusterEndpoints"] = args ? args.clusterEndpoints : undefined; + resourceInputs["name"] = args ? args.name : undefined; + resourceInputs["project"] = args ? args.project : undefined; + resourceInputs["region"] = args ? args.region : undefined; + } + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts); + super(ClusterUserCreatedConnections.__pulumiType, name, resourceInputs, opts); + } +} + +/** + * Input properties used for looking up and filtering ClusterUserCreatedConnections resources. + */ +export interface ClusterUserCreatedConnectionsState { + /** + * A list of cluster endpoints + * Structure is documented below. + */ + clusterEndpoints?: pulumi.Input[]>; + /** + * The name of the Redis cluster these endpoints should be added to. + */ + name?: pulumi.Input; + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the provider project is used. + */ + project?: pulumi.Input; + /** + * The name of the region of the Redis cluster these endpoints should be added to. + * + * + * - - - + */ + region?: pulumi.Input; +} + +/** + * The set of arguments for constructing a ClusterUserCreatedConnections resource. + */ +export interface ClusterUserCreatedConnectionsArgs { + /** + * A list of cluster endpoints + * Structure is documented below. + */ + clusterEndpoints?: pulumi.Input[]>; + /** + * The name of the Redis cluster these endpoints should be added to. + */ + name?: pulumi.Input; + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the provider project is used. + */ + project?: pulumi.Input; + /** + * The name of the region of the Redis cluster these endpoints should be added to. + * + * + * - - - + */ + region: pulumi.Input; +} diff --git a/sdk/nodejs/redis/index.ts b/sdk/nodejs/redis/index.ts index 94661ebf70..d03a26916e 100644 --- a/sdk/nodejs/redis/index.ts +++ b/sdk/nodejs/redis/index.ts @@ -10,6 +10,11 @@ export type Cluster = import("./cluster").Cluster; export const Cluster: typeof import("./cluster").Cluster = null as any; utilities.lazyLoad(exports, ["Cluster"], () => require("./cluster")); +export { ClusterUserCreatedConnectionsArgs, ClusterUserCreatedConnectionsState } from "./clusterUserCreatedConnections"; +export type ClusterUserCreatedConnections = import("./clusterUserCreatedConnections").ClusterUserCreatedConnections; +export const ClusterUserCreatedConnections: typeof import("./clusterUserCreatedConnections").ClusterUserCreatedConnections = null as any; +utilities.lazyLoad(exports, ["ClusterUserCreatedConnections"], () => require("./clusterUserCreatedConnections")); + export { GetInstanceArgs, GetInstanceResult, GetInstanceOutputArgs } from "./getInstance"; export const getInstance: typeof import("./getInstance").getInstance = null as any; export const getInstanceOutput: typeof import("./getInstance").getInstanceOutput = null as any; @@ -27,6 +32,8 @@ const _module = { switch (type) { case "gcp:redis/cluster:Cluster": return new Cluster(name, undefined, { urn }) + case "gcp:redis/clusterUserCreatedConnections:ClusterUserCreatedConnections": + return new ClusterUserCreatedConnections(name, undefined, { urn }) case "gcp:redis/instance:Instance": return new Instance(name, undefined, { urn }) default: @@ -35,4 +42,5 @@ const _module = { }, }; pulumi.runtime.registerResourceModule("gcp", "redis/cluster", _module) +pulumi.runtime.registerResourceModule("gcp", "redis/clusterUserCreatedConnections", _module) pulumi.runtime.registerResourceModule("gcp", "redis/instance", _module) diff --git a/sdk/nodejs/tsconfig.json b/sdk/nodejs/tsconfig.json index b3470714ad..d1846ee91a 100644 --- a/sdk/nodejs/tsconfig.json +++ b/sdk/nodejs/tsconfig.json @@ -96,6 +96,8 @@ "apigee/sharedflowDeployment.ts", "apigee/syncAuthorization.ts", "apigee/targetServer.ts", + "apihub/apiHubInstance.ts", + "apihub/index.ts", "appengine/application.ts", "appengine/applicationUrlDispatchRules.ts", "appengine/domainMapping.ts", @@ -254,6 +256,7 @@ "chronicle/dataAccessScope.ts", "chronicle/index.ts", "chronicle/referenceList.ts", + "chronicle/retrohunt.ts", "chronicle/rule.ts", "chronicle/ruleDeployment.ts", "chronicle/watchlist.ts", @@ -353,8 +356,13 @@ "cloudtasks/queueIamBinding.ts", "cloudtasks/queueIamMember.ts", "cloudtasks/queueIamPolicy.ts", + "colab/getRuntimeTemplateIamPolicy.ts", "colab/index.ts", + "colab/runtime.ts", "colab/runtimeTemplate.ts", + "colab/runtimeTemplateIamBinding.ts", + "colab/runtimeTemplateIamMember.ts", + "colab/runtimeTemplateIamPolicy.ts", "composer/environment.ts", "composer/getEnvironment.ts", "composer/getImageVersions.ts", @@ -415,6 +423,7 @@ "compute/getInstanceIamPolicy.ts", "compute/getInstanceSerialPort.ts", "compute/getInstanceTemplate.ts", + "compute/getInstanceTemplateIamPolicy.ts", "compute/getLBIPRanges.ts", "compute/getMachineImageIamPolicy.ts", "compute/getMachineTypes.ts", @@ -472,6 +481,9 @@ "compute/instanceIAMPolicy.ts", "compute/instanceSettings.ts", "compute/instanceTemplate.ts", + "compute/instanceTemplateIamBinding.ts", + "compute/instanceTemplateIamMember.ts", + "compute/instanceTemplateIamPolicy.ts", "compute/interconnect.ts", "compute/interconnectAttachment.ts", "compute/machineImage.ts", @@ -1018,6 +1030,7 @@ "kms/getKMSSecretAsymmetric.ts", "kms/getKMSSecretCiphertext.ts", "kms/getKeyHandle.ts", + "kms/getKeyHandles.ts", "kms/getKeyRingIamPolicy.ts", "kms/getKeyRings.ts", "kms/index.ts", @@ -1187,6 +1200,7 @@ "organizations/getIAMPolicy.ts", "organizations/getOrganization.ts", "organizations/getProject.ts", + "organizations/getS.ts", "organizations/iamAuditConfig.ts", "organizations/iambinding.ts", "organizations/iamcustomRole.ts", @@ -1206,9 +1220,12 @@ "oslogin/sshPublicKey.ts", "parallelstore/index.ts", "parallelstore/instance.ts", + "parametermanager/getParameter.ts", "parametermanager/getRegionalParameter.ts", + "parametermanager/getRegionalParameters.ts", "parametermanager/index.ts", "parametermanager/parameter.ts", + "parametermanager/parameterVersion.ts", "parametermanager/regionalParameter.ts", "parametermanager/regionalParameterVersion.ts", "privilegedaccessmanager/entitlement.ts", @@ -1258,6 +1275,7 @@ "recaptcha/enterpriseKey.ts", "recaptcha/index.ts", "redis/cluster.ts", + "redis/clusterUserCreatedConnections.ts", "redis/getInstance.ts", "redis/index.ts", "redis/instance.ts", diff --git a/sdk/nodejs/types/input.ts b/sdk/nodejs/types/input.ts index 052c1794d7..4f1412a280 100644 --- a/sdk/nodejs/types/input.ts +++ b/sdk/nodejs/types/input.ts @@ -2742,6 +2742,25 @@ export namespace apigee { minNodeCount?: pulumi.Input; } + export interface EnvironmentProperties { + /** + * List of all properties in the object. + * Structure is documented below. + */ + properties?: pulumi.Input[]>; + } + + export interface EnvironmentPropertiesProperty { + /** + * The property key. + */ + name?: pulumi.Input; + /** + * The property value. + */ + value?: pulumi.Input; + } + export interface KeystoresAliasesKeyCertFileCertsInfo { /** * (Output) @@ -3072,6 +3091,40 @@ export namespace apigee { } } +export namespace apihub { + export interface ApiHubInstanceConfig { + /** + * Optional. The Customer Managed Encryption Key (CMEK) used for data encryption. + * The CMEK name should follow the format of + * `projects/([^/]+)/locations/([^/]+)/keyRings/([^/]+)/cryptoKeys/([^/]+)`, + * where the location must match the instance location. + * If the CMEK is not provided, a GMEK will be created for the instance. + */ + cmekKeyName?: pulumi.Input; + /** + * Optional. If true, the search will be disabled for the instance. The default value + * is false. + */ + disableSearch?: pulumi.Input; + /** + * Optional. Encryption type for the region. If the encryption type is CMEK, the + * cmekKeyName must be provided. If no encryption type is provided, + * GMEK will be used. + * Possible values: + * ENCRYPTION_TYPE_UNSPECIFIED + * GMEK + * CMEK + */ + encryptionType?: pulumi.Input; + /** + * Optional. The name of the Vertex AI location where the data store is stored. + * + * - - - + */ + vertexLocation?: pulumi.Input; + } +} + export namespace appengine { export interface ApplicationFeatureSettings { /** @@ -9997,6 +10050,34 @@ export namespace chronicle { scopeNames?: pulumi.Input[]>; } + export interface RetrohuntExecutionInterval { + /** + * Optional. Exclusive end of the interval. + * If specified, a Timestamp matching this interval will have to be before the + * end. + */ + endTime?: pulumi.Input; + /** + * Optional. Inclusive start of the interval. + * If specified, a Timestamp matching this interval will have to be the same + * or after the start. + */ + startTime?: pulumi.Input; + } + + export interface RetrohuntProcessInterval { + /** + * Exclusive end of the interval. + * + * - - - + */ + endTime: pulumi.Input; + /** + * Inclusive start of the interval. + */ + startTime: pulumi.Input; + } + export interface RuleCompilationDiagnostic { /** * (Output) @@ -14483,6 +14564,46 @@ export namespace cloudrunv2 { useDefault?: pulumi.Input; } + export interface ServiceBuildConfig { + /** + * The base image used to build the function. + */ + baseImage?: pulumi.Input; + /** + * Sets whether the function will receive automatic base image updates. + */ + enableAutomaticUpdates?: pulumi.Input; + /** + * User-provided build-time environment variables for the function. + */ + environmentVariables?: pulumi.Input<{[key: string]: pulumi.Input}>; + /** + * The name of the function (as defined in source code) that will be executed. Defaults to the resource name suffix, if not specified. For backward compatibility, if function with given name is not found, then the system will try to use function named "function". + */ + functionTarget?: pulumi.Input; + /** + * Artifact Registry URI to store the built image. + */ + imageUri?: pulumi.Input; + /** + * (Output) + * The Cloud Build name of the latest successful deployment of the function. + */ + name?: pulumi.Input; + /** + * Service account to be used for building the container. The format of this field is `projects/{projectId}/serviceAccounts/{serviceAccountEmail}`. + */ + serviceAccount?: pulumi.Input; + /** + * The Cloud Storage bucket URI where the function source code is located. + */ + sourceLocation?: pulumi.Input; + /** + * Name of the Cloud Build Custom Worker Pool that should be used to build the Cloud Run function. The format of this field is `projects/{project}/locations/{region}/workerPools/{workerPool}` where {project} and {region} are the project id and region respectively where the worker pool is defined and {workerPool} is the short name of the worker pool. + */ + workerPool?: pulumi.Input; + } + export interface ServiceCondition { /** * (Output) @@ -15618,6 +15739,13 @@ export namespace cloudtasks { } export namespace colab { + export interface RuntimeNotebookRuntimeTemplateRef { + /** + * The resource name of the NotebookRuntimeTemplate based on which a NotebookRuntime will be created. + */ + notebookRuntimeTemplate: pulumi.Input; + } + export interface RuntimeTemplateDataPersistentDiskSpec { /** * The disk size of the runtime in GB. If specified, the diskType must also be specified. The minimum size is 10GB and the maximum is 65536GB. @@ -15643,6 +15771,18 @@ export namespace colab { eucDisabled?: pulumi.Input; } + export interface RuntimeTemplateIamBindingCondition { + description?: pulumi.Input; + expression: pulumi.Input; + title: pulumi.Input; + } + + export interface RuntimeTemplateIamMemberCondition { + description?: pulumi.Input; + expression: pulumi.Input; + title: pulumi.Input; + } + export interface RuntimeTemplateIdleShutdownConfig { /** * The duration after which the runtime is automatically shut down. An input of 0s disables the idle shutdown feature, and a valid range is [10m, 24h]. @@ -17399,6 +17539,11 @@ export namespace compute { * CIDR IP address range. Maximum number of destination CIDR IP ranges allowed is 5000. */ destIpRanges?: pulumi.Input[]>; + /** + * Network scope of the traffic destination. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + */ + destNetworkScope?: pulumi.Input; /** * Region codes whose IP addresses will be used to match for destination of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of dest region codes allowed is 5000. */ @@ -17424,6 +17569,15 @@ export namespace compute { * CIDR IP address range. Maximum number of source CIDR IP ranges allowed is 5000. */ srcIpRanges?: pulumi.Input[]>; + /** + * Network scope of the traffic source. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + */ + srcNetworkScope?: pulumi.Input; + /** + * Networks of the traffic source. It can be either a full or partial url. + */ + srcNetworks?: pulumi.Input[]>; /** * Region codes whose IP addresses will be used to match for source of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of source region codes allowed is 5000. */ @@ -17704,6 +17858,11 @@ export namespace compute { * EGRESS rules. */ destIpRanges?: pulumi.Input[]>; + /** + * Network scope of the traffic destination. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + */ + destNetworkScope?: pulumi.Input; /** * Region codes whose IP addresses will be used to match for destination * of traffic. Should be specified as 2 letter country code defined as per @@ -17739,6 +17898,15 @@ export namespace compute { * INGRESS rules. */ srcIpRanges?: pulumi.Input[]>; + /** + * Network scope of the traffic source. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + */ + srcNetworkScope?: pulumi.Input; + /** + * Networks of the traffic source. It can be either a full or partial url. + */ + srcNetworks?: pulumi.Input[]>; /** * Region codes whose IP addresses will be used to match for source * of traffic. Should be specified as 2 letter country code defined as per @@ -20222,6 +20390,30 @@ export namespace compute { type: pulumi.Input; } + export interface InstanceTemplateIamBindingCondition { + description?: pulumi.Input; + /** + * Textual representation of an expression in Common Expression Language syntax. + */ + expression: pulumi.Input; + /** + * A title for the expression, i.e. a short string describing its purpose. + */ + title: pulumi.Input; + } + + export interface InstanceTemplateIamMemberCondition { + description?: pulumi.Input; + /** + * Textual representation of an expression in Common Expression Language syntax. + */ + expression: pulumi.Input; + /** + * A title for the expression, i.e. a short string describing its purpose. + */ + title: pulumi.Input; + } + export interface InstanceTemplateNetworkInterface { /** * Access configurations, i.e. IPs via which this @@ -20819,6 +21011,11 @@ export namespace compute { * CIDR IP address range. Maximum number of destination CIDR IP ranges allowed is 5000. */ destIpRanges?: pulumi.Input[]>; + /** + * Network scope of the traffic destination. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + */ + destNetworkScope?: pulumi.Input; /** * Region codes whose IP addresses will be used to match for destination of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of dest region codes allowed is 5000. */ @@ -20844,6 +21041,15 @@ export namespace compute { * CIDR IP address range. Maximum number of source CIDR IP ranges allowed is 5000. */ srcIpRanges?: pulumi.Input[]>; + /** + * Network scope of the traffic source. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + */ + srcNetworkScope?: pulumi.Input; + /** + * Networks of the traffic source. It can be either a full or partial url. + */ + srcNetworks?: pulumi.Input[]>; /** * Region codes whose IP addresses will be used to match for source of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of source region codes allowed is 5000. */ @@ -21212,6 +21418,11 @@ export namespace compute { * EGRESS rules. */ destIpRanges?: pulumi.Input[]>; + /** + * Network scope of the traffic destination. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + */ + destNetworkScope?: pulumi.Input; /** * Region codes whose IP addresses will be used to match for destination * of traffic. Should be specified as 2 letter country code defined as per @@ -21244,6 +21455,15 @@ export namespace compute { * INGRESS rules. */ srcIpRanges?: pulumi.Input[]>; + /** + * Network scope of the traffic source. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + */ + srcNetworkScope?: pulumi.Input; + /** + * Networks of the traffic source. It can be either a full or partial url. + */ + srcNetworks?: pulumi.Input[]>; /** * Region codes whose IP addresses will be used to match for source * of traffic. Should be specified as 2 letter country code defined as per @@ -23809,6 +24029,11 @@ export namespace compute { * CIDR IP address range. Maximum number of destination CIDR IP ranges allowed is 5000. */ destIpRanges?: pulumi.Input[]>; + /** + * Network scope of the traffic destination. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + */ + destNetworkScope?: pulumi.Input; /** * Region codes whose IP addresses will be used to match for destination of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of dest region codes allowed is 5000. */ @@ -23834,6 +24059,15 @@ export namespace compute { * CIDR IP address range. Maximum number of source CIDR IP ranges allowed is 5000. */ srcIpRanges?: pulumi.Input[]>; + /** + * Network scope of the traffic source. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + */ + srcNetworkScope?: pulumi.Input; + /** + * Networks of the traffic source. It can be either a full or partial url. + */ + srcNetworks?: pulumi.Input[]>; /** * Region codes whose IP addresses will be used to match for source of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of source region codes allowed is 5000. */ @@ -24202,6 +24436,11 @@ export namespace compute { * EGRESS rules. */ destIpRanges?: pulumi.Input[]>; + /** + * Network scope of the traffic destination. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + */ + destNetworkScope?: pulumi.Input; /** * Region codes whose IP addresses will be used to match for destination * of traffic. Should be specified as 2 letter country code defined as per @@ -24234,6 +24473,15 @@ export namespace compute { * INGRESS rules. */ srcIpRanges?: pulumi.Input[]>; + /** + * Network scope of the traffic source. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + */ + srcNetworkScope?: pulumi.Input; + /** + * Networks of the traffic source. It can be either a full or partial url. + */ + srcNetworks?: pulumi.Input[]>; /** * Region codes whose IP addresses will be used to match for source * of traffic. Should be specified as 2 letter country code defined as per @@ -63190,6 +63438,22 @@ export namespace networksecurity { state?: pulumi.Input; } + export interface SecurityProfileCustomInterceptProfile { + /** + * The Intercept Endpoint Group to which matching traffic should be intercepted. + * Format: projects/{project_id}/locations/global/interceptEndpointGroups/{endpoint_group_id} + */ + interceptEndpointGroup: pulumi.Input; + } + + export interface SecurityProfileCustomMirroringProfile { + /** + * The Mirroring Endpoint Group to which matching traffic should be mirrored. + * Format: projects/{project_id}/locations/global/mirroringEndpointGroups/{endpoint_group_id} + */ + mirroringEndpointGroup: pulumi.Input; + } + export interface SecurityProfileThreatPreventionProfile { /** * The configuration for overriding threats actions by severity match. @@ -69470,6 +69734,11 @@ export namespace pubsub { * Structure is documented below. */ awsKinesis?: pulumi.Input; + /** + * Settings for ingestion from Azure Event Hubs. + * Structure is documented below. + */ + azureEventHubs?: pulumi.Input; /** * Settings for ingestion from Cloud Storage. * Structure is documented below. @@ -69509,6 +69778,39 @@ export namespace pubsub { streamArn: pulumi.Input; } + export interface TopicIngestionDataSourceSettingsAzureEventHubs { + /** + * The Azure event hub client ID to use for ingestion. + */ + clientId?: pulumi.Input; + /** + * The Azure event hub to ingest data from. + */ + eventHub?: pulumi.Input; + /** + * The GCP service account to be used for Federated Identity authentication + * with Azure (via a `AssumeRoleWithWebIdentity` call for the provided + * role). + */ + gcpServiceAccount?: pulumi.Input; + /** + * The Azure event hub namespace to ingest data from. + */ + namespace?: pulumi.Input; + /** + * The name of the resource group within an Azure subscription. + */ + resourceGroup?: pulumi.Input; + /** + * The Azure event hub subscription ID to use for ingestion. + */ + subscriptionId?: pulumi.Input; + /** + * The Azure event hub tenant ID to use for ingestion. + */ + tenantId?: pulumi.Input; + } + export interface TopicIngestionDataSourceSettingsCloudStorage { /** * Configuration for reading Cloud Storage data in Avro binary format. The @@ -69584,6 +69886,13 @@ export namespace pubsub { * and is not a valid configuration. */ allowedPersistenceRegions: pulumi.Input[]>; + /** + * If true, `allowedPersistenceRegions` is also used to enforce in-transit + * guarantees for messages. That is, Pub/Sub will fail topics.publish + * operations on this topic and subscribe operations on any subscription + * attached to this topic in any region that is not in `allowedPersistenceRegions`. + */ + enforceInTransit?: pulumi.Input; } export interface TopicSchemaSettings { @@ -69945,8 +70254,6 @@ export namespace redis { * Required. The consumer network where the network address of * the discovery endpoint will be reserved, in the form of * projects/{network_project_id_or_number}/global/networks/{network_id}. - * - * - - - */ network: pulumi.Input; } @@ -69974,6 +70281,19 @@ export namespace redis { pscConnectionId?: pulumi.Input; } + export interface ClusterPscServiceAttachment { + /** + * (Output) + * Type of a PSC connection targeting this service attachment. + */ + connectionType?: pulumi.Input; + /** + * (Output) + * Service attachment URI which your self-created PscConnection should use as + */ + serviceAttachment?: pulumi.Input; + } + export interface ClusterStateInfo { /** * A nested object resource. @@ -69993,6 +70313,70 @@ export namespace redis { targetShardCount?: pulumi.Input; } + export interface ClusterUserCreatedConnectionsClusterEndpoint { + /** + * Structure is documented below. + */ + connections?: pulumi.Input[]>; + } + + export interface ClusterUserCreatedConnectionsClusterEndpointConnection { + /** + * Detailed information of a PSC connection that is created by the customer + * who owns the cluster. + * Structure is documented below. + */ + pscConnection?: pulumi.Input; + } + + export interface ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnection { + /** + * The IP allocated on the consumer network for the PSC forwarding rule. + */ + address: pulumi.Input; + /** + * (Output) + * Output Only. Type of a PSC Connection. + * Possible values: + * CONNECTION_TYPE_DISCOVERY + * CONNECTION_TYPE_PRIMARY + * CONNECTION_TYPE_READER + */ + connectionType?: pulumi.Input; + /** + * The URI of the consumer side forwarding rule. + * Format: + * projects/{project}/regions/{region}/forwardingRules/{forwarding_rule} + */ + forwardingRule: pulumi.Input; + /** + * The consumer network where the IP address resides, in the form of + * projects/{project_id}/global/networks/{network_id}. + */ + network: pulumi.Input; + /** + * The consumer projectId where the forwarding rule is created from. + */ + projectId?: pulumi.Input; + /** + * The PSC connection id of the forwarding rule connected to the + * service attachment. + */ + pscConnectionId: pulumi.Input; + /** + * (Output) + * Output Only. The status of the PSC connection: whether a connection exists and ACTIVE or it no longer exists. + * Possible values: + * ACTIVE + * NOT_FOUND + */ + pscConnectionStatus?: pulumi.Input; + /** + * The service attachment which is the target of the PSC connection, in the form of projects/{project-id}/regions/{region}/serviceAttachments/{service-attachment-id}. + */ + serviceAttachment: pulumi.Input; + } + export interface ClusterZoneDistributionConfig { /** * Immutable. The mode for zone distribution for Memorystore Redis cluster. diff --git a/sdk/nodejs/types/output.ts b/sdk/nodejs/types/output.ts index c5790708ae..4264e66a5c 100644 --- a/sdk/nodejs/types/output.ts +++ b/sdk/nodejs/types/output.ts @@ -2817,6 +2817,25 @@ export namespace apigee { minNodeCount?: string; } + export interface EnvironmentProperties { + /** + * List of all properties in the object. + * Structure is documented below. + */ + properties?: outputs.apigee.EnvironmentPropertiesProperty[]; + } + + export interface EnvironmentPropertiesProperty { + /** + * The property key. + */ + name?: string; + /** + * The property value. + */ + value?: string; + } + export interface KeystoresAliasesKeyCertFileCertsInfo { /** * (Output) @@ -3148,6 +3167,41 @@ export namespace apigee { } +export namespace apihub { + export interface ApiHubInstanceConfig { + /** + * Optional. The Customer Managed Encryption Key (CMEK) used for data encryption. + * The CMEK name should follow the format of + * `projects/([^/]+)/locations/([^/]+)/keyRings/([^/]+)/cryptoKeys/([^/]+)`, + * where the location must match the instance location. + * If the CMEK is not provided, a GMEK will be created for the instance. + */ + cmekKeyName?: string; + /** + * Optional. If true, the search will be disabled for the instance. The default value + * is false. + */ + disableSearch?: boolean; + /** + * Optional. Encryption type for the region. If the encryption type is CMEK, the + * cmekKeyName must be provided. If no encryption type is provided, + * GMEK will be used. + * Possible values: + * ENCRYPTION_TYPE_UNSPECIFIED + * GMEK + * CMEK + */ + encryptionType: string; + /** + * Optional. The name of the Vertex AI location where the data store is stored. + * + * - - - + */ + vertexLocation?: string; + } + +} + export namespace appengine { export interface ApplicationFeatureSettings { /** @@ -11570,6 +11624,34 @@ export namespace chronicle { scopeNames?: string[]; } + export interface RetrohuntExecutionInterval { + /** + * Optional. Exclusive end of the interval. + * If specified, a Timestamp matching this interval will have to be before the + * end. + */ + endTime?: string; + /** + * Optional. Inclusive start of the interval. + * If specified, a Timestamp matching this interval will have to be the same + * or after the start. + */ + startTime?: string; + } + + export interface RetrohuntProcessInterval { + /** + * Exclusive end of the interval. + * + * - - - + */ + endTime: string; + /** + * Inclusive start of the interval. + */ + startTime: string; + } + export interface RuleCompilationDiagnostic { /** * (Output) @@ -18435,6 +18517,45 @@ export namespace cloudrunv2 { useDefault: boolean; } + export interface GetServiceBuildConfig { + /** + * The base image used to build the function. + */ + baseImage: string; + /** + * Sets whether the function will receive automatic base image updates. + */ + enableAutomaticUpdates: boolean; + /** + * User-provided build-time environment variables for the function. + */ + environmentVariables: {[key: string]: string}; + /** + * The name of the function (as defined in source code) that will be executed. Defaults to the resource name suffix, if not specified. For backward compatibility, if function with given name is not found, then the system will try to use function named "function". + */ + functionTarget: string; + /** + * Artifact Registry URI to store the built image. + */ + imageUri: string; + /** + * The name of the Cloud Run v2 Service. + */ + name: string; + /** + * Service account to be used for building the container. The format of this field is 'projects/{projectId}/serviceAccounts/{serviceAccountEmail}'. + */ + serviceAccount: string; + /** + * The Cloud Storage bucket URI where the function source code is located. + */ + sourceLocation: string; + /** + * Name of the Cloud Build Custom Worker Pool that should be used to build the Cloud Run function. The format of this field is 'projects/{project}/locations/{region}/workerPools/{workerPool}' where {project} and {region} are the project id and region respectively where the worker pool is defined and {workerPool} is the short name of the worker pool. + */ + workerPool: string; + } + export interface GetServiceCondition { /** * A reason for the execution condition. @@ -19562,6 +19683,46 @@ export namespace cloudrunv2 { useDefault?: boolean; } + export interface ServiceBuildConfig { + /** + * The base image used to build the function. + */ + baseImage?: string; + /** + * Sets whether the function will receive automatic base image updates. + */ + enableAutomaticUpdates?: boolean; + /** + * User-provided build-time environment variables for the function. + */ + environmentVariables?: {[key: string]: string}; + /** + * The name of the function (as defined in source code) that will be executed. Defaults to the resource name suffix, if not specified. For backward compatibility, if function with given name is not found, then the system will try to use function named "function". + */ + functionTarget?: string; + /** + * Artifact Registry URI to store the built image. + */ + imageUri?: string; + /** + * (Output) + * The Cloud Build name of the latest successful deployment of the function. + */ + name: string; + /** + * Service account to be used for building the container. The format of this field is `projects/{projectId}/serviceAccounts/{serviceAccountEmail}`. + */ + serviceAccount?: string; + /** + * The Cloud Storage bucket URI where the function source code is located. + */ + sourceLocation?: string; + /** + * Name of the Cloud Build Custom Worker Pool that should be used to build the Cloud Run function. The format of this field is `projects/{project}/locations/{region}/workerPools/{workerPool}` where {project} and {region} are the project id and region respectively where the worker pool is defined and {workerPool} is the short name of the worker pool. + */ + workerPool?: string; + } + export interface ServiceCondition { /** * (Output) @@ -20700,6 +20861,13 @@ export namespace cloudtasks { } export namespace colab { + export interface RuntimeNotebookRuntimeTemplateRef { + /** + * The resource name of the NotebookRuntimeTemplate based on which a NotebookRuntime will be created. + */ + notebookRuntimeTemplate: string; + } + export interface RuntimeTemplateDataPersistentDiskSpec { /** * The disk size of the runtime in GB. If specified, the diskType must also be specified. The minimum size is 10GB and the maximum is 65536GB. @@ -20725,6 +20893,18 @@ export namespace colab { eucDisabled?: boolean; } + export interface RuntimeTemplateIamBindingCondition { + description?: string; + expression: string; + title: string; + } + + export interface RuntimeTemplateIamMemberCondition { + description?: string; + expression: string; + title: string; + } + export interface RuntimeTemplateIdleShutdownConfig { /** * The duration after which the runtime is automatically shut down. An input of 0s disables the idle shutdown feature, and a valid range is [10m, 24h]. @@ -22988,6 +23168,11 @@ export namespace compute { * CIDR IP address range. Maximum number of destination CIDR IP ranges allowed is 5000. */ destIpRanges?: string[]; + /** + * Network scope of the traffic destination. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + */ + destNetworkScope?: string; /** * Region codes whose IP addresses will be used to match for destination of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of dest region codes allowed is 5000. */ @@ -23013,6 +23198,15 @@ export namespace compute { * CIDR IP address range. Maximum number of source CIDR IP ranges allowed is 5000. */ srcIpRanges?: string[]; + /** + * Network scope of the traffic source. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + */ + srcNetworkScope?: string; + /** + * Networks of the traffic source. It can be either a full or partial url. + */ + srcNetworks?: string[]; /** * Region codes whose IP addresses will be used to match for source of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of source region codes allowed is 5000. */ @@ -23293,6 +23487,11 @@ export namespace compute { * EGRESS rules. */ destIpRanges?: string[]; + /** + * Network scope of the traffic destination. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + */ + destNetworkScope?: string; /** * Region codes whose IP addresses will be used to match for destination * of traffic. Should be specified as 2 letter country code defined as per @@ -23328,6 +23527,15 @@ export namespace compute { * INGRESS rules. */ srcIpRanges?: string[]; + /** + * Network scope of the traffic source. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + */ + srcNetworkScope?: string; + /** + * Networks of the traffic source. It can be either a full or partial url. + */ + srcNetworks?: string[]; /** * Region codes whose IP addresses will be used to match for source * of traffic. Should be specified as 2 letter country code defined as per @@ -30672,6 +30880,30 @@ export namespace compute { type: string; } + export interface InstanceTemplateIamBindingCondition { + description?: string; + /** + * Textual representation of an expression in Common Expression Language syntax. + */ + expression: string; + /** + * A title for the expression, i.e. a short string describing its purpose. + */ + title: string; + } + + export interface InstanceTemplateIamMemberCondition { + description?: string; + /** + * Textual representation of an expression in Common Expression Language syntax. + */ + expression: string; + /** + * A title for the expression, i.e. a short string describing its purpose. + */ + title: string; + } + export interface InstanceTemplateNetworkInterface { /** * Access configurations, i.e. IPs via which this @@ -31269,6 +31501,11 @@ export namespace compute { * CIDR IP address range. Maximum number of destination CIDR IP ranges allowed is 5000. */ destIpRanges?: string[]; + /** + * Network scope of the traffic destination. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + */ + destNetworkScope?: string; /** * Region codes whose IP addresses will be used to match for destination of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of dest region codes allowed is 5000. */ @@ -31294,6 +31531,15 @@ export namespace compute { * CIDR IP address range. Maximum number of source CIDR IP ranges allowed is 5000. */ srcIpRanges?: string[]; + /** + * Network scope of the traffic source. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + */ + srcNetworkScope?: string; + /** + * Networks of the traffic source. It can be either a full or partial url. + */ + srcNetworks?: string[]; /** * Region codes whose IP addresses will be used to match for source of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of source region codes allowed is 5000. */ @@ -31662,6 +31908,11 @@ export namespace compute { * EGRESS rules. */ destIpRanges?: string[]; + /** + * Network scope of the traffic destination. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + */ + destNetworkScope?: string; /** * Region codes whose IP addresses will be used to match for destination * of traffic. Should be specified as 2 letter country code defined as per @@ -31694,6 +31945,15 @@ export namespace compute { * INGRESS rules. */ srcIpRanges?: string[]; + /** + * Network scope of the traffic source. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + */ + srcNetworkScope?: string; + /** + * Networks of the traffic source. It can be either a full or partial url. + */ + srcNetworks?: string[]; /** * Region codes whose IP addresses will be used to match for source * of traffic. Should be specified as 2 letter country code defined as per @@ -34259,6 +34519,11 @@ export namespace compute { * CIDR IP address range. Maximum number of destination CIDR IP ranges allowed is 5000. */ destIpRanges?: string[]; + /** + * Network scope of the traffic destination. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + */ + destNetworkScope?: string; /** * Region codes whose IP addresses will be used to match for destination of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of dest region codes allowed is 5000. */ @@ -34284,6 +34549,15 @@ export namespace compute { * CIDR IP address range. Maximum number of source CIDR IP ranges allowed is 5000. */ srcIpRanges?: string[]; + /** + * Network scope of the traffic source. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + */ + srcNetworkScope?: string; + /** + * Networks of the traffic source. It can be either a full or partial url. + */ + srcNetworks?: string[]; /** * Region codes whose IP addresses will be used to match for source of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of source region codes allowed is 5000. */ @@ -34652,6 +34926,11 @@ export namespace compute { * EGRESS rules. */ destIpRanges?: string[]; + /** + * Network scope of the traffic destination. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + */ + destNetworkScope?: string; /** * Region codes whose IP addresses will be used to match for destination * of traffic. Should be specified as 2 letter country code defined as per @@ -34684,6 +34963,15 @@ export namespace compute { * INGRESS rules. */ srcIpRanges?: string[]; + /** + * Network scope of the traffic source. + * Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + */ + srcNetworkScope?: string; + /** + * Networks of the traffic source. It can be either a full or partial url. + */ + srcNetworks?: string[]; /** * Region codes whose IP addresses will be used to match for source * of traffic. Should be specified as 2 letter country code defined as per @@ -73352,6 +73640,23 @@ export namespace kms { protectionLevel: string; } + export interface GetKeyHandlesKeyHandle { + /** + * The identifier of the KMS Key created for the KeyHandle. Its format is `projects/{projectId}/locations/{location}/keyRings/{keyRingName}/cryptoKeys/{cryptoKeyName}`. + */ + kmsKey: string; + /** + * The name of the KeyHandle. Its format is `projects/{projectId}/locations/{location}/keyHandles/{keyHandleName}`. + */ + name: string; + /** + * The resource type by which to filter KeyHandle e.g. {SERVICE}.googleapis.com/{TYPE}. See documentation for supported resource types. + * + * - - - + */ + resourceTypeSelector: string; + } + export interface GetKeyRingsKeyRing { id: string; name: string; @@ -77409,6 +77714,22 @@ export namespace networksecurity { state: string; } + export interface SecurityProfileCustomInterceptProfile { + /** + * The Intercept Endpoint Group to which matching traffic should be intercepted. + * Format: projects/{project_id}/locations/global/interceptEndpointGroups/{endpoint_group_id} + */ + interceptEndpointGroup: string; + } + + export interface SecurityProfileCustomMirroringProfile { + /** + * The Mirroring Endpoint Group to which matching traffic should be mirrored. + * Format: projects/{project_id}/locations/global/mirroringEndpointGroups/{endpoint_group_id} + */ + mirroringEndpointGroup: string; + } + export interface SecurityProfileThreatPreventionProfile { /** * The configuration for overriding threats actions by severity match. @@ -83129,6 +83450,29 @@ export namespace organizations { title: string; } + export interface GetSOrganization { + /** + * The Google for Work customer ID of the Organization. + */ + directoryCustomerId: string; + /** + * A human-readable string that refers to the Organization in the Google Cloud console. The string will be set to the primary domain (for example, `"google.com"`) of the G Suite customer that owns the organization. + */ + displayName: string; + /** + * The Organization's current lifecycle state. + */ + lifecycleState: string; + /** + * The resource name of the Organization in the form `organizations/{organization_id}`. + */ + name: string; + /** + * The Organization ID. + */ + orgId: string; + } + export interface IAMBindingCondition { description?: string; expression: string; @@ -85302,6 +85646,23 @@ export namespace osconfig { } export namespace parametermanager { + export interface GetParameterPolicyMember { + /** + * IAM policy binding member referring to a Google Cloud resource by user-assigned name. If a + * resource is deleted and recreated with the same name, the binding will be applicable to the + * new resource. Format: + * 'principal://parametermanager.googleapis.com/projects/{{project}}/name/locations/global/parameters/{{parameter_id}}' + */ + iamPolicyNamePrincipal: string; + /** + * IAM policy binding member referring to a Google Cloud resource by system-assigned unique identifier. + * If a resource is deleted and recreated with the same name, the binding will not be applicable to the + * new resource. Format: + * 'principal://parametermanager.googleapis.com/projects/{{project}}/uid/locations/global/parameters/{{uid}}' + */ + iamPolicyUidPrincipal: string; + } + export interface GetRegionalParameterPolicyMember { /** * IAM policy binding member referring to a Google Cloud resource by user-assigned name. If a resource is @@ -85318,6 +85679,67 @@ export namespace parametermanager { iamPolicyUidPrincipal: string; } + export interface GetRegionalParametersParameter { + /** + * The time at which the regional parameter was created. + */ + createTime: string; + effectiveLabels: {[key: string]: string}; + /** + * The format type of the regional parameter. + */ + format: string; + /** + * The labels assigned to the regional parameter. + */ + labels: {[key: string]: string}; + /** + * The location of regional parameter. + */ + location: string; + /** + * The resource name of the regional parameter. Format: `projects/{{project}}/locations/{{location}}/parameters/{{parameter_id}}` + */ + name: string; + /** + * The unique name of the resource. + */ + parameterId: string; + /** + * An object containing a unique resource identity tied to the regional parameter. Structure is documented below. + */ + policyMembers: outputs.parametermanager.GetRegionalParametersParameterPolicyMember[]; + /** + * The ID of the project. + */ + project: string; + /** + * The combination of labels configured directly on the resource + * and default labels configured on the provider. + */ + pulumiLabels: {[key: string]: string}; + /** + * The time at which the regional parameter was updated. + */ + updateTime: string; + } + + export interface GetRegionalParametersParameterPolicyMember { + /** + * AM policy binding member referring to a Google Cloud resource by user-assigned name. If a resource is deleted and recreated with the same name, the binding will be applicable to the + * new resource. Format: + * `principal://parametermanager.googleapis.com/projects/{{project}}/name/locations/{{location}}/parameters/{{parameter_id}}` + */ + iamPolicyNamePrincipal: string; + /** + * IAM policy binding member referring to a Google Cloud resource by system-assigned unique identifier. + * If a resource is deleted and recreated with the same name, the binding will not be applicable to the + * new resource. Format: + * `principal://parametermanager.googleapis.com/projects/{{project}}/uid/locations/{{location}}/parameters/{{uid}}` + */ + iamPolicyUidPrincipal: string; + } + export interface ParameterPolicyMember { /** * (Output) @@ -86127,6 +86549,10 @@ export namespace pubsub { * Settings for ingestion from Amazon Kinesis Data Streams. */ awsKineses: outputs.pubsub.GetTopicIngestionDataSourceSettingAwsKinese[]; + /** + * Settings for ingestion from Azure Event Hubs. + */ + azureEventHubs: outputs.pubsub.GetTopicIngestionDataSourceSettingAzureEventHub[]; /** * Settings for ingestion from Cloud Storage. */ @@ -86164,6 +86590,39 @@ export namespace pubsub { streamArn: string; } + export interface GetTopicIngestionDataSourceSettingAzureEventHub { + /** + * The Azure event hub client ID to use for ingestion. + */ + clientId: string; + /** + * The Azure event hub to ingest data from. + */ + eventHub: string; + /** + * The GCP service account to be used for Federated Identity authentication + * with Azure (via a 'AssumeRoleWithWebIdentity' call for the provided + * role). + */ + gcpServiceAccount: string; + /** + * The Azure event hub namespace to ingest data from. + */ + namespace: string; + /** + * The name of the resource group within an Azure subscription. + */ + resourceGroup: string; + /** + * The Azure event hub subscription ID to use for ingestion. + */ + subscriptionId: string; + /** + * The Azure event hub tenant ID to use for ingestion. + */ + tenantId: string; + } + export interface GetTopicIngestionDataSourceSettingCloudStorage { /** * Configuration for reading Cloud Storage data in Avro binary format. The @@ -86236,6 +86695,13 @@ export namespace pubsub { * and is not a valid configuration. */ allowedPersistenceRegions: string[]; + /** + * If true, 'allowedPersistenceRegions' is also used to enforce in-transit + * guarantees for messages. That is, Pub/Sub will fail topics.publish + * operations on this topic and subscribe operations on any subscription + * attached to this topic in any region that is not in 'allowedPersistenceRegions'. + */ + enforceInTransit: boolean; } export interface GetTopicSchemaSetting { @@ -86563,6 +87029,11 @@ export namespace pubsub { * Structure is documented below. */ awsKinesis?: outputs.pubsub.TopicIngestionDataSourceSettingsAwsKinesis; + /** + * Settings for ingestion from Azure Event Hubs. + * Structure is documented below. + */ + azureEventHubs?: outputs.pubsub.TopicIngestionDataSourceSettingsAzureEventHubs; /** * Settings for ingestion from Cloud Storage. * Structure is documented below. @@ -86602,6 +87073,39 @@ export namespace pubsub { streamArn: string; } + export interface TopicIngestionDataSourceSettingsAzureEventHubs { + /** + * The Azure event hub client ID to use for ingestion. + */ + clientId?: string; + /** + * The Azure event hub to ingest data from. + */ + eventHub?: string; + /** + * The GCP service account to be used for Federated Identity authentication + * with Azure (via a `AssumeRoleWithWebIdentity` call for the provided + * role). + */ + gcpServiceAccount?: string; + /** + * The Azure event hub namespace to ingest data from. + */ + namespace?: string; + /** + * The name of the resource group within an Azure subscription. + */ + resourceGroup?: string; + /** + * The Azure event hub subscription ID to use for ingestion. + */ + subscriptionId?: string; + /** + * The Azure event hub tenant ID to use for ingestion. + */ + tenantId?: string; + } + export interface TopicIngestionDataSourceSettingsCloudStorage { /** * Configuration for reading Cloud Storage data in Avro binary format. The @@ -86677,6 +87181,13 @@ export namespace pubsub { * and is not a valid configuration. */ allowedPersistenceRegions: string[]; + /** + * If true, `allowedPersistenceRegions` is also used to enforce in-transit + * guarantees for messages. That is, Pub/Sub will fail topics.publish + * operations on this topic and subscribe operations on any subscription + * attached to this topic in any region that is not in `allowedPersistenceRegions`. + */ + enforceInTransit?: boolean; } export interface TopicSchemaSettings { @@ -87040,8 +87551,6 @@ export namespace redis { * Required. The consumer network where the network address of * the discovery endpoint will be reserved, in the form of * projects/{network_project_id_or_number}/global/networks/{network_id}. - * - * - - - */ network: string; } @@ -87069,6 +87578,19 @@ export namespace redis { pscConnectionId?: string; } + export interface ClusterPscServiceAttachment { + /** + * (Output) + * Type of a PSC connection targeting this service attachment. + */ + connectionType: string; + /** + * (Output) + * Service attachment URI which your self-created PscConnection should use as + */ + serviceAttachment: string; + } + export interface ClusterStateInfo { /** * A nested object resource. @@ -87088,6 +87610,70 @@ export namespace redis { targetShardCount?: number; } + export interface ClusterUserCreatedConnectionsClusterEndpoint { + /** + * Structure is documented below. + */ + connections?: outputs.redis.ClusterUserCreatedConnectionsClusterEndpointConnection[]; + } + + export interface ClusterUserCreatedConnectionsClusterEndpointConnection { + /** + * Detailed information of a PSC connection that is created by the customer + * who owns the cluster. + * Structure is documented below. + */ + pscConnection?: outputs.redis.ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnection; + } + + export interface ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnection { + /** + * The IP allocated on the consumer network for the PSC forwarding rule. + */ + address: string; + /** + * (Output) + * Output Only. Type of a PSC Connection. + * Possible values: + * CONNECTION_TYPE_DISCOVERY + * CONNECTION_TYPE_PRIMARY + * CONNECTION_TYPE_READER + */ + connectionType: string; + /** + * The URI of the consumer side forwarding rule. + * Format: + * projects/{project}/regions/{region}/forwardingRules/{forwarding_rule} + */ + forwardingRule: string; + /** + * The consumer network where the IP address resides, in the form of + * projects/{project_id}/global/networks/{network_id}. + */ + network: string; + /** + * The consumer projectId where the forwarding rule is created from. + */ + projectId: string; + /** + * The PSC connection id of the forwarding rule connected to the + * service attachment. + */ + pscConnectionId: string; + /** + * (Output) + * Output Only. The status of the PSC connection: whether a connection exists and ACTIVE or it no longer exists. + * Possible values: + * ACTIVE + * NOT_FOUND + */ + pscConnectionStatus: string; + /** + * The service attachment which is the target of the PSC connection, in the form of projects/{project-id}/regions/{region}/serviceAttachments/{service-attachment-id}. + */ + serviceAttachment: string; + } + export interface ClusterZoneDistributionConfig { /** * Immutable. The mode for zone distribution for Memorystore Redis cluster. diff --git a/sdk/python/pulumi_gcp/__init__.py b/sdk/python/pulumi_gcp/__init__.py index dda81a109a..57313c0822 100644 --- a/sdk/python/pulumi_gcp/__init__.py +++ b/sdk/python/pulumi_gcp/__init__.py @@ -22,6 +22,8 @@ apigateway = __apigateway import pulumi_gcp.apigee as __apigee apigee = __apigee + import pulumi_gcp.apihub as __apihub + apihub = __apihub import pulumi_gcp.appengine as __appengine appengine = __appengine import pulumi_gcp.apphub as __apphub @@ -273,6 +275,7 @@ alloydb = _utilities.lazy_import('pulumi_gcp.alloydb') apigateway = _utilities.lazy_import('pulumi_gcp.apigateway') apigee = _utilities.lazy_import('pulumi_gcp.apigee') + apihub = _utilities.lazy_import('pulumi_gcp.apihub') appengine = _utilities.lazy_import('pulumi_gcp.appengine') apphub = _utilities.lazy_import('pulumi_gcp.apphub') applicationintegration = _utilities.lazy_import('pulumi_gcp.applicationintegration') @@ -927,6 +930,14 @@ "gcp:apigee/targetServer:TargetServer": "TargetServer" } }, + { + "pkg": "gcp", + "mod": "apihub/apiHubInstance", + "fqn": "pulumi_gcp.apihub", + "classes": { + "gcp:apihub/apiHubInstance:ApiHubInstance": "ApiHubInstance" + } + }, { "pkg": "gcp", "mod": "appengine/application", @@ -1767,6 +1778,14 @@ "gcp:chronicle/referenceList:ReferenceList": "ReferenceList" } }, + { + "pkg": "gcp", + "mod": "chronicle/retrohunt", + "fqn": "pulumi_gcp.chronicle", + "classes": { + "gcp:chronicle/retrohunt:Retrohunt": "Retrohunt" + } + }, { "pkg": "gcp", "mod": "chronicle/rule", @@ -2239,6 +2258,14 @@ "gcp:cloudtasks/queueIamPolicy:QueueIamPolicy": "QueueIamPolicy" } }, + { + "pkg": "gcp", + "mod": "colab/runtime", + "fqn": "pulumi_gcp.colab", + "classes": { + "gcp:colab/runtime:Runtime": "Runtime" + } + }, { "pkg": "gcp", "mod": "colab/runtimeTemplate", @@ -2247,6 +2274,30 @@ "gcp:colab/runtimeTemplate:RuntimeTemplate": "RuntimeTemplate" } }, + { + "pkg": "gcp", + "mod": "colab/runtimeTemplateIamBinding", + "fqn": "pulumi_gcp.colab", + "classes": { + "gcp:colab/runtimeTemplateIamBinding:RuntimeTemplateIamBinding": "RuntimeTemplateIamBinding" + } + }, + { + "pkg": "gcp", + "mod": "colab/runtimeTemplateIamMember", + "fqn": "pulumi_gcp.colab", + "classes": { + "gcp:colab/runtimeTemplateIamMember:RuntimeTemplateIamMember": "RuntimeTemplateIamMember" + } + }, + { + "pkg": "gcp", + "mod": "colab/runtimeTemplateIamPolicy", + "fqn": "pulumi_gcp.colab", + "classes": { + "gcp:colab/runtimeTemplateIamPolicy:RuntimeTemplateIamPolicy": "RuntimeTemplateIamPolicy" + } + }, { "pkg": "gcp", "mod": "composer/environment", @@ -2679,6 +2730,30 @@ "gcp:compute/instanceTemplate:InstanceTemplate": "InstanceTemplate" } }, + { + "pkg": "gcp", + "mod": "compute/instanceTemplateIamBinding", + "fqn": "pulumi_gcp.compute", + "classes": { + "gcp:compute/instanceTemplateIamBinding:InstanceTemplateIamBinding": "InstanceTemplateIamBinding" + } + }, + { + "pkg": "gcp", + "mod": "compute/instanceTemplateIamMember", + "fqn": "pulumi_gcp.compute", + "classes": { + "gcp:compute/instanceTemplateIamMember:InstanceTemplateIamMember": "InstanceTemplateIamMember" + } + }, + { + "pkg": "gcp", + "mod": "compute/instanceTemplateIamPolicy", + "fqn": "pulumi_gcp.compute", + "classes": { + "gcp:compute/instanceTemplateIamPolicy:InstanceTemplateIamPolicy": "InstanceTemplateIamPolicy" + } + }, { "pkg": "gcp", "mod": "compute/interconnect", @@ -7095,6 +7170,14 @@ "gcp:parametermanager/parameter:Parameter": "Parameter" } }, + { + "pkg": "gcp", + "mod": "parametermanager/parameterVersion", + "fqn": "pulumi_gcp.parametermanager", + "classes": { + "gcp:parametermanager/parameterVersion:ParameterVersion": "ParameterVersion" + } + }, { "pkg": "gcp", "mod": "parametermanager/regionalParameter", @@ -7359,6 +7442,14 @@ "gcp:redis/cluster:Cluster": "Cluster" } }, + { + "pkg": "gcp", + "mod": "redis/clusterUserCreatedConnections", + "fqn": "pulumi_gcp.redis", + "classes": { + "gcp:redis/clusterUserCreatedConnections:ClusterUserCreatedConnections": "ClusterUserCreatedConnections" + } + }, { "pkg": "gcp", "mod": "redis/instance", diff --git a/sdk/python/pulumi_gcp/alloydb/cluster.py b/sdk/python/pulumi_gcp/alloydb/cluster.py index 44a68b0e05..b10d50bc39 100644 --- a/sdk/python/pulumi_gcp/alloydb/cluster.py +++ b/sdk/python/pulumi_gcp/alloydb/cluster.py @@ -41,6 +41,7 @@ def __init__(__self__, *, restore_backup_source: Optional[pulumi.Input['ClusterRestoreBackupSourceArgs']] = None, restore_continuous_backup_source: Optional[pulumi.Input['ClusterRestoreContinuousBackupSourceArgs']] = None, secondary_config: Optional[pulumi.Input['ClusterSecondaryConfigArgs']] = None, + skip_await_major_version_upgrade: Optional[pulumi.Input[bool]] = None, subscription_type: Optional[pulumi.Input[str]] = None): """ The set of arguments for constructing a Cluster resource. @@ -62,7 +63,8 @@ def __init__(__self__, *, :param pulumi.Input['ClusterContinuousBackupConfigArgs'] continuous_backup_config: The continuous backup config for this cluster. If no policy is provided then the default policy will be used. The default policy takes one backup a day and retains backups for 14 days. Structure is documented below. - :param pulumi.Input[str] database_version: The database engine major version. This is an optional field and it's populated at the Cluster creation time. This field cannot be changed after cluster creation. + :param pulumi.Input[str] database_version: The database engine major version. This is an optional field and it's populated at the Cluster creation time. + Note: Changing this field to a higer version results in upgrading the AlloyDB cluster which is an irreversible change. :param pulumi.Input[str] deletion_policy: Policy to determine if the cluster should be deleted forcefully. Deleting a cluster forcefully, deletes the cluster and all its associated instances within the cluster. Deleting a Secondary cluster with a secondary instance REQUIRES setting deletion_policy = "FORCE" otherwise an error is returned. This is needed as there is no support to delete just the secondary instance, and the only way to delete secondary instance is to delete the associated secondary cluster forcefully which also deletes the secondary instance. @@ -90,6 +92,9 @@ def __init__(__self__, *, Structure is documented below. :param pulumi.Input['ClusterSecondaryConfigArgs'] secondary_config: Configuration of the secondary cluster for Cross Region Replication. This should be set if and only if the cluster is of type SECONDARY. Structure is documented below. + :param pulumi.Input[bool] skip_await_major_version_upgrade: Set to true to skip awaiting on the major version upgrade of the cluster. + Possible values: true, false + Default value: "true" :param pulumi.Input[str] subscription_type: The subscrition type of cluster. Possible values are: `TRIAL`, `STANDARD`. """ @@ -131,6 +136,8 @@ def __init__(__self__, *, pulumi.set(__self__, "restore_continuous_backup_source", restore_continuous_backup_source) if secondary_config is not None: pulumi.set(__self__, "secondary_config", secondary_config) + if skip_await_major_version_upgrade is not None: + pulumi.set(__self__, "skip_await_major_version_upgrade", skip_await_major_version_upgrade) if subscription_type is not None: pulumi.set(__self__, "subscription_type", subscription_type) @@ -222,7 +229,8 @@ def continuous_backup_config(self, value: Optional[pulumi.Input['ClusterContinuo @pulumi.getter(name="databaseVersion") def database_version(self) -> Optional[pulumi.Input[str]]: """ - The database engine major version. This is an optional field and it's populated at the Cluster creation time. This field cannot be changed after cluster creation. + The database engine major version. This is an optional field and it's populated at the Cluster creation time. + Note: Changing this field to a higer version results in upgrading the AlloyDB cluster which is an irreversible change. """ return pulumi.get(self, "database_version") @@ -400,6 +408,20 @@ def secondary_config(self) -> Optional[pulumi.Input['ClusterSecondaryConfigArgs' def secondary_config(self, value: Optional[pulumi.Input['ClusterSecondaryConfigArgs']]): pulumi.set(self, "secondary_config", value) + @property + @pulumi.getter(name="skipAwaitMajorVersionUpgrade") + def skip_await_major_version_upgrade(self) -> Optional[pulumi.Input[bool]]: + """ + Set to true to skip awaiting on the major version upgrade of the cluster. + Possible values: true, false + Default value: "true" + """ + return pulumi.get(self, "skip_await_major_version_upgrade") + + @skip_await_major_version_upgrade.setter + def skip_await_major_version_upgrade(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "skip_await_major_version_upgrade", value) + @property @pulumi.getter(name="subscriptionType") def subscription_type(self) -> Optional[pulumi.Input[str]]: @@ -446,6 +468,7 @@ def __init__(__self__, *, restore_backup_source: Optional[pulumi.Input['ClusterRestoreBackupSourceArgs']] = None, restore_continuous_backup_source: Optional[pulumi.Input['ClusterRestoreContinuousBackupSourceArgs']] = None, secondary_config: Optional[pulumi.Input['ClusterSecondaryConfigArgs']] = None, + skip_await_major_version_upgrade: Optional[pulumi.Input[bool]] = None, state: Optional[pulumi.Input[str]] = None, subscription_type: Optional[pulumi.Input[str]] = None, trial_metadatas: Optional[pulumi.Input[Sequence[pulumi.Input['ClusterTrialMetadataArgs']]]] = None, @@ -470,7 +493,8 @@ def __init__(__self__, *, Structure is documented below. :param pulumi.Input[Sequence[pulumi.Input['ClusterContinuousBackupInfoArgs']]] continuous_backup_infos: ContinuousBackupInfo describes the continuous backup properties of a cluster. Structure is documented below. - :param pulumi.Input[str] database_version: The database engine major version. This is an optional field and it's populated at the Cluster creation time. This field cannot be changed after cluster creation. + :param pulumi.Input[str] database_version: The database engine major version. This is an optional field and it's populated at the Cluster creation time. + Note: Changing this field to a higer version results in upgrading the AlloyDB cluster which is an irreversible change. :param pulumi.Input[str] deletion_policy: Policy to determine if the cluster should be deleted forcefully. Deleting a cluster forcefully, deletes the cluster and all its associated instances within the cluster. Deleting a Secondary cluster with a secondary instance REQUIRES setting deletion_policy = "FORCE" otherwise an error is returned. This is needed as there is no support to delete just the secondary instance, and the only way to delete secondary instance is to delete the associated secondary cluster forcefully which also deletes the secondary instance. @@ -514,6 +538,9 @@ def __init__(__self__, *, Structure is documented below. :param pulumi.Input['ClusterSecondaryConfigArgs'] secondary_config: Configuration of the secondary cluster for Cross Region Replication. This should be set if and only if the cluster is of type SECONDARY. Structure is documented below. + :param pulumi.Input[bool] skip_await_major_version_upgrade: Set to true to skip awaiting on the major version upgrade of the cluster. + Possible values: true, false + Default value: "true" :param pulumi.Input[str] state: Output only. The current serving state of the cluster. :param pulumi.Input[str] subscription_type: The subscrition type of cluster. Possible values are: `TRIAL`, `STANDARD`. @@ -579,6 +606,8 @@ def __init__(__self__, *, pulumi.set(__self__, "restore_continuous_backup_source", restore_continuous_backup_source) if secondary_config is not None: pulumi.set(__self__, "secondary_config", secondary_config) + if skip_await_major_version_upgrade is not None: + pulumi.set(__self__, "skip_await_major_version_upgrade", skip_await_major_version_upgrade) if state is not None: pulumi.set(__self__, "state", state) if subscription_type is not None: @@ -687,7 +716,8 @@ def continuous_backup_infos(self, value: Optional[pulumi.Input[Sequence[pulumi.I @pulumi.getter(name="databaseVersion") def database_version(self) -> Optional[pulumi.Input[str]]: """ - The database engine major version. This is an optional field and it's populated at the Cluster creation time. This field cannot be changed after cluster creation. + The database engine major version. This is an optional field and it's populated at the Cluster creation time. + Note: Changing this field to a higer version results in upgrading the AlloyDB cluster which is an irreversible change. """ return pulumi.get(self, "database_version") @@ -967,6 +997,20 @@ def secondary_config(self) -> Optional[pulumi.Input['ClusterSecondaryConfigArgs' def secondary_config(self, value: Optional[pulumi.Input['ClusterSecondaryConfigArgs']]): pulumi.set(self, "secondary_config", value) + @property + @pulumi.getter(name="skipAwaitMajorVersionUpgrade") + def skip_await_major_version_upgrade(self) -> Optional[pulumi.Input[bool]]: + """ + Set to true to skip awaiting on the major version upgrade of the cluster. + Possible values: true, false + Default value: "true" + """ + return pulumi.get(self, "skip_await_major_version_upgrade") + + @skip_await_major_version_upgrade.setter + def skip_await_major_version_upgrade(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "skip_await_major_version_upgrade", value) + @property @pulumi.getter def state(self) -> Optional[pulumi.Input[str]]: @@ -1043,6 +1087,7 @@ def __init__(__self__, restore_backup_source: Optional[pulumi.Input[Union['ClusterRestoreBackupSourceArgs', 'ClusterRestoreBackupSourceArgsDict']]] = None, restore_continuous_backup_source: Optional[pulumi.Input[Union['ClusterRestoreContinuousBackupSourceArgs', 'ClusterRestoreContinuousBackupSourceArgsDict']]] = None, secondary_config: Optional[pulumi.Input[Union['ClusterSecondaryConfigArgs', 'ClusterSecondaryConfigArgsDict']]] = None, + skip_await_major_version_upgrade: Optional[pulumi.Input[bool]] = None, subscription_type: Optional[pulumi.Input[str]] = None, __props__=None): """ @@ -1204,7 +1249,8 @@ def __init__(__self__, :param pulumi.Input[Union['ClusterContinuousBackupConfigArgs', 'ClusterContinuousBackupConfigArgsDict']] continuous_backup_config: The continuous backup config for this cluster. If no policy is provided then the default policy will be used. The default policy takes one backup a day and retains backups for 14 days. Structure is documented below. - :param pulumi.Input[str] database_version: The database engine major version. This is an optional field and it's populated at the Cluster creation time. This field cannot be changed after cluster creation. + :param pulumi.Input[str] database_version: The database engine major version. This is an optional field and it's populated at the Cluster creation time. + Note: Changing this field to a higer version results in upgrading the AlloyDB cluster which is an irreversible change. :param pulumi.Input[str] deletion_policy: Policy to determine if the cluster should be deleted forcefully. Deleting a cluster forcefully, deletes the cluster and all its associated instances within the cluster. Deleting a Secondary cluster with a secondary instance REQUIRES setting deletion_policy = "FORCE" otherwise an error is returned. This is needed as there is no support to delete just the secondary instance, and the only way to delete secondary instance is to delete the associated secondary cluster forcefully which also deletes the secondary instance. @@ -1236,6 +1282,9 @@ def __init__(__self__, Structure is documented below. :param pulumi.Input[Union['ClusterSecondaryConfigArgs', 'ClusterSecondaryConfigArgsDict']] secondary_config: Configuration of the secondary cluster for Cross Region Replication. This should be set if and only if the cluster is of type SECONDARY. Structure is documented below. + :param pulumi.Input[bool] skip_await_major_version_upgrade: Set to true to skip awaiting on the major version upgrade of the cluster. + Possible values: true, false + Default value: "true" :param pulumi.Input[str] subscription_type: The subscrition type of cluster. Possible values are: `TRIAL`, `STANDARD`. """ @@ -1423,6 +1472,7 @@ def _internal_init(__self__, restore_backup_source: Optional[pulumi.Input[Union['ClusterRestoreBackupSourceArgs', 'ClusterRestoreBackupSourceArgsDict']]] = None, restore_continuous_backup_source: Optional[pulumi.Input[Union['ClusterRestoreContinuousBackupSourceArgs', 'ClusterRestoreContinuousBackupSourceArgsDict']]] = None, secondary_config: Optional[pulumi.Input[Union['ClusterSecondaryConfigArgs', 'ClusterSecondaryConfigArgsDict']]] = None, + skip_await_major_version_upgrade: Optional[pulumi.Input[bool]] = None, subscription_type: Optional[pulumi.Input[str]] = None, __props__=None): opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts) @@ -1457,6 +1507,7 @@ def _internal_init(__self__, __props__.__dict__["restore_backup_source"] = restore_backup_source __props__.__dict__["restore_continuous_backup_source"] = restore_continuous_backup_source __props__.__dict__["secondary_config"] = secondary_config + __props__.__dict__["skip_await_major_version_upgrade"] = skip_await_major_version_upgrade __props__.__dict__["subscription_type"] = subscription_type __props__.__dict__["backup_sources"] = None __props__.__dict__["continuous_backup_infos"] = None @@ -1511,6 +1562,7 @@ def get(resource_name: str, restore_backup_source: Optional[pulumi.Input[Union['ClusterRestoreBackupSourceArgs', 'ClusterRestoreBackupSourceArgsDict']]] = None, restore_continuous_backup_source: Optional[pulumi.Input[Union['ClusterRestoreContinuousBackupSourceArgs', 'ClusterRestoreContinuousBackupSourceArgsDict']]] = None, secondary_config: Optional[pulumi.Input[Union['ClusterSecondaryConfigArgs', 'ClusterSecondaryConfigArgsDict']]] = None, + skip_await_major_version_upgrade: Optional[pulumi.Input[bool]] = None, state: Optional[pulumi.Input[str]] = None, subscription_type: Optional[pulumi.Input[str]] = None, trial_metadatas: Optional[pulumi.Input[Sequence[pulumi.Input[Union['ClusterTrialMetadataArgs', 'ClusterTrialMetadataArgsDict']]]]] = None, @@ -1540,7 +1592,8 @@ def get(resource_name: str, Structure is documented below. :param pulumi.Input[Sequence[pulumi.Input[Union['ClusterContinuousBackupInfoArgs', 'ClusterContinuousBackupInfoArgsDict']]]] continuous_backup_infos: ContinuousBackupInfo describes the continuous backup properties of a cluster. Structure is documented below. - :param pulumi.Input[str] database_version: The database engine major version. This is an optional field and it's populated at the Cluster creation time. This field cannot be changed after cluster creation. + :param pulumi.Input[str] database_version: The database engine major version. This is an optional field and it's populated at the Cluster creation time. + Note: Changing this field to a higer version results in upgrading the AlloyDB cluster which is an irreversible change. :param pulumi.Input[str] deletion_policy: Policy to determine if the cluster should be deleted forcefully. Deleting a cluster forcefully, deletes the cluster and all its associated instances within the cluster. Deleting a Secondary cluster with a secondary instance REQUIRES setting deletion_policy = "FORCE" otherwise an error is returned. This is needed as there is no support to delete just the secondary instance, and the only way to delete secondary instance is to delete the associated secondary cluster forcefully which also deletes the secondary instance. @@ -1584,6 +1637,9 @@ def get(resource_name: str, Structure is documented below. :param pulumi.Input[Union['ClusterSecondaryConfigArgs', 'ClusterSecondaryConfigArgsDict']] secondary_config: Configuration of the secondary cluster for Cross Region Replication. This should be set if and only if the cluster is of type SECONDARY. Structure is documented below. + :param pulumi.Input[bool] skip_await_major_version_upgrade: Set to true to skip awaiting on the major version upgrade of the cluster. + Possible values: true, false + Default value: "true" :param pulumi.Input[str] state: Output only. The current serving state of the cluster. :param pulumi.Input[str] subscription_type: The subscrition type of cluster. Possible values are: `TRIAL`, `STANDARD`. @@ -1624,6 +1680,7 @@ def get(resource_name: str, __props__.__dict__["restore_backup_source"] = restore_backup_source __props__.__dict__["restore_continuous_backup_source"] = restore_continuous_backup_source __props__.__dict__["secondary_config"] = secondary_config + __props__.__dict__["skip_await_major_version_upgrade"] = skip_await_major_version_upgrade __props__.__dict__["state"] = state __props__.__dict__["subscription_type"] = subscription_type __props__.__dict__["trial_metadatas"] = trial_metadatas @@ -1701,7 +1758,8 @@ def continuous_backup_infos(self) -> pulumi.Output[Sequence['outputs.ClusterCont @pulumi.getter(name="databaseVersion") def database_version(self) -> pulumi.Output[str]: """ - The database engine major version. This is an optional field and it's populated at the Cluster creation time. This field cannot be changed after cluster creation. + The database engine major version. This is an optional field and it's populated at the Cluster creation time. + Note: Changing this field to a higer version results in upgrading the AlloyDB cluster which is an irreversible change. """ return pulumi.get(self, "database_version") @@ -1893,6 +1951,16 @@ def secondary_config(self) -> pulumi.Output[Optional['outputs.ClusterSecondaryCo """ return pulumi.get(self, "secondary_config") + @property + @pulumi.getter(name="skipAwaitMajorVersionUpgrade") + def skip_await_major_version_upgrade(self) -> pulumi.Output[Optional[bool]]: + """ + Set to true to skip awaiting on the major version upgrade of the cluster. + Possible values: true, false + Default value: "true" + """ + return pulumi.get(self, "skip_await_major_version_upgrade") + @property @pulumi.getter def state(self) -> pulumi.Output[str]: diff --git a/sdk/python/pulumi_gcp/apigee/_inputs.py b/sdk/python/pulumi_gcp/apigee/_inputs.py index 84ff61c65b..b2207e3a71 100644 --- a/sdk/python/pulumi_gcp/apigee/_inputs.py +++ b/sdk/python/pulumi_gcp/apigee/_inputs.py @@ -39,6 +39,10 @@ 'EnvironmentIamMemberConditionArgsDict', 'EnvironmentNodeConfigArgs', 'EnvironmentNodeConfigArgsDict', + 'EnvironmentPropertiesArgs', + 'EnvironmentPropertiesArgsDict', + 'EnvironmentPropertiesPropertyArgs', + 'EnvironmentPropertiesPropertyArgsDict', 'KeystoresAliasesKeyCertFileCertsInfoArgs', 'KeystoresAliasesKeyCertFileCertsInfoArgsDict', 'KeystoresAliasesKeyCertFileCertsInfoCertInfoArgs', @@ -762,6 +766,93 @@ def min_node_count(self, value: Optional[pulumi.Input[str]]): pulumi.set(self, "min_node_count", value) +if not MYPY: + class EnvironmentPropertiesArgsDict(TypedDict): + properties: NotRequired[pulumi.Input[Sequence[pulumi.Input['EnvironmentPropertiesPropertyArgsDict']]]] + """ + List of all properties in the object. + Structure is documented below. + """ +elif False: + EnvironmentPropertiesArgsDict: TypeAlias = Mapping[str, Any] + +@pulumi.input_type +class EnvironmentPropertiesArgs: + def __init__(__self__, *, + properties: Optional[pulumi.Input[Sequence[pulumi.Input['EnvironmentPropertiesPropertyArgs']]]] = None): + """ + :param pulumi.Input[Sequence[pulumi.Input['EnvironmentPropertiesPropertyArgs']]] properties: List of all properties in the object. + Structure is documented below. + """ + if properties is not None: + pulumi.set(__self__, "properties", properties) + + @property + @pulumi.getter + def properties(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['EnvironmentPropertiesPropertyArgs']]]]: + """ + List of all properties in the object. + Structure is documented below. + """ + return pulumi.get(self, "properties") + + @properties.setter + def properties(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['EnvironmentPropertiesPropertyArgs']]]]): + pulumi.set(self, "properties", value) + + +if not MYPY: + class EnvironmentPropertiesPropertyArgsDict(TypedDict): + name: NotRequired[pulumi.Input[str]] + """ + The property key. + """ + value: NotRequired[pulumi.Input[str]] + """ + The property value. + """ +elif False: + EnvironmentPropertiesPropertyArgsDict: TypeAlias = Mapping[str, Any] + +@pulumi.input_type +class EnvironmentPropertiesPropertyArgs: + def __init__(__self__, *, + name: Optional[pulumi.Input[str]] = None, + value: Optional[pulumi.Input[str]] = None): + """ + :param pulumi.Input[str] name: The property key. + :param pulumi.Input[str] value: The property value. + """ + if name is not None: + pulumi.set(__self__, "name", name) + if value is not None: + pulumi.set(__self__, "value", value) + + @property + @pulumi.getter + def name(self) -> Optional[pulumi.Input[str]]: + """ + The property key. + """ + return pulumi.get(self, "name") + + @name.setter + def name(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "name", value) + + @property + @pulumi.getter + def value(self) -> Optional[pulumi.Input[str]]: + """ + The property value. + """ + return pulumi.get(self, "value") + + @value.setter + def value(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "value", value) + + if not MYPY: class KeystoresAliasesKeyCertFileCertsInfoArgsDict(TypedDict): cert_infos: NotRequired[pulumi.Input[Sequence[pulumi.Input['KeystoresAliasesKeyCertFileCertsInfoCertInfoArgsDict']]]] diff --git a/sdk/python/pulumi_gcp/apigee/endpoint_attachment.py b/sdk/python/pulumi_gcp/apigee/endpoint_attachment.py index 55b222f63e..d46b7d32ab 100644 --- a/sdk/python/pulumi_gcp/apigee/endpoint_attachment.py +++ b/sdk/python/pulumi_gcp/apigee/endpoint_attachment.py @@ -241,38 +241,6 @@ def __init__(__self__, * How-to Guides * [Creating an environment](https://cloud.google.com/apigee/docs/api-platform/get-started/create-environment) - ## Example Usage - - ### Apigee Endpoint Attachment Basic - - ```python - import pulumi - import pulumi_gcp as gcp - - current = gcp.organizations.get_client_config() - apigee_network = gcp.compute.Network("apigee_network", name="apigee-network") - apigee_range = gcp.compute.GlobalAddress("apigee_range", - name="apigee-range", - purpose="VPC_PEERING", - address_type="INTERNAL", - prefix_length=16, - network=apigee_network.id) - apigee_vpc_connection = gcp.servicenetworking.Connection("apigee_vpc_connection", - network=apigee_network.id, - service="servicenetworking.googleapis.com", - reserved_peering_ranges=[apigee_range.name]) - apigee_org = gcp.apigee.Organization("apigee_org", - analytics_region="us-central1", - project_id=current.project, - authorized_network=apigee_network.id, - opts = pulumi.ResourceOptions(depends_on=[apigee_vpc_connection])) - apigee_endpoint_attachment = gcp.apigee.EndpointAttachment("apigee_endpoint_attachment", - org_id=apigee_org.id, - endpoint_attachment_id="test1", - location="{google_compute_service_attachment location}", - service_attachment="{google_compute_service_attachment id}") - ``` - ## Import EndpointAttachment can be imported using any of these accepted formats: @@ -317,38 +285,6 @@ def __init__(__self__, * How-to Guides * [Creating an environment](https://cloud.google.com/apigee/docs/api-platform/get-started/create-environment) - ## Example Usage - - ### Apigee Endpoint Attachment Basic - - ```python - import pulumi - import pulumi_gcp as gcp - - current = gcp.organizations.get_client_config() - apigee_network = gcp.compute.Network("apigee_network", name="apigee-network") - apigee_range = gcp.compute.GlobalAddress("apigee_range", - name="apigee-range", - purpose="VPC_PEERING", - address_type="INTERNAL", - prefix_length=16, - network=apigee_network.id) - apigee_vpc_connection = gcp.servicenetworking.Connection("apigee_vpc_connection", - network=apigee_network.id, - service="servicenetworking.googleapis.com", - reserved_peering_ranges=[apigee_range.name]) - apigee_org = gcp.apigee.Organization("apigee_org", - analytics_region="us-central1", - project_id=current.project, - authorized_network=apigee_network.id, - opts = pulumi.ResourceOptions(depends_on=[apigee_vpc_connection])) - apigee_endpoint_attachment = gcp.apigee.EndpointAttachment("apigee_endpoint_attachment", - org_id=apigee_org.id, - endpoint_attachment_id="test1", - location="{google_compute_service_attachment location}", - service_attachment="{google_compute_service_attachment id}") - ``` - ## Import EndpointAttachment can be imported using any of these accepted formats: diff --git a/sdk/python/pulumi_gcp/apigee/environment.py b/sdk/python/pulumi_gcp/apigee/environment.py index a0b11e5e4c..31352017b0 100644 --- a/sdk/python/pulumi_gcp/apigee/environment.py +++ b/sdk/python/pulumi_gcp/apigee/environment.py @@ -29,6 +29,7 @@ def __init__(__self__, *, forward_proxy_uri: Optional[pulumi.Input[str]] = None, name: Optional[pulumi.Input[str]] = None, node_config: Optional[pulumi.Input['EnvironmentNodeConfigArgs']] = None, + properties: Optional[pulumi.Input['EnvironmentPropertiesArgs']] = None, type: Optional[pulumi.Input[str]] = None): """ The set of arguments for constructing a Environment resource. @@ -54,6 +55,8 @@ def __init__(__self__, *, :param pulumi.Input[str] name: The resource ID of the environment. :param pulumi.Input['EnvironmentNodeConfigArgs'] node_config: NodeConfig for setting the min/max number of nodes associated with the environment. Structure is documented below. + :param pulumi.Input['EnvironmentPropertiesArgs'] properties: Key-value pairs that may be used for customizing the environment. + Structure is documented below. :param pulumi.Input[str] type: Types that can be selected for an Environment. Each of the types are limited by capability and capacity. Refer to Apigee's public documentation to understand about each of these types in details. @@ -75,6 +78,8 @@ def __init__(__self__, *, pulumi.set(__self__, "name", name) if node_config is not None: pulumi.set(__self__, "node_config", node_config) + if properties is not None: + pulumi.set(__self__, "properties", properties) if type is not None: pulumi.set(__self__, "type", type) @@ -188,6 +193,19 @@ def node_config(self) -> Optional[pulumi.Input['EnvironmentNodeConfigArgs']]: def node_config(self, value: Optional[pulumi.Input['EnvironmentNodeConfigArgs']]): pulumi.set(self, "node_config", value) + @property + @pulumi.getter + def properties(self) -> Optional[pulumi.Input['EnvironmentPropertiesArgs']]: + """ + Key-value pairs that may be used for customizing the environment. + Structure is documented below. + """ + return pulumi.get(self, "properties") + + @properties.setter + def properties(self, value: Optional[pulumi.Input['EnvironmentPropertiesArgs']]): + pulumi.set(self, "properties", value) + @property @pulumi.getter def type(self) -> Optional[pulumi.Input[str]]: @@ -216,6 +234,7 @@ def __init__(__self__, *, name: Optional[pulumi.Input[str]] = None, node_config: Optional[pulumi.Input['EnvironmentNodeConfigArgs']] = None, org_id: Optional[pulumi.Input[str]] = None, + properties: Optional[pulumi.Input['EnvironmentPropertiesArgs']] = None, type: Optional[pulumi.Input[str]] = None): """ Input properties used for looking up and filtering Environment resources. @@ -241,6 +260,8 @@ def __init__(__self__, *, - - - + :param pulumi.Input['EnvironmentPropertiesArgs'] properties: Key-value pairs that may be used for customizing the environment. + Structure is documented below. :param pulumi.Input[str] type: Types that can be selected for an Environment. Each of the types are limited by capability and capacity. Refer to Apigee's public documentation to understand about each of these types in details. @@ -263,6 +284,8 @@ def __init__(__self__, *, pulumi.set(__self__, "node_config", node_config) if org_id is not None: pulumi.set(__self__, "org_id", org_id) + if properties is not None: + pulumi.set(__self__, "properties", properties) if type is not None: pulumi.set(__self__, "type", type) @@ -376,6 +399,19 @@ def org_id(self) -> Optional[pulumi.Input[str]]: def org_id(self, value: Optional[pulumi.Input[str]]): pulumi.set(self, "org_id", value) + @property + @pulumi.getter + def properties(self) -> Optional[pulumi.Input['EnvironmentPropertiesArgs']]: + """ + Key-value pairs that may be used for customizing the environment. + Structure is documented below. + """ + return pulumi.get(self, "properties") + + @properties.setter + def properties(self, value: Optional[pulumi.Input['EnvironmentPropertiesArgs']]): + pulumi.set(self, "properties", value) + @property @pulumi.getter def type(self) -> Optional[pulumi.Input[str]]: @@ -406,6 +442,7 @@ def __init__(__self__, name: Optional[pulumi.Input[str]] = None, node_config: Optional[pulumi.Input[Union['EnvironmentNodeConfigArgs', 'EnvironmentNodeConfigArgsDict']]] = None, org_id: Optional[pulumi.Input[str]] = None, + properties: Optional[pulumi.Input[Union['EnvironmentPropertiesArgs', 'EnvironmentPropertiesArgsDict']]] = None, type: Optional[pulumi.Input[str]] = None, __props__=None): """ @@ -491,6 +528,8 @@ def __init__(__self__, - - - + :param pulumi.Input[Union['EnvironmentPropertiesArgs', 'EnvironmentPropertiesArgsDict']] properties: Key-value pairs that may be used for customizing the environment. + Structure is documented below. :param pulumi.Input[str] type: Types that can be selected for an Environment. Each of the types are limited by capability and capacity. Refer to Apigee's public documentation to understand about each of these types in details. @@ -585,6 +624,7 @@ def _internal_init(__self__, name: Optional[pulumi.Input[str]] = None, node_config: Optional[pulumi.Input[Union['EnvironmentNodeConfigArgs', 'EnvironmentNodeConfigArgsDict']]] = None, org_id: Optional[pulumi.Input[str]] = None, + properties: Optional[pulumi.Input[Union['EnvironmentPropertiesArgs', 'EnvironmentPropertiesArgsDict']]] = None, type: Optional[pulumi.Input[str]] = None, __props__=None): opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts) @@ -605,6 +645,7 @@ def _internal_init(__self__, if org_id is None and not opts.urn: raise TypeError("Missing required property 'org_id'") __props__.__dict__["org_id"] = org_id + __props__.__dict__["properties"] = properties __props__.__dict__["type"] = type super(Environment, __self__).__init__( 'gcp:apigee/environment:Environment', @@ -624,6 +665,7 @@ def get(resource_name: str, name: Optional[pulumi.Input[str]] = None, node_config: Optional[pulumi.Input[Union['EnvironmentNodeConfigArgs', 'EnvironmentNodeConfigArgsDict']]] = None, org_id: Optional[pulumi.Input[str]] = None, + properties: Optional[pulumi.Input[Union['EnvironmentPropertiesArgs', 'EnvironmentPropertiesArgsDict']]] = None, type: Optional[pulumi.Input[str]] = None) -> 'Environment': """ Get an existing Environment resource's state with the given name, id, and optional extra @@ -654,6 +696,8 @@ def get(resource_name: str, - - - + :param pulumi.Input[Union['EnvironmentPropertiesArgs', 'EnvironmentPropertiesArgsDict']] properties: Key-value pairs that may be used for customizing the environment. + Structure is documented below. :param pulumi.Input[str] type: Types that can be selected for an Environment. Each of the types are limited by capability and capacity. Refer to Apigee's public documentation to understand about each of these types in details. @@ -672,6 +716,7 @@ def get(resource_name: str, __props__.__dict__["name"] = name __props__.__dict__["node_config"] = node_config __props__.__dict__["org_id"] = org_id + __props__.__dict__["properties"] = properties __props__.__dict__["type"] = type return Environment(resource_name, opts=opts, __props__=__props__) @@ -753,6 +798,15 @@ def org_id(self) -> pulumi.Output[str]: """ return pulumi.get(self, "org_id") + @property + @pulumi.getter + def properties(self) -> pulumi.Output[Optional['outputs.EnvironmentProperties']]: + """ + Key-value pairs that may be used for customizing the environment. + Structure is documented below. + """ + return pulumi.get(self, "properties") + @property @pulumi.getter def type(self) -> pulumi.Output[str]: diff --git a/sdk/python/pulumi_gcp/apigee/outputs.py b/sdk/python/pulumi_gcp/apigee/outputs.py index 0490e5ab87..8174c64f85 100644 --- a/sdk/python/pulumi_gcp/apigee/outputs.py +++ b/sdk/python/pulumi_gcp/apigee/outputs.py @@ -28,6 +28,8 @@ 'EnvironmentIamBindingCondition', 'EnvironmentIamMemberCondition', 'EnvironmentNodeConfig', + 'EnvironmentProperties', + 'EnvironmentPropertiesProperty', 'KeystoresAliasesKeyCertFileCertsInfo', 'KeystoresAliasesKeyCertFileCertsInfoCertInfo', 'KeystoresAliasesPkcs12CertsInfo', @@ -558,6 +560,58 @@ def min_node_count(self) -> Optional[str]: return pulumi.get(self, "min_node_count") +@pulumi.output_type +class EnvironmentProperties(dict): + def __init__(__self__, *, + properties: Optional[Sequence['outputs.EnvironmentPropertiesProperty']] = None): + """ + :param Sequence['EnvironmentPropertiesPropertyArgs'] properties: List of all properties in the object. + Structure is documented below. + """ + if properties is not None: + pulumi.set(__self__, "properties", properties) + + @property + @pulumi.getter + def properties(self) -> Optional[Sequence['outputs.EnvironmentPropertiesProperty']]: + """ + List of all properties in the object. + Structure is documented below. + """ + return pulumi.get(self, "properties") + + +@pulumi.output_type +class EnvironmentPropertiesProperty(dict): + def __init__(__self__, *, + name: Optional[str] = None, + value: Optional[str] = None): + """ + :param str name: The property key. + :param str value: The property value. + """ + if name is not None: + pulumi.set(__self__, "name", name) + if value is not None: + pulumi.set(__self__, "value", value) + + @property + @pulumi.getter + def name(self) -> Optional[str]: + """ + The property key. + """ + return pulumi.get(self, "name") + + @property + @pulumi.getter + def value(self) -> Optional[str]: + """ + The property value. + """ + return pulumi.get(self, "value") + + @pulumi.output_type class KeystoresAliasesKeyCertFileCertsInfo(dict): @staticmethod diff --git a/sdk/python/pulumi_gcp/apihub/__init__.py b/sdk/python/pulumi_gcp/apihub/__init__.py new file mode 100644 index 0000000000..493c6bf4e0 --- /dev/null +++ b/sdk/python/pulumi_gcp/apihub/__init__.py @@ -0,0 +1,10 @@ +# coding=utf-8 +# *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +# *** Do not edit by hand unless you're certain you know what you are doing! *** + +from .. import _utilities +import typing +# Export this package's modules as members: +from .api_hub_instance import * +from ._inputs import * +from . import outputs diff --git a/sdk/python/pulumi_gcp/apihub/_inputs.py b/sdk/python/pulumi_gcp/apihub/_inputs.py new file mode 100644 index 0000000000..f8024ae5bb --- /dev/null +++ b/sdk/python/pulumi_gcp/apihub/_inputs.py @@ -0,0 +1,154 @@ +# coding=utf-8 +# *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +# *** Do not edit by hand unless you're certain you know what you are doing! *** + +import copy +import warnings +import sys +import pulumi +import pulumi.runtime +from typing import Any, Mapping, Optional, Sequence, Union, overload +if sys.version_info >= (3, 11): + from typing import NotRequired, TypedDict, TypeAlias +else: + from typing_extensions import NotRequired, TypedDict, TypeAlias +from .. import _utilities + +__all__ = [ + 'ApiHubInstanceConfigArgs', + 'ApiHubInstanceConfigArgsDict', +] + +MYPY = False + +if not MYPY: + class ApiHubInstanceConfigArgsDict(TypedDict): + cmek_key_name: NotRequired[pulumi.Input[str]] + """ + Optional. The Customer Managed Encryption Key (CMEK) used for data encryption. + The CMEK name should follow the format of + `projects/([^/]+)/locations/([^/]+)/keyRings/([^/]+)/cryptoKeys/([^/]+)`, + where the location must match the instance location. + If the CMEK is not provided, a GMEK will be created for the instance. + """ + disable_search: NotRequired[pulumi.Input[bool]] + """ + Optional. If true, the search will be disabled for the instance. The default value + is false. + """ + encryption_type: NotRequired[pulumi.Input[str]] + """ + Optional. Encryption type for the region. If the encryption type is CMEK, the + cmek_key_name must be provided. If no encryption type is provided, + GMEK will be used. + Possible values: + ENCRYPTION_TYPE_UNSPECIFIED + GMEK + CMEK + """ + vertex_location: NotRequired[pulumi.Input[str]] + """ + Optional. The name of the Vertex AI location where the data store is stored. + + - - - + """ +elif False: + ApiHubInstanceConfigArgsDict: TypeAlias = Mapping[str, Any] + +@pulumi.input_type +class ApiHubInstanceConfigArgs: + def __init__(__self__, *, + cmek_key_name: Optional[pulumi.Input[str]] = None, + disable_search: Optional[pulumi.Input[bool]] = None, + encryption_type: Optional[pulumi.Input[str]] = None, + vertex_location: Optional[pulumi.Input[str]] = None): + """ + :param pulumi.Input[str] cmek_key_name: Optional. The Customer Managed Encryption Key (CMEK) used for data encryption. + The CMEK name should follow the format of + `projects/([^/]+)/locations/([^/]+)/keyRings/([^/]+)/cryptoKeys/([^/]+)`, + where the location must match the instance location. + If the CMEK is not provided, a GMEK will be created for the instance. + :param pulumi.Input[bool] disable_search: Optional. If true, the search will be disabled for the instance. The default value + is false. + :param pulumi.Input[str] encryption_type: Optional. Encryption type for the region. If the encryption type is CMEK, the + cmek_key_name must be provided. If no encryption type is provided, + GMEK will be used. + Possible values: + ENCRYPTION_TYPE_UNSPECIFIED + GMEK + CMEK + :param pulumi.Input[str] vertex_location: Optional. The name of the Vertex AI location where the data store is stored. + + - - - + """ + if cmek_key_name is not None: + pulumi.set(__self__, "cmek_key_name", cmek_key_name) + if disable_search is not None: + pulumi.set(__self__, "disable_search", disable_search) + if encryption_type is not None: + pulumi.set(__self__, "encryption_type", encryption_type) + if vertex_location is not None: + pulumi.set(__self__, "vertex_location", vertex_location) + + @property + @pulumi.getter(name="cmekKeyName") + def cmek_key_name(self) -> Optional[pulumi.Input[str]]: + """ + Optional. The Customer Managed Encryption Key (CMEK) used for data encryption. + The CMEK name should follow the format of + `projects/([^/]+)/locations/([^/]+)/keyRings/([^/]+)/cryptoKeys/([^/]+)`, + where the location must match the instance location. + If the CMEK is not provided, a GMEK will be created for the instance. + """ + return pulumi.get(self, "cmek_key_name") + + @cmek_key_name.setter + def cmek_key_name(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "cmek_key_name", value) + + @property + @pulumi.getter(name="disableSearch") + def disable_search(self) -> Optional[pulumi.Input[bool]]: + """ + Optional. If true, the search will be disabled for the instance. The default value + is false. + """ + return pulumi.get(self, "disable_search") + + @disable_search.setter + def disable_search(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "disable_search", value) + + @property + @pulumi.getter(name="encryptionType") + def encryption_type(self) -> Optional[pulumi.Input[str]]: + """ + Optional. Encryption type for the region. If the encryption type is CMEK, the + cmek_key_name must be provided. If no encryption type is provided, + GMEK will be used. + Possible values: + ENCRYPTION_TYPE_UNSPECIFIED + GMEK + CMEK + """ + return pulumi.get(self, "encryption_type") + + @encryption_type.setter + def encryption_type(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "encryption_type", value) + + @property + @pulumi.getter(name="vertexLocation") + def vertex_location(self) -> Optional[pulumi.Input[str]]: + """ + Optional. The name of the Vertex AI location where the data store is stored. + + - - - + """ + return pulumi.get(self, "vertex_location") + + @vertex_location.setter + def vertex_location(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "vertex_location", value) + + diff --git a/sdk/python/pulumi_gcp/apihub/api_hub_instance.py b/sdk/python/pulumi_gcp/apihub/api_hub_instance.py new file mode 100644 index 0000000000..280c8d8e4f --- /dev/null +++ b/sdk/python/pulumi_gcp/apihub/api_hub_instance.py @@ -0,0 +1,784 @@ +# coding=utf-8 +# *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +# *** Do not edit by hand unless you're certain you know what you are doing! *** + +import copy +import warnings +import sys +import pulumi +import pulumi.runtime +from typing import Any, Mapping, Optional, Sequence, Union, overload +if sys.version_info >= (3, 11): + from typing import NotRequired, TypedDict, TypeAlias +else: + from typing_extensions import NotRequired, TypedDict, TypeAlias +from .. import _utilities +from . import outputs +from ._inputs import * + +__all__ = ['ApiHubInstanceArgs', 'ApiHubInstance'] + +@pulumi.input_type +class ApiHubInstanceArgs: + def __init__(__self__, *, + config: pulumi.Input['ApiHubInstanceConfigArgs'], + location: pulumi.Input[str], + api_hub_instance_id: Optional[pulumi.Input[str]] = None, + description: Optional[pulumi.Input[str]] = None, + labels: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None, + project: Optional[pulumi.Input[str]] = None): + """ + The set of arguments for constructing a ApiHubInstance resource. + :param pulumi.Input['ApiHubInstanceConfigArgs'] config: Available configurations to provision an ApiHub Instance. + Structure is documented below. + :param pulumi.Input[str] location: Resource ID segment making up resource `name`. It identifies the resource within its parent collection as described in https://google.aip.dev/122. + :param pulumi.Input[str] api_hub_instance_id: Optional. Identifier to assign to the Api Hub instance. Must be unique within scope of the parent resource. If the field + is not provided, system generated id will be used. This value should be 4-40 characters, and valid characters are + '/a-z[0-9]-_/'. + :param pulumi.Input[str] description: Optional. Description of the ApiHub instance. + :param pulumi.Input[Mapping[str, pulumi.Input[str]]] labels: Optional. Instance labels to represent user-provided metadata. Refer to cloud documentation on labels for more details. + https://cloud.google.com/compute/docs/labeling-resources **Note**: This field is non-authoritative, and will only manage + the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels present on + the resource. + """ + pulumi.set(__self__, "config", config) + pulumi.set(__self__, "location", location) + if api_hub_instance_id is not None: + pulumi.set(__self__, "api_hub_instance_id", api_hub_instance_id) + if description is not None: + pulumi.set(__self__, "description", description) + if labels is not None: + pulumi.set(__self__, "labels", labels) + if project is not None: + pulumi.set(__self__, "project", project) + + @property + @pulumi.getter + def config(self) -> pulumi.Input['ApiHubInstanceConfigArgs']: + """ + Available configurations to provision an ApiHub Instance. + Structure is documented below. + """ + return pulumi.get(self, "config") + + @config.setter + def config(self, value: pulumi.Input['ApiHubInstanceConfigArgs']): + pulumi.set(self, "config", value) + + @property + @pulumi.getter + def location(self) -> pulumi.Input[str]: + """ + Resource ID segment making up resource `name`. It identifies the resource within its parent collection as described in https://google.aip.dev/122. + """ + return pulumi.get(self, "location") + + @location.setter + def location(self, value: pulumi.Input[str]): + pulumi.set(self, "location", value) + + @property + @pulumi.getter(name="apiHubInstanceId") + def api_hub_instance_id(self) -> Optional[pulumi.Input[str]]: + """ + Optional. Identifier to assign to the Api Hub instance. Must be unique within scope of the parent resource. If the field + is not provided, system generated id will be used. This value should be 4-40 characters, and valid characters are + '/a-z[0-9]-_/'. + """ + return pulumi.get(self, "api_hub_instance_id") + + @api_hub_instance_id.setter + def api_hub_instance_id(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "api_hub_instance_id", value) + + @property + @pulumi.getter + def description(self) -> Optional[pulumi.Input[str]]: + """ + Optional. Description of the ApiHub instance. + """ + return pulumi.get(self, "description") + + @description.setter + def description(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "description", value) + + @property + @pulumi.getter + def labels(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]: + """ + Optional. Instance labels to represent user-provided metadata. Refer to cloud documentation on labels for more details. + https://cloud.google.com/compute/docs/labeling-resources **Note**: This field is non-authoritative, and will only manage + the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels present on + the resource. + """ + return pulumi.get(self, "labels") + + @labels.setter + def labels(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]): + pulumi.set(self, "labels", value) + + @property + @pulumi.getter + def project(self) -> Optional[pulumi.Input[str]]: + return pulumi.get(self, "project") + + @project.setter + def project(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "project", value) + + +@pulumi.input_type +class _ApiHubInstanceState: + def __init__(__self__, *, + api_hub_instance_id: Optional[pulumi.Input[str]] = None, + config: Optional[pulumi.Input['ApiHubInstanceConfigArgs']] = None, + create_time: Optional[pulumi.Input[str]] = None, + description: Optional[pulumi.Input[str]] = None, + effective_labels: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None, + labels: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None, + location: Optional[pulumi.Input[str]] = None, + name: Optional[pulumi.Input[str]] = None, + project: Optional[pulumi.Input[str]] = None, + pulumi_labels: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None, + state: Optional[pulumi.Input[str]] = None, + state_message: Optional[pulumi.Input[str]] = None, + update_time: Optional[pulumi.Input[str]] = None): + """ + Input properties used for looking up and filtering ApiHubInstance resources. + :param pulumi.Input[str] api_hub_instance_id: Optional. Identifier to assign to the Api Hub instance. Must be unique within scope of the parent resource. If the field + is not provided, system generated id will be used. This value should be 4-40 characters, and valid characters are + '/a-z[0-9]-_/'. + :param pulumi.Input['ApiHubInstanceConfigArgs'] config: Available configurations to provision an ApiHub Instance. + Structure is documented below. + :param pulumi.Input[str] create_time: Output only. Creation timestamp. + :param pulumi.Input[str] description: Optional. Description of the ApiHub instance. + :param pulumi.Input[Mapping[str, pulumi.Input[str]]] effective_labels: All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. + :param pulumi.Input[Mapping[str, pulumi.Input[str]]] labels: Optional. Instance labels to represent user-provided metadata. Refer to cloud documentation on labels for more details. + https://cloud.google.com/compute/docs/labeling-resources **Note**: This field is non-authoritative, and will only manage + the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels present on + the resource. + :param pulumi.Input[str] location: Resource ID segment making up resource `name`. It identifies the resource within its parent collection as described in https://google.aip.dev/122. + :param pulumi.Input[str] name: Identifier. Format: + `projects/{project}/locations/{location}/apiHubInstances/{apiHubInstance}`. + :param pulumi.Input[Mapping[str, pulumi.Input[str]]] pulumi_labels: The combination of labels configured directly on the resource + and default labels configured on the provider. + :param pulumi.Input[str] state: Output only. The current state of the ApiHub instance. + Possible values: + STATE_UNSPECIFIED + INACTIVE + CREATING + ACTIVE + UPDATING + DELETING + FAILED + :param pulumi.Input[str] state_message: Output only. Extra information about ApiHub instance state. Currently the message + would be populated when state is `FAILED`. + :param pulumi.Input[str] update_time: Output only. Last update timestamp. + """ + if api_hub_instance_id is not None: + pulumi.set(__self__, "api_hub_instance_id", api_hub_instance_id) + if config is not None: + pulumi.set(__self__, "config", config) + if create_time is not None: + pulumi.set(__self__, "create_time", create_time) + if description is not None: + pulumi.set(__self__, "description", description) + if effective_labels is not None: + pulumi.set(__self__, "effective_labels", effective_labels) + if labels is not None: + pulumi.set(__self__, "labels", labels) + if location is not None: + pulumi.set(__self__, "location", location) + if name is not None: + pulumi.set(__self__, "name", name) + if project is not None: + pulumi.set(__self__, "project", project) + if pulumi_labels is not None: + pulumi.set(__self__, "pulumi_labels", pulumi_labels) + if state is not None: + pulumi.set(__self__, "state", state) + if state_message is not None: + pulumi.set(__self__, "state_message", state_message) + if update_time is not None: + pulumi.set(__self__, "update_time", update_time) + + @property + @pulumi.getter(name="apiHubInstanceId") + def api_hub_instance_id(self) -> Optional[pulumi.Input[str]]: + """ + Optional. Identifier to assign to the Api Hub instance. Must be unique within scope of the parent resource. If the field + is not provided, system generated id will be used. This value should be 4-40 characters, and valid characters are + '/a-z[0-9]-_/'. + """ + return pulumi.get(self, "api_hub_instance_id") + + @api_hub_instance_id.setter + def api_hub_instance_id(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "api_hub_instance_id", value) + + @property + @pulumi.getter + def config(self) -> Optional[pulumi.Input['ApiHubInstanceConfigArgs']]: + """ + Available configurations to provision an ApiHub Instance. + Structure is documented below. + """ + return pulumi.get(self, "config") + + @config.setter + def config(self, value: Optional[pulumi.Input['ApiHubInstanceConfigArgs']]): + pulumi.set(self, "config", value) + + @property + @pulumi.getter(name="createTime") + def create_time(self) -> Optional[pulumi.Input[str]]: + """ + Output only. Creation timestamp. + """ + return pulumi.get(self, "create_time") + + @create_time.setter + def create_time(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "create_time", value) + + @property + @pulumi.getter + def description(self) -> Optional[pulumi.Input[str]]: + """ + Optional. Description of the ApiHub instance. + """ + return pulumi.get(self, "description") + + @description.setter + def description(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "description", value) + + @property + @pulumi.getter(name="effectiveLabels") + def effective_labels(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]: + """ + All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. + """ + return pulumi.get(self, "effective_labels") + + @effective_labels.setter + def effective_labels(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]): + pulumi.set(self, "effective_labels", value) + + @property + @pulumi.getter + def labels(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]: + """ + Optional. Instance labels to represent user-provided metadata. Refer to cloud documentation on labels for more details. + https://cloud.google.com/compute/docs/labeling-resources **Note**: This field is non-authoritative, and will only manage + the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels present on + the resource. + """ + return pulumi.get(self, "labels") + + @labels.setter + def labels(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]): + pulumi.set(self, "labels", value) + + @property + @pulumi.getter + def location(self) -> Optional[pulumi.Input[str]]: + """ + Resource ID segment making up resource `name`. It identifies the resource within its parent collection as described in https://google.aip.dev/122. + """ + return pulumi.get(self, "location") + + @location.setter + def location(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "location", value) + + @property + @pulumi.getter + def name(self) -> Optional[pulumi.Input[str]]: + """ + Identifier. Format: + `projects/{project}/locations/{location}/apiHubInstances/{apiHubInstance}`. + """ + return pulumi.get(self, "name") + + @name.setter + def name(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "name", value) + + @property + @pulumi.getter + def project(self) -> Optional[pulumi.Input[str]]: + return pulumi.get(self, "project") + + @project.setter + def project(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "project", value) + + @property + @pulumi.getter(name="pulumiLabels") + def pulumi_labels(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]: + """ + The combination of labels configured directly on the resource + and default labels configured on the provider. + """ + return pulumi.get(self, "pulumi_labels") + + @pulumi_labels.setter + def pulumi_labels(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]): + pulumi.set(self, "pulumi_labels", value) + + @property + @pulumi.getter + def state(self) -> Optional[pulumi.Input[str]]: + """ + Output only. The current state of the ApiHub instance. + Possible values: + STATE_UNSPECIFIED + INACTIVE + CREATING + ACTIVE + UPDATING + DELETING + FAILED + """ + return pulumi.get(self, "state") + + @state.setter + def state(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "state", value) + + @property + @pulumi.getter(name="stateMessage") + def state_message(self) -> Optional[pulumi.Input[str]]: + """ + Output only. Extra information about ApiHub instance state. Currently the message + would be populated when state is `FAILED`. + """ + return pulumi.get(self, "state_message") + + @state_message.setter + def state_message(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "state_message", value) + + @property + @pulumi.getter(name="updateTime") + def update_time(self) -> Optional[pulumi.Input[str]]: + """ + Output only. Last update timestamp. + """ + return pulumi.get(self, "update_time") + + @update_time.setter + def update_time(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "update_time", value) + + +class ApiHubInstance(pulumi.CustomResource): + @overload + def __init__(__self__, + resource_name: str, + opts: Optional[pulumi.ResourceOptions] = None, + api_hub_instance_id: Optional[pulumi.Input[str]] = None, + config: Optional[pulumi.Input[Union['ApiHubInstanceConfigArgs', 'ApiHubInstanceConfigArgsDict']]] = None, + description: Optional[pulumi.Input[str]] = None, + labels: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None, + location: Optional[pulumi.Input[str]] = None, + project: Optional[pulumi.Input[str]] = None, + __props__=None): + """ + An ApiHubInstance represents the instance resources of the API Hub. + Currently, only one ApiHub instance is allowed for each project. + Currently, updation/deletion of ApiHub instance is not allowed. + + ## Example Usage + + ### Apihub Api Hub Instance Basic + + ```python + import pulumi + import pulumi_gcp as gcp + + apihub_instance_without_search = gcp.apihub.ApiHubInstance("apihub-instance-without-search", + location="us-central1", + config={ + "disable_search": True, + }) + ``` + ### Apihub Api Hub Instance Full + + ```python + import pulumi + import pulumi_gcp as gcp + + apihub_instance_search = gcp.apihub.ApiHubInstance("apihub-instance-search", + project="my-project", + api_hub_instance_id="test-instance-full", + description="Test API hub instance", + location="us-central1", + config={ + "encryption_type": "CMEK", + "cmek_key_name": "projects/my-project/locations/us-central1/keyRings/apihub/cryptoKeys/apihub-key", + "disable_search": False, + "vertex_location": "us", + }, + labels={ + "environment": "dev", + }) + ``` + + ## Import + + ApiHubInstance can be imported using any of these accepted formats: + + * `projects/{{project}}/locations/{{location}}/apiHubInstances/{{api_hub_instance_id}}` + + * `{{project}}/{{location}}/{{api_hub_instance_id}}` + + * `{{location}}/{{api_hub_instance_id}}` + + When using the `pulumi import` command, ApiHubInstance can be imported using one of the formats above. For example: + + ```sh + $ pulumi import gcp:apihub/apiHubInstance:ApiHubInstance default projects/{{project}}/locations/{{location}}/apiHubInstances/{{api_hub_instance_id}} + ``` + + ```sh + $ pulumi import gcp:apihub/apiHubInstance:ApiHubInstance default {{project}}/{{location}}/{{api_hub_instance_id}} + ``` + + ```sh + $ pulumi import gcp:apihub/apiHubInstance:ApiHubInstance default {{location}}/{{api_hub_instance_id}} + ``` + + :param str resource_name: The name of the resource. + :param pulumi.ResourceOptions opts: Options for the resource. + :param pulumi.Input[str] api_hub_instance_id: Optional. Identifier to assign to the Api Hub instance. Must be unique within scope of the parent resource. If the field + is not provided, system generated id will be used. This value should be 4-40 characters, and valid characters are + '/a-z[0-9]-_/'. + :param pulumi.Input[Union['ApiHubInstanceConfigArgs', 'ApiHubInstanceConfigArgsDict']] config: Available configurations to provision an ApiHub Instance. + Structure is documented below. + :param pulumi.Input[str] description: Optional. Description of the ApiHub instance. + :param pulumi.Input[Mapping[str, pulumi.Input[str]]] labels: Optional. Instance labels to represent user-provided metadata. Refer to cloud documentation on labels for more details. + https://cloud.google.com/compute/docs/labeling-resources **Note**: This field is non-authoritative, and will only manage + the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels present on + the resource. + :param pulumi.Input[str] location: Resource ID segment making up resource `name`. It identifies the resource within its parent collection as described in https://google.aip.dev/122. + """ + ... + @overload + def __init__(__self__, + resource_name: str, + args: ApiHubInstanceArgs, + opts: Optional[pulumi.ResourceOptions] = None): + """ + An ApiHubInstance represents the instance resources of the API Hub. + Currently, only one ApiHub instance is allowed for each project. + Currently, updation/deletion of ApiHub instance is not allowed. + + ## Example Usage + + ### Apihub Api Hub Instance Basic + + ```python + import pulumi + import pulumi_gcp as gcp + + apihub_instance_without_search = gcp.apihub.ApiHubInstance("apihub-instance-without-search", + location="us-central1", + config={ + "disable_search": True, + }) + ``` + ### Apihub Api Hub Instance Full + + ```python + import pulumi + import pulumi_gcp as gcp + + apihub_instance_search = gcp.apihub.ApiHubInstance("apihub-instance-search", + project="my-project", + api_hub_instance_id="test-instance-full", + description="Test API hub instance", + location="us-central1", + config={ + "encryption_type": "CMEK", + "cmek_key_name": "projects/my-project/locations/us-central1/keyRings/apihub/cryptoKeys/apihub-key", + "disable_search": False, + "vertex_location": "us", + }, + labels={ + "environment": "dev", + }) + ``` + + ## Import + + ApiHubInstance can be imported using any of these accepted formats: + + * `projects/{{project}}/locations/{{location}}/apiHubInstances/{{api_hub_instance_id}}` + + * `{{project}}/{{location}}/{{api_hub_instance_id}}` + + * `{{location}}/{{api_hub_instance_id}}` + + When using the `pulumi import` command, ApiHubInstance can be imported using one of the formats above. For example: + + ```sh + $ pulumi import gcp:apihub/apiHubInstance:ApiHubInstance default projects/{{project}}/locations/{{location}}/apiHubInstances/{{api_hub_instance_id}} + ``` + + ```sh + $ pulumi import gcp:apihub/apiHubInstance:ApiHubInstance default {{project}}/{{location}}/{{api_hub_instance_id}} + ``` + + ```sh + $ pulumi import gcp:apihub/apiHubInstance:ApiHubInstance default {{location}}/{{api_hub_instance_id}} + ``` + + :param str resource_name: The name of the resource. + :param ApiHubInstanceArgs args: The arguments to use to populate this resource's properties. + :param pulumi.ResourceOptions opts: Options for the resource. + """ + ... + def __init__(__self__, resource_name: str, *args, **kwargs): + resource_args, opts = _utilities.get_resource_args_opts(ApiHubInstanceArgs, pulumi.ResourceOptions, *args, **kwargs) + if resource_args is not None: + __self__._internal_init(resource_name, opts, **resource_args.__dict__) + else: + __self__._internal_init(resource_name, *args, **kwargs) + + def _internal_init(__self__, + resource_name: str, + opts: Optional[pulumi.ResourceOptions] = None, + api_hub_instance_id: Optional[pulumi.Input[str]] = None, + config: Optional[pulumi.Input[Union['ApiHubInstanceConfigArgs', 'ApiHubInstanceConfigArgsDict']]] = None, + description: Optional[pulumi.Input[str]] = None, + labels: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None, + location: Optional[pulumi.Input[str]] = None, + project: Optional[pulumi.Input[str]] = None, + __props__=None): + opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts) + if not isinstance(opts, pulumi.ResourceOptions): + raise TypeError('Expected resource options to be a ResourceOptions instance') + if opts.id is None: + if __props__ is not None: + raise TypeError('__props__ is only valid when passed in combination with a valid opts.id to get an existing resource') + __props__ = ApiHubInstanceArgs.__new__(ApiHubInstanceArgs) + + __props__.__dict__["api_hub_instance_id"] = api_hub_instance_id + if config is None and not opts.urn: + raise TypeError("Missing required property 'config'") + __props__.__dict__["config"] = config + __props__.__dict__["description"] = description + __props__.__dict__["labels"] = labels + if location is None and not opts.urn: + raise TypeError("Missing required property 'location'") + __props__.__dict__["location"] = location + __props__.__dict__["project"] = project + __props__.__dict__["create_time"] = None + __props__.__dict__["effective_labels"] = None + __props__.__dict__["name"] = None + __props__.__dict__["pulumi_labels"] = None + __props__.__dict__["state"] = None + __props__.__dict__["state_message"] = None + __props__.__dict__["update_time"] = None + secret_opts = pulumi.ResourceOptions(additional_secret_outputs=["effectiveLabels", "pulumiLabels"]) + opts = pulumi.ResourceOptions.merge(opts, secret_opts) + super(ApiHubInstance, __self__).__init__( + 'gcp:apihub/apiHubInstance:ApiHubInstance', + resource_name, + __props__, + opts) + + @staticmethod + def get(resource_name: str, + id: pulumi.Input[str], + opts: Optional[pulumi.ResourceOptions] = None, + api_hub_instance_id: Optional[pulumi.Input[str]] = None, + config: Optional[pulumi.Input[Union['ApiHubInstanceConfigArgs', 'ApiHubInstanceConfigArgsDict']]] = None, + create_time: Optional[pulumi.Input[str]] = None, + description: Optional[pulumi.Input[str]] = None, + effective_labels: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None, + labels: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None, + location: Optional[pulumi.Input[str]] = None, + name: Optional[pulumi.Input[str]] = None, + project: Optional[pulumi.Input[str]] = None, + pulumi_labels: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None, + state: Optional[pulumi.Input[str]] = None, + state_message: Optional[pulumi.Input[str]] = None, + update_time: Optional[pulumi.Input[str]] = None) -> 'ApiHubInstance': + """ + Get an existing ApiHubInstance resource's state with the given name, id, and optional extra + properties used to qualify the lookup. + + :param str resource_name: The unique name of the resulting resource. + :param pulumi.Input[str] id: The unique provider ID of the resource to lookup. + :param pulumi.ResourceOptions opts: Options for the resource. + :param pulumi.Input[str] api_hub_instance_id: Optional. Identifier to assign to the Api Hub instance. Must be unique within scope of the parent resource. If the field + is not provided, system generated id will be used. This value should be 4-40 characters, and valid characters are + '/a-z[0-9]-_/'. + :param pulumi.Input[Union['ApiHubInstanceConfigArgs', 'ApiHubInstanceConfigArgsDict']] config: Available configurations to provision an ApiHub Instance. + Structure is documented below. + :param pulumi.Input[str] create_time: Output only. Creation timestamp. + :param pulumi.Input[str] description: Optional. Description of the ApiHub instance. + :param pulumi.Input[Mapping[str, pulumi.Input[str]]] effective_labels: All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. + :param pulumi.Input[Mapping[str, pulumi.Input[str]]] labels: Optional. Instance labels to represent user-provided metadata. Refer to cloud documentation on labels for more details. + https://cloud.google.com/compute/docs/labeling-resources **Note**: This field is non-authoritative, and will only manage + the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels present on + the resource. + :param pulumi.Input[str] location: Resource ID segment making up resource `name`. It identifies the resource within its parent collection as described in https://google.aip.dev/122. + :param pulumi.Input[str] name: Identifier. Format: + `projects/{project}/locations/{location}/apiHubInstances/{apiHubInstance}`. + :param pulumi.Input[Mapping[str, pulumi.Input[str]]] pulumi_labels: The combination of labels configured directly on the resource + and default labels configured on the provider. + :param pulumi.Input[str] state: Output only. The current state of the ApiHub instance. + Possible values: + STATE_UNSPECIFIED + INACTIVE + CREATING + ACTIVE + UPDATING + DELETING + FAILED + :param pulumi.Input[str] state_message: Output only. Extra information about ApiHub instance state. Currently the message + would be populated when state is `FAILED`. + :param pulumi.Input[str] update_time: Output only. Last update timestamp. + """ + opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id)) + + __props__ = _ApiHubInstanceState.__new__(_ApiHubInstanceState) + + __props__.__dict__["api_hub_instance_id"] = api_hub_instance_id + __props__.__dict__["config"] = config + __props__.__dict__["create_time"] = create_time + __props__.__dict__["description"] = description + __props__.__dict__["effective_labels"] = effective_labels + __props__.__dict__["labels"] = labels + __props__.__dict__["location"] = location + __props__.__dict__["name"] = name + __props__.__dict__["project"] = project + __props__.__dict__["pulumi_labels"] = pulumi_labels + __props__.__dict__["state"] = state + __props__.__dict__["state_message"] = state_message + __props__.__dict__["update_time"] = update_time + return ApiHubInstance(resource_name, opts=opts, __props__=__props__) + + @property + @pulumi.getter(name="apiHubInstanceId") + def api_hub_instance_id(self) -> pulumi.Output[Optional[str]]: + """ + Optional. Identifier to assign to the Api Hub instance. Must be unique within scope of the parent resource. If the field + is not provided, system generated id will be used. This value should be 4-40 characters, and valid characters are + '/a-z[0-9]-_/'. + """ + return pulumi.get(self, "api_hub_instance_id") + + @property + @pulumi.getter + def config(self) -> pulumi.Output['outputs.ApiHubInstanceConfig']: + """ + Available configurations to provision an ApiHub Instance. + Structure is documented below. + """ + return pulumi.get(self, "config") + + @property + @pulumi.getter(name="createTime") + def create_time(self) -> pulumi.Output[str]: + """ + Output only. Creation timestamp. + """ + return pulumi.get(self, "create_time") + + @property + @pulumi.getter + def description(self) -> pulumi.Output[Optional[str]]: + """ + Optional. Description of the ApiHub instance. + """ + return pulumi.get(self, "description") + + @property + @pulumi.getter(name="effectiveLabels") + def effective_labels(self) -> pulumi.Output[Mapping[str, str]]: + """ + All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. + """ + return pulumi.get(self, "effective_labels") + + @property + @pulumi.getter + def labels(self) -> pulumi.Output[Optional[Mapping[str, str]]]: + """ + Optional. Instance labels to represent user-provided metadata. Refer to cloud documentation on labels for more details. + https://cloud.google.com/compute/docs/labeling-resources **Note**: This field is non-authoritative, and will only manage + the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels present on + the resource. + """ + return pulumi.get(self, "labels") + + @property + @pulumi.getter + def location(self) -> pulumi.Output[str]: + """ + Resource ID segment making up resource `name`. It identifies the resource within its parent collection as described in https://google.aip.dev/122. + """ + return pulumi.get(self, "location") + + @property + @pulumi.getter + def name(self) -> pulumi.Output[str]: + """ + Identifier. Format: + `projects/{project}/locations/{location}/apiHubInstances/{apiHubInstance}`. + """ + return pulumi.get(self, "name") + + @property + @pulumi.getter + def project(self) -> pulumi.Output[str]: + return pulumi.get(self, "project") + + @property + @pulumi.getter(name="pulumiLabels") + def pulumi_labels(self) -> pulumi.Output[Mapping[str, str]]: + """ + The combination of labels configured directly on the resource + and default labels configured on the provider. + """ + return pulumi.get(self, "pulumi_labels") + + @property + @pulumi.getter + def state(self) -> pulumi.Output[str]: + """ + Output only. The current state of the ApiHub instance. + Possible values: + STATE_UNSPECIFIED + INACTIVE + CREATING + ACTIVE + UPDATING + DELETING + FAILED + """ + return pulumi.get(self, "state") + + @property + @pulumi.getter(name="stateMessage") + def state_message(self) -> pulumi.Output[str]: + """ + Output only. Extra information about ApiHub instance state. Currently the message + would be populated when state is `FAILED`. + """ + return pulumi.get(self, "state_message") + + @property + @pulumi.getter(name="updateTime") + def update_time(self) -> pulumi.Output[str]: + """ + Output only. Last update timestamp. + """ + return pulumi.get(self, "update_time") + diff --git a/sdk/python/pulumi_gcp/apihub/outputs.py b/sdk/python/pulumi_gcp/apihub/outputs.py new file mode 100644 index 0000000000..e77138d3f2 --- /dev/null +++ b/sdk/python/pulumi_gcp/apihub/outputs.py @@ -0,0 +1,124 @@ +# coding=utf-8 +# *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +# *** Do not edit by hand unless you're certain you know what you are doing! *** + +import copy +import warnings +import sys +import pulumi +import pulumi.runtime +from typing import Any, Mapping, Optional, Sequence, Union, overload +if sys.version_info >= (3, 11): + from typing import NotRequired, TypedDict, TypeAlias +else: + from typing_extensions import NotRequired, TypedDict, TypeAlias +from .. import _utilities + +__all__ = [ + 'ApiHubInstanceConfig', +] + +@pulumi.output_type +class ApiHubInstanceConfig(dict): + @staticmethod + def __key_warning(key: str): + suggest = None + if key == "cmekKeyName": + suggest = "cmek_key_name" + elif key == "disableSearch": + suggest = "disable_search" + elif key == "encryptionType": + suggest = "encryption_type" + elif key == "vertexLocation": + suggest = "vertex_location" + + if suggest: + pulumi.log.warn(f"Key '{key}' not found in ApiHubInstanceConfig. Access the value via the '{suggest}' property getter instead.") + + def __getitem__(self, key: str) -> Any: + ApiHubInstanceConfig.__key_warning(key) + return super().__getitem__(key) + + def get(self, key: str, default = None) -> Any: + ApiHubInstanceConfig.__key_warning(key) + return super().get(key, default) + + def __init__(__self__, *, + cmek_key_name: Optional[str] = None, + disable_search: Optional[bool] = None, + encryption_type: Optional[str] = None, + vertex_location: Optional[str] = None): + """ + :param str cmek_key_name: Optional. The Customer Managed Encryption Key (CMEK) used for data encryption. + The CMEK name should follow the format of + `projects/([^/]+)/locations/([^/]+)/keyRings/([^/]+)/cryptoKeys/([^/]+)`, + where the location must match the instance location. + If the CMEK is not provided, a GMEK will be created for the instance. + :param bool disable_search: Optional. If true, the search will be disabled for the instance. The default value + is false. + :param str encryption_type: Optional. Encryption type for the region. If the encryption type is CMEK, the + cmek_key_name must be provided. If no encryption type is provided, + GMEK will be used. + Possible values: + ENCRYPTION_TYPE_UNSPECIFIED + GMEK + CMEK + :param str vertex_location: Optional. The name of the Vertex AI location where the data store is stored. + + - - - + """ + if cmek_key_name is not None: + pulumi.set(__self__, "cmek_key_name", cmek_key_name) + if disable_search is not None: + pulumi.set(__self__, "disable_search", disable_search) + if encryption_type is not None: + pulumi.set(__self__, "encryption_type", encryption_type) + if vertex_location is not None: + pulumi.set(__self__, "vertex_location", vertex_location) + + @property + @pulumi.getter(name="cmekKeyName") + def cmek_key_name(self) -> Optional[str]: + """ + Optional. The Customer Managed Encryption Key (CMEK) used for data encryption. + The CMEK name should follow the format of + `projects/([^/]+)/locations/([^/]+)/keyRings/([^/]+)/cryptoKeys/([^/]+)`, + where the location must match the instance location. + If the CMEK is not provided, a GMEK will be created for the instance. + """ + return pulumi.get(self, "cmek_key_name") + + @property + @pulumi.getter(name="disableSearch") + def disable_search(self) -> Optional[bool]: + """ + Optional. If true, the search will be disabled for the instance. The default value + is false. + """ + return pulumi.get(self, "disable_search") + + @property + @pulumi.getter(name="encryptionType") + def encryption_type(self) -> Optional[str]: + """ + Optional. Encryption type for the region. If the encryption type is CMEK, the + cmek_key_name must be provided. If no encryption type is provided, + GMEK will be used. + Possible values: + ENCRYPTION_TYPE_UNSPECIFIED + GMEK + CMEK + """ + return pulumi.get(self, "encryption_type") + + @property + @pulumi.getter(name="vertexLocation") + def vertex_location(self) -> Optional[str]: + """ + Optional. The name of the Vertex AI location where the data store is stored. + + - - - + """ + return pulumi.get(self, "vertex_location") + + diff --git a/sdk/python/pulumi_gcp/chronicle/__init__.py b/sdk/python/pulumi_gcp/chronicle/__init__.py index 9158d36634..20fd5178df 100644 --- a/sdk/python/pulumi_gcp/chronicle/__init__.py +++ b/sdk/python/pulumi_gcp/chronicle/__init__.py @@ -8,6 +8,7 @@ from .data_access_label import * from .data_access_scope import * from .reference_list import * +from .retrohunt import * from .rule import * from .rule_deployment import * from .watchlist import * diff --git a/sdk/python/pulumi_gcp/chronicle/_inputs.py b/sdk/python/pulumi_gcp/chronicle/_inputs.py index b14b242dac..842751048f 100644 --- a/sdk/python/pulumi_gcp/chronicle/_inputs.py +++ b/sdk/python/pulumi_gcp/chronicle/_inputs.py @@ -29,6 +29,10 @@ 'ReferenceListScopeInfoArgsDict', 'ReferenceListScopeInfoReferenceListScopeArgs', 'ReferenceListScopeInfoReferenceListScopeArgsDict', + 'RetrohuntExecutionIntervalArgs', + 'RetrohuntExecutionIntervalArgsDict', + 'RetrohuntProcessIntervalArgs', + 'RetrohuntProcessIntervalArgsDict', 'RuleCompilationDiagnosticArgs', 'RuleCompilationDiagnosticArgsDict', 'RuleCompilationDiagnosticPositionArgs', @@ -536,6 +540,126 @@ def scope_names(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] pulumi.set(self, "scope_names", value) +if not MYPY: + class RetrohuntExecutionIntervalArgsDict(TypedDict): + end_time: NotRequired[pulumi.Input[str]] + """ + Optional. Exclusive end of the interval. + If specified, a Timestamp matching this interval will have to be before the + end. + """ + start_time: NotRequired[pulumi.Input[str]] + """ + Optional. Inclusive start of the interval. + If specified, a Timestamp matching this interval will have to be the same + or after the start. + """ +elif False: + RetrohuntExecutionIntervalArgsDict: TypeAlias = Mapping[str, Any] + +@pulumi.input_type +class RetrohuntExecutionIntervalArgs: + def __init__(__self__, *, + end_time: Optional[pulumi.Input[str]] = None, + start_time: Optional[pulumi.Input[str]] = None): + """ + :param pulumi.Input[str] end_time: Optional. Exclusive end of the interval. + If specified, a Timestamp matching this interval will have to be before the + end. + :param pulumi.Input[str] start_time: Optional. Inclusive start of the interval. + If specified, a Timestamp matching this interval will have to be the same + or after the start. + """ + if end_time is not None: + pulumi.set(__self__, "end_time", end_time) + if start_time is not None: + pulumi.set(__self__, "start_time", start_time) + + @property + @pulumi.getter(name="endTime") + def end_time(self) -> Optional[pulumi.Input[str]]: + """ + Optional. Exclusive end of the interval. + If specified, a Timestamp matching this interval will have to be before the + end. + """ + return pulumi.get(self, "end_time") + + @end_time.setter + def end_time(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "end_time", value) + + @property + @pulumi.getter(name="startTime") + def start_time(self) -> Optional[pulumi.Input[str]]: + """ + Optional. Inclusive start of the interval. + If specified, a Timestamp matching this interval will have to be the same + or after the start. + """ + return pulumi.get(self, "start_time") + + @start_time.setter + def start_time(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "start_time", value) + + +if not MYPY: + class RetrohuntProcessIntervalArgsDict(TypedDict): + end_time: pulumi.Input[str] + """ + Exclusive end of the interval. + + - - - + """ + start_time: pulumi.Input[str] + """ + Inclusive start of the interval. + """ +elif False: + RetrohuntProcessIntervalArgsDict: TypeAlias = Mapping[str, Any] + +@pulumi.input_type +class RetrohuntProcessIntervalArgs: + def __init__(__self__, *, + end_time: pulumi.Input[str], + start_time: pulumi.Input[str]): + """ + :param pulumi.Input[str] end_time: Exclusive end of the interval. + + - - - + :param pulumi.Input[str] start_time: Inclusive start of the interval. + """ + pulumi.set(__self__, "end_time", end_time) + pulumi.set(__self__, "start_time", start_time) + + @property + @pulumi.getter(name="endTime") + def end_time(self) -> pulumi.Input[str]: + """ + Exclusive end of the interval. + + - - - + """ + return pulumi.get(self, "end_time") + + @end_time.setter + def end_time(self, value: pulumi.Input[str]): + pulumi.set(self, "end_time", value) + + @property + @pulumi.getter(name="startTime") + def start_time(self) -> pulumi.Input[str]: + """ + Inclusive start of the interval. + """ + return pulumi.get(self, "start_time") + + @start_time.setter + def start_time(self, value: pulumi.Input[str]): + pulumi.set(self, "start_time", value) + + if not MYPY: class RuleCompilationDiagnosticArgsDict(TypedDict): message: NotRequired[pulumi.Input[str]] diff --git a/sdk/python/pulumi_gcp/chronicle/outputs.py b/sdk/python/pulumi_gcp/chronicle/outputs.py index 494fa8cdd7..73ca397a3e 100644 --- a/sdk/python/pulumi_gcp/chronicle/outputs.py +++ b/sdk/python/pulumi_gcp/chronicle/outputs.py @@ -23,6 +23,8 @@ 'ReferenceListEntry', 'ReferenceListScopeInfo', 'ReferenceListScopeInfoReferenceListScope', + 'RetrohuntExecutionInterval', + 'RetrohuntProcessInterval', 'RuleCompilationDiagnostic', 'RuleCompilationDiagnosticPosition', 'RuleSeverity', @@ -449,6 +451,116 @@ def scope_names(self) -> Optional[Sequence[str]]: return pulumi.get(self, "scope_names") +@pulumi.output_type +class RetrohuntExecutionInterval(dict): + @staticmethod + def __key_warning(key: str): + suggest = None + if key == "endTime": + suggest = "end_time" + elif key == "startTime": + suggest = "start_time" + + if suggest: + pulumi.log.warn(f"Key '{key}' not found in RetrohuntExecutionInterval. Access the value via the '{suggest}' property getter instead.") + + def __getitem__(self, key: str) -> Any: + RetrohuntExecutionInterval.__key_warning(key) + return super().__getitem__(key) + + def get(self, key: str, default = None) -> Any: + RetrohuntExecutionInterval.__key_warning(key) + return super().get(key, default) + + def __init__(__self__, *, + end_time: Optional[str] = None, + start_time: Optional[str] = None): + """ + :param str end_time: Optional. Exclusive end of the interval. + If specified, a Timestamp matching this interval will have to be before the + end. + :param str start_time: Optional. Inclusive start of the interval. + If specified, a Timestamp matching this interval will have to be the same + or after the start. + """ + if end_time is not None: + pulumi.set(__self__, "end_time", end_time) + if start_time is not None: + pulumi.set(__self__, "start_time", start_time) + + @property + @pulumi.getter(name="endTime") + def end_time(self) -> Optional[str]: + """ + Optional. Exclusive end of the interval. + If specified, a Timestamp matching this interval will have to be before the + end. + """ + return pulumi.get(self, "end_time") + + @property + @pulumi.getter(name="startTime") + def start_time(self) -> Optional[str]: + """ + Optional. Inclusive start of the interval. + If specified, a Timestamp matching this interval will have to be the same + or after the start. + """ + return pulumi.get(self, "start_time") + + +@pulumi.output_type +class RetrohuntProcessInterval(dict): + @staticmethod + def __key_warning(key: str): + suggest = None + if key == "endTime": + suggest = "end_time" + elif key == "startTime": + suggest = "start_time" + + if suggest: + pulumi.log.warn(f"Key '{key}' not found in RetrohuntProcessInterval. Access the value via the '{suggest}' property getter instead.") + + def __getitem__(self, key: str) -> Any: + RetrohuntProcessInterval.__key_warning(key) + return super().__getitem__(key) + + def get(self, key: str, default = None) -> Any: + RetrohuntProcessInterval.__key_warning(key) + return super().get(key, default) + + def __init__(__self__, *, + end_time: str, + start_time: str): + """ + :param str end_time: Exclusive end of the interval. + + - - - + :param str start_time: Inclusive start of the interval. + """ + pulumi.set(__self__, "end_time", end_time) + pulumi.set(__self__, "start_time", start_time) + + @property + @pulumi.getter(name="endTime") + def end_time(self) -> str: + """ + Exclusive end of the interval. + + - - - + """ + return pulumi.get(self, "end_time") + + @property + @pulumi.getter(name="startTime") + def start_time(self) -> str: + """ + Inclusive start of the interval. + """ + return pulumi.get(self, "start_time") + + @pulumi.output_type class RuleCompilationDiagnostic(dict): def __init__(__self__, *, diff --git a/sdk/python/pulumi_gcp/chronicle/retrohunt.py b/sdk/python/pulumi_gcp/chronicle/retrohunt.py new file mode 100644 index 0000000000..789b7d4841 --- /dev/null +++ b/sdk/python/pulumi_gcp/chronicle/retrohunt.py @@ -0,0 +1,645 @@ +# coding=utf-8 +# *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +# *** Do not edit by hand unless you're certain you know what you are doing! *** + +import copy +import warnings +import sys +import pulumi +import pulumi.runtime +from typing import Any, Mapping, Optional, Sequence, Union, overload +if sys.version_info >= (3, 11): + from typing import NotRequired, TypedDict, TypeAlias +else: + from typing_extensions import NotRequired, TypedDict, TypeAlias +from .. import _utilities +from . import outputs +from ._inputs import * + +__all__ = ['RetrohuntArgs', 'Retrohunt'] + +@pulumi.input_type +class RetrohuntArgs: + def __init__(__self__, *, + instance: pulumi.Input[str], + location: pulumi.Input[str], + process_interval: pulumi.Input['RetrohuntProcessIntervalArgs'], + rule: pulumi.Input[str], + retrohunt_id: Optional[pulumi.Input[str]] = None, + project: Optional[pulumi.Input[str]] = None): + """ + The set of arguments for constructing a Retrohunt resource. + :param pulumi.Input[str] instance: The unique identifier for the Chronicle instance, which is the same as the customer ID. + :param pulumi.Input[str] location: The location of the resource. This is the geographical region where the Chronicle instance resides, such as "us" or "europe-west2". + :param pulumi.Input['RetrohuntProcessIntervalArgs'] process_interval: Represents a time interval, encoded as a Timestamp start (inclusive) and a + Timestamp end (exclusive). + The start must be less than or equal to the end. + When the start equals the end, the interval is empty (matches no time). + When both start and end are unspecified, the interval matches any time. + Structure is documented below. + :param pulumi.Input[str] rule: The Rule ID of the rule. + :param pulumi.Input[str] retrohunt_id: The retrohunt ID of the Retrohunt. A retrohunt is an execution of a Rule over a time range in the past. + """ + pulumi.set(__self__, "instance", instance) + pulumi.set(__self__, "location", location) + pulumi.set(__self__, "process_interval", process_interval) + pulumi.set(__self__, "rule", rule) + if retrohunt_id is not None: + pulumi.set(__self__, "retrohunt_id", retrohunt_id) + if project is not None: + pulumi.set(__self__, "project", project) + + @property + @pulumi.getter + def instance(self) -> pulumi.Input[str]: + """ + The unique identifier for the Chronicle instance, which is the same as the customer ID. + """ + return pulumi.get(self, "instance") + + @instance.setter + def instance(self, value: pulumi.Input[str]): + pulumi.set(self, "instance", value) + + @property + @pulumi.getter + def location(self) -> pulumi.Input[str]: + """ + The location of the resource. This is the geographical region where the Chronicle instance resides, such as "us" or "europe-west2". + """ + return pulumi.get(self, "location") + + @location.setter + def location(self, value: pulumi.Input[str]): + pulumi.set(self, "location", value) + + @property + @pulumi.getter(name="processInterval") + def process_interval(self) -> pulumi.Input['RetrohuntProcessIntervalArgs']: + """ + Represents a time interval, encoded as a Timestamp start (inclusive) and a + Timestamp end (exclusive). + The start must be less than or equal to the end. + When the start equals the end, the interval is empty (matches no time). + When both start and end are unspecified, the interval matches any time. + Structure is documented below. + """ + return pulumi.get(self, "process_interval") + + @process_interval.setter + def process_interval(self, value: pulumi.Input['RetrohuntProcessIntervalArgs']): + pulumi.set(self, "process_interval", value) + + @property + @pulumi.getter + def rule(self) -> pulumi.Input[str]: + """ + The Rule ID of the rule. + """ + return pulumi.get(self, "rule") + + @rule.setter + def rule(self, value: pulumi.Input[str]): + pulumi.set(self, "rule", value) + + @property + @pulumi.getter(name="RetrohuntId") + def retrohunt_id(self) -> Optional[pulumi.Input[str]]: + """ + The retrohunt ID of the Retrohunt. A retrohunt is an execution of a Rule over a time range in the past. + """ + return pulumi.get(self, "retrohunt_id") + + @retrohunt_id.setter + def retrohunt_id(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "retrohunt_id", value) + + @property + @pulumi.getter + def project(self) -> Optional[pulumi.Input[str]]: + return pulumi.get(self, "project") + + @project.setter + def project(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "project", value) + + +@pulumi.input_type +class _RetrohuntState: + def __init__(__self__, *, + retrohunt_id: Optional[pulumi.Input[str]] = None, + execution_intervals: Optional[pulumi.Input[Sequence[pulumi.Input['RetrohuntExecutionIntervalArgs']]]] = None, + instance: Optional[pulumi.Input[str]] = None, + location: Optional[pulumi.Input[str]] = None, + name: Optional[pulumi.Input[str]] = None, + process_interval: Optional[pulumi.Input['RetrohuntProcessIntervalArgs']] = None, + progress_percentage: Optional[pulumi.Input[float]] = None, + project: Optional[pulumi.Input[str]] = None, + rule: Optional[pulumi.Input[str]] = None, + state: Optional[pulumi.Input[str]] = None): + """ + Input properties used for looking up and filtering Retrohunt resources. + :param pulumi.Input[str] retrohunt_id: The retrohunt ID of the Retrohunt. A retrohunt is an execution of a Rule over a time range in the past. + :param pulumi.Input[Sequence[pulumi.Input['RetrohuntExecutionIntervalArgs']]] execution_intervals: Represents a time interval, encoded as a Timestamp start (inclusive) and a + Timestamp end (exclusive). + The start must be less than or equal to the end. + When the start equals the end, the interval is empty (matches no time). + When both start and end are unspecified, the interval matches any time. + Structure is documented below. + :param pulumi.Input[str] instance: The unique identifier for the Chronicle instance, which is the same as the customer ID. + :param pulumi.Input[str] location: The location of the resource. This is the geographical region where the Chronicle instance resides, such as "us" or "europe-west2". + :param pulumi.Input[str] name: The resource name of the retrohunt. + Retrohunt is the child of a rule revision. {rule} in the format below is + structured as {rule_id@revision_id}. + Format: + projects/{project}/locations/{location}/instances/{instance}/rules/{rule}/retrohunts/{retrohunt} + :param pulumi.Input['RetrohuntProcessIntervalArgs'] process_interval: Represents a time interval, encoded as a Timestamp start (inclusive) and a + Timestamp end (exclusive). + The start must be less than or equal to the end. + When the start equals the end, the interval is empty (matches no time). + When both start and end are unspecified, the interval matches any time. + Structure is documented below. + :param pulumi.Input[float] progress_percentage: Output only. Percent progress of the retrohunt towards completion, from 0.00 to 100.00. + :param pulumi.Input[str] rule: The Rule ID of the rule. + :param pulumi.Input[str] state: Output only. The state of the retrohunt. + Possible values: + RUNNING + DONE + CANCELLED + FAILED + """ + if retrohunt_id is not None: + pulumi.set(__self__, "retrohunt_id", retrohunt_id) + if execution_intervals is not None: + pulumi.set(__self__, "execution_intervals", execution_intervals) + if instance is not None: + pulumi.set(__self__, "instance", instance) + if location is not None: + pulumi.set(__self__, "location", location) + if name is not None: + pulumi.set(__self__, "name", name) + if process_interval is not None: + pulumi.set(__self__, "process_interval", process_interval) + if progress_percentage is not None: + pulumi.set(__self__, "progress_percentage", progress_percentage) + if project is not None: + pulumi.set(__self__, "project", project) + if rule is not None: + pulumi.set(__self__, "rule", rule) + if state is not None: + pulumi.set(__self__, "state", state) + + @property + @pulumi.getter(name="RetrohuntId") + def retrohunt_id(self) -> Optional[pulumi.Input[str]]: + """ + The retrohunt ID of the Retrohunt. A retrohunt is an execution of a Rule over a time range in the past. + """ + return pulumi.get(self, "retrohunt_id") + + @retrohunt_id.setter + def retrohunt_id(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "retrohunt_id", value) + + @property + @pulumi.getter(name="executionIntervals") + def execution_intervals(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['RetrohuntExecutionIntervalArgs']]]]: + """ + Represents a time interval, encoded as a Timestamp start (inclusive) and a + Timestamp end (exclusive). + The start must be less than or equal to the end. + When the start equals the end, the interval is empty (matches no time). + When both start and end are unspecified, the interval matches any time. + Structure is documented below. + """ + return pulumi.get(self, "execution_intervals") + + @execution_intervals.setter + def execution_intervals(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['RetrohuntExecutionIntervalArgs']]]]): + pulumi.set(self, "execution_intervals", value) + + @property + @pulumi.getter + def instance(self) -> Optional[pulumi.Input[str]]: + """ + The unique identifier for the Chronicle instance, which is the same as the customer ID. + """ + return pulumi.get(self, "instance") + + @instance.setter + def instance(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "instance", value) + + @property + @pulumi.getter + def location(self) -> Optional[pulumi.Input[str]]: + """ + The location of the resource. This is the geographical region where the Chronicle instance resides, such as "us" or "europe-west2". + """ + return pulumi.get(self, "location") + + @location.setter + def location(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "location", value) + + @property + @pulumi.getter + def name(self) -> Optional[pulumi.Input[str]]: + """ + The resource name of the retrohunt. + Retrohunt is the child of a rule revision. {rule} in the format below is + structured as {rule_id@revision_id}. + Format: + projects/{project}/locations/{location}/instances/{instance}/rules/{rule}/retrohunts/{retrohunt} + """ + return pulumi.get(self, "name") + + @name.setter + def name(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "name", value) + + @property + @pulumi.getter(name="processInterval") + def process_interval(self) -> Optional[pulumi.Input['RetrohuntProcessIntervalArgs']]: + """ + Represents a time interval, encoded as a Timestamp start (inclusive) and a + Timestamp end (exclusive). + The start must be less than or equal to the end. + When the start equals the end, the interval is empty (matches no time). + When both start and end are unspecified, the interval matches any time. + Structure is documented below. + """ + return pulumi.get(self, "process_interval") + + @process_interval.setter + def process_interval(self, value: Optional[pulumi.Input['RetrohuntProcessIntervalArgs']]): + pulumi.set(self, "process_interval", value) + + @property + @pulumi.getter(name="progressPercentage") + def progress_percentage(self) -> Optional[pulumi.Input[float]]: + """ + Output only. Percent progress of the retrohunt towards completion, from 0.00 to 100.00. + """ + return pulumi.get(self, "progress_percentage") + + @progress_percentage.setter + def progress_percentage(self, value: Optional[pulumi.Input[float]]): + pulumi.set(self, "progress_percentage", value) + + @property + @pulumi.getter + def project(self) -> Optional[pulumi.Input[str]]: + return pulumi.get(self, "project") + + @project.setter + def project(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "project", value) + + @property + @pulumi.getter + def rule(self) -> Optional[pulumi.Input[str]]: + """ + The Rule ID of the rule. + """ + return pulumi.get(self, "rule") + + @rule.setter + def rule(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "rule", value) + + @property + @pulumi.getter + def state(self) -> Optional[pulumi.Input[str]]: + """ + Output only. The state of the retrohunt. + Possible values: + RUNNING + DONE + CANCELLED + FAILED + """ + return pulumi.get(self, "state") + + @state.setter + def state(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "state", value) + + +class Retrohunt(pulumi.CustomResource): + @overload + def __init__(__self__, + resource_name: str, + opts: Optional[pulumi.ResourceOptions] = None, + retrohunt_id: Optional[pulumi.Input[str]] = None, + instance: Optional[pulumi.Input[str]] = None, + location: Optional[pulumi.Input[str]] = None, + process_interval: Optional[pulumi.Input[Union['RetrohuntProcessIntervalArgs', 'RetrohuntProcessIntervalArgsDict']]] = None, + project: Optional[pulumi.Input[str]] = None, + rule: Optional[pulumi.Input[str]] = None, + __props__=None): + """ + Retrohunt is an execution of a Rule over a time range in the past. + + To get more information about Retrohunt, see: + + * [API documentation](https://cloud.google.com/chronicle/docs/reference/rest/v1alpha/projects.locations.instances.rules.retrohunts) + * How-to Guides + * [Google SecOps Guides](https://cloud.google.com/chronicle/docs/secops/secops-overview) + + ## Example Usage + + ## Import + + Retrohunt can be imported using any of these accepted formats: + + * `projects/{{project}}/locations/{{location}}/instances/{{instance}}/rules/{{rule}}/retrohunts/{{retrohunt}}` + + * `{{project}}/{{location}}/{{instance}}/{{rule}}/{{retrohunt}}` + + * `{{location}}/{{instance}}/{{rule}}/{{retrohunt}}` + + When using the `pulumi import` command, Retrohunt can be imported using one of the formats above. For example: + + ```sh + $ pulumi import gcp:chronicle/retrohunt:Retrohunt default projects/{{project}}/locations/{{location}}/instances/{{instance}}/rules/{{rule}}/retrohunts/{{retrohunt}} + ``` + + ```sh + $ pulumi import gcp:chronicle/retrohunt:Retrohunt default {{project}}/{{location}}/{{instance}}/{{rule}}/{{retrohunt}} + ``` + + ```sh + $ pulumi import gcp:chronicle/retrohunt:Retrohunt default {{location}}/{{instance}}/{{rule}}/{{retrohunt}} + ``` + + :param str resource_name: The name of the resource. + :param pulumi.ResourceOptions opts: Options for the resource. + :param pulumi.Input[str] retrohunt_id: The retrohunt ID of the Retrohunt. A retrohunt is an execution of a Rule over a time range in the past. + :param pulumi.Input[str] instance: The unique identifier for the Chronicle instance, which is the same as the customer ID. + :param pulumi.Input[str] location: The location of the resource. This is the geographical region where the Chronicle instance resides, such as "us" or "europe-west2". + :param pulumi.Input[Union['RetrohuntProcessIntervalArgs', 'RetrohuntProcessIntervalArgsDict']] process_interval: Represents a time interval, encoded as a Timestamp start (inclusive) and a + Timestamp end (exclusive). + The start must be less than or equal to the end. + When the start equals the end, the interval is empty (matches no time). + When both start and end are unspecified, the interval matches any time. + Structure is documented below. + :param pulumi.Input[str] rule: The Rule ID of the rule. + """ + ... + @overload + def __init__(__self__, + resource_name: str, + args: RetrohuntArgs, + opts: Optional[pulumi.ResourceOptions] = None): + """ + Retrohunt is an execution of a Rule over a time range in the past. + + To get more information about Retrohunt, see: + + * [API documentation](https://cloud.google.com/chronicle/docs/reference/rest/v1alpha/projects.locations.instances.rules.retrohunts) + * How-to Guides + * [Google SecOps Guides](https://cloud.google.com/chronicle/docs/secops/secops-overview) + + ## Example Usage + + ## Import + + Retrohunt can be imported using any of these accepted formats: + + * `projects/{{project}}/locations/{{location}}/instances/{{instance}}/rules/{{rule}}/retrohunts/{{retrohunt}}` + + * `{{project}}/{{location}}/{{instance}}/{{rule}}/{{retrohunt}}` + + * `{{location}}/{{instance}}/{{rule}}/{{retrohunt}}` + + When using the `pulumi import` command, Retrohunt can be imported using one of the formats above. For example: + + ```sh + $ pulumi import gcp:chronicle/retrohunt:Retrohunt default projects/{{project}}/locations/{{location}}/instances/{{instance}}/rules/{{rule}}/retrohunts/{{retrohunt}} + ``` + + ```sh + $ pulumi import gcp:chronicle/retrohunt:Retrohunt default {{project}}/{{location}}/{{instance}}/{{rule}}/{{retrohunt}} + ``` + + ```sh + $ pulumi import gcp:chronicle/retrohunt:Retrohunt default {{location}}/{{instance}}/{{rule}}/{{retrohunt}} + ``` + + :param str resource_name: The name of the resource. + :param RetrohuntArgs args: The arguments to use to populate this resource's properties. + :param pulumi.ResourceOptions opts: Options for the resource. + """ + ... + def __init__(__self__, resource_name: str, *args, **kwargs): + resource_args, opts = _utilities.get_resource_args_opts(RetrohuntArgs, pulumi.ResourceOptions, *args, **kwargs) + if resource_args is not None: + __self__._internal_init(resource_name, opts, **resource_args.__dict__) + else: + __self__._internal_init(resource_name, *args, **kwargs) + + def _internal_init(__self__, + resource_name: str, + opts: Optional[pulumi.ResourceOptions] = None, + retrohunt_id: Optional[pulumi.Input[str]] = None, + instance: Optional[pulumi.Input[str]] = None, + location: Optional[pulumi.Input[str]] = None, + process_interval: Optional[pulumi.Input[Union['RetrohuntProcessIntervalArgs', 'RetrohuntProcessIntervalArgsDict']]] = None, + project: Optional[pulumi.Input[str]] = None, + rule: Optional[pulumi.Input[str]] = None, + __props__=None): + opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts) + if not isinstance(opts, pulumi.ResourceOptions): + raise TypeError('Expected resource options to be a ResourceOptions instance') + if opts.id is None: + if __props__ is not None: + raise TypeError('__props__ is only valid when passed in combination with a valid opts.id to get an existing resource') + __props__ = RetrohuntArgs.__new__(RetrohuntArgs) + + __props__.__dict__["retrohunt_id"] = retrohunt_id + if instance is None and not opts.urn: + raise TypeError("Missing required property 'instance'") + __props__.__dict__["instance"] = instance + if location is None and not opts.urn: + raise TypeError("Missing required property 'location'") + __props__.__dict__["location"] = location + if process_interval is None and not opts.urn: + raise TypeError("Missing required property 'process_interval'") + __props__.__dict__["process_interval"] = process_interval + __props__.__dict__["project"] = project + if rule is None and not opts.urn: + raise TypeError("Missing required property 'rule'") + __props__.__dict__["rule"] = rule + __props__.__dict__["execution_intervals"] = None + __props__.__dict__["name"] = None + __props__.__dict__["progress_percentage"] = None + __props__.__dict__["state"] = None + super(Retrohunt, __self__).__init__( + 'gcp:chronicle/retrohunt:Retrohunt', + resource_name, + __props__, + opts) + + @staticmethod + def get(resource_name: str, + id: pulumi.Input[str], + opts: Optional[pulumi.ResourceOptions] = None, + retrohunt_id: Optional[pulumi.Input[str]] = None, + execution_intervals: Optional[pulumi.Input[Sequence[pulumi.Input[Union['RetrohuntExecutionIntervalArgs', 'RetrohuntExecutionIntervalArgsDict']]]]] = None, + instance: Optional[pulumi.Input[str]] = None, + location: Optional[pulumi.Input[str]] = None, + name: Optional[pulumi.Input[str]] = None, + process_interval: Optional[pulumi.Input[Union['RetrohuntProcessIntervalArgs', 'RetrohuntProcessIntervalArgsDict']]] = None, + progress_percentage: Optional[pulumi.Input[float]] = None, + project: Optional[pulumi.Input[str]] = None, + rule: Optional[pulumi.Input[str]] = None, + state: Optional[pulumi.Input[str]] = None) -> 'Retrohunt': + """ + Get an existing Retrohunt resource's state with the given name, id, and optional extra + properties used to qualify the lookup. + + :param str resource_name: The unique name of the resulting resource. + :param pulumi.Input[str] id: The unique provider ID of the resource to lookup. + :param pulumi.ResourceOptions opts: Options for the resource. + :param pulumi.Input[str] retrohunt_id: The retrohunt ID of the Retrohunt. A retrohunt is an execution of a Rule over a time range in the past. + :param pulumi.Input[Sequence[pulumi.Input[Union['RetrohuntExecutionIntervalArgs', 'RetrohuntExecutionIntervalArgsDict']]]] execution_intervals: Represents a time interval, encoded as a Timestamp start (inclusive) and a + Timestamp end (exclusive). + The start must be less than or equal to the end. + When the start equals the end, the interval is empty (matches no time). + When both start and end are unspecified, the interval matches any time. + Structure is documented below. + :param pulumi.Input[str] instance: The unique identifier for the Chronicle instance, which is the same as the customer ID. + :param pulumi.Input[str] location: The location of the resource. This is the geographical region where the Chronicle instance resides, such as "us" or "europe-west2". + :param pulumi.Input[str] name: The resource name of the retrohunt. + Retrohunt is the child of a rule revision. {rule} in the format below is + structured as {rule_id@revision_id}. + Format: + projects/{project}/locations/{location}/instances/{instance}/rules/{rule}/retrohunts/{retrohunt} + :param pulumi.Input[Union['RetrohuntProcessIntervalArgs', 'RetrohuntProcessIntervalArgsDict']] process_interval: Represents a time interval, encoded as a Timestamp start (inclusive) and a + Timestamp end (exclusive). + The start must be less than or equal to the end. + When the start equals the end, the interval is empty (matches no time). + When both start and end are unspecified, the interval matches any time. + Structure is documented below. + :param pulumi.Input[float] progress_percentage: Output only. Percent progress of the retrohunt towards completion, from 0.00 to 100.00. + :param pulumi.Input[str] rule: The Rule ID of the rule. + :param pulumi.Input[str] state: Output only. The state of the retrohunt. + Possible values: + RUNNING + DONE + CANCELLED + FAILED + """ + opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id)) + + __props__ = _RetrohuntState.__new__(_RetrohuntState) + + __props__.__dict__["retrohunt_id"] = retrohunt_id + __props__.__dict__["execution_intervals"] = execution_intervals + __props__.__dict__["instance"] = instance + __props__.__dict__["location"] = location + __props__.__dict__["name"] = name + __props__.__dict__["process_interval"] = process_interval + __props__.__dict__["progress_percentage"] = progress_percentage + __props__.__dict__["project"] = project + __props__.__dict__["rule"] = rule + __props__.__dict__["state"] = state + return Retrohunt(resource_name, opts=opts, __props__=__props__) + + @property + @pulumi.getter(name="RetrohuntId") + def retrohunt_id(self) -> pulumi.Output[str]: + """ + The retrohunt ID of the Retrohunt. A retrohunt is an execution of a Rule over a time range in the past. + """ + return pulumi.get(self, "retrohunt_id") + + @property + @pulumi.getter(name="executionIntervals") + def execution_intervals(self) -> pulumi.Output[Sequence['outputs.RetrohuntExecutionInterval']]: + """ + Represents a time interval, encoded as a Timestamp start (inclusive) and a + Timestamp end (exclusive). + The start must be less than or equal to the end. + When the start equals the end, the interval is empty (matches no time). + When both start and end are unspecified, the interval matches any time. + Structure is documented below. + """ + return pulumi.get(self, "execution_intervals") + + @property + @pulumi.getter + def instance(self) -> pulumi.Output[str]: + """ + The unique identifier for the Chronicle instance, which is the same as the customer ID. + """ + return pulumi.get(self, "instance") + + @property + @pulumi.getter + def location(self) -> pulumi.Output[str]: + """ + The location of the resource. This is the geographical region where the Chronicle instance resides, such as "us" or "europe-west2". + """ + return pulumi.get(self, "location") + + @property + @pulumi.getter + def name(self) -> pulumi.Output[str]: + """ + The resource name of the retrohunt. + Retrohunt is the child of a rule revision. {rule} in the format below is + structured as {rule_id@revision_id}. + Format: + projects/{project}/locations/{location}/instances/{instance}/rules/{rule}/retrohunts/{retrohunt} + """ + return pulumi.get(self, "name") + + @property + @pulumi.getter(name="processInterval") + def process_interval(self) -> pulumi.Output['outputs.RetrohuntProcessInterval']: + """ + Represents a time interval, encoded as a Timestamp start (inclusive) and a + Timestamp end (exclusive). + The start must be less than or equal to the end. + When the start equals the end, the interval is empty (matches no time). + When both start and end are unspecified, the interval matches any time. + Structure is documented below. + """ + return pulumi.get(self, "process_interval") + + @property + @pulumi.getter(name="progressPercentage") + def progress_percentage(self) -> pulumi.Output[float]: + """ + Output only. Percent progress of the retrohunt towards completion, from 0.00 to 100.00. + """ + return pulumi.get(self, "progress_percentage") + + @property + @pulumi.getter + def project(self) -> pulumi.Output[str]: + return pulumi.get(self, "project") + + @property + @pulumi.getter + def rule(self) -> pulumi.Output[str]: + """ + The Rule ID of the rule. + """ + return pulumi.get(self, "rule") + + @property + @pulumi.getter + def state(self) -> pulumi.Output[str]: + """ + Output only. The state of the retrohunt. + Possible values: + RUNNING + DONE + CANCELLED + FAILED + """ + return pulumi.get(self, "state") + diff --git a/sdk/python/pulumi_gcp/cloudrunv2/_inputs.py b/sdk/python/pulumi_gcp/cloudrunv2/_inputs.py index a73cc08504..6973c64160 100644 --- a/sdk/python/pulumi_gcp/cloudrunv2/_inputs.py +++ b/sdk/python/pulumi_gcp/cloudrunv2/_inputs.py @@ -65,6 +65,8 @@ 'JobTerminalConditionArgsDict', 'ServiceBinaryAuthorizationArgs', 'ServiceBinaryAuthorizationArgsDict', + 'ServiceBuildConfigArgs', + 'ServiceBuildConfigArgsDict', 'ServiceConditionArgs', 'ServiceConditionArgsDict', 'ServiceIamBindingConditionArgs', @@ -2377,6 +2379,201 @@ def use_default(self, value: Optional[pulumi.Input[bool]]): pulumi.set(self, "use_default", value) +if not MYPY: + class ServiceBuildConfigArgsDict(TypedDict): + base_image: NotRequired[pulumi.Input[str]] + """ + The base image used to build the function. + """ + enable_automatic_updates: NotRequired[pulumi.Input[bool]] + """ + Sets whether the function will receive automatic base image updates. + """ + environment_variables: NotRequired[pulumi.Input[Mapping[str, pulumi.Input[str]]]] + """ + User-provided build-time environment variables for the function. + """ + function_target: NotRequired[pulumi.Input[str]] + """ + The name of the function (as defined in source code) that will be executed. Defaults to the resource name suffix, if not specified. For backward compatibility, if function with given name is not found, then the system will try to use function named "function". + """ + image_uri: NotRequired[pulumi.Input[str]] + """ + Artifact Registry URI to store the built image. + """ + name: NotRequired[pulumi.Input[str]] + """ + (Output) + The Cloud Build name of the latest successful deployment of the function. + """ + service_account: NotRequired[pulumi.Input[str]] + """ + Service account to be used for building the container. The format of this field is `projects/{projectId}/serviceAccounts/{serviceAccountEmail}`. + """ + source_location: NotRequired[pulumi.Input[str]] + """ + The Cloud Storage bucket URI where the function source code is located. + """ + worker_pool: NotRequired[pulumi.Input[str]] + """ + Name of the Cloud Build Custom Worker Pool that should be used to build the Cloud Run function. The format of this field is `projects/{project}/locations/{region}/workerPools/{workerPool}` where {project} and {region} are the project id and region respectively where the worker pool is defined and {workerPool} is the short name of the worker pool. + """ +elif False: + ServiceBuildConfigArgsDict: TypeAlias = Mapping[str, Any] + +@pulumi.input_type +class ServiceBuildConfigArgs: + def __init__(__self__, *, + base_image: Optional[pulumi.Input[str]] = None, + enable_automatic_updates: Optional[pulumi.Input[bool]] = None, + environment_variables: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None, + function_target: Optional[pulumi.Input[str]] = None, + image_uri: Optional[pulumi.Input[str]] = None, + name: Optional[pulumi.Input[str]] = None, + service_account: Optional[pulumi.Input[str]] = None, + source_location: Optional[pulumi.Input[str]] = None, + worker_pool: Optional[pulumi.Input[str]] = None): + """ + :param pulumi.Input[str] base_image: The base image used to build the function. + :param pulumi.Input[bool] enable_automatic_updates: Sets whether the function will receive automatic base image updates. + :param pulumi.Input[Mapping[str, pulumi.Input[str]]] environment_variables: User-provided build-time environment variables for the function. + :param pulumi.Input[str] function_target: The name of the function (as defined in source code) that will be executed. Defaults to the resource name suffix, if not specified. For backward compatibility, if function with given name is not found, then the system will try to use function named "function". + :param pulumi.Input[str] image_uri: Artifact Registry URI to store the built image. + :param pulumi.Input[str] name: (Output) + The Cloud Build name of the latest successful deployment of the function. + :param pulumi.Input[str] service_account: Service account to be used for building the container. The format of this field is `projects/{projectId}/serviceAccounts/{serviceAccountEmail}`. + :param pulumi.Input[str] source_location: The Cloud Storage bucket URI where the function source code is located. + :param pulumi.Input[str] worker_pool: Name of the Cloud Build Custom Worker Pool that should be used to build the Cloud Run function. The format of this field is `projects/{project}/locations/{region}/workerPools/{workerPool}` where {project} and {region} are the project id and region respectively where the worker pool is defined and {workerPool} is the short name of the worker pool. + """ + if base_image is not None: + pulumi.set(__self__, "base_image", base_image) + if enable_automatic_updates is not None: + pulumi.set(__self__, "enable_automatic_updates", enable_automatic_updates) + if environment_variables is not None: + pulumi.set(__self__, "environment_variables", environment_variables) + if function_target is not None: + pulumi.set(__self__, "function_target", function_target) + if image_uri is not None: + pulumi.set(__self__, "image_uri", image_uri) + if name is not None: + pulumi.set(__self__, "name", name) + if service_account is not None: + pulumi.set(__self__, "service_account", service_account) + if source_location is not None: + pulumi.set(__self__, "source_location", source_location) + if worker_pool is not None: + pulumi.set(__self__, "worker_pool", worker_pool) + + @property + @pulumi.getter(name="baseImage") + def base_image(self) -> Optional[pulumi.Input[str]]: + """ + The base image used to build the function. + """ + return pulumi.get(self, "base_image") + + @base_image.setter + def base_image(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "base_image", value) + + @property + @pulumi.getter(name="enableAutomaticUpdates") + def enable_automatic_updates(self) -> Optional[pulumi.Input[bool]]: + """ + Sets whether the function will receive automatic base image updates. + """ + return pulumi.get(self, "enable_automatic_updates") + + @enable_automatic_updates.setter + def enable_automatic_updates(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "enable_automatic_updates", value) + + @property + @pulumi.getter(name="environmentVariables") + def environment_variables(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]: + """ + User-provided build-time environment variables for the function. + """ + return pulumi.get(self, "environment_variables") + + @environment_variables.setter + def environment_variables(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]): + pulumi.set(self, "environment_variables", value) + + @property + @pulumi.getter(name="functionTarget") + def function_target(self) -> Optional[pulumi.Input[str]]: + """ + The name of the function (as defined in source code) that will be executed. Defaults to the resource name suffix, if not specified. For backward compatibility, if function with given name is not found, then the system will try to use function named "function". + """ + return pulumi.get(self, "function_target") + + @function_target.setter + def function_target(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "function_target", value) + + @property + @pulumi.getter(name="imageUri") + def image_uri(self) -> Optional[pulumi.Input[str]]: + """ + Artifact Registry URI to store the built image. + """ + return pulumi.get(self, "image_uri") + + @image_uri.setter + def image_uri(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "image_uri", value) + + @property + @pulumi.getter + def name(self) -> Optional[pulumi.Input[str]]: + """ + (Output) + The Cloud Build name of the latest successful deployment of the function. + """ + return pulumi.get(self, "name") + + @name.setter + def name(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "name", value) + + @property + @pulumi.getter(name="serviceAccount") + def service_account(self) -> Optional[pulumi.Input[str]]: + """ + Service account to be used for building the container. The format of this field is `projects/{projectId}/serviceAccounts/{serviceAccountEmail}`. + """ + return pulumi.get(self, "service_account") + + @service_account.setter + def service_account(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "service_account", value) + + @property + @pulumi.getter(name="sourceLocation") + def source_location(self) -> Optional[pulumi.Input[str]]: + """ + The Cloud Storage bucket URI where the function source code is located. + """ + return pulumi.get(self, "source_location") + + @source_location.setter + def source_location(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "source_location", value) + + @property + @pulumi.getter(name="workerPool") + def worker_pool(self) -> Optional[pulumi.Input[str]]: + """ + Name of the Cloud Build Custom Worker Pool that should be used to build the Cloud Run function. The format of this field is `projects/{project}/locations/{region}/workerPools/{workerPool}` where {project} and {region} are the project id and region respectively where the worker pool is defined and {workerPool} is the short name of the worker pool. + """ + return pulumi.get(self, "worker_pool") + + @worker_pool.setter + def worker_pool(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "worker_pool", value) + + if not MYPY: class ServiceConditionArgsDict(TypedDict): execution_reason: NotRequired[pulumi.Input[str]] diff --git a/sdk/python/pulumi_gcp/cloudrunv2/get_service.py b/sdk/python/pulumi_gcp/cloudrunv2/get_service.py index ac6e5357d8..8ffadbe2c0 100644 --- a/sdk/python/pulumi_gcp/cloudrunv2/get_service.py +++ b/sdk/python/pulumi_gcp/cloudrunv2/get_service.py @@ -27,13 +27,16 @@ class GetServiceResult: """ A collection of values returned by getService. """ - def __init__(__self__, annotations=None, binary_authorizations=None, client=None, client_version=None, conditions=None, create_time=None, creator=None, custom_audiences=None, default_uri_disabled=None, delete_time=None, deletion_protection=None, description=None, effective_annotations=None, effective_labels=None, etag=None, expire_time=None, generation=None, id=None, ingress=None, invoker_iam_disabled=None, labels=None, last_modifier=None, latest_created_revision=None, latest_ready_revision=None, launch_stage=None, location=None, name=None, observed_generation=None, project=None, pulumi_labels=None, reconciling=None, scalings=None, templates=None, terminal_conditions=None, traffic_statuses=None, traffics=None, uid=None, update_time=None, uri=None, urls=None): + def __init__(__self__, annotations=None, binary_authorizations=None, build_configs=None, client=None, client_version=None, conditions=None, create_time=None, creator=None, custom_audiences=None, default_uri_disabled=None, delete_time=None, deletion_protection=None, description=None, effective_annotations=None, effective_labels=None, etag=None, expire_time=None, generation=None, id=None, ingress=None, invoker_iam_disabled=None, labels=None, last_modifier=None, latest_created_revision=None, latest_ready_revision=None, launch_stage=None, location=None, name=None, observed_generation=None, project=None, pulumi_labels=None, reconciling=None, scalings=None, templates=None, terminal_conditions=None, traffic_statuses=None, traffics=None, uid=None, update_time=None, uri=None, urls=None): if annotations and not isinstance(annotations, dict): raise TypeError("Expected argument 'annotations' to be a dict") pulumi.set(__self__, "annotations", annotations) if binary_authorizations and not isinstance(binary_authorizations, list): raise TypeError("Expected argument 'binary_authorizations' to be a list") pulumi.set(__self__, "binary_authorizations", binary_authorizations) + if build_configs and not isinstance(build_configs, list): + raise TypeError("Expected argument 'build_configs' to be a list") + pulumi.set(__self__, "build_configs", build_configs) if client and not isinstance(client, str): raise TypeError("Expected argument 'client' to be a str") pulumi.set(__self__, "client", client) @@ -159,6 +162,11 @@ def annotations(self) -> Mapping[str, str]: def binary_authorizations(self) -> Sequence['outputs.GetServiceBinaryAuthorizationResult']: return pulumi.get(self, "binary_authorizations") + @property + @pulumi.getter(name="buildConfigs") + def build_configs(self) -> Sequence['outputs.GetServiceBuildConfigResult']: + return pulumi.get(self, "build_configs") + @property @pulumi.getter def client(self) -> str: @@ -361,6 +369,7 @@ def __await__(self): return GetServiceResult( annotations=self.annotations, binary_authorizations=self.binary_authorizations, + build_configs=self.build_configs, client=self.client, client_version=self.client_version, conditions=self.conditions, @@ -438,6 +447,7 @@ def get_service(location: Optional[str] = None, return AwaitableGetServiceResult( annotations=pulumi.get(__ret__, 'annotations'), binary_authorizations=pulumi.get(__ret__, 'binary_authorizations'), + build_configs=pulumi.get(__ret__, 'build_configs'), client=pulumi.get(__ret__, 'client'), client_version=pulumi.get(__ret__, 'client_version'), conditions=pulumi.get(__ret__, 'conditions'), @@ -512,6 +522,7 @@ def get_service_output(location: Optional[pulumi.Input[Optional[str]]] = None, return __ret__.apply(lambda __response__: GetServiceResult( annotations=pulumi.get(__response__, 'annotations'), binary_authorizations=pulumi.get(__response__, 'binary_authorizations'), + build_configs=pulumi.get(__response__, 'build_configs'), client=pulumi.get(__response__, 'client'), client_version=pulumi.get(__response__, 'client_version'), conditions=pulumi.get(__response__, 'conditions'), diff --git a/sdk/python/pulumi_gcp/cloudrunv2/outputs.py b/sdk/python/pulumi_gcp/cloudrunv2/outputs.py index 5726e81aca..8e317a1f27 100644 --- a/sdk/python/pulumi_gcp/cloudrunv2/outputs.py +++ b/sdk/python/pulumi_gcp/cloudrunv2/outputs.py @@ -41,6 +41,7 @@ 'JobTemplateTemplateVpcAccessNetworkInterface', 'JobTerminalCondition', 'ServiceBinaryAuthorization', + 'ServiceBuildConfig', 'ServiceCondition', 'ServiceIamBindingCondition', 'ServiceIamMemberCondition', @@ -101,6 +102,7 @@ 'GetJobTemplateTemplateVpcAccessNetworkInterfaceResult', 'GetJobTerminalConditionResult', 'GetServiceBinaryAuthorizationResult', + 'GetServiceBuildConfigResult', 'GetServiceConditionResult', 'GetServiceScalingResult', 'GetServiceTemplateResult', @@ -1812,6 +1814,154 @@ def use_default(self) -> Optional[bool]: return pulumi.get(self, "use_default") +@pulumi.output_type +class ServiceBuildConfig(dict): + @staticmethod + def __key_warning(key: str): + suggest = None + if key == "baseImage": + suggest = "base_image" + elif key == "enableAutomaticUpdates": + suggest = "enable_automatic_updates" + elif key == "environmentVariables": + suggest = "environment_variables" + elif key == "functionTarget": + suggest = "function_target" + elif key == "imageUri": + suggest = "image_uri" + elif key == "serviceAccount": + suggest = "service_account" + elif key == "sourceLocation": + suggest = "source_location" + elif key == "workerPool": + suggest = "worker_pool" + + if suggest: + pulumi.log.warn(f"Key '{key}' not found in ServiceBuildConfig. Access the value via the '{suggest}' property getter instead.") + + def __getitem__(self, key: str) -> Any: + ServiceBuildConfig.__key_warning(key) + return super().__getitem__(key) + + def get(self, key: str, default = None) -> Any: + ServiceBuildConfig.__key_warning(key) + return super().get(key, default) + + def __init__(__self__, *, + base_image: Optional[str] = None, + enable_automatic_updates: Optional[bool] = None, + environment_variables: Optional[Mapping[str, str]] = None, + function_target: Optional[str] = None, + image_uri: Optional[str] = None, + name: Optional[str] = None, + service_account: Optional[str] = None, + source_location: Optional[str] = None, + worker_pool: Optional[str] = None): + """ + :param str base_image: The base image used to build the function. + :param bool enable_automatic_updates: Sets whether the function will receive automatic base image updates. + :param Mapping[str, str] environment_variables: User-provided build-time environment variables for the function. + :param str function_target: The name of the function (as defined in source code) that will be executed. Defaults to the resource name suffix, if not specified. For backward compatibility, if function with given name is not found, then the system will try to use function named "function". + :param str image_uri: Artifact Registry URI to store the built image. + :param str name: (Output) + The Cloud Build name of the latest successful deployment of the function. + :param str service_account: Service account to be used for building the container. The format of this field is `projects/{projectId}/serviceAccounts/{serviceAccountEmail}`. + :param str source_location: The Cloud Storage bucket URI where the function source code is located. + :param str worker_pool: Name of the Cloud Build Custom Worker Pool that should be used to build the Cloud Run function. The format of this field is `projects/{project}/locations/{region}/workerPools/{workerPool}` where {project} and {region} are the project id and region respectively where the worker pool is defined and {workerPool} is the short name of the worker pool. + """ + if base_image is not None: + pulumi.set(__self__, "base_image", base_image) + if enable_automatic_updates is not None: + pulumi.set(__self__, "enable_automatic_updates", enable_automatic_updates) + if environment_variables is not None: + pulumi.set(__self__, "environment_variables", environment_variables) + if function_target is not None: + pulumi.set(__self__, "function_target", function_target) + if image_uri is not None: + pulumi.set(__self__, "image_uri", image_uri) + if name is not None: + pulumi.set(__self__, "name", name) + if service_account is not None: + pulumi.set(__self__, "service_account", service_account) + if source_location is not None: + pulumi.set(__self__, "source_location", source_location) + if worker_pool is not None: + pulumi.set(__self__, "worker_pool", worker_pool) + + @property + @pulumi.getter(name="baseImage") + def base_image(self) -> Optional[str]: + """ + The base image used to build the function. + """ + return pulumi.get(self, "base_image") + + @property + @pulumi.getter(name="enableAutomaticUpdates") + def enable_automatic_updates(self) -> Optional[bool]: + """ + Sets whether the function will receive automatic base image updates. + """ + return pulumi.get(self, "enable_automatic_updates") + + @property + @pulumi.getter(name="environmentVariables") + def environment_variables(self) -> Optional[Mapping[str, str]]: + """ + User-provided build-time environment variables for the function. + """ + return pulumi.get(self, "environment_variables") + + @property + @pulumi.getter(name="functionTarget") + def function_target(self) -> Optional[str]: + """ + The name of the function (as defined in source code) that will be executed. Defaults to the resource name suffix, if not specified. For backward compatibility, if function with given name is not found, then the system will try to use function named "function". + """ + return pulumi.get(self, "function_target") + + @property + @pulumi.getter(name="imageUri") + def image_uri(self) -> Optional[str]: + """ + Artifact Registry URI to store the built image. + """ + return pulumi.get(self, "image_uri") + + @property + @pulumi.getter + def name(self) -> Optional[str]: + """ + (Output) + The Cloud Build name of the latest successful deployment of the function. + """ + return pulumi.get(self, "name") + + @property + @pulumi.getter(name="serviceAccount") + def service_account(self) -> Optional[str]: + """ + Service account to be used for building the container. The format of this field is `projects/{projectId}/serviceAccounts/{serviceAccountEmail}`. + """ + return pulumi.get(self, "service_account") + + @property + @pulumi.getter(name="sourceLocation") + def source_location(self) -> Optional[str]: + """ + The Cloud Storage bucket URI where the function source code is located. + """ + return pulumi.get(self, "source_location") + + @property + @pulumi.getter(name="workerPool") + def worker_pool(self) -> Optional[str]: + """ + Name of the Cloud Build Custom Worker Pool that should be used to build the Cloud Run function. The format of this field is `projects/{project}/locations/{region}/workerPools/{workerPool}` where {project} and {region} are the project id and region respectively where the worker pool is defined and {workerPool} is the short name of the worker pool. + """ + return pulumi.get(self, "worker_pool") + + @pulumi.output_type class ServiceCondition(dict): @staticmethod @@ -5355,6 +5505,112 @@ def use_default(self) -> bool: return pulumi.get(self, "use_default") +@pulumi.output_type +class GetServiceBuildConfigResult(dict): + def __init__(__self__, *, + base_image: str, + enable_automatic_updates: bool, + environment_variables: Mapping[str, str], + function_target: str, + image_uri: str, + name: str, + service_account: str, + source_location: str, + worker_pool: str): + """ + :param str base_image: The base image used to build the function. + :param bool enable_automatic_updates: Sets whether the function will receive automatic base image updates. + :param Mapping[str, str] environment_variables: User-provided build-time environment variables for the function. + :param str function_target: The name of the function (as defined in source code) that will be executed. Defaults to the resource name suffix, if not specified. For backward compatibility, if function with given name is not found, then the system will try to use function named "function". + :param str image_uri: Artifact Registry URI to store the built image. + :param str name: The name of the Cloud Run v2 Service. + :param str service_account: Service account to be used for building the container. The format of this field is 'projects/{projectId}/serviceAccounts/{serviceAccountEmail}'. + :param str source_location: The Cloud Storage bucket URI where the function source code is located. + :param str worker_pool: Name of the Cloud Build Custom Worker Pool that should be used to build the Cloud Run function. The format of this field is 'projects/{project}/locations/{region}/workerPools/{workerPool}' where {project} and {region} are the project id and region respectively where the worker pool is defined and {workerPool} is the short name of the worker pool. + """ + pulumi.set(__self__, "base_image", base_image) + pulumi.set(__self__, "enable_automatic_updates", enable_automatic_updates) + pulumi.set(__self__, "environment_variables", environment_variables) + pulumi.set(__self__, "function_target", function_target) + pulumi.set(__self__, "image_uri", image_uri) + pulumi.set(__self__, "name", name) + pulumi.set(__self__, "service_account", service_account) + pulumi.set(__self__, "source_location", source_location) + pulumi.set(__self__, "worker_pool", worker_pool) + + @property + @pulumi.getter(name="baseImage") + def base_image(self) -> str: + """ + The base image used to build the function. + """ + return pulumi.get(self, "base_image") + + @property + @pulumi.getter(name="enableAutomaticUpdates") + def enable_automatic_updates(self) -> bool: + """ + Sets whether the function will receive automatic base image updates. + """ + return pulumi.get(self, "enable_automatic_updates") + + @property + @pulumi.getter(name="environmentVariables") + def environment_variables(self) -> Mapping[str, str]: + """ + User-provided build-time environment variables for the function. + """ + return pulumi.get(self, "environment_variables") + + @property + @pulumi.getter(name="functionTarget") + def function_target(self) -> str: + """ + The name of the function (as defined in source code) that will be executed. Defaults to the resource name suffix, if not specified. For backward compatibility, if function with given name is not found, then the system will try to use function named "function". + """ + return pulumi.get(self, "function_target") + + @property + @pulumi.getter(name="imageUri") + def image_uri(self) -> str: + """ + Artifact Registry URI to store the built image. + """ + return pulumi.get(self, "image_uri") + + @property + @pulumi.getter + def name(self) -> str: + """ + The name of the Cloud Run v2 Service. + """ + return pulumi.get(self, "name") + + @property + @pulumi.getter(name="serviceAccount") + def service_account(self) -> str: + """ + Service account to be used for building the container. The format of this field is 'projects/{projectId}/serviceAccounts/{serviceAccountEmail}'. + """ + return pulumi.get(self, "service_account") + + @property + @pulumi.getter(name="sourceLocation") + def source_location(self) -> str: + """ + The Cloud Storage bucket URI where the function source code is located. + """ + return pulumi.get(self, "source_location") + + @property + @pulumi.getter(name="workerPool") + def worker_pool(self) -> str: + """ + Name of the Cloud Build Custom Worker Pool that should be used to build the Cloud Run function. The format of this field is 'projects/{project}/locations/{region}/workerPools/{workerPool}' where {project} and {region} are the project id and region respectively where the worker pool is defined and {workerPool} is the short name of the worker pool. + """ + return pulumi.get(self, "worker_pool") + + @pulumi.output_type class GetServiceConditionResult(dict): def __init__(__self__, *, diff --git a/sdk/python/pulumi_gcp/cloudrunv2/service.py b/sdk/python/pulumi_gcp/cloudrunv2/service.py index 8075030bc3..2e139cbca6 100644 --- a/sdk/python/pulumi_gcp/cloudrunv2/service.py +++ b/sdk/python/pulumi_gcp/cloudrunv2/service.py @@ -25,6 +25,7 @@ def __init__(__self__, *, template: pulumi.Input['ServiceTemplateArgs'], annotations: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None, binary_authorization: Optional[pulumi.Input['ServiceBinaryAuthorizationArgs']] = None, + build_config: Optional[pulumi.Input['ServiceBuildConfigArgs']] = None, client: Optional[pulumi.Input[str]] = None, client_version: Optional[pulumi.Input[str]] = None, custom_audiences: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, @@ -52,6 +53,7 @@ def __init__(__self__, *, annotations present in your configuration. Please refer to the field 'effective_annotations' for all of the annotations present on the resource. :param pulumi.Input['ServiceBinaryAuthorizationArgs'] binary_authorization: Settings for the Binary Authorization feature. + :param pulumi.Input['ServiceBuildConfigArgs'] build_config: Configuration for building a Cloud Run function. :param pulumi.Input[str] client: Arbitrary identifier for the API client. :param pulumi.Input[str] client_version: Arbitrary version identifier for the API client. :param pulumi.Input[Sequence[pulumi.Input[str]]] custom_audiences: One or more custom audiences that you want this service to support. Specify each custom audience as the full URL in a @@ -89,6 +91,8 @@ def __init__(__self__, *, pulumi.set(__self__, "annotations", annotations) if binary_authorization is not None: pulumi.set(__self__, "binary_authorization", binary_authorization) + if build_config is not None: + pulumi.set(__self__, "build_config", build_config) if client is not None: pulumi.set(__self__, "client", client) if client_version is not None: @@ -173,6 +177,18 @@ def binary_authorization(self) -> Optional[pulumi.Input['ServiceBinaryAuthorizat def binary_authorization(self, value: Optional[pulumi.Input['ServiceBinaryAuthorizationArgs']]): pulumi.set(self, "binary_authorization", value) + @property + @pulumi.getter(name="buildConfig") + def build_config(self) -> Optional[pulumi.Input['ServiceBuildConfigArgs']]: + """ + Configuration for building a Cloud Run function. + """ + return pulumi.get(self, "build_config") + + @build_config.setter + def build_config(self, value: Optional[pulumi.Input['ServiceBuildConfigArgs']]): + pulumi.set(self, "build_config", value) + @property @pulumi.getter def client(self) -> Optional[pulumi.Input[str]]: @@ -359,6 +375,7 @@ class _ServiceState: def __init__(__self__, *, annotations: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None, binary_authorization: Optional[pulumi.Input['ServiceBinaryAuthorizationArgs']] = None, + build_config: Optional[pulumi.Input['ServiceBuildConfigArgs']] = None, client: Optional[pulumi.Input[str]] = None, client_version: Optional[pulumi.Input[str]] = None, conditions: Optional[pulumi.Input[Sequence[pulumi.Input['ServiceConditionArgs']]]] = None, @@ -406,6 +423,7 @@ def __init__(__self__, *, annotations present in your configuration. Please refer to the field 'effective_annotations' for all of the annotations present on the resource. :param pulumi.Input['ServiceBinaryAuthorizationArgs'] binary_authorization: Settings for the Binary Authorization feature. + :param pulumi.Input['ServiceBuildConfigArgs'] build_config: Configuration for building a Cloud Run function. :param pulumi.Input[str] client: Arbitrary identifier for the API client. :param pulumi.Input[str] client_version: Arbitrary version identifier for the API client. :param pulumi.Input[Sequence[pulumi.Input['ServiceConditionArgs']]] conditions: The Conditions of all other associated sub-resources. They contain additional diagnostics information in case the Service does not reach its Serving state. See comments in reconciling for additional information on reconciliation process in Cloud Run. @@ -472,6 +490,8 @@ def __init__(__self__, *, pulumi.set(__self__, "annotations", annotations) if binary_authorization is not None: pulumi.set(__self__, "binary_authorization", binary_authorization) + if build_config is not None: + pulumi.set(__self__, "build_config", build_config) if client is not None: pulumi.set(__self__, "client", client) if client_version is not None: @@ -577,6 +597,18 @@ def binary_authorization(self) -> Optional[pulumi.Input['ServiceBinaryAuthorizat def binary_authorization(self, value: Optional[pulumi.Input['ServiceBinaryAuthorizationArgs']]): pulumi.set(self, "binary_authorization", value) + @property + @pulumi.getter(name="buildConfig") + def build_config(self) -> Optional[pulumi.Input['ServiceBuildConfigArgs']]: + """ + Configuration for building a Cloud Run function. + """ + return pulumi.get(self, "build_config") + + @build_config.setter + def build_config(self, value: Optional[pulumi.Input['ServiceBuildConfigArgs']]): + pulumi.set(self, "build_config", value) + @property @pulumi.getter def client(self) -> Optional[pulumi.Input[str]]: @@ -1047,6 +1079,7 @@ def __init__(__self__, opts: Optional[pulumi.ResourceOptions] = None, annotations: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None, binary_authorization: Optional[pulumi.Input[Union['ServiceBinaryAuthorizationArgs', 'ServiceBinaryAuthorizationArgsDict']]] = None, + build_config: Optional[pulumi.Input[Union['ServiceBuildConfigArgs', 'ServiceBuildConfigArgsDict']]] = None, client: Optional[pulumi.Input[str]] = None, client_version: Optional[pulumi.Input[str]] = None, custom_audiences: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, @@ -1532,6 +1565,62 @@ def __init__(__self__, }], }) ``` + ### Cloudrunv2 Service Function + + ```python + import pulumi + import pulumi_gcp as gcp + + project = gcp.organizations.get_project() + bucket = gcp.storage.Bucket("bucket", + name=f"{project.project_id}-gcf-source", + location="US", + uniform_bucket_level_access=True) + object = gcp.storage.BucketObject("object", + name="function-source.zip", + bucket=bucket.name, + source=pulumi.FileAsset("function_source.zip")) + cloudbuild_service_account = gcp.serviceaccount.Account("cloudbuild_service_account", account_id="build-sa") + act_as = gcp.projects.IAMMember("act_as", + project=project.project_id, + role="roles/iam.serviceAccountUser", + member=cloudbuild_service_account.email.apply(lambda email: f"serviceAccount:{email}")) + logs_writer = gcp.projects.IAMMember("logs_writer", + project=project.project_id, + role="roles/logging.logWriter", + member=cloudbuild_service_account.email.apply(lambda email: f"serviceAccount:{email}")) + default = gcp.cloudrunv2.Service("default", + name="cloudrun-service", + location="us-central1", + deletion_protection=False, + ingress="INGRESS_TRAFFIC_ALL", + template={ + "containers": [{ + "image": "us-docker.pkg.dev/cloudrun/container/hello", + }], + }, + build_config={ + "source_location": pulumi.Output.all( + bucketName=bucket.name, + objectName=object.name + ).apply(lambda resolved_outputs: f"gs://{resolved_outputs['bucketName']}/{resolved_outputs['objectName']}") + , + "function_target": "helloHttp", + "image_uri": "us-docker.pkg.dev/cloudrun/container/hello", + "base_image": "us-central1-docker.pkg.dev/serverless-runtimes/google-22-full/runtimes/nodejs22", + "enable_automatic_updates": True, + "worker_pool": "worker-pool", + "environment_variables": { + "FOO_KEY": "FOO_VALUE", + "BAR_KEY": "BAR_VALUE", + }, + "service_account": cloudbuild_service_account.id, + }, + opts = pulumi.ResourceOptions(depends_on=[ + act_as, + logs_writer, + ])) + ``` ## Import @@ -1567,6 +1656,7 @@ def __init__(__self__, annotations present in your configuration. Please refer to the field 'effective_annotations' for all of the annotations present on the resource. :param pulumi.Input[Union['ServiceBinaryAuthorizationArgs', 'ServiceBinaryAuthorizationArgsDict']] binary_authorization: Settings for the Binary Authorization feature. + :param pulumi.Input[Union['ServiceBuildConfigArgs', 'ServiceBuildConfigArgsDict']] build_config: Configuration for building a Cloud Run function. :param pulumi.Input[str] client: Arbitrary identifier for the API client. :param pulumi.Input[str] client_version: Arbitrary version identifier for the API client. :param pulumi.Input[Sequence[pulumi.Input[str]]] custom_audiences: One or more custom audiences that you want this service to support. Specify each custom audience as the full URL in a @@ -2075,6 +2165,62 @@ def __init__(__self__, }], }) ``` + ### Cloudrunv2 Service Function + + ```python + import pulumi + import pulumi_gcp as gcp + + project = gcp.organizations.get_project() + bucket = gcp.storage.Bucket("bucket", + name=f"{project.project_id}-gcf-source", + location="US", + uniform_bucket_level_access=True) + object = gcp.storage.BucketObject("object", + name="function-source.zip", + bucket=bucket.name, + source=pulumi.FileAsset("function_source.zip")) + cloudbuild_service_account = gcp.serviceaccount.Account("cloudbuild_service_account", account_id="build-sa") + act_as = gcp.projects.IAMMember("act_as", + project=project.project_id, + role="roles/iam.serviceAccountUser", + member=cloudbuild_service_account.email.apply(lambda email: f"serviceAccount:{email}")) + logs_writer = gcp.projects.IAMMember("logs_writer", + project=project.project_id, + role="roles/logging.logWriter", + member=cloudbuild_service_account.email.apply(lambda email: f"serviceAccount:{email}")) + default = gcp.cloudrunv2.Service("default", + name="cloudrun-service", + location="us-central1", + deletion_protection=False, + ingress="INGRESS_TRAFFIC_ALL", + template={ + "containers": [{ + "image": "us-docker.pkg.dev/cloudrun/container/hello", + }], + }, + build_config={ + "source_location": pulumi.Output.all( + bucketName=bucket.name, + objectName=object.name + ).apply(lambda resolved_outputs: f"gs://{resolved_outputs['bucketName']}/{resolved_outputs['objectName']}") + , + "function_target": "helloHttp", + "image_uri": "us-docker.pkg.dev/cloudrun/container/hello", + "base_image": "us-central1-docker.pkg.dev/serverless-runtimes/google-22-full/runtimes/nodejs22", + "enable_automatic_updates": True, + "worker_pool": "worker-pool", + "environment_variables": { + "FOO_KEY": "FOO_VALUE", + "BAR_KEY": "BAR_VALUE", + }, + "service_account": cloudbuild_service_account.id, + }, + opts = pulumi.ResourceOptions(depends_on=[ + act_as, + logs_writer, + ])) + ``` ## Import @@ -2117,6 +2263,7 @@ def _internal_init(__self__, opts: Optional[pulumi.ResourceOptions] = None, annotations: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None, binary_authorization: Optional[pulumi.Input[Union['ServiceBinaryAuthorizationArgs', 'ServiceBinaryAuthorizationArgsDict']]] = None, + build_config: Optional[pulumi.Input[Union['ServiceBuildConfigArgs', 'ServiceBuildConfigArgsDict']]] = None, client: Optional[pulumi.Input[str]] = None, client_version: Optional[pulumi.Input[str]] = None, custom_audiences: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, @@ -2144,6 +2291,7 @@ def _internal_init(__self__, __props__.__dict__["annotations"] = annotations __props__.__dict__["binary_authorization"] = binary_authorization + __props__.__dict__["build_config"] = build_config __props__.__dict__["client"] = client __props__.__dict__["client_version"] = client_version __props__.__dict__["custom_audiences"] = custom_audiences @@ -2199,6 +2347,7 @@ def get(resource_name: str, opts: Optional[pulumi.ResourceOptions] = None, annotations: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None, binary_authorization: Optional[pulumi.Input[Union['ServiceBinaryAuthorizationArgs', 'ServiceBinaryAuthorizationArgsDict']]] = None, + build_config: Optional[pulumi.Input[Union['ServiceBuildConfigArgs', 'ServiceBuildConfigArgsDict']]] = None, client: Optional[pulumi.Input[str]] = None, client_version: Optional[pulumi.Input[str]] = None, conditions: Optional[pulumi.Input[Sequence[pulumi.Input[Union['ServiceConditionArgs', 'ServiceConditionArgsDict']]]]] = None, @@ -2251,6 +2400,7 @@ def get(resource_name: str, annotations present in your configuration. Please refer to the field 'effective_annotations' for all of the annotations present on the resource. :param pulumi.Input[Union['ServiceBinaryAuthorizationArgs', 'ServiceBinaryAuthorizationArgsDict']] binary_authorization: Settings for the Binary Authorization feature. + :param pulumi.Input[Union['ServiceBuildConfigArgs', 'ServiceBuildConfigArgsDict']] build_config: Configuration for building a Cloud Run function. :param pulumi.Input[str] client: Arbitrary identifier for the API client. :param pulumi.Input[str] client_version: Arbitrary version identifier for the API client. :param pulumi.Input[Sequence[pulumi.Input[Union['ServiceConditionArgs', 'ServiceConditionArgsDict']]]] conditions: The Conditions of all other associated sub-resources. They contain additional diagnostics information in case the Service does not reach its Serving state. See comments in reconciling for additional information on reconciliation process in Cloud Run. @@ -2319,6 +2469,7 @@ def get(resource_name: str, __props__.__dict__["annotations"] = annotations __props__.__dict__["binary_authorization"] = binary_authorization + __props__.__dict__["build_config"] = build_config __props__.__dict__["client"] = client __props__.__dict__["client_version"] = client_version __props__.__dict__["conditions"] = conditions @@ -2380,6 +2531,14 @@ def binary_authorization(self) -> pulumi.Output[Optional['outputs.ServiceBinaryA """ return pulumi.get(self, "binary_authorization") + @property + @pulumi.getter(name="buildConfig") + def build_config(self) -> pulumi.Output[Optional['outputs.ServiceBuildConfig']]: + """ + Configuration for building a Cloud Run function. + """ + return pulumi.get(self, "build_config") + @property @pulumi.getter def client(self) -> pulumi.Output[Optional[str]]: diff --git a/sdk/python/pulumi_gcp/colab/__init__.py b/sdk/python/pulumi_gcp/colab/__init__.py index 034d36b23e..b765be9ffd 100644 --- a/sdk/python/pulumi_gcp/colab/__init__.py +++ b/sdk/python/pulumi_gcp/colab/__init__.py @@ -5,6 +5,11 @@ from .. import _utilities import typing # Export this package's modules as members: +from .get_runtime_template_iam_policy import * +from .runtime import * from .runtime_template import * +from .runtime_template_iam_binding import * +from .runtime_template_iam_member import * +from .runtime_template_iam_policy import * from ._inputs import * from . import outputs diff --git a/sdk/python/pulumi_gcp/colab/_inputs.py b/sdk/python/pulumi_gcp/colab/_inputs.py index 79140d0986..ff69112268 100644 --- a/sdk/python/pulumi_gcp/colab/_inputs.py +++ b/sdk/python/pulumi_gcp/colab/_inputs.py @@ -15,12 +15,18 @@ from .. import _utilities __all__ = [ + 'RuntimeNotebookRuntimeTemplateRefArgs', + 'RuntimeNotebookRuntimeTemplateRefArgsDict', 'RuntimeTemplateDataPersistentDiskSpecArgs', 'RuntimeTemplateDataPersistentDiskSpecArgsDict', 'RuntimeTemplateEncryptionSpecArgs', 'RuntimeTemplateEncryptionSpecArgsDict', 'RuntimeTemplateEucConfigArgs', 'RuntimeTemplateEucConfigArgsDict', + 'RuntimeTemplateIamBindingConditionArgs', + 'RuntimeTemplateIamBindingConditionArgsDict', + 'RuntimeTemplateIamMemberConditionArgs', + 'RuntimeTemplateIamMemberConditionArgsDict', 'RuntimeTemplateIdleShutdownConfigArgs', 'RuntimeTemplateIdleShutdownConfigArgsDict', 'RuntimeTemplateMachineSpecArgs', @@ -33,6 +39,37 @@ MYPY = False +if not MYPY: + class RuntimeNotebookRuntimeTemplateRefArgsDict(TypedDict): + notebook_runtime_template: pulumi.Input[str] + """ + The resource name of the NotebookRuntimeTemplate based on which a NotebookRuntime will be created. + """ +elif False: + RuntimeNotebookRuntimeTemplateRefArgsDict: TypeAlias = Mapping[str, Any] + +@pulumi.input_type +class RuntimeNotebookRuntimeTemplateRefArgs: + def __init__(__self__, *, + notebook_runtime_template: pulumi.Input[str]): + """ + :param pulumi.Input[str] notebook_runtime_template: The resource name of the NotebookRuntimeTemplate based on which a NotebookRuntime will be created. + """ + pulumi.set(__self__, "notebook_runtime_template", notebook_runtime_template) + + @property + @pulumi.getter(name="notebookRuntimeTemplate") + def notebook_runtime_template(self) -> pulumi.Input[str]: + """ + The resource name of the NotebookRuntimeTemplate based on which a NotebookRuntime will be created. + """ + return pulumi.get(self, "notebook_runtime_template") + + @notebook_runtime_template.setter + def notebook_runtime_template(self, value: pulumi.Input[str]): + pulumi.set(self, "notebook_runtime_template", value) + + if not MYPY: class RuntimeTemplateDataPersistentDiskSpecArgsDict(TypedDict): disk_size_gb: NotRequired[pulumi.Input[str]] @@ -149,6 +186,100 @@ def euc_disabled(self, value: Optional[pulumi.Input[bool]]): pulumi.set(self, "euc_disabled", value) +if not MYPY: + class RuntimeTemplateIamBindingConditionArgsDict(TypedDict): + expression: pulumi.Input[str] + title: pulumi.Input[str] + description: NotRequired[pulumi.Input[str]] +elif False: + RuntimeTemplateIamBindingConditionArgsDict: TypeAlias = Mapping[str, Any] + +@pulumi.input_type +class RuntimeTemplateIamBindingConditionArgs: + def __init__(__self__, *, + expression: pulumi.Input[str], + title: pulumi.Input[str], + description: Optional[pulumi.Input[str]] = None): + pulumi.set(__self__, "expression", expression) + pulumi.set(__self__, "title", title) + if description is not None: + pulumi.set(__self__, "description", description) + + @property + @pulumi.getter + def expression(self) -> pulumi.Input[str]: + return pulumi.get(self, "expression") + + @expression.setter + def expression(self, value: pulumi.Input[str]): + pulumi.set(self, "expression", value) + + @property + @pulumi.getter + def title(self) -> pulumi.Input[str]: + return pulumi.get(self, "title") + + @title.setter + def title(self, value: pulumi.Input[str]): + pulumi.set(self, "title", value) + + @property + @pulumi.getter + def description(self) -> Optional[pulumi.Input[str]]: + return pulumi.get(self, "description") + + @description.setter + def description(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "description", value) + + +if not MYPY: + class RuntimeTemplateIamMemberConditionArgsDict(TypedDict): + expression: pulumi.Input[str] + title: pulumi.Input[str] + description: NotRequired[pulumi.Input[str]] +elif False: + RuntimeTemplateIamMemberConditionArgsDict: TypeAlias = Mapping[str, Any] + +@pulumi.input_type +class RuntimeTemplateIamMemberConditionArgs: + def __init__(__self__, *, + expression: pulumi.Input[str], + title: pulumi.Input[str], + description: Optional[pulumi.Input[str]] = None): + pulumi.set(__self__, "expression", expression) + pulumi.set(__self__, "title", title) + if description is not None: + pulumi.set(__self__, "description", description) + + @property + @pulumi.getter + def expression(self) -> pulumi.Input[str]: + return pulumi.get(self, "expression") + + @expression.setter + def expression(self, value: pulumi.Input[str]): + pulumi.set(self, "expression", value) + + @property + @pulumi.getter + def title(self) -> pulumi.Input[str]: + return pulumi.get(self, "title") + + @title.setter + def title(self, value: pulumi.Input[str]): + pulumi.set(self, "title", value) + + @property + @pulumi.getter + def description(self) -> Optional[pulumi.Input[str]]: + return pulumi.get(self, "description") + + @description.setter + def description(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "description", value) + + if not MYPY: class RuntimeTemplateIdleShutdownConfigArgsDict(TypedDict): idle_timeout: NotRequired[pulumi.Input[str]] diff --git a/sdk/python/pulumi_gcp/colab/get_runtime_template_iam_policy.py b/sdk/python/pulumi_gcp/colab/get_runtime_template_iam_policy.py new file mode 100644 index 0000000000..19960b594e --- /dev/null +++ b/sdk/python/pulumi_gcp/colab/get_runtime_template_iam_policy.py @@ -0,0 +1,182 @@ +# coding=utf-8 +# *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +# *** Do not edit by hand unless you're certain you know what you are doing! *** + +import copy +import warnings +import sys +import pulumi +import pulumi.runtime +from typing import Any, Mapping, Optional, Sequence, Union, overload +if sys.version_info >= (3, 11): + from typing import NotRequired, TypedDict, TypeAlias +else: + from typing_extensions import NotRequired, TypedDict, TypeAlias +from .. import _utilities + +__all__ = [ + 'GetRuntimeTemplateIamPolicyResult', + 'AwaitableGetRuntimeTemplateIamPolicyResult', + 'get_runtime_template_iam_policy', + 'get_runtime_template_iam_policy_output', +] + +@pulumi.output_type +class GetRuntimeTemplateIamPolicyResult: + """ + A collection of values returned by getRuntimeTemplateIamPolicy. + """ + def __init__(__self__, etag=None, id=None, location=None, policy_data=None, project=None, runtime_template=None): + if etag and not isinstance(etag, str): + raise TypeError("Expected argument 'etag' to be a str") + pulumi.set(__self__, "etag", etag) + if id and not isinstance(id, str): + raise TypeError("Expected argument 'id' to be a str") + pulumi.set(__self__, "id", id) + if location and not isinstance(location, str): + raise TypeError("Expected argument 'location' to be a str") + pulumi.set(__self__, "location", location) + if policy_data and not isinstance(policy_data, str): + raise TypeError("Expected argument 'policy_data' to be a str") + pulumi.set(__self__, "policy_data", policy_data) + if project and not isinstance(project, str): + raise TypeError("Expected argument 'project' to be a str") + pulumi.set(__self__, "project", project) + if runtime_template and not isinstance(runtime_template, str): + raise TypeError("Expected argument 'runtime_template' to be a str") + pulumi.set(__self__, "runtime_template", runtime_template) + + @property + @pulumi.getter + def etag(self) -> str: + """ + (Computed) The etag of the IAM policy. + """ + return pulumi.get(self, "etag") + + @property + @pulumi.getter + def id(self) -> str: + """ + The provider-assigned unique ID for this managed resource. + """ + return pulumi.get(self, "id") + + @property + @pulumi.getter + def location(self) -> str: + return pulumi.get(self, "location") + + @property + @pulumi.getter(name="policyData") + def policy_data(self) -> str: + """ + (Required only by `colab.RuntimeTemplateIamPolicy`) The policy data generated by + a `organizations_get_iam_policy` data source. + """ + return pulumi.get(self, "policy_data") + + @property + @pulumi.getter + def project(self) -> str: + return pulumi.get(self, "project") + + @property + @pulumi.getter(name="runtimeTemplate") + def runtime_template(self) -> str: + return pulumi.get(self, "runtime_template") + + +class AwaitableGetRuntimeTemplateIamPolicyResult(GetRuntimeTemplateIamPolicyResult): + # pylint: disable=using-constant-test + def __await__(self): + if False: + yield self + return GetRuntimeTemplateIamPolicyResult( + etag=self.etag, + id=self.id, + location=self.location, + policy_data=self.policy_data, + project=self.project, + runtime_template=self.runtime_template) + + +def get_runtime_template_iam_policy(location: Optional[str] = None, + project: Optional[str] = None, + runtime_template: Optional[str] = None, + opts: Optional[pulumi.InvokeOptions] = None) -> AwaitableGetRuntimeTemplateIamPolicyResult: + """ + Retrieves the current IAM policy data for runtimetemplate + + ## example + + ```python + import pulumi + import pulumi_gcp as gcp + + policy = gcp.colab.get_runtime_template_iam_policy(project=runtime_template["project"], + location=runtime_template["location"], + runtime_template=runtime_template["name"]) + ``` + + + :param str location: The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + location is specified, it is taken from the provider configuration. + :param str project: The ID of the project in which the resource belongs. + If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + :param str runtime_template: Used to find the parent resource to bind the IAM policy to + """ + __args__ = dict() + __args__['location'] = location + __args__['project'] = project + __args__['runtimeTemplate'] = runtime_template + opts = pulumi.InvokeOptions.merge(_utilities.get_invoke_opts_defaults(), opts) + __ret__ = pulumi.runtime.invoke('gcp:colab/getRuntimeTemplateIamPolicy:getRuntimeTemplateIamPolicy', __args__, opts=opts, typ=GetRuntimeTemplateIamPolicyResult).value + + return AwaitableGetRuntimeTemplateIamPolicyResult( + etag=pulumi.get(__ret__, 'etag'), + id=pulumi.get(__ret__, 'id'), + location=pulumi.get(__ret__, 'location'), + policy_data=pulumi.get(__ret__, 'policy_data'), + project=pulumi.get(__ret__, 'project'), + runtime_template=pulumi.get(__ret__, 'runtime_template')) +def get_runtime_template_iam_policy_output(location: Optional[pulumi.Input[Optional[str]]] = None, + project: Optional[pulumi.Input[Optional[str]]] = None, + runtime_template: Optional[pulumi.Input[str]] = None, + opts: Optional[Union[pulumi.InvokeOptions, pulumi.InvokeOutputOptions]] = None) -> pulumi.Output[GetRuntimeTemplateIamPolicyResult]: + """ + Retrieves the current IAM policy data for runtimetemplate + + ## example + + ```python + import pulumi + import pulumi_gcp as gcp + + policy = gcp.colab.get_runtime_template_iam_policy(project=runtime_template["project"], + location=runtime_template["location"], + runtime_template=runtime_template["name"]) + ``` + + + :param str location: The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + location is specified, it is taken from the provider configuration. + :param str project: The ID of the project in which the resource belongs. + If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + :param str runtime_template: Used to find the parent resource to bind the IAM policy to + """ + __args__ = dict() + __args__['location'] = location + __args__['project'] = project + __args__['runtimeTemplate'] = runtime_template + opts = pulumi.InvokeOutputOptions.merge(_utilities.get_invoke_opts_defaults(), opts) + __ret__ = pulumi.runtime.invoke_output('gcp:colab/getRuntimeTemplateIamPolicy:getRuntimeTemplateIamPolicy', __args__, opts=opts, typ=GetRuntimeTemplateIamPolicyResult) + return __ret__.apply(lambda __response__: GetRuntimeTemplateIamPolicyResult( + etag=pulumi.get(__response__, 'etag'), + id=pulumi.get(__response__, 'id'), + location=pulumi.get(__response__, 'location'), + policy_data=pulumi.get(__response__, 'policy_data'), + project=pulumi.get(__response__, 'project'), + runtime_template=pulumi.get(__response__, 'runtime_template'))) diff --git a/sdk/python/pulumi_gcp/colab/outputs.py b/sdk/python/pulumi_gcp/colab/outputs.py index 947d9cf643..90391b0ee7 100644 --- a/sdk/python/pulumi_gcp/colab/outputs.py +++ b/sdk/python/pulumi_gcp/colab/outputs.py @@ -15,15 +15,53 @@ from .. import _utilities __all__ = [ + 'RuntimeNotebookRuntimeTemplateRef', 'RuntimeTemplateDataPersistentDiskSpec', 'RuntimeTemplateEncryptionSpec', 'RuntimeTemplateEucConfig', + 'RuntimeTemplateIamBindingCondition', + 'RuntimeTemplateIamMemberCondition', 'RuntimeTemplateIdleShutdownConfig', 'RuntimeTemplateMachineSpec', 'RuntimeTemplateNetworkSpec', 'RuntimeTemplateShieldedVmConfig', ] +@pulumi.output_type +class RuntimeNotebookRuntimeTemplateRef(dict): + @staticmethod + def __key_warning(key: str): + suggest = None + if key == "notebookRuntimeTemplate": + suggest = "notebook_runtime_template" + + if suggest: + pulumi.log.warn(f"Key '{key}' not found in RuntimeNotebookRuntimeTemplateRef. Access the value via the '{suggest}' property getter instead.") + + def __getitem__(self, key: str) -> Any: + RuntimeNotebookRuntimeTemplateRef.__key_warning(key) + return super().__getitem__(key) + + def get(self, key: str, default = None) -> Any: + RuntimeNotebookRuntimeTemplateRef.__key_warning(key) + return super().get(key, default) + + def __init__(__self__, *, + notebook_runtime_template: str): + """ + :param str notebook_runtime_template: The resource name of the NotebookRuntimeTemplate based on which a NotebookRuntime will be created. + """ + pulumi.set(__self__, "notebook_runtime_template", notebook_runtime_template) + + @property + @pulumi.getter(name="notebookRuntimeTemplate") + def notebook_runtime_template(self) -> str: + """ + The resource name of the NotebookRuntimeTemplate based on which a NotebookRuntime will be created. + """ + return pulumi.get(self, "notebook_runtime_template") + + @pulumi.output_type class RuntimeTemplateDataPersistentDiskSpec(dict): @staticmethod @@ -146,6 +184,60 @@ def euc_disabled(self) -> Optional[bool]: return pulumi.get(self, "euc_disabled") +@pulumi.output_type +class RuntimeTemplateIamBindingCondition(dict): + def __init__(__self__, *, + expression: str, + title: str, + description: Optional[str] = None): + pulumi.set(__self__, "expression", expression) + pulumi.set(__self__, "title", title) + if description is not None: + pulumi.set(__self__, "description", description) + + @property + @pulumi.getter + def expression(self) -> str: + return pulumi.get(self, "expression") + + @property + @pulumi.getter + def title(self) -> str: + return pulumi.get(self, "title") + + @property + @pulumi.getter + def description(self) -> Optional[str]: + return pulumi.get(self, "description") + + +@pulumi.output_type +class RuntimeTemplateIamMemberCondition(dict): + def __init__(__self__, *, + expression: str, + title: str, + description: Optional[str] = None): + pulumi.set(__self__, "expression", expression) + pulumi.set(__self__, "title", title) + if description is not None: + pulumi.set(__self__, "description", description) + + @property + @pulumi.getter + def expression(self) -> str: + return pulumi.get(self, "expression") + + @property + @pulumi.getter + def title(self) -> str: + return pulumi.get(self, "title") + + @property + @pulumi.getter + def description(self) -> Optional[str]: + return pulumi.get(self, "description") + + @pulumi.output_type class RuntimeTemplateIdleShutdownConfig(dict): @staticmethod diff --git a/sdk/python/pulumi_gcp/colab/runtime.py b/sdk/python/pulumi_gcp/colab/runtime.py new file mode 100644 index 0000000000..0598daa4a7 --- /dev/null +++ b/sdk/python/pulumi_gcp/colab/runtime.py @@ -0,0 +1,696 @@ +# coding=utf-8 +# *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +# *** Do not edit by hand unless you're certain you know what you are doing! *** + +import copy +import warnings +import sys +import pulumi +import pulumi.runtime +from typing import Any, Mapping, Optional, Sequence, Union, overload +if sys.version_info >= (3, 11): + from typing import NotRequired, TypedDict, TypeAlias +else: + from typing_extensions import NotRequired, TypedDict, TypeAlias +from .. import _utilities +from . import outputs +from ._inputs import * + +__all__ = ['RuntimeArgs', 'Runtime'] + +@pulumi.input_type +class RuntimeArgs: + def __init__(__self__, *, + display_name: pulumi.Input[str], + location: pulumi.Input[str], + runtime_user: pulumi.Input[str], + description: Optional[pulumi.Input[str]] = None, + name: Optional[pulumi.Input[str]] = None, + notebook_runtime_template_ref: Optional[pulumi.Input['RuntimeNotebookRuntimeTemplateRefArgs']] = None, + project: Optional[pulumi.Input[str]] = None): + """ + The set of arguments for constructing a Runtime resource. + :param pulumi.Input[str] display_name: Required. The display name of the Runtime. + :param pulumi.Input[str] location: The location for the resource: https://cloud.google.com/colab/docs/locations + + + - - - + :param pulumi.Input[str] runtime_user: The user email of the NotebookRuntime. + :param pulumi.Input[str] description: The description of the Runtime. + :param pulumi.Input[str] name: The resource name of the Runtime + :param pulumi.Input['RuntimeNotebookRuntimeTemplateRefArgs'] notebook_runtime_template_ref: 'Runtime specific information used for NotebookRuntime creation.' + Structure is documented below. + :param pulumi.Input[str] project: The ID of the project in which the resource belongs. + If it is not provided, the provider project is used. + """ + pulumi.set(__self__, "display_name", display_name) + pulumi.set(__self__, "location", location) + pulumi.set(__self__, "runtime_user", runtime_user) + if description is not None: + pulumi.set(__self__, "description", description) + if name is not None: + pulumi.set(__self__, "name", name) + if notebook_runtime_template_ref is not None: + pulumi.set(__self__, "notebook_runtime_template_ref", notebook_runtime_template_ref) + if project is not None: + pulumi.set(__self__, "project", project) + + @property + @pulumi.getter(name="displayName") + def display_name(self) -> pulumi.Input[str]: + """ + Required. The display name of the Runtime. + """ + return pulumi.get(self, "display_name") + + @display_name.setter + def display_name(self, value: pulumi.Input[str]): + pulumi.set(self, "display_name", value) + + @property + @pulumi.getter + def location(self) -> pulumi.Input[str]: + """ + The location for the resource: https://cloud.google.com/colab/docs/locations + + + - - - + """ + return pulumi.get(self, "location") + + @location.setter + def location(self, value: pulumi.Input[str]): + pulumi.set(self, "location", value) + + @property + @pulumi.getter(name="runtimeUser") + def runtime_user(self) -> pulumi.Input[str]: + """ + The user email of the NotebookRuntime. + """ + return pulumi.get(self, "runtime_user") + + @runtime_user.setter + def runtime_user(self, value: pulumi.Input[str]): + pulumi.set(self, "runtime_user", value) + + @property + @pulumi.getter + def description(self) -> Optional[pulumi.Input[str]]: + """ + The description of the Runtime. + """ + return pulumi.get(self, "description") + + @description.setter + def description(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "description", value) + + @property + @pulumi.getter + def name(self) -> Optional[pulumi.Input[str]]: + """ + The resource name of the Runtime + """ + return pulumi.get(self, "name") + + @name.setter + def name(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "name", value) + + @property + @pulumi.getter(name="notebookRuntimeTemplateRef") + def notebook_runtime_template_ref(self) -> Optional[pulumi.Input['RuntimeNotebookRuntimeTemplateRefArgs']]: + """ + 'Runtime specific information used for NotebookRuntime creation.' + Structure is documented below. + """ + return pulumi.get(self, "notebook_runtime_template_ref") + + @notebook_runtime_template_ref.setter + def notebook_runtime_template_ref(self, value: Optional[pulumi.Input['RuntimeNotebookRuntimeTemplateRefArgs']]): + pulumi.set(self, "notebook_runtime_template_ref", value) + + @property + @pulumi.getter + def project(self) -> Optional[pulumi.Input[str]]: + """ + The ID of the project in which the resource belongs. + If it is not provided, the provider project is used. + """ + return pulumi.get(self, "project") + + @project.setter + def project(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "project", value) + + +@pulumi.input_type +class _RuntimeState: + def __init__(__self__, *, + description: Optional[pulumi.Input[str]] = None, + display_name: Optional[pulumi.Input[str]] = None, + location: Optional[pulumi.Input[str]] = None, + name: Optional[pulumi.Input[str]] = None, + notebook_runtime_template_ref: Optional[pulumi.Input['RuntimeNotebookRuntimeTemplateRefArgs']] = None, + project: Optional[pulumi.Input[str]] = None, + runtime_user: Optional[pulumi.Input[str]] = None): + """ + Input properties used for looking up and filtering Runtime resources. + :param pulumi.Input[str] description: The description of the Runtime. + :param pulumi.Input[str] display_name: Required. The display name of the Runtime. + :param pulumi.Input[str] location: The location for the resource: https://cloud.google.com/colab/docs/locations + + + - - - + :param pulumi.Input[str] name: The resource name of the Runtime + :param pulumi.Input['RuntimeNotebookRuntimeTemplateRefArgs'] notebook_runtime_template_ref: 'Runtime specific information used for NotebookRuntime creation.' + Structure is documented below. + :param pulumi.Input[str] project: The ID of the project in which the resource belongs. + If it is not provided, the provider project is used. + :param pulumi.Input[str] runtime_user: The user email of the NotebookRuntime. + """ + if description is not None: + pulumi.set(__self__, "description", description) + if display_name is not None: + pulumi.set(__self__, "display_name", display_name) + if location is not None: + pulumi.set(__self__, "location", location) + if name is not None: + pulumi.set(__self__, "name", name) + if notebook_runtime_template_ref is not None: + pulumi.set(__self__, "notebook_runtime_template_ref", notebook_runtime_template_ref) + if project is not None: + pulumi.set(__self__, "project", project) + if runtime_user is not None: + pulumi.set(__self__, "runtime_user", runtime_user) + + @property + @pulumi.getter + def description(self) -> Optional[pulumi.Input[str]]: + """ + The description of the Runtime. + """ + return pulumi.get(self, "description") + + @description.setter + def description(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "description", value) + + @property + @pulumi.getter(name="displayName") + def display_name(self) -> Optional[pulumi.Input[str]]: + """ + Required. The display name of the Runtime. + """ + return pulumi.get(self, "display_name") + + @display_name.setter + def display_name(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "display_name", value) + + @property + @pulumi.getter + def location(self) -> Optional[pulumi.Input[str]]: + """ + The location for the resource: https://cloud.google.com/colab/docs/locations + + + - - - + """ + return pulumi.get(self, "location") + + @location.setter + def location(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "location", value) + + @property + @pulumi.getter + def name(self) -> Optional[pulumi.Input[str]]: + """ + The resource name of the Runtime + """ + return pulumi.get(self, "name") + + @name.setter + def name(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "name", value) + + @property + @pulumi.getter(name="notebookRuntimeTemplateRef") + def notebook_runtime_template_ref(self) -> Optional[pulumi.Input['RuntimeNotebookRuntimeTemplateRefArgs']]: + """ + 'Runtime specific information used for NotebookRuntime creation.' + Structure is documented below. + """ + return pulumi.get(self, "notebook_runtime_template_ref") + + @notebook_runtime_template_ref.setter + def notebook_runtime_template_ref(self, value: Optional[pulumi.Input['RuntimeNotebookRuntimeTemplateRefArgs']]): + pulumi.set(self, "notebook_runtime_template_ref", value) + + @property + @pulumi.getter + def project(self) -> Optional[pulumi.Input[str]]: + """ + The ID of the project in which the resource belongs. + If it is not provided, the provider project is used. + """ + return pulumi.get(self, "project") + + @project.setter + def project(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "project", value) + + @property + @pulumi.getter(name="runtimeUser") + def runtime_user(self) -> Optional[pulumi.Input[str]]: + """ + The user email of the NotebookRuntime. + """ + return pulumi.get(self, "runtime_user") + + @runtime_user.setter + def runtime_user(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "runtime_user", value) + + +class Runtime(pulumi.CustomResource): + @overload + def __init__(__self__, + resource_name: str, + opts: Optional[pulumi.ResourceOptions] = None, + description: Optional[pulumi.Input[str]] = None, + display_name: Optional[pulumi.Input[str]] = None, + location: Optional[pulumi.Input[str]] = None, + name: Optional[pulumi.Input[str]] = None, + notebook_runtime_template_ref: Optional[pulumi.Input[Union['RuntimeNotebookRuntimeTemplateRefArgs', 'RuntimeNotebookRuntimeTemplateRefArgsDict']]] = None, + project: Optional[pulumi.Input[str]] = None, + runtime_user: Optional[pulumi.Input[str]] = None, + __props__=None): + """ + 'A runtime is a Google-provisioned virtual machine (VM) that can run the code in your notebook (IPYNB file).' + + To get more information about Runtime, see: + + * [API documentation](https://cloud.google.com/vertex-ai/docs/reference/rest/v1/projects.locations.notebookRuntimes) + * How-to Guides + * [Create a runtime](https://cloud.google.com/colab/docs/create-runtime) + + ## Example Usage + + ### Colab Runtime Basic + + ```python + import pulumi + import pulumi_gcp as gcp + + my_template = gcp.colab.RuntimeTemplate("my_template", + name="colab-runtime", + display_name="Runtime template basic", + location="us-central1", + machine_spec={ + "machine_type": "e2-standard-4", + }, + network_spec={ + "enable_internet_access": True, + }) + runtime = gcp.colab.Runtime("runtime", + name="colab-runtime", + location="us-central1", + notebook_runtime_template_ref={ + "notebook_runtime_template": my_template.id, + }, + display_name="Runtime basic", + runtime_user="gterraformtestuser@gmail.com", + opts = pulumi.ResourceOptions(depends_on=[my_template])) + ``` + ### Colab Runtime Full + + ```python + import pulumi + import pulumi_gcp as gcp + + my_template = gcp.colab.RuntimeTemplate("my_template", + name="colab-runtime", + display_name="Runtime template full", + location="us-central1", + description="Full runtime template", + machine_spec={ + "machine_type": "n1-standard-2", + "accelerator_type": "NVIDIA_TESLA_T4", + "accelerator_count": 1, + }, + data_persistent_disk_spec={ + "disk_type": "pd-standard", + "disk_size_gb": "200", + }, + network_spec={ + "enable_internet_access": True, + }, + labels={ + "k": "val", + }, + idle_shutdown_config={ + "idle_timeout": "3600s", + }, + euc_config={ + "euc_disabled": True, + }, + shielded_vm_config={ + "enable_secure_boot": True, + }, + network_tags=[ + "abc", + "def", + ], + encryption_spec={ + "kms_key_name": "my-crypto-key", + }) + runtime = gcp.colab.Runtime("runtime", + name="colab-runtime", + location="us-central1", + notebook_runtime_template_ref={ + "notebook_runtime_template": my_template.id, + }, + display_name="Runtime full", + runtime_user="gterraformtestuser@gmail.com", + description="Full runtime", + opts = pulumi.ResourceOptions(depends_on=[my_template])) + ``` + + ## Import + + Runtime can be imported using any of these accepted formats: + + * `projects/{{project}}/locations/{{location}}/notebookRuntimes/{{name}}` + + * `{{project}}/{{location}}/{{name}}` + + * `{{location}}/{{name}}` + + When using the `pulumi import` command, Runtime can be imported using one of the formats above. For example: + + ```sh + $ pulumi import gcp:colab/runtime:Runtime default projects/{{project}}/locations/{{location}}/notebookRuntimes/{{name}} + ``` + + ```sh + $ pulumi import gcp:colab/runtime:Runtime default {{project}}/{{location}}/{{name}} + ``` + + ```sh + $ pulumi import gcp:colab/runtime:Runtime default {{location}}/{{name}} + ``` + + :param str resource_name: The name of the resource. + :param pulumi.ResourceOptions opts: Options for the resource. + :param pulumi.Input[str] description: The description of the Runtime. + :param pulumi.Input[str] display_name: Required. The display name of the Runtime. + :param pulumi.Input[str] location: The location for the resource: https://cloud.google.com/colab/docs/locations + + + - - - + :param pulumi.Input[str] name: The resource name of the Runtime + :param pulumi.Input[Union['RuntimeNotebookRuntimeTemplateRefArgs', 'RuntimeNotebookRuntimeTemplateRefArgsDict']] notebook_runtime_template_ref: 'Runtime specific information used for NotebookRuntime creation.' + Structure is documented below. + :param pulumi.Input[str] project: The ID of the project in which the resource belongs. + If it is not provided, the provider project is used. + :param pulumi.Input[str] runtime_user: The user email of the NotebookRuntime. + """ + ... + @overload + def __init__(__self__, + resource_name: str, + args: RuntimeArgs, + opts: Optional[pulumi.ResourceOptions] = None): + """ + 'A runtime is a Google-provisioned virtual machine (VM) that can run the code in your notebook (IPYNB file).' + + To get more information about Runtime, see: + + * [API documentation](https://cloud.google.com/vertex-ai/docs/reference/rest/v1/projects.locations.notebookRuntimes) + * How-to Guides + * [Create a runtime](https://cloud.google.com/colab/docs/create-runtime) + + ## Example Usage + + ### Colab Runtime Basic + + ```python + import pulumi + import pulumi_gcp as gcp + + my_template = gcp.colab.RuntimeTemplate("my_template", + name="colab-runtime", + display_name="Runtime template basic", + location="us-central1", + machine_spec={ + "machine_type": "e2-standard-4", + }, + network_spec={ + "enable_internet_access": True, + }) + runtime = gcp.colab.Runtime("runtime", + name="colab-runtime", + location="us-central1", + notebook_runtime_template_ref={ + "notebook_runtime_template": my_template.id, + }, + display_name="Runtime basic", + runtime_user="gterraformtestuser@gmail.com", + opts = pulumi.ResourceOptions(depends_on=[my_template])) + ``` + ### Colab Runtime Full + + ```python + import pulumi + import pulumi_gcp as gcp + + my_template = gcp.colab.RuntimeTemplate("my_template", + name="colab-runtime", + display_name="Runtime template full", + location="us-central1", + description="Full runtime template", + machine_spec={ + "machine_type": "n1-standard-2", + "accelerator_type": "NVIDIA_TESLA_T4", + "accelerator_count": 1, + }, + data_persistent_disk_spec={ + "disk_type": "pd-standard", + "disk_size_gb": "200", + }, + network_spec={ + "enable_internet_access": True, + }, + labels={ + "k": "val", + }, + idle_shutdown_config={ + "idle_timeout": "3600s", + }, + euc_config={ + "euc_disabled": True, + }, + shielded_vm_config={ + "enable_secure_boot": True, + }, + network_tags=[ + "abc", + "def", + ], + encryption_spec={ + "kms_key_name": "my-crypto-key", + }) + runtime = gcp.colab.Runtime("runtime", + name="colab-runtime", + location="us-central1", + notebook_runtime_template_ref={ + "notebook_runtime_template": my_template.id, + }, + display_name="Runtime full", + runtime_user="gterraformtestuser@gmail.com", + description="Full runtime", + opts = pulumi.ResourceOptions(depends_on=[my_template])) + ``` + + ## Import + + Runtime can be imported using any of these accepted formats: + + * `projects/{{project}}/locations/{{location}}/notebookRuntimes/{{name}}` + + * `{{project}}/{{location}}/{{name}}` + + * `{{location}}/{{name}}` + + When using the `pulumi import` command, Runtime can be imported using one of the formats above. For example: + + ```sh + $ pulumi import gcp:colab/runtime:Runtime default projects/{{project}}/locations/{{location}}/notebookRuntimes/{{name}} + ``` + + ```sh + $ pulumi import gcp:colab/runtime:Runtime default {{project}}/{{location}}/{{name}} + ``` + + ```sh + $ pulumi import gcp:colab/runtime:Runtime default {{location}}/{{name}} + ``` + + :param str resource_name: The name of the resource. + :param RuntimeArgs args: The arguments to use to populate this resource's properties. + :param pulumi.ResourceOptions opts: Options for the resource. + """ + ... + def __init__(__self__, resource_name: str, *args, **kwargs): + resource_args, opts = _utilities.get_resource_args_opts(RuntimeArgs, pulumi.ResourceOptions, *args, **kwargs) + if resource_args is not None: + __self__._internal_init(resource_name, opts, **resource_args.__dict__) + else: + __self__._internal_init(resource_name, *args, **kwargs) + + def _internal_init(__self__, + resource_name: str, + opts: Optional[pulumi.ResourceOptions] = None, + description: Optional[pulumi.Input[str]] = None, + display_name: Optional[pulumi.Input[str]] = None, + location: Optional[pulumi.Input[str]] = None, + name: Optional[pulumi.Input[str]] = None, + notebook_runtime_template_ref: Optional[pulumi.Input[Union['RuntimeNotebookRuntimeTemplateRefArgs', 'RuntimeNotebookRuntimeTemplateRefArgsDict']]] = None, + project: Optional[pulumi.Input[str]] = None, + runtime_user: Optional[pulumi.Input[str]] = None, + __props__=None): + opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts) + if not isinstance(opts, pulumi.ResourceOptions): + raise TypeError('Expected resource options to be a ResourceOptions instance') + if opts.id is None: + if __props__ is not None: + raise TypeError('__props__ is only valid when passed in combination with a valid opts.id to get an existing resource') + __props__ = RuntimeArgs.__new__(RuntimeArgs) + + __props__.__dict__["description"] = description + if display_name is None and not opts.urn: + raise TypeError("Missing required property 'display_name'") + __props__.__dict__["display_name"] = display_name + if location is None and not opts.urn: + raise TypeError("Missing required property 'location'") + __props__.__dict__["location"] = location + __props__.__dict__["name"] = name + __props__.__dict__["notebook_runtime_template_ref"] = notebook_runtime_template_ref + __props__.__dict__["project"] = project + if runtime_user is None and not opts.urn: + raise TypeError("Missing required property 'runtime_user'") + __props__.__dict__["runtime_user"] = runtime_user + super(Runtime, __self__).__init__( + 'gcp:colab/runtime:Runtime', + resource_name, + __props__, + opts) + + @staticmethod + def get(resource_name: str, + id: pulumi.Input[str], + opts: Optional[pulumi.ResourceOptions] = None, + description: Optional[pulumi.Input[str]] = None, + display_name: Optional[pulumi.Input[str]] = None, + location: Optional[pulumi.Input[str]] = None, + name: Optional[pulumi.Input[str]] = None, + notebook_runtime_template_ref: Optional[pulumi.Input[Union['RuntimeNotebookRuntimeTemplateRefArgs', 'RuntimeNotebookRuntimeTemplateRefArgsDict']]] = None, + project: Optional[pulumi.Input[str]] = None, + runtime_user: Optional[pulumi.Input[str]] = None) -> 'Runtime': + """ + Get an existing Runtime resource's state with the given name, id, and optional extra + properties used to qualify the lookup. + + :param str resource_name: The unique name of the resulting resource. + :param pulumi.Input[str] id: The unique provider ID of the resource to lookup. + :param pulumi.ResourceOptions opts: Options for the resource. + :param pulumi.Input[str] description: The description of the Runtime. + :param pulumi.Input[str] display_name: Required. The display name of the Runtime. + :param pulumi.Input[str] location: The location for the resource: https://cloud.google.com/colab/docs/locations + + + - - - + :param pulumi.Input[str] name: The resource name of the Runtime + :param pulumi.Input[Union['RuntimeNotebookRuntimeTemplateRefArgs', 'RuntimeNotebookRuntimeTemplateRefArgsDict']] notebook_runtime_template_ref: 'Runtime specific information used for NotebookRuntime creation.' + Structure is documented below. + :param pulumi.Input[str] project: The ID of the project in which the resource belongs. + If it is not provided, the provider project is used. + :param pulumi.Input[str] runtime_user: The user email of the NotebookRuntime. + """ + opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id)) + + __props__ = _RuntimeState.__new__(_RuntimeState) + + __props__.__dict__["description"] = description + __props__.__dict__["display_name"] = display_name + __props__.__dict__["location"] = location + __props__.__dict__["name"] = name + __props__.__dict__["notebook_runtime_template_ref"] = notebook_runtime_template_ref + __props__.__dict__["project"] = project + __props__.__dict__["runtime_user"] = runtime_user + return Runtime(resource_name, opts=opts, __props__=__props__) + + @property + @pulumi.getter + def description(self) -> pulumi.Output[Optional[str]]: + """ + The description of the Runtime. + """ + return pulumi.get(self, "description") + + @property + @pulumi.getter(name="displayName") + def display_name(self) -> pulumi.Output[str]: + """ + Required. The display name of the Runtime. + """ + return pulumi.get(self, "display_name") + + @property + @pulumi.getter + def location(self) -> pulumi.Output[str]: + """ + The location for the resource: https://cloud.google.com/colab/docs/locations + + + - - - + """ + return pulumi.get(self, "location") + + @property + @pulumi.getter + def name(self) -> pulumi.Output[str]: + """ + The resource name of the Runtime + """ + return pulumi.get(self, "name") + + @property + @pulumi.getter(name="notebookRuntimeTemplateRef") + def notebook_runtime_template_ref(self) -> pulumi.Output[Optional['outputs.RuntimeNotebookRuntimeTemplateRef']]: + """ + 'Runtime specific information used for NotebookRuntime creation.' + Structure is documented below. + """ + return pulumi.get(self, "notebook_runtime_template_ref") + + @property + @pulumi.getter + def project(self) -> pulumi.Output[str]: + """ + The ID of the project in which the resource belongs. + If it is not provided, the provider project is used. + """ + return pulumi.get(self, "project") + + @property + @pulumi.getter(name="runtimeUser") + def runtime_user(self) -> pulumi.Output[str]: + """ + The user email of the NotebookRuntime. + """ + return pulumi.get(self, "runtime_user") + diff --git a/sdk/python/pulumi_gcp/colab/runtime_template_iam_binding.py b/sdk/python/pulumi_gcp/colab/runtime_template_iam_binding.py new file mode 100644 index 0000000000..3bc8f3eada --- /dev/null +++ b/sdk/python/pulumi_gcp/colab/runtime_template_iam_binding.py @@ -0,0 +1,828 @@ +# coding=utf-8 +# *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +# *** Do not edit by hand unless you're certain you know what you are doing! *** + +import copy +import warnings +import sys +import pulumi +import pulumi.runtime +from typing import Any, Mapping, Optional, Sequence, Union, overload +if sys.version_info >= (3, 11): + from typing import NotRequired, TypedDict, TypeAlias +else: + from typing_extensions import NotRequired, TypedDict, TypeAlias +from .. import _utilities +from . import outputs +from ._inputs import * + +__all__ = ['RuntimeTemplateIamBindingArgs', 'RuntimeTemplateIamBinding'] + +@pulumi.input_type +class RuntimeTemplateIamBindingArgs: + def __init__(__self__, *, + members: pulumi.Input[Sequence[pulumi.Input[str]]], + role: pulumi.Input[str], + runtime_template: pulumi.Input[str], + condition: Optional[pulumi.Input['RuntimeTemplateIamBindingConditionArgs']] = None, + location: Optional[pulumi.Input[str]] = None, + project: Optional[pulumi.Input[str]] = None): + """ + The set of arguments for constructing a RuntimeTemplateIamBinding resource. + :param pulumi.Input[Sequence[pulumi.Input[str]]] members: Identities that will be granted the privilege in `role`. + Each entry can have one of the following values: + * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + :param pulumi.Input[str] role: The role that should be applied. Only one + `colab.RuntimeTemplateIamBinding` can be used per role. Note that custom roles must be of the format + `[projects|organizations]/{parent-name}/roles/{role-name}`. + :param pulumi.Input[str] runtime_template: Used to find the parent resource to bind the IAM policy to + :param pulumi.Input[str] location: The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + location is specified, it is taken from the provider configuration. + :param pulumi.Input[str] project: The ID of the project in which the resource belongs. + If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + """ + pulumi.set(__self__, "members", members) + pulumi.set(__self__, "role", role) + pulumi.set(__self__, "runtime_template", runtime_template) + if condition is not None: + pulumi.set(__self__, "condition", condition) + if location is not None: + pulumi.set(__self__, "location", location) + if project is not None: + pulumi.set(__self__, "project", project) + + @property + @pulumi.getter + def members(self) -> pulumi.Input[Sequence[pulumi.Input[str]]]: + """ + Identities that will be granted the privilege in `role`. + Each entry can have one of the following values: + * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + """ + return pulumi.get(self, "members") + + @members.setter + def members(self, value: pulumi.Input[Sequence[pulumi.Input[str]]]): + pulumi.set(self, "members", value) + + @property + @pulumi.getter + def role(self) -> pulumi.Input[str]: + """ + The role that should be applied. Only one + `colab.RuntimeTemplateIamBinding` can be used per role. Note that custom roles must be of the format + `[projects|organizations]/{parent-name}/roles/{role-name}`. + """ + return pulumi.get(self, "role") + + @role.setter + def role(self, value: pulumi.Input[str]): + pulumi.set(self, "role", value) + + @property + @pulumi.getter(name="runtimeTemplate") + def runtime_template(self) -> pulumi.Input[str]: + """ + Used to find the parent resource to bind the IAM policy to + """ + return pulumi.get(self, "runtime_template") + + @runtime_template.setter + def runtime_template(self, value: pulumi.Input[str]): + pulumi.set(self, "runtime_template", value) + + @property + @pulumi.getter + def condition(self) -> Optional[pulumi.Input['RuntimeTemplateIamBindingConditionArgs']]: + return pulumi.get(self, "condition") + + @condition.setter + def condition(self, value: Optional[pulumi.Input['RuntimeTemplateIamBindingConditionArgs']]): + pulumi.set(self, "condition", value) + + @property + @pulumi.getter + def location(self) -> Optional[pulumi.Input[str]]: + """ + The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + location is specified, it is taken from the provider configuration. + """ + return pulumi.get(self, "location") + + @location.setter + def location(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "location", value) + + @property + @pulumi.getter + def project(self) -> Optional[pulumi.Input[str]]: + """ + The ID of the project in which the resource belongs. + If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + """ + return pulumi.get(self, "project") + + @project.setter + def project(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "project", value) + + +@pulumi.input_type +class _RuntimeTemplateIamBindingState: + def __init__(__self__, *, + condition: Optional[pulumi.Input['RuntimeTemplateIamBindingConditionArgs']] = None, + etag: Optional[pulumi.Input[str]] = None, + location: Optional[pulumi.Input[str]] = None, + members: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, + project: Optional[pulumi.Input[str]] = None, + role: Optional[pulumi.Input[str]] = None, + runtime_template: Optional[pulumi.Input[str]] = None): + """ + Input properties used for looking up and filtering RuntimeTemplateIamBinding resources. + :param pulumi.Input[str] etag: (Computed) The etag of the IAM policy. + :param pulumi.Input[str] location: The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + location is specified, it is taken from the provider configuration. + :param pulumi.Input[Sequence[pulumi.Input[str]]] members: Identities that will be granted the privilege in `role`. + Each entry can have one of the following values: + * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + :param pulumi.Input[str] project: The ID of the project in which the resource belongs. + If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + :param pulumi.Input[str] role: The role that should be applied. Only one + `colab.RuntimeTemplateIamBinding` can be used per role. Note that custom roles must be of the format + `[projects|organizations]/{parent-name}/roles/{role-name}`. + :param pulumi.Input[str] runtime_template: Used to find the parent resource to bind the IAM policy to + """ + if condition is not None: + pulumi.set(__self__, "condition", condition) + if etag is not None: + pulumi.set(__self__, "etag", etag) + if location is not None: + pulumi.set(__self__, "location", location) + if members is not None: + pulumi.set(__self__, "members", members) + if project is not None: + pulumi.set(__self__, "project", project) + if role is not None: + pulumi.set(__self__, "role", role) + if runtime_template is not None: + pulumi.set(__self__, "runtime_template", runtime_template) + + @property + @pulumi.getter + def condition(self) -> Optional[pulumi.Input['RuntimeTemplateIamBindingConditionArgs']]: + return pulumi.get(self, "condition") + + @condition.setter + def condition(self, value: Optional[pulumi.Input['RuntimeTemplateIamBindingConditionArgs']]): + pulumi.set(self, "condition", value) + + @property + @pulumi.getter + def etag(self) -> Optional[pulumi.Input[str]]: + """ + (Computed) The etag of the IAM policy. + """ + return pulumi.get(self, "etag") + + @etag.setter + def etag(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "etag", value) + + @property + @pulumi.getter + def location(self) -> Optional[pulumi.Input[str]]: + """ + The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + location is specified, it is taken from the provider configuration. + """ + return pulumi.get(self, "location") + + @location.setter + def location(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "location", value) + + @property + @pulumi.getter + def members(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + Identities that will be granted the privilege in `role`. + Each entry can have one of the following values: + * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + """ + return pulumi.get(self, "members") + + @members.setter + def members(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): + pulumi.set(self, "members", value) + + @property + @pulumi.getter + def project(self) -> Optional[pulumi.Input[str]]: + """ + The ID of the project in which the resource belongs. + If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + """ + return pulumi.get(self, "project") + + @project.setter + def project(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "project", value) + + @property + @pulumi.getter + def role(self) -> Optional[pulumi.Input[str]]: + """ + The role that should be applied. Only one + `colab.RuntimeTemplateIamBinding` can be used per role. Note that custom roles must be of the format + `[projects|organizations]/{parent-name}/roles/{role-name}`. + """ + return pulumi.get(self, "role") + + @role.setter + def role(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "role", value) + + @property + @pulumi.getter(name="runtimeTemplate") + def runtime_template(self) -> Optional[pulumi.Input[str]]: + """ + Used to find the parent resource to bind the IAM policy to + """ + return pulumi.get(self, "runtime_template") + + @runtime_template.setter + def runtime_template(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "runtime_template", value) + + +class RuntimeTemplateIamBinding(pulumi.CustomResource): + @overload + def __init__(__self__, + resource_name: str, + opts: Optional[pulumi.ResourceOptions] = None, + condition: Optional[pulumi.Input[Union['RuntimeTemplateIamBindingConditionArgs', 'RuntimeTemplateIamBindingConditionArgsDict']]] = None, + location: Optional[pulumi.Input[str]] = None, + members: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, + project: Optional[pulumi.Input[str]] = None, + role: Optional[pulumi.Input[str]] = None, + runtime_template: Optional[pulumi.Input[str]] = None, + __props__=None): + """ + Three different resources help you manage your IAM policy for Colab Enterprise RuntimeTemplate. Each of these resources serves a different use case: + + * `colab.RuntimeTemplateIamPolicy`: Authoritative. Sets the IAM policy for the runtimetemplate and replaces any existing policy already attached. + * `colab.RuntimeTemplateIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the runtimetemplate are preserved. + * `colab.RuntimeTemplateIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the runtimetemplate are preserved. + + A data source can be used to retrieve policy data in advent you do not need creation + + * `colab.RuntimeTemplateIamPolicy`: Retrieves the IAM policy for the runtimetemplate + + > **Note:** `colab.RuntimeTemplateIamPolicy` **cannot** be used in conjunction with `colab.RuntimeTemplateIamBinding` and `colab.RuntimeTemplateIamMember` or they will fight over what your policy should be. + + > **Note:** `colab.RuntimeTemplateIamBinding` resources **can be** used in conjunction with `colab.RuntimeTemplateIamMember` resources **only if** they do not grant privilege to the same role. + + ## colab.RuntimeTemplateIamPolicy + + ```python + import pulumi + import pulumi_gcp as gcp + + admin = gcp.organizations.get_iam_policy(bindings=[{ + "role": "roles/viewer", + "members": ["user:jane@example.com"], + }]) + policy = gcp.colab.RuntimeTemplateIamPolicy("policy", + project=runtime_template["project"], + location=runtime_template["location"], + runtime_template=runtime_template["name"], + policy_data=admin.policy_data) + ``` + + ## colab.RuntimeTemplateIamBinding + + ```python + import pulumi + import pulumi_gcp as gcp + + binding = gcp.colab.RuntimeTemplateIamBinding("binding", + project=runtime_template["project"], + location=runtime_template["location"], + runtime_template=runtime_template["name"], + role="roles/viewer", + members=["user:jane@example.com"]) + ``` + + ## colab.RuntimeTemplateIamMember + + ```python + import pulumi + import pulumi_gcp as gcp + + member = gcp.colab.RuntimeTemplateIamMember("member", + project=runtime_template["project"], + location=runtime_template["location"], + runtime_template=runtime_template["name"], + role="roles/viewer", + member="user:jane@example.com") + ``` + + ## This resource supports User Project Overrides. + + - + + # IAM policy for Colab Enterprise RuntimeTemplate + Three different resources help you manage your IAM policy for Colab Enterprise RuntimeTemplate. Each of these resources serves a different use case: + + * `colab.RuntimeTemplateIamPolicy`: Authoritative. Sets the IAM policy for the runtimetemplate and replaces any existing policy already attached. + * `colab.RuntimeTemplateIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the runtimetemplate are preserved. + * `colab.RuntimeTemplateIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the runtimetemplate are preserved. + + A data source can be used to retrieve policy data in advent you do not need creation + + * `colab.RuntimeTemplateIamPolicy`: Retrieves the IAM policy for the runtimetemplate + + > **Note:** `colab.RuntimeTemplateIamPolicy` **cannot** be used in conjunction with `colab.RuntimeTemplateIamBinding` and `colab.RuntimeTemplateIamMember` or they will fight over what your policy should be. + + > **Note:** `colab.RuntimeTemplateIamBinding` resources **can be** used in conjunction with `colab.RuntimeTemplateIamMember` resources **only if** they do not grant privilege to the same role. + + ## colab.RuntimeTemplateIamPolicy + + ```python + import pulumi + import pulumi_gcp as gcp + + admin = gcp.organizations.get_iam_policy(bindings=[{ + "role": "roles/viewer", + "members": ["user:jane@example.com"], + }]) + policy = gcp.colab.RuntimeTemplateIamPolicy("policy", + project=runtime_template["project"], + location=runtime_template["location"], + runtime_template=runtime_template["name"], + policy_data=admin.policy_data) + ``` + + ## colab.RuntimeTemplateIamBinding + + ```python + import pulumi + import pulumi_gcp as gcp + + binding = gcp.colab.RuntimeTemplateIamBinding("binding", + project=runtime_template["project"], + location=runtime_template["location"], + runtime_template=runtime_template["name"], + role="roles/viewer", + members=["user:jane@example.com"]) + ``` + + ## colab.RuntimeTemplateIamMember + + ```python + import pulumi + import pulumi_gcp as gcp + + member = gcp.colab.RuntimeTemplateIamMember("member", + project=runtime_template["project"], + location=runtime_template["location"], + runtime_template=runtime_template["name"], + role="roles/viewer", + member="user:jane@example.com") + ``` + + ## Import + + For all import syntaxes, the "resource in question" can take any of the following forms: + + * projects/{{project}}/locations/{{location}}/notebookRuntimeTemplates/{{runtime_template}} + + * {{project}}/{{location}}/{{runtime_template}} + + * {{location}}/{{runtime_template}} + + * {{runtime_template}} + + Any variables not passed in the import command will be taken from the provider configuration. + + Colab Enterprise runtimetemplate IAM resources can be imported using the resource identifiers, role, and member. + + IAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g. + + ```sh + $ pulumi import gcp:colab/runtimeTemplateIamBinding:RuntimeTemplateIamBinding editor "projects/{{project}}/locations/{{location}}/notebookRuntimeTemplates/{{runtime_template}} roles/viewer user:jane@example.com" + ``` + + IAM binding imports use space-delimited identifiers: the resource in question and the role, e.g. + + ```sh + $ pulumi import gcp:colab/runtimeTemplateIamBinding:RuntimeTemplateIamBinding editor "projects/{{project}}/locations/{{location}}/notebookRuntimeTemplates/{{runtime_template}} roles/viewer" + ``` + + IAM policy imports use the identifier of the resource in question, e.g. + + ```sh + $ pulumi import gcp:colab/runtimeTemplateIamBinding:RuntimeTemplateIamBinding editor projects/{{project}}/locations/{{location}}/notebookRuntimeTemplates/{{runtime_template}} + ``` + + -> **Custom Roles** If you're importing a IAM resource with a custom role, make sure to use the + + full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`. + + :param str resource_name: The name of the resource. + :param pulumi.ResourceOptions opts: Options for the resource. + :param pulumi.Input[str] location: The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + location is specified, it is taken from the provider configuration. + :param pulumi.Input[Sequence[pulumi.Input[str]]] members: Identities that will be granted the privilege in `role`. + Each entry can have one of the following values: + * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + :param pulumi.Input[str] project: The ID of the project in which the resource belongs. + If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + :param pulumi.Input[str] role: The role that should be applied. Only one + `colab.RuntimeTemplateIamBinding` can be used per role. Note that custom roles must be of the format + `[projects|organizations]/{parent-name}/roles/{role-name}`. + :param pulumi.Input[str] runtime_template: Used to find the parent resource to bind the IAM policy to + """ + ... + @overload + def __init__(__self__, + resource_name: str, + args: RuntimeTemplateIamBindingArgs, + opts: Optional[pulumi.ResourceOptions] = None): + """ + Three different resources help you manage your IAM policy for Colab Enterprise RuntimeTemplate. Each of these resources serves a different use case: + + * `colab.RuntimeTemplateIamPolicy`: Authoritative. Sets the IAM policy for the runtimetemplate and replaces any existing policy already attached. + * `colab.RuntimeTemplateIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the runtimetemplate are preserved. + * `colab.RuntimeTemplateIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the runtimetemplate are preserved. + + A data source can be used to retrieve policy data in advent you do not need creation + + * `colab.RuntimeTemplateIamPolicy`: Retrieves the IAM policy for the runtimetemplate + + > **Note:** `colab.RuntimeTemplateIamPolicy` **cannot** be used in conjunction with `colab.RuntimeTemplateIamBinding` and `colab.RuntimeTemplateIamMember` or they will fight over what your policy should be. + + > **Note:** `colab.RuntimeTemplateIamBinding` resources **can be** used in conjunction with `colab.RuntimeTemplateIamMember` resources **only if** they do not grant privilege to the same role. + + ## colab.RuntimeTemplateIamPolicy + + ```python + import pulumi + import pulumi_gcp as gcp + + admin = gcp.organizations.get_iam_policy(bindings=[{ + "role": "roles/viewer", + "members": ["user:jane@example.com"], + }]) + policy = gcp.colab.RuntimeTemplateIamPolicy("policy", + project=runtime_template["project"], + location=runtime_template["location"], + runtime_template=runtime_template["name"], + policy_data=admin.policy_data) + ``` + + ## colab.RuntimeTemplateIamBinding + + ```python + import pulumi + import pulumi_gcp as gcp + + binding = gcp.colab.RuntimeTemplateIamBinding("binding", + project=runtime_template["project"], + location=runtime_template["location"], + runtime_template=runtime_template["name"], + role="roles/viewer", + members=["user:jane@example.com"]) + ``` + + ## colab.RuntimeTemplateIamMember + + ```python + import pulumi + import pulumi_gcp as gcp + + member = gcp.colab.RuntimeTemplateIamMember("member", + project=runtime_template["project"], + location=runtime_template["location"], + runtime_template=runtime_template["name"], + role="roles/viewer", + member="user:jane@example.com") + ``` + + ## This resource supports User Project Overrides. + + - + + # IAM policy for Colab Enterprise RuntimeTemplate + Three different resources help you manage your IAM policy for Colab Enterprise RuntimeTemplate. Each of these resources serves a different use case: + + * `colab.RuntimeTemplateIamPolicy`: Authoritative. Sets the IAM policy for the runtimetemplate and replaces any existing policy already attached. + * `colab.RuntimeTemplateIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the runtimetemplate are preserved. + * `colab.RuntimeTemplateIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the runtimetemplate are preserved. + + A data source can be used to retrieve policy data in advent you do not need creation + + * `colab.RuntimeTemplateIamPolicy`: Retrieves the IAM policy for the runtimetemplate + + > **Note:** `colab.RuntimeTemplateIamPolicy` **cannot** be used in conjunction with `colab.RuntimeTemplateIamBinding` and `colab.RuntimeTemplateIamMember` or they will fight over what your policy should be. + + > **Note:** `colab.RuntimeTemplateIamBinding` resources **can be** used in conjunction with `colab.RuntimeTemplateIamMember` resources **only if** they do not grant privilege to the same role. + + ## colab.RuntimeTemplateIamPolicy + + ```python + import pulumi + import pulumi_gcp as gcp + + admin = gcp.organizations.get_iam_policy(bindings=[{ + "role": "roles/viewer", + "members": ["user:jane@example.com"], + }]) + policy = gcp.colab.RuntimeTemplateIamPolicy("policy", + project=runtime_template["project"], + location=runtime_template["location"], + runtime_template=runtime_template["name"], + policy_data=admin.policy_data) + ``` + + ## colab.RuntimeTemplateIamBinding + + ```python + import pulumi + import pulumi_gcp as gcp + + binding = gcp.colab.RuntimeTemplateIamBinding("binding", + project=runtime_template["project"], + location=runtime_template["location"], + runtime_template=runtime_template["name"], + role="roles/viewer", + members=["user:jane@example.com"]) + ``` + + ## colab.RuntimeTemplateIamMember + + ```python + import pulumi + import pulumi_gcp as gcp + + member = gcp.colab.RuntimeTemplateIamMember("member", + project=runtime_template["project"], + location=runtime_template["location"], + runtime_template=runtime_template["name"], + role="roles/viewer", + member="user:jane@example.com") + ``` + + ## Import + + For all import syntaxes, the "resource in question" can take any of the following forms: + + * projects/{{project}}/locations/{{location}}/notebookRuntimeTemplates/{{runtime_template}} + + * {{project}}/{{location}}/{{runtime_template}} + + * {{location}}/{{runtime_template}} + + * {{runtime_template}} + + Any variables not passed in the import command will be taken from the provider configuration. + + Colab Enterprise runtimetemplate IAM resources can be imported using the resource identifiers, role, and member. + + IAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g. + + ```sh + $ pulumi import gcp:colab/runtimeTemplateIamBinding:RuntimeTemplateIamBinding editor "projects/{{project}}/locations/{{location}}/notebookRuntimeTemplates/{{runtime_template}} roles/viewer user:jane@example.com" + ``` + + IAM binding imports use space-delimited identifiers: the resource in question and the role, e.g. + + ```sh + $ pulumi import gcp:colab/runtimeTemplateIamBinding:RuntimeTemplateIamBinding editor "projects/{{project}}/locations/{{location}}/notebookRuntimeTemplates/{{runtime_template}} roles/viewer" + ``` + + IAM policy imports use the identifier of the resource in question, e.g. + + ```sh + $ pulumi import gcp:colab/runtimeTemplateIamBinding:RuntimeTemplateIamBinding editor projects/{{project}}/locations/{{location}}/notebookRuntimeTemplates/{{runtime_template}} + ``` + + -> **Custom Roles** If you're importing a IAM resource with a custom role, make sure to use the + + full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`. + + :param str resource_name: The name of the resource. + :param RuntimeTemplateIamBindingArgs args: The arguments to use to populate this resource's properties. + :param pulumi.ResourceOptions opts: Options for the resource. + """ + ... + def __init__(__self__, resource_name: str, *args, **kwargs): + resource_args, opts = _utilities.get_resource_args_opts(RuntimeTemplateIamBindingArgs, pulumi.ResourceOptions, *args, **kwargs) + if resource_args is not None: + __self__._internal_init(resource_name, opts, **resource_args.__dict__) + else: + __self__._internal_init(resource_name, *args, **kwargs) + + def _internal_init(__self__, + resource_name: str, + opts: Optional[pulumi.ResourceOptions] = None, + condition: Optional[pulumi.Input[Union['RuntimeTemplateIamBindingConditionArgs', 'RuntimeTemplateIamBindingConditionArgsDict']]] = None, + location: Optional[pulumi.Input[str]] = None, + members: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, + project: Optional[pulumi.Input[str]] = None, + role: Optional[pulumi.Input[str]] = None, + runtime_template: Optional[pulumi.Input[str]] = None, + __props__=None): + opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts) + if not isinstance(opts, pulumi.ResourceOptions): + raise TypeError('Expected resource options to be a ResourceOptions instance') + if opts.id is None: + if __props__ is not None: + raise TypeError('__props__ is only valid when passed in combination with a valid opts.id to get an existing resource') + __props__ = RuntimeTemplateIamBindingArgs.__new__(RuntimeTemplateIamBindingArgs) + + __props__.__dict__["condition"] = condition + __props__.__dict__["location"] = location + if members is None and not opts.urn: + raise TypeError("Missing required property 'members'") + __props__.__dict__["members"] = members + __props__.__dict__["project"] = project + if role is None and not opts.urn: + raise TypeError("Missing required property 'role'") + __props__.__dict__["role"] = role + if runtime_template is None and not opts.urn: + raise TypeError("Missing required property 'runtime_template'") + __props__.__dict__["runtime_template"] = runtime_template + __props__.__dict__["etag"] = None + super(RuntimeTemplateIamBinding, __self__).__init__( + 'gcp:colab/runtimeTemplateIamBinding:RuntimeTemplateIamBinding', + resource_name, + __props__, + opts) + + @staticmethod + def get(resource_name: str, + id: pulumi.Input[str], + opts: Optional[pulumi.ResourceOptions] = None, + condition: Optional[pulumi.Input[Union['RuntimeTemplateIamBindingConditionArgs', 'RuntimeTemplateIamBindingConditionArgsDict']]] = None, + etag: Optional[pulumi.Input[str]] = None, + location: Optional[pulumi.Input[str]] = None, + members: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, + project: Optional[pulumi.Input[str]] = None, + role: Optional[pulumi.Input[str]] = None, + runtime_template: Optional[pulumi.Input[str]] = None) -> 'RuntimeTemplateIamBinding': + """ + Get an existing RuntimeTemplateIamBinding resource's state with the given name, id, and optional extra + properties used to qualify the lookup. + + :param str resource_name: The unique name of the resulting resource. + :param pulumi.Input[str] id: The unique provider ID of the resource to lookup. + :param pulumi.ResourceOptions opts: Options for the resource. + :param pulumi.Input[str] etag: (Computed) The etag of the IAM policy. + :param pulumi.Input[str] location: The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + location is specified, it is taken from the provider configuration. + :param pulumi.Input[Sequence[pulumi.Input[str]]] members: Identities that will be granted the privilege in `role`. + Each entry can have one of the following values: + * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + :param pulumi.Input[str] project: The ID of the project in which the resource belongs. + If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + :param pulumi.Input[str] role: The role that should be applied. Only one + `colab.RuntimeTemplateIamBinding` can be used per role. Note that custom roles must be of the format + `[projects|organizations]/{parent-name}/roles/{role-name}`. + :param pulumi.Input[str] runtime_template: Used to find the parent resource to bind the IAM policy to + """ + opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id)) + + __props__ = _RuntimeTemplateIamBindingState.__new__(_RuntimeTemplateIamBindingState) + + __props__.__dict__["condition"] = condition + __props__.__dict__["etag"] = etag + __props__.__dict__["location"] = location + __props__.__dict__["members"] = members + __props__.__dict__["project"] = project + __props__.__dict__["role"] = role + __props__.__dict__["runtime_template"] = runtime_template + return RuntimeTemplateIamBinding(resource_name, opts=opts, __props__=__props__) + + @property + @pulumi.getter + def condition(self) -> pulumi.Output[Optional['outputs.RuntimeTemplateIamBindingCondition']]: + return pulumi.get(self, "condition") + + @property + @pulumi.getter + def etag(self) -> pulumi.Output[str]: + """ + (Computed) The etag of the IAM policy. + """ + return pulumi.get(self, "etag") + + @property + @pulumi.getter + def location(self) -> pulumi.Output[str]: + """ + The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + location is specified, it is taken from the provider configuration. + """ + return pulumi.get(self, "location") + + @property + @pulumi.getter + def members(self) -> pulumi.Output[Sequence[str]]: + """ + Identities that will be granted the privilege in `role`. + Each entry can have one of the following values: + * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + """ + return pulumi.get(self, "members") + + @property + @pulumi.getter + def project(self) -> pulumi.Output[str]: + """ + The ID of the project in which the resource belongs. + If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + """ + return pulumi.get(self, "project") + + @property + @pulumi.getter + def role(self) -> pulumi.Output[str]: + """ + The role that should be applied. Only one + `colab.RuntimeTemplateIamBinding` can be used per role. Note that custom roles must be of the format + `[projects|organizations]/{parent-name}/roles/{role-name}`. + """ + return pulumi.get(self, "role") + + @property + @pulumi.getter(name="runtimeTemplate") + def runtime_template(self) -> pulumi.Output[str]: + """ + Used to find the parent resource to bind the IAM policy to + """ + return pulumi.get(self, "runtime_template") + diff --git a/sdk/python/pulumi_gcp/colab/runtime_template_iam_member.py b/sdk/python/pulumi_gcp/colab/runtime_template_iam_member.py new file mode 100644 index 0000000000..b56b880a8c --- /dev/null +++ b/sdk/python/pulumi_gcp/colab/runtime_template_iam_member.py @@ -0,0 +1,828 @@ +# coding=utf-8 +# *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +# *** Do not edit by hand unless you're certain you know what you are doing! *** + +import copy +import warnings +import sys +import pulumi +import pulumi.runtime +from typing import Any, Mapping, Optional, Sequence, Union, overload +if sys.version_info >= (3, 11): + from typing import NotRequired, TypedDict, TypeAlias +else: + from typing_extensions import NotRequired, TypedDict, TypeAlias +from .. import _utilities +from . import outputs +from ._inputs import * + +__all__ = ['RuntimeTemplateIamMemberArgs', 'RuntimeTemplateIamMember'] + +@pulumi.input_type +class RuntimeTemplateIamMemberArgs: + def __init__(__self__, *, + member: pulumi.Input[str], + role: pulumi.Input[str], + runtime_template: pulumi.Input[str], + condition: Optional[pulumi.Input['RuntimeTemplateIamMemberConditionArgs']] = None, + location: Optional[pulumi.Input[str]] = None, + project: Optional[pulumi.Input[str]] = None): + """ + The set of arguments for constructing a RuntimeTemplateIamMember resource. + :param pulumi.Input[str] member: Identities that will be granted the privilege in `role`. + Each entry can have one of the following values: + * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + :param pulumi.Input[str] role: The role that should be applied. Only one + `colab.RuntimeTemplateIamBinding` can be used per role. Note that custom roles must be of the format + `[projects|organizations]/{parent-name}/roles/{role-name}`. + :param pulumi.Input[str] runtime_template: Used to find the parent resource to bind the IAM policy to + :param pulumi.Input[str] location: The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + location is specified, it is taken from the provider configuration. + :param pulumi.Input[str] project: The ID of the project in which the resource belongs. + If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + """ + pulumi.set(__self__, "member", member) + pulumi.set(__self__, "role", role) + pulumi.set(__self__, "runtime_template", runtime_template) + if condition is not None: + pulumi.set(__self__, "condition", condition) + if location is not None: + pulumi.set(__self__, "location", location) + if project is not None: + pulumi.set(__self__, "project", project) + + @property + @pulumi.getter + def member(self) -> pulumi.Input[str]: + """ + Identities that will be granted the privilege in `role`. + Each entry can have one of the following values: + * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + """ + return pulumi.get(self, "member") + + @member.setter + def member(self, value: pulumi.Input[str]): + pulumi.set(self, "member", value) + + @property + @pulumi.getter + def role(self) -> pulumi.Input[str]: + """ + The role that should be applied. Only one + `colab.RuntimeTemplateIamBinding` can be used per role. Note that custom roles must be of the format + `[projects|organizations]/{parent-name}/roles/{role-name}`. + """ + return pulumi.get(self, "role") + + @role.setter + def role(self, value: pulumi.Input[str]): + pulumi.set(self, "role", value) + + @property + @pulumi.getter(name="runtimeTemplate") + def runtime_template(self) -> pulumi.Input[str]: + """ + Used to find the parent resource to bind the IAM policy to + """ + return pulumi.get(self, "runtime_template") + + @runtime_template.setter + def runtime_template(self, value: pulumi.Input[str]): + pulumi.set(self, "runtime_template", value) + + @property + @pulumi.getter + def condition(self) -> Optional[pulumi.Input['RuntimeTemplateIamMemberConditionArgs']]: + return pulumi.get(self, "condition") + + @condition.setter + def condition(self, value: Optional[pulumi.Input['RuntimeTemplateIamMemberConditionArgs']]): + pulumi.set(self, "condition", value) + + @property + @pulumi.getter + def location(self) -> Optional[pulumi.Input[str]]: + """ + The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + location is specified, it is taken from the provider configuration. + """ + return pulumi.get(self, "location") + + @location.setter + def location(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "location", value) + + @property + @pulumi.getter + def project(self) -> Optional[pulumi.Input[str]]: + """ + The ID of the project in which the resource belongs. + If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + """ + return pulumi.get(self, "project") + + @project.setter + def project(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "project", value) + + +@pulumi.input_type +class _RuntimeTemplateIamMemberState: + def __init__(__self__, *, + condition: Optional[pulumi.Input['RuntimeTemplateIamMemberConditionArgs']] = None, + etag: Optional[pulumi.Input[str]] = None, + location: Optional[pulumi.Input[str]] = None, + member: Optional[pulumi.Input[str]] = None, + project: Optional[pulumi.Input[str]] = None, + role: Optional[pulumi.Input[str]] = None, + runtime_template: Optional[pulumi.Input[str]] = None): + """ + Input properties used for looking up and filtering RuntimeTemplateIamMember resources. + :param pulumi.Input[str] etag: (Computed) The etag of the IAM policy. + :param pulumi.Input[str] location: The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + location is specified, it is taken from the provider configuration. + :param pulumi.Input[str] member: Identities that will be granted the privilege in `role`. + Each entry can have one of the following values: + * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + :param pulumi.Input[str] project: The ID of the project in which the resource belongs. + If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + :param pulumi.Input[str] role: The role that should be applied. Only one + `colab.RuntimeTemplateIamBinding` can be used per role. Note that custom roles must be of the format + `[projects|organizations]/{parent-name}/roles/{role-name}`. + :param pulumi.Input[str] runtime_template: Used to find the parent resource to bind the IAM policy to + """ + if condition is not None: + pulumi.set(__self__, "condition", condition) + if etag is not None: + pulumi.set(__self__, "etag", etag) + if location is not None: + pulumi.set(__self__, "location", location) + if member is not None: + pulumi.set(__self__, "member", member) + if project is not None: + pulumi.set(__self__, "project", project) + if role is not None: + pulumi.set(__self__, "role", role) + if runtime_template is not None: + pulumi.set(__self__, "runtime_template", runtime_template) + + @property + @pulumi.getter + def condition(self) -> Optional[pulumi.Input['RuntimeTemplateIamMemberConditionArgs']]: + return pulumi.get(self, "condition") + + @condition.setter + def condition(self, value: Optional[pulumi.Input['RuntimeTemplateIamMemberConditionArgs']]): + pulumi.set(self, "condition", value) + + @property + @pulumi.getter + def etag(self) -> Optional[pulumi.Input[str]]: + """ + (Computed) The etag of the IAM policy. + """ + return pulumi.get(self, "etag") + + @etag.setter + def etag(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "etag", value) + + @property + @pulumi.getter + def location(self) -> Optional[pulumi.Input[str]]: + """ + The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + location is specified, it is taken from the provider configuration. + """ + return pulumi.get(self, "location") + + @location.setter + def location(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "location", value) + + @property + @pulumi.getter + def member(self) -> Optional[pulumi.Input[str]]: + """ + Identities that will be granted the privilege in `role`. + Each entry can have one of the following values: + * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + """ + return pulumi.get(self, "member") + + @member.setter + def member(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "member", value) + + @property + @pulumi.getter + def project(self) -> Optional[pulumi.Input[str]]: + """ + The ID of the project in which the resource belongs. + If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + """ + return pulumi.get(self, "project") + + @project.setter + def project(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "project", value) + + @property + @pulumi.getter + def role(self) -> Optional[pulumi.Input[str]]: + """ + The role that should be applied. Only one + `colab.RuntimeTemplateIamBinding` can be used per role. Note that custom roles must be of the format + `[projects|organizations]/{parent-name}/roles/{role-name}`. + """ + return pulumi.get(self, "role") + + @role.setter + def role(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "role", value) + + @property + @pulumi.getter(name="runtimeTemplate") + def runtime_template(self) -> Optional[pulumi.Input[str]]: + """ + Used to find the parent resource to bind the IAM policy to + """ + return pulumi.get(self, "runtime_template") + + @runtime_template.setter + def runtime_template(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "runtime_template", value) + + +class RuntimeTemplateIamMember(pulumi.CustomResource): + @overload + def __init__(__self__, + resource_name: str, + opts: Optional[pulumi.ResourceOptions] = None, + condition: Optional[pulumi.Input[Union['RuntimeTemplateIamMemberConditionArgs', 'RuntimeTemplateIamMemberConditionArgsDict']]] = None, + location: Optional[pulumi.Input[str]] = None, + member: Optional[pulumi.Input[str]] = None, + project: Optional[pulumi.Input[str]] = None, + role: Optional[pulumi.Input[str]] = None, + runtime_template: Optional[pulumi.Input[str]] = None, + __props__=None): + """ + Three different resources help you manage your IAM policy for Colab Enterprise RuntimeTemplate. Each of these resources serves a different use case: + + * `colab.RuntimeTemplateIamPolicy`: Authoritative. Sets the IAM policy for the runtimetemplate and replaces any existing policy already attached. + * `colab.RuntimeTemplateIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the runtimetemplate are preserved. + * `colab.RuntimeTemplateIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the runtimetemplate are preserved. + + A data source can be used to retrieve policy data in advent you do not need creation + + * `colab.RuntimeTemplateIamPolicy`: Retrieves the IAM policy for the runtimetemplate + + > **Note:** `colab.RuntimeTemplateIamPolicy` **cannot** be used in conjunction with `colab.RuntimeTemplateIamBinding` and `colab.RuntimeTemplateIamMember` or they will fight over what your policy should be. + + > **Note:** `colab.RuntimeTemplateIamBinding` resources **can be** used in conjunction with `colab.RuntimeTemplateIamMember` resources **only if** they do not grant privilege to the same role. + + ## colab.RuntimeTemplateIamPolicy + + ```python + import pulumi + import pulumi_gcp as gcp + + admin = gcp.organizations.get_iam_policy(bindings=[{ + "role": "roles/viewer", + "members": ["user:jane@example.com"], + }]) + policy = gcp.colab.RuntimeTemplateIamPolicy("policy", + project=runtime_template["project"], + location=runtime_template["location"], + runtime_template=runtime_template["name"], + policy_data=admin.policy_data) + ``` + + ## colab.RuntimeTemplateIamBinding + + ```python + import pulumi + import pulumi_gcp as gcp + + binding = gcp.colab.RuntimeTemplateIamBinding("binding", + project=runtime_template["project"], + location=runtime_template["location"], + runtime_template=runtime_template["name"], + role="roles/viewer", + members=["user:jane@example.com"]) + ``` + + ## colab.RuntimeTemplateIamMember + + ```python + import pulumi + import pulumi_gcp as gcp + + member = gcp.colab.RuntimeTemplateIamMember("member", + project=runtime_template["project"], + location=runtime_template["location"], + runtime_template=runtime_template["name"], + role="roles/viewer", + member="user:jane@example.com") + ``` + + ## This resource supports User Project Overrides. + + - + + # IAM policy for Colab Enterprise RuntimeTemplate + Three different resources help you manage your IAM policy for Colab Enterprise RuntimeTemplate. Each of these resources serves a different use case: + + * `colab.RuntimeTemplateIamPolicy`: Authoritative. Sets the IAM policy for the runtimetemplate and replaces any existing policy already attached. + * `colab.RuntimeTemplateIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the runtimetemplate are preserved. + * `colab.RuntimeTemplateIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the runtimetemplate are preserved. + + A data source can be used to retrieve policy data in advent you do not need creation + + * `colab.RuntimeTemplateIamPolicy`: Retrieves the IAM policy for the runtimetemplate + + > **Note:** `colab.RuntimeTemplateIamPolicy` **cannot** be used in conjunction with `colab.RuntimeTemplateIamBinding` and `colab.RuntimeTemplateIamMember` or they will fight over what your policy should be. + + > **Note:** `colab.RuntimeTemplateIamBinding` resources **can be** used in conjunction with `colab.RuntimeTemplateIamMember` resources **only if** they do not grant privilege to the same role. + + ## colab.RuntimeTemplateIamPolicy + + ```python + import pulumi + import pulumi_gcp as gcp + + admin = gcp.organizations.get_iam_policy(bindings=[{ + "role": "roles/viewer", + "members": ["user:jane@example.com"], + }]) + policy = gcp.colab.RuntimeTemplateIamPolicy("policy", + project=runtime_template["project"], + location=runtime_template["location"], + runtime_template=runtime_template["name"], + policy_data=admin.policy_data) + ``` + + ## colab.RuntimeTemplateIamBinding + + ```python + import pulumi + import pulumi_gcp as gcp + + binding = gcp.colab.RuntimeTemplateIamBinding("binding", + project=runtime_template["project"], + location=runtime_template["location"], + runtime_template=runtime_template["name"], + role="roles/viewer", + members=["user:jane@example.com"]) + ``` + + ## colab.RuntimeTemplateIamMember + + ```python + import pulumi + import pulumi_gcp as gcp + + member = gcp.colab.RuntimeTemplateIamMember("member", + project=runtime_template["project"], + location=runtime_template["location"], + runtime_template=runtime_template["name"], + role="roles/viewer", + member="user:jane@example.com") + ``` + + ## Import + + For all import syntaxes, the "resource in question" can take any of the following forms: + + * projects/{{project}}/locations/{{location}}/notebookRuntimeTemplates/{{runtime_template}} + + * {{project}}/{{location}}/{{runtime_template}} + + * {{location}}/{{runtime_template}} + + * {{runtime_template}} + + Any variables not passed in the import command will be taken from the provider configuration. + + Colab Enterprise runtimetemplate IAM resources can be imported using the resource identifiers, role, and member. + + IAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g. + + ```sh + $ pulumi import gcp:colab/runtimeTemplateIamMember:RuntimeTemplateIamMember editor "projects/{{project}}/locations/{{location}}/notebookRuntimeTemplates/{{runtime_template}} roles/viewer user:jane@example.com" + ``` + + IAM binding imports use space-delimited identifiers: the resource in question and the role, e.g. + + ```sh + $ pulumi import gcp:colab/runtimeTemplateIamMember:RuntimeTemplateIamMember editor "projects/{{project}}/locations/{{location}}/notebookRuntimeTemplates/{{runtime_template}} roles/viewer" + ``` + + IAM policy imports use the identifier of the resource in question, e.g. + + ```sh + $ pulumi import gcp:colab/runtimeTemplateIamMember:RuntimeTemplateIamMember editor projects/{{project}}/locations/{{location}}/notebookRuntimeTemplates/{{runtime_template}} + ``` + + -> **Custom Roles** If you're importing a IAM resource with a custom role, make sure to use the + + full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`. + + :param str resource_name: The name of the resource. + :param pulumi.ResourceOptions opts: Options for the resource. + :param pulumi.Input[str] location: The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + location is specified, it is taken from the provider configuration. + :param pulumi.Input[str] member: Identities that will be granted the privilege in `role`. + Each entry can have one of the following values: + * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + :param pulumi.Input[str] project: The ID of the project in which the resource belongs. + If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + :param pulumi.Input[str] role: The role that should be applied. Only one + `colab.RuntimeTemplateIamBinding` can be used per role. Note that custom roles must be of the format + `[projects|organizations]/{parent-name}/roles/{role-name}`. + :param pulumi.Input[str] runtime_template: Used to find the parent resource to bind the IAM policy to + """ + ... + @overload + def __init__(__self__, + resource_name: str, + args: RuntimeTemplateIamMemberArgs, + opts: Optional[pulumi.ResourceOptions] = None): + """ + Three different resources help you manage your IAM policy for Colab Enterprise RuntimeTemplate. Each of these resources serves a different use case: + + * `colab.RuntimeTemplateIamPolicy`: Authoritative. Sets the IAM policy for the runtimetemplate and replaces any existing policy already attached. + * `colab.RuntimeTemplateIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the runtimetemplate are preserved. + * `colab.RuntimeTemplateIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the runtimetemplate are preserved. + + A data source can be used to retrieve policy data in advent you do not need creation + + * `colab.RuntimeTemplateIamPolicy`: Retrieves the IAM policy for the runtimetemplate + + > **Note:** `colab.RuntimeTemplateIamPolicy` **cannot** be used in conjunction with `colab.RuntimeTemplateIamBinding` and `colab.RuntimeTemplateIamMember` or they will fight over what your policy should be. + + > **Note:** `colab.RuntimeTemplateIamBinding` resources **can be** used in conjunction with `colab.RuntimeTemplateIamMember` resources **only if** they do not grant privilege to the same role. + + ## colab.RuntimeTemplateIamPolicy + + ```python + import pulumi + import pulumi_gcp as gcp + + admin = gcp.organizations.get_iam_policy(bindings=[{ + "role": "roles/viewer", + "members": ["user:jane@example.com"], + }]) + policy = gcp.colab.RuntimeTemplateIamPolicy("policy", + project=runtime_template["project"], + location=runtime_template["location"], + runtime_template=runtime_template["name"], + policy_data=admin.policy_data) + ``` + + ## colab.RuntimeTemplateIamBinding + + ```python + import pulumi + import pulumi_gcp as gcp + + binding = gcp.colab.RuntimeTemplateIamBinding("binding", + project=runtime_template["project"], + location=runtime_template["location"], + runtime_template=runtime_template["name"], + role="roles/viewer", + members=["user:jane@example.com"]) + ``` + + ## colab.RuntimeTemplateIamMember + + ```python + import pulumi + import pulumi_gcp as gcp + + member = gcp.colab.RuntimeTemplateIamMember("member", + project=runtime_template["project"], + location=runtime_template["location"], + runtime_template=runtime_template["name"], + role="roles/viewer", + member="user:jane@example.com") + ``` + + ## This resource supports User Project Overrides. + + - + + # IAM policy for Colab Enterprise RuntimeTemplate + Three different resources help you manage your IAM policy for Colab Enterprise RuntimeTemplate. Each of these resources serves a different use case: + + * `colab.RuntimeTemplateIamPolicy`: Authoritative. Sets the IAM policy for the runtimetemplate and replaces any existing policy already attached. + * `colab.RuntimeTemplateIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the runtimetemplate are preserved. + * `colab.RuntimeTemplateIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the runtimetemplate are preserved. + + A data source can be used to retrieve policy data in advent you do not need creation + + * `colab.RuntimeTemplateIamPolicy`: Retrieves the IAM policy for the runtimetemplate + + > **Note:** `colab.RuntimeTemplateIamPolicy` **cannot** be used in conjunction with `colab.RuntimeTemplateIamBinding` and `colab.RuntimeTemplateIamMember` or they will fight over what your policy should be. + + > **Note:** `colab.RuntimeTemplateIamBinding` resources **can be** used in conjunction with `colab.RuntimeTemplateIamMember` resources **only if** they do not grant privilege to the same role. + + ## colab.RuntimeTemplateIamPolicy + + ```python + import pulumi + import pulumi_gcp as gcp + + admin = gcp.organizations.get_iam_policy(bindings=[{ + "role": "roles/viewer", + "members": ["user:jane@example.com"], + }]) + policy = gcp.colab.RuntimeTemplateIamPolicy("policy", + project=runtime_template["project"], + location=runtime_template["location"], + runtime_template=runtime_template["name"], + policy_data=admin.policy_data) + ``` + + ## colab.RuntimeTemplateIamBinding + + ```python + import pulumi + import pulumi_gcp as gcp + + binding = gcp.colab.RuntimeTemplateIamBinding("binding", + project=runtime_template["project"], + location=runtime_template["location"], + runtime_template=runtime_template["name"], + role="roles/viewer", + members=["user:jane@example.com"]) + ``` + + ## colab.RuntimeTemplateIamMember + + ```python + import pulumi + import pulumi_gcp as gcp + + member = gcp.colab.RuntimeTemplateIamMember("member", + project=runtime_template["project"], + location=runtime_template["location"], + runtime_template=runtime_template["name"], + role="roles/viewer", + member="user:jane@example.com") + ``` + + ## Import + + For all import syntaxes, the "resource in question" can take any of the following forms: + + * projects/{{project}}/locations/{{location}}/notebookRuntimeTemplates/{{runtime_template}} + + * {{project}}/{{location}}/{{runtime_template}} + + * {{location}}/{{runtime_template}} + + * {{runtime_template}} + + Any variables not passed in the import command will be taken from the provider configuration. + + Colab Enterprise runtimetemplate IAM resources can be imported using the resource identifiers, role, and member. + + IAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g. + + ```sh + $ pulumi import gcp:colab/runtimeTemplateIamMember:RuntimeTemplateIamMember editor "projects/{{project}}/locations/{{location}}/notebookRuntimeTemplates/{{runtime_template}} roles/viewer user:jane@example.com" + ``` + + IAM binding imports use space-delimited identifiers: the resource in question and the role, e.g. + + ```sh + $ pulumi import gcp:colab/runtimeTemplateIamMember:RuntimeTemplateIamMember editor "projects/{{project}}/locations/{{location}}/notebookRuntimeTemplates/{{runtime_template}} roles/viewer" + ``` + + IAM policy imports use the identifier of the resource in question, e.g. + + ```sh + $ pulumi import gcp:colab/runtimeTemplateIamMember:RuntimeTemplateIamMember editor projects/{{project}}/locations/{{location}}/notebookRuntimeTemplates/{{runtime_template}} + ``` + + -> **Custom Roles** If you're importing a IAM resource with a custom role, make sure to use the + + full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`. + + :param str resource_name: The name of the resource. + :param RuntimeTemplateIamMemberArgs args: The arguments to use to populate this resource's properties. + :param pulumi.ResourceOptions opts: Options for the resource. + """ + ... + def __init__(__self__, resource_name: str, *args, **kwargs): + resource_args, opts = _utilities.get_resource_args_opts(RuntimeTemplateIamMemberArgs, pulumi.ResourceOptions, *args, **kwargs) + if resource_args is not None: + __self__._internal_init(resource_name, opts, **resource_args.__dict__) + else: + __self__._internal_init(resource_name, *args, **kwargs) + + def _internal_init(__self__, + resource_name: str, + opts: Optional[pulumi.ResourceOptions] = None, + condition: Optional[pulumi.Input[Union['RuntimeTemplateIamMemberConditionArgs', 'RuntimeTemplateIamMemberConditionArgsDict']]] = None, + location: Optional[pulumi.Input[str]] = None, + member: Optional[pulumi.Input[str]] = None, + project: Optional[pulumi.Input[str]] = None, + role: Optional[pulumi.Input[str]] = None, + runtime_template: Optional[pulumi.Input[str]] = None, + __props__=None): + opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts) + if not isinstance(opts, pulumi.ResourceOptions): + raise TypeError('Expected resource options to be a ResourceOptions instance') + if opts.id is None: + if __props__ is not None: + raise TypeError('__props__ is only valid when passed in combination with a valid opts.id to get an existing resource') + __props__ = RuntimeTemplateIamMemberArgs.__new__(RuntimeTemplateIamMemberArgs) + + __props__.__dict__["condition"] = condition + __props__.__dict__["location"] = location + if member is None and not opts.urn: + raise TypeError("Missing required property 'member'") + __props__.__dict__["member"] = member + __props__.__dict__["project"] = project + if role is None and not opts.urn: + raise TypeError("Missing required property 'role'") + __props__.__dict__["role"] = role + if runtime_template is None and not opts.urn: + raise TypeError("Missing required property 'runtime_template'") + __props__.__dict__["runtime_template"] = runtime_template + __props__.__dict__["etag"] = None + super(RuntimeTemplateIamMember, __self__).__init__( + 'gcp:colab/runtimeTemplateIamMember:RuntimeTemplateIamMember', + resource_name, + __props__, + opts) + + @staticmethod + def get(resource_name: str, + id: pulumi.Input[str], + opts: Optional[pulumi.ResourceOptions] = None, + condition: Optional[pulumi.Input[Union['RuntimeTemplateIamMemberConditionArgs', 'RuntimeTemplateIamMemberConditionArgsDict']]] = None, + etag: Optional[pulumi.Input[str]] = None, + location: Optional[pulumi.Input[str]] = None, + member: Optional[pulumi.Input[str]] = None, + project: Optional[pulumi.Input[str]] = None, + role: Optional[pulumi.Input[str]] = None, + runtime_template: Optional[pulumi.Input[str]] = None) -> 'RuntimeTemplateIamMember': + """ + Get an existing RuntimeTemplateIamMember resource's state with the given name, id, and optional extra + properties used to qualify the lookup. + + :param str resource_name: The unique name of the resulting resource. + :param pulumi.Input[str] id: The unique provider ID of the resource to lookup. + :param pulumi.ResourceOptions opts: Options for the resource. + :param pulumi.Input[str] etag: (Computed) The etag of the IAM policy. + :param pulumi.Input[str] location: The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + location is specified, it is taken from the provider configuration. + :param pulumi.Input[str] member: Identities that will be granted the privilege in `role`. + Each entry can have one of the following values: + * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + :param pulumi.Input[str] project: The ID of the project in which the resource belongs. + If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + :param pulumi.Input[str] role: The role that should be applied. Only one + `colab.RuntimeTemplateIamBinding` can be used per role. Note that custom roles must be of the format + `[projects|organizations]/{parent-name}/roles/{role-name}`. + :param pulumi.Input[str] runtime_template: Used to find the parent resource to bind the IAM policy to + """ + opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id)) + + __props__ = _RuntimeTemplateIamMemberState.__new__(_RuntimeTemplateIamMemberState) + + __props__.__dict__["condition"] = condition + __props__.__dict__["etag"] = etag + __props__.__dict__["location"] = location + __props__.__dict__["member"] = member + __props__.__dict__["project"] = project + __props__.__dict__["role"] = role + __props__.__dict__["runtime_template"] = runtime_template + return RuntimeTemplateIamMember(resource_name, opts=opts, __props__=__props__) + + @property + @pulumi.getter + def condition(self) -> pulumi.Output[Optional['outputs.RuntimeTemplateIamMemberCondition']]: + return pulumi.get(self, "condition") + + @property + @pulumi.getter + def etag(self) -> pulumi.Output[str]: + """ + (Computed) The etag of the IAM policy. + """ + return pulumi.get(self, "etag") + + @property + @pulumi.getter + def location(self) -> pulumi.Output[str]: + """ + The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + location is specified, it is taken from the provider configuration. + """ + return pulumi.get(self, "location") + + @property + @pulumi.getter + def member(self) -> pulumi.Output[str]: + """ + Identities that will be granted the privilege in `role`. + Each entry can have one of the following values: + * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + """ + return pulumi.get(self, "member") + + @property + @pulumi.getter + def project(self) -> pulumi.Output[str]: + """ + The ID of the project in which the resource belongs. + If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + """ + return pulumi.get(self, "project") + + @property + @pulumi.getter + def role(self) -> pulumi.Output[str]: + """ + The role that should be applied. Only one + `colab.RuntimeTemplateIamBinding` can be used per role. Note that custom roles must be of the format + `[projects|organizations]/{parent-name}/roles/{role-name}`. + """ + return pulumi.get(self, "role") + + @property + @pulumi.getter(name="runtimeTemplate") + def runtime_template(self) -> pulumi.Output[str]: + """ + Used to find the parent resource to bind the IAM policy to + """ + return pulumi.get(self, "runtime_template") + diff --git a/sdk/python/pulumi_gcp/colab/runtime_template_iam_policy.py b/sdk/python/pulumi_gcp/colab/runtime_template_iam_policy.py new file mode 100644 index 0000000000..cd53591bd3 --- /dev/null +++ b/sdk/python/pulumi_gcp/colab/runtime_template_iam_policy.py @@ -0,0 +1,667 @@ +# coding=utf-8 +# *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +# *** Do not edit by hand unless you're certain you know what you are doing! *** + +import copy +import warnings +import sys +import pulumi +import pulumi.runtime +from typing import Any, Mapping, Optional, Sequence, Union, overload +if sys.version_info >= (3, 11): + from typing import NotRequired, TypedDict, TypeAlias +else: + from typing_extensions import NotRequired, TypedDict, TypeAlias +from .. import _utilities + +__all__ = ['RuntimeTemplateIamPolicyArgs', 'RuntimeTemplateIamPolicy'] + +@pulumi.input_type +class RuntimeTemplateIamPolicyArgs: + def __init__(__self__, *, + policy_data: pulumi.Input[str], + runtime_template: pulumi.Input[str], + location: Optional[pulumi.Input[str]] = None, + project: Optional[pulumi.Input[str]] = None): + """ + The set of arguments for constructing a RuntimeTemplateIamPolicy resource. + :param pulumi.Input[str] policy_data: The policy data generated by + a `organizations_get_iam_policy` data source. + :param pulumi.Input[str] runtime_template: Used to find the parent resource to bind the IAM policy to + :param pulumi.Input[str] location: The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + location is specified, it is taken from the provider configuration. + :param pulumi.Input[str] project: The ID of the project in which the resource belongs. + If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + """ + pulumi.set(__self__, "policy_data", policy_data) + pulumi.set(__self__, "runtime_template", runtime_template) + if location is not None: + pulumi.set(__self__, "location", location) + if project is not None: + pulumi.set(__self__, "project", project) + + @property + @pulumi.getter(name="policyData") + def policy_data(self) -> pulumi.Input[str]: + """ + The policy data generated by + a `organizations_get_iam_policy` data source. + """ + return pulumi.get(self, "policy_data") + + @policy_data.setter + def policy_data(self, value: pulumi.Input[str]): + pulumi.set(self, "policy_data", value) + + @property + @pulumi.getter(name="runtimeTemplate") + def runtime_template(self) -> pulumi.Input[str]: + """ + Used to find the parent resource to bind the IAM policy to + """ + return pulumi.get(self, "runtime_template") + + @runtime_template.setter + def runtime_template(self, value: pulumi.Input[str]): + pulumi.set(self, "runtime_template", value) + + @property + @pulumi.getter + def location(self) -> Optional[pulumi.Input[str]]: + """ + The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + location is specified, it is taken from the provider configuration. + """ + return pulumi.get(self, "location") + + @location.setter + def location(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "location", value) + + @property + @pulumi.getter + def project(self) -> Optional[pulumi.Input[str]]: + """ + The ID of the project in which the resource belongs. + If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + """ + return pulumi.get(self, "project") + + @project.setter + def project(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "project", value) + + +@pulumi.input_type +class _RuntimeTemplateIamPolicyState: + def __init__(__self__, *, + etag: Optional[pulumi.Input[str]] = None, + location: Optional[pulumi.Input[str]] = None, + policy_data: Optional[pulumi.Input[str]] = None, + project: Optional[pulumi.Input[str]] = None, + runtime_template: Optional[pulumi.Input[str]] = None): + """ + Input properties used for looking up and filtering RuntimeTemplateIamPolicy resources. + :param pulumi.Input[str] etag: (Computed) The etag of the IAM policy. + :param pulumi.Input[str] location: The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + location is specified, it is taken from the provider configuration. + :param pulumi.Input[str] policy_data: The policy data generated by + a `organizations_get_iam_policy` data source. + :param pulumi.Input[str] project: The ID of the project in which the resource belongs. + If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + :param pulumi.Input[str] runtime_template: Used to find the parent resource to bind the IAM policy to + """ + if etag is not None: + pulumi.set(__self__, "etag", etag) + if location is not None: + pulumi.set(__self__, "location", location) + if policy_data is not None: + pulumi.set(__self__, "policy_data", policy_data) + if project is not None: + pulumi.set(__self__, "project", project) + if runtime_template is not None: + pulumi.set(__self__, "runtime_template", runtime_template) + + @property + @pulumi.getter + def etag(self) -> Optional[pulumi.Input[str]]: + """ + (Computed) The etag of the IAM policy. + """ + return pulumi.get(self, "etag") + + @etag.setter + def etag(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "etag", value) + + @property + @pulumi.getter + def location(self) -> Optional[pulumi.Input[str]]: + """ + The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + location is specified, it is taken from the provider configuration. + """ + return pulumi.get(self, "location") + + @location.setter + def location(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "location", value) + + @property + @pulumi.getter(name="policyData") + def policy_data(self) -> Optional[pulumi.Input[str]]: + """ + The policy data generated by + a `organizations_get_iam_policy` data source. + """ + return pulumi.get(self, "policy_data") + + @policy_data.setter + def policy_data(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "policy_data", value) + + @property + @pulumi.getter + def project(self) -> Optional[pulumi.Input[str]]: + """ + The ID of the project in which the resource belongs. + If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + """ + return pulumi.get(self, "project") + + @project.setter + def project(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "project", value) + + @property + @pulumi.getter(name="runtimeTemplate") + def runtime_template(self) -> Optional[pulumi.Input[str]]: + """ + Used to find the parent resource to bind the IAM policy to + """ + return pulumi.get(self, "runtime_template") + + @runtime_template.setter + def runtime_template(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "runtime_template", value) + + +class RuntimeTemplateIamPolicy(pulumi.CustomResource): + @overload + def __init__(__self__, + resource_name: str, + opts: Optional[pulumi.ResourceOptions] = None, + location: Optional[pulumi.Input[str]] = None, + policy_data: Optional[pulumi.Input[str]] = None, + project: Optional[pulumi.Input[str]] = None, + runtime_template: Optional[pulumi.Input[str]] = None, + __props__=None): + """ + Three different resources help you manage your IAM policy for Colab Enterprise RuntimeTemplate. Each of these resources serves a different use case: + + * `colab.RuntimeTemplateIamPolicy`: Authoritative. Sets the IAM policy for the runtimetemplate and replaces any existing policy already attached. + * `colab.RuntimeTemplateIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the runtimetemplate are preserved. + * `colab.RuntimeTemplateIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the runtimetemplate are preserved. + + A data source can be used to retrieve policy data in advent you do not need creation + + * `colab.RuntimeTemplateIamPolicy`: Retrieves the IAM policy for the runtimetemplate + + > **Note:** `colab.RuntimeTemplateIamPolicy` **cannot** be used in conjunction with `colab.RuntimeTemplateIamBinding` and `colab.RuntimeTemplateIamMember` or they will fight over what your policy should be. + + > **Note:** `colab.RuntimeTemplateIamBinding` resources **can be** used in conjunction with `colab.RuntimeTemplateIamMember` resources **only if** they do not grant privilege to the same role. + + ## colab.RuntimeTemplateIamPolicy + + ```python + import pulumi + import pulumi_gcp as gcp + + admin = gcp.organizations.get_iam_policy(bindings=[{ + "role": "roles/viewer", + "members": ["user:jane@example.com"], + }]) + policy = gcp.colab.RuntimeTemplateIamPolicy("policy", + project=runtime_template["project"], + location=runtime_template["location"], + runtime_template=runtime_template["name"], + policy_data=admin.policy_data) + ``` + + ## colab.RuntimeTemplateIamBinding + + ```python + import pulumi + import pulumi_gcp as gcp + + binding = gcp.colab.RuntimeTemplateIamBinding("binding", + project=runtime_template["project"], + location=runtime_template["location"], + runtime_template=runtime_template["name"], + role="roles/viewer", + members=["user:jane@example.com"]) + ``` + + ## colab.RuntimeTemplateIamMember + + ```python + import pulumi + import pulumi_gcp as gcp + + member = gcp.colab.RuntimeTemplateIamMember("member", + project=runtime_template["project"], + location=runtime_template["location"], + runtime_template=runtime_template["name"], + role="roles/viewer", + member="user:jane@example.com") + ``` + + ## This resource supports User Project Overrides. + + - + + # IAM policy for Colab Enterprise RuntimeTemplate + Three different resources help you manage your IAM policy for Colab Enterprise RuntimeTemplate. Each of these resources serves a different use case: + + * `colab.RuntimeTemplateIamPolicy`: Authoritative. Sets the IAM policy for the runtimetemplate and replaces any existing policy already attached. + * `colab.RuntimeTemplateIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the runtimetemplate are preserved. + * `colab.RuntimeTemplateIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the runtimetemplate are preserved. + + A data source can be used to retrieve policy data in advent you do not need creation + + * `colab.RuntimeTemplateIamPolicy`: Retrieves the IAM policy for the runtimetemplate + + > **Note:** `colab.RuntimeTemplateIamPolicy` **cannot** be used in conjunction with `colab.RuntimeTemplateIamBinding` and `colab.RuntimeTemplateIamMember` or they will fight over what your policy should be. + + > **Note:** `colab.RuntimeTemplateIamBinding` resources **can be** used in conjunction with `colab.RuntimeTemplateIamMember` resources **only if** they do not grant privilege to the same role. + + ## colab.RuntimeTemplateIamPolicy + + ```python + import pulumi + import pulumi_gcp as gcp + + admin = gcp.organizations.get_iam_policy(bindings=[{ + "role": "roles/viewer", + "members": ["user:jane@example.com"], + }]) + policy = gcp.colab.RuntimeTemplateIamPolicy("policy", + project=runtime_template["project"], + location=runtime_template["location"], + runtime_template=runtime_template["name"], + policy_data=admin.policy_data) + ``` + + ## colab.RuntimeTemplateIamBinding + + ```python + import pulumi + import pulumi_gcp as gcp + + binding = gcp.colab.RuntimeTemplateIamBinding("binding", + project=runtime_template["project"], + location=runtime_template["location"], + runtime_template=runtime_template["name"], + role="roles/viewer", + members=["user:jane@example.com"]) + ``` + + ## colab.RuntimeTemplateIamMember + + ```python + import pulumi + import pulumi_gcp as gcp + + member = gcp.colab.RuntimeTemplateIamMember("member", + project=runtime_template["project"], + location=runtime_template["location"], + runtime_template=runtime_template["name"], + role="roles/viewer", + member="user:jane@example.com") + ``` + + ## Import + + For all import syntaxes, the "resource in question" can take any of the following forms: + + * projects/{{project}}/locations/{{location}}/notebookRuntimeTemplates/{{runtime_template}} + + * {{project}}/{{location}}/{{runtime_template}} + + * {{location}}/{{runtime_template}} + + * {{runtime_template}} + + Any variables not passed in the import command will be taken from the provider configuration. + + Colab Enterprise runtimetemplate IAM resources can be imported using the resource identifiers, role, and member. + + IAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g. + + ```sh + $ pulumi import gcp:colab/runtimeTemplateIamPolicy:RuntimeTemplateIamPolicy editor "projects/{{project}}/locations/{{location}}/notebookRuntimeTemplates/{{runtime_template}} roles/viewer user:jane@example.com" + ``` + + IAM binding imports use space-delimited identifiers: the resource in question and the role, e.g. + + ```sh + $ pulumi import gcp:colab/runtimeTemplateIamPolicy:RuntimeTemplateIamPolicy editor "projects/{{project}}/locations/{{location}}/notebookRuntimeTemplates/{{runtime_template}} roles/viewer" + ``` + + IAM policy imports use the identifier of the resource in question, e.g. + + ```sh + $ pulumi import gcp:colab/runtimeTemplateIamPolicy:RuntimeTemplateIamPolicy editor projects/{{project}}/locations/{{location}}/notebookRuntimeTemplates/{{runtime_template}} + ``` + + -> **Custom Roles** If you're importing a IAM resource with a custom role, make sure to use the + + full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`. + + :param str resource_name: The name of the resource. + :param pulumi.ResourceOptions opts: Options for the resource. + :param pulumi.Input[str] location: The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + location is specified, it is taken from the provider configuration. + :param pulumi.Input[str] policy_data: The policy data generated by + a `organizations_get_iam_policy` data source. + :param pulumi.Input[str] project: The ID of the project in which the resource belongs. + If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + :param pulumi.Input[str] runtime_template: Used to find the parent resource to bind the IAM policy to + """ + ... + @overload + def __init__(__self__, + resource_name: str, + args: RuntimeTemplateIamPolicyArgs, + opts: Optional[pulumi.ResourceOptions] = None): + """ + Three different resources help you manage your IAM policy for Colab Enterprise RuntimeTemplate. Each of these resources serves a different use case: + + * `colab.RuntimeTemplateIamPolicy`: Authoritative. Sets the IAM policy for the runtimetemplate and replaces any existing policy already attached. + * `colab.RuntimeTemplateIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the runtimetemplate are preserved. + * `colab.RuntimeTemplateIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the runtimetemplate are preserved. + + A data source can be used to retrieve policy data in advent you do not need creation + + * `colab.RuntimeTemplateIamPolicy`: Retrieves the IAM policy for the runtimetemplate + + > **Note:** `colab.RuntimeTemplateIamPolicy` **cannot** be used in conjunction with `colab.RuntimeTemplateIamBinding` and `colab.RuntimeTemplateIamMember` or they will fight over what your policy should be. + + > **Note:** `colab.RuntimeTemplateIamBinding` resources **can be** used in conjunction with `colab.RuntimeTemplateIamMember` resources **only if** they do not grant privilege to the same role. + + ## colab.RuntimeTemplateIamPolicy + + ```python + import pulumi + import pulumi_gcp as gcp + + admin = gcp.organizations.get_iam_policy(bindings=[{ + "role": "roles/viewer", + "members": ["user:jane@example.com"], + }]) + policy = gcp.colab.RuntimeTemplateIamPolicy("policy", + project=runtime_template["project"], + location=runtime_template["location"], + runtime_template=runtime_template["name"], + policy_data=admin.policy_data) + ``` + + ## colab.RuntimeTemplateIamBinding + + ```python + import pulumi + import pulumi_gcp as gcp + + binding = gcp.colab.RuntimeTemplateIamBinding("binding", + project=runtime_template["project"], + location=runtime_template["location"], + runtime_template=runtime_template["name"], + role="roles/viewer", + members=["user:jane@example.com"]) + ``` + + ## colab.RuntimeTemplateIamMember + + ```python + import pulumi + import pulumi_gcp as gcp + + member = gcp.colab.RuntimeTemplateIamMember("member", + project=runtime_template["project"], + location=runtime_template["location"], + runtime_template=runtime_template["name"], + role="roles/viewer", + member="user:jane@example.com") + ``` + + ## This resource supports User Project Overrides. + + - + + # IAM policy for Colab Enterprise RuntimeTemplate + Three different resources help you manage your IAM policy for Colab Enterprise RuntimeTemplate. Each of these resources serves a different use case: + + * `colab.RuntimeTemplateIamPolicy`: Authoritative. Sets the IAM policy for the runtimetemplate and replaces any existing policy already attached. + * `colab.RuntimeTemplateIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the runtimetemplate are preserved. + * `colab.RuntimeTemplateIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the runtimetemplate are preserved. + + A data source can be used to retrieve policy data in advent you do not need creation + + * `colab.RuntimeTemplateIamPolicy`: Retrieves the IAM policy for the runtimetemplate + + > **Note:** `colab.RuntimeTemplateIamPolicy` **cannot** be used in conjunction with `colab.RuntimeTemplateIamBinding` and `colab.RuntimeTemplateIamMember` or they will fight over what your policy should be. + + > **Note:** `colab.RuntimeTemplateIamBinding` resources **can be** used in conjunction with `colab.RuntimeTemplateIamMember` resources **only if** they do not grant privilege to the same role. + + ## colab.RuntimeTemplateIamPolicy + + ```python + import pulumi + import pulumi_gcp as gcp + + admin = gcp.organizations.get_iam_policy(bindings=[{ + "role": "roles/viewer", + "members": ["user:jane@example.com"], + }]) + policy = gcp.colab.RuntimeTemplateIamPolicy("policy", + project=runtime_template["project"], + location=runtime_template["location"], + runtime_template=runtime_template["name"], + policy_data=admin.policy_data) + ``` + + ## colab.RuntimeTemplateIamBinding + + ```python + import pulumi + import pulumi_gcp as gcp + + binding = gcp.colab.RuntimeTemplateIamBinding("binding", + project=runtime_template["project"], + location=runtime_template["location"], + runtime_template=runtime_template["name"], + role="roles/viewer", + members=["user:jane@example.com"]) + ``` + + ## colab.RuntimeTemplateIamMember + + ```python + import pulumi + import pulumi_gcp as gcp + + member = gcp.colab.RuntimeTemplateIamMember("member", + project=runtime_template["project"], + location=runtime_template["location"], + runtime_template=runtime_template["name"], + role="roles/viewer", + member="user:jane@example.com") + ``` + + ## Import + + For all import syntaxes, the "resource in question" can take any of the following forms: + + * projects/{{project}}/locations/{{location}}/notebookRuntimeTemplates/{{runtime_template}} + + * {{project}}/{{location}}/{{runtime_template}} + + * {{location}}/{{runtime_template}} + + * {{runtime_template}} + + Any variables not passed in the import command will be taken from the provider configuration. + + Colab Enterprise runtimetemplate IAM resources can be imported using the resource identifiers, role, and member. + + IAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g. + + ```sh + $ pulumi import gcp:colab/runtimeTemplateIamPolicy:RuntimeTemplateIamPolicy editor "projects/{{project}}/locations/{{location}}/notebookRuntimeTemplates/{{runtime_template}} roles/viewer user:jane@example.com" + ``` + + IAM binding imports use space-delimited identifiers: the resource in question and the role, e.g. + + ```sh + $ pulumi import gcp:colab/runtimeTemplateIamPolicy:RuntimeTemplateIamPolicy editor "projects/{{project}}/locations/{{location}}/notebookRuntimeTemplates/{{runtime_template}} roles/viewer" + ``` + + IAM policy imports use the identifier of the resource in question, e.g. + + ```sh + $ pulumi import gcp:colab/runtimeTemplateIamPolicy:RuntimeTemplateIamPolicy editor projects/{{project}}/locations/{{location}}/notebookRuntimeTemplates/{{runtime_template}} + ``` + + -> **Custom Roles** If you're importing a IAM resource with a custom role, make sure to use the + + full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`. + + :param str resource_name: The name of the resource. + :param RuntimeTemplateIamPolicyArgs args: The arguments to use to populate this resource's properties. + :param pulumi.ResourceOptions opts: Options for the resource. + """ + ... + def __init__(__self__, resource_name: str, *args, **kwargs): + resource_args, opts = _utilities.get_resource_args_opts(RuntimeTemplateIamPolicyArgs, pulumi.ResourceOptions, *args, **kwargs) + if resource_args is not None: + __self__._internal_init(resource_name, opts, **resource_args.__dict__) + else: + __self__._internal_init(resource_name, *args, **kwargs) + + def _internal_init(__self__, + resource_name: str, + opts: Optional[pulumi.ResourceOptions] = None, + location: Optional[pulumi.Input[str]] = None, + policy_data: Optional[pulumi.Input[str]] = None, + project: Optional[pulumi.Input[str]] = None, + runtime_template: Optional[pulumi.Input[str]] = None, + __props__=None): + opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts) + if not isinstance(opts, pulumi.ResourceOptions): + raise TypeError('Expected resource options to be a ResourceOptions instance') + if opts.id is None: + if __props__ is not None: + raise TypeError('__props__ is only valid when passed in combination with a valid opts.id to get an existing resource') + __props__ = RuntimeTemplateIamPolicyArgs.__new__(RuntimeTemplateIamPolicyArgs) + + __props__.__dict__["location"] = location + if policy_data is None and not opts.urn: + raise TypeError("Missing required property 'policy_data'") + __props__.__dict__["policy_data"] = policy_data + __props__.__dict__["project"] = project + if runtime_template is None and not opts.urn: + raise TypeError("Missing required property 'runtime_template'") + __props__.__dict__["runtime_template"] = runtime_template + __props__.__dict__["etag"] = None + super(RuntimeTemplateIamPolicy, __self__).__init__( + 'gcp:colab/runtimeTemplateIamPolicy:RuntimeTemplateIamPolicy', + resource_name, + __props__, + opts) + + @staticmethod + def get(resource_name: str, + id: pulumi.Input[str], + opts: Optional[pulumi.ResourceOptions] = None, + etag: Optional[pulumi.Input[str]] = None, + location: Optional[pulumi.Input[str]] = None, + policy_data: Optional[pulumi.Input[str]] = None, + project: Optional[pulumi.Input[str]] = None, + runtime_template: Optional[pulumi.Input[str]] = None) -> 'RuntimeTemplateIamPolicy': + """ + Get an existing RuntimeTemplateIamPolicy resource's state with the given name, id, and optional extra + properties used to qualify the lookup. + + :param str resource_name: The unique name of the resulting resource. + :param pulumi.Input[str] id: The unique provider ID of the resource to lookup. + :param pulumi.ResourceOptions opts: Options for the resource. + :param pulumi.Input[str] etag: (Computed) The etag of the IAM policy. + :param pulumi.Input[str] location: The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + location is specified, it is taken from the provider configuration. + :param pulumi.Input[str] policy_data: The policy data generated by + a `organizations_get_iam_policy` data source. + :param pulumi.Input[str] project: The ID of the project in which the resource belongs. + If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + :param pulumi.Input[str] runtime_template: Used to find the parent resource to bind the IAM policy to + """ + opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id)) + + __props__ = _RuntimeTemplateIamPolicyState.__new__(_RuntimeTemplateIamPolicyState) + + __props__.__dict__["etag"] = etag + __props__.__dict__["location"] = location + __props__.__dict__["policy_data"] = policy_data + __props__.__dict__["project"] = project + __props__.__dict__["runtime_template"] = runtime_template + return RuntimeTemplateIamPolicy(resource_name, opts=opts, __props__=__props__) + + @property + @pulumi.getter + def etag(self) -> pulumi.Output[str]: + """ + (Computed) The etag of the IAM policy. + """ + return pulumi.get(self, "etag") + + @property + @pulumi.getter + def location(self) -> pulumi.Output[str]: + """ + The location for the resource: https://cloud.google.com/colab/docs/locations Used to find the parent resource to bind the IAM policy to. If not specified, + the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no + location is specified, it is taken from the provider configuration. + """ + return pulumi.get(self, "location") + + @property + @pulumi.getter(name="policyData") + def policy_data(self) -> pulumi.Output[str]: + """ + The policy data generated by + a `organizations_get_iam_policy` data source. + """ + return pulumi.get(self, "policy_data") + + @property + @pulumi.getter + def project(self) -> pulumi.Output[str]: + """ + The ID of the project in which the resource belongs. + If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + """ + return pulumi.get(self, "project") + + @property + @pulumi.getter(name="runtimeTemplate") + def runtime_template(self) -> pulumi.Output[str]: + """ + Used to find the parent resource to bind the IAM policy to + """ + return pulumi.get(self, "runtime_template") + diff --git a/sdk/python/pulumi_gcp/compute/__init__.py b/sdk/python/pulumi_gcp/compute/__init__.py index 05982b0b25..4c287eed28 100644 --- a/sdk/python/pulumi_gcp/compute/__init__.py +++ b/sdk/python/pulumi_gcp/compute/__init__.py @@ -57,6 +57,7 @@ from .get_instance_iam_policy import * from .get_instance_serial_port import * from .get_instance_template import * +from .get_instance_template_iam_policy import * from .get_lbip_ranges import * from .get_machine_image_iam_policy import * from .get_machine_types import * @@ -113,6 +114,9 @@ from .instance_iam_policy import * from .instance_settings import * from .instance_template import * +from .instance_template_iam_binding import * +from .instance_template_iam_member import * +from .instance_template_iam_policy import * from .interconnect import * from .interconnect_attachment import * from .machine_image import * diff --git a/sdk/python/pulumi_gcp/compute/_inputs.py b/sdk/python/pulumi_gcp/compute/_inputs.py index 67af08a47d..e16dd70bd9 100644 --- a/sdk/python/pulumi_gcp/compute/_inputs.py +++ b/sdk/python/pulumi_gcp/compute/_inputs.py @@ -355,6 +355,10 @@ 'InstanceTemplateDiskSourceSnapshotEncryptionKeyArgsDict', 'InstanceTemplateGuestAcceleratorArgs', 'InstanceTemplateGuestAcceleratorArgsDict', + 'InstanceTemplateIamBindingConditionArgs', + 'InstanceTemplateIamBindingConditionArgsDict', + 'InstanceTemplateIamMemberConditionArgs', + 'InstanceTemplateIamMemberConditionArgsDict', 'InstanceTemplateNetworkInterfaceArgs', 'InstanceTemplateNetworkInterfaceArgsDict', 'InstanceTemplateNetworkInterfaceAccessConfigArgs', @@ -6427,6 +6431,11 @@ class FirewallPolicyRuleMatchArgsDict(TypedDict): """ CIDR IP address range. Maximum number of destination CIDR IP ranges allowed is 5000. """ + dest_network_scope: NotRequired[pulumi.Input[str]] + """ + Network scope of the traffic destination. + Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + """ dest_region_codes: NotRequired[pulumi.Input[Sequence[pulumi.Input[str]]]] """ Region codes whose IP addresses will be used to match for destination of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of dest region codes allowed is 5000. @@ -6447,6 +6456,15 @@ class FirewallPolicyRuleMatchArgsDict(TypedDict): """ CIDR IP address range. Maximum number of source CIDR IP ranges allowed is 5000. """ + src_network_scope: NotRequired[pulumi.Input[str]] + """ + Network scope of the traffic source. + Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + """ + src_networks: NotRequired[pulumi.Input[Sequence[pulumi.Input[str]]]] + """ + Networks of the traffic source. It can be either a full or partial url. + """ src_region_codes: NotRequired[pulumi.Input[Sequence[pulumi.Input[str]]]] """ Region codes whose IP addresses will be used to match for source of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of source region codes allowed is 5000. @@ -6468,11 +6486,14 @@ def __init__(__self__, *, dest_address_groups: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, dest_fqdns: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, dest_ip_ranges: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, + dest_network_scope: Optional[pulumi.Input[str]] = None, dest_region_codes: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, dest_threat_intelligences: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, src_address_groups: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, src_fqdns: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, src_ip_ranges: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, + src_network_scope: Optional[pulumi.Input[str]] = None, + src_networks: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, src_region_codes: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, src_threat_intelligences: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None): """ @@ -6481,11 +6502,16 @@ def __init__(__self__, *, :param pulumi.Input[Sequence[pulumi.Input[str]]] dest_address_groups: Address groups which should be matched against the traffic destination. Maximum number of destination address groups is 10. :param pulumi.Input[Sequence[pulumi.Input[str]]] dest_fqdns: Fully Qualified Domain Name (FQDN) which should be matched against traffic destination. Maximum number of destination fqdn allowed is 100. :param pulumi.Input[Sequence[pulumi.Input[str]]] dest_ip_ranges: CIDR IP address range. Maximum number of destination CIDR IP ranges allowed is 5000. + :param pulumi.Input[str] dest_network_scope: Network scope of the traffic destination. + Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. :param pulumi.Input[Sequence[pulumi.Input[str]]] dest_region_codes: Region codes whose IP addresses will be used to match for destination of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of dest region codes allowed is 5000. :param pulumi.Input[Sequence[pulumi.Input[str]]] dest_threat_intelligences: Names of Network Threat Intelligence lists. The IPs in these lists will be matched against traffic destination. :param pulumi.Input[Sequence[pulumi.Input[str]]] src_address_groups: Address groups which should be matched against the traffic source. Maximum number of source address groups is 10. :param pulumi.Input[Sequence[pulumi.Input[str]]] src_fqdns: Fully Qualified Domain Name (FQDN) which should be matched against traffic source. Maximum number of source fqdn allowed is 100. :param pulumi.Input[Sequence[pulumi.Input[str]]] src_ip_ranges: CIDR IP address range. Maximum number of source CIDR IP ranges allowed is 5000. + :param pulumi.Input[str] src_network_scope: Network scope of the traffic source. + Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + :param pulumi.Input[Sequence[pulumi.Input[str]]] src_networks: Networks of the traffic source. It can be either a full or partial url. :param pulumi.Input[Sequence[pulumi.Input[str]]] src_region_codes: Region codes whose IP addresses will be used to match for source of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of source region codes allowed is 5000. :param pulumi.Input[Sequence[pulumi.Input[str]]] src_threat_intelligences: Names of Network Threat Intelligence lists. The IPs in these lists will be matched against traffic source. @@ -6499,6 +6525,8 @@ def __init__(__self__, *, pulumi.set(__self__, "dest_fqdns", dest_fqdns) if dest_ip_ranges is not None: pulumi.set(__self__, "dest_ip_ranges", dest_ip_ranges) + if dest_network_scope is not None: + pulumi.set(__self__, "dest_network_scope", dest_network_scope) if dest_region_codes is not None: pulumi.set(__self__, "dest_region_codes", dest_region_codes) if dest_threat_intelligences is not None: @@ -6509,6 +6537,10 @@ def __init__(__self__, *, pulumi.set(__self__, "src_fqdns", src_fqdns) if src_ip_ranges is not None: pulumi.set(__self__, "src_ip_ranges", src_ip_ranges) + if src_network_scope is not None: + pulumi.set(__self__, "src_network_scope", src_network_scope) + if src_networks is not None: + pulumi.set(__self__, "src_networks", src_networks) if src_region_codes is not None: pulumi.set(__self__, "src_region_codes", src_region_codes) if src_threat_intelligences is not None: @@ -6563,6 +6595,19 @@ def dest_ip_ranges(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: def dest_ip_ranges(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): pulumi.set(self, "dest_ip_ranges", value) + @property + @pulumi.getter(name="destNetworkScope") + def dest_network_scope(self) -> Optional[pulumi.Input[str]]: + """ + Network scope of the traffic destination. + Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + """ + return pulumi.get(self, "dest_network_scope") + + @dest_network_scope.setter + def dest_network_scope(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "dest_network_scope", value) + @property @pulumi.getter(name="destRegionCodes") def dest_region_codes(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: @@ -6623,6 +6668,31 @@ def src_ip_ranges(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: def src_ip_ranges(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): pulumi.set(self, "src_ip_ranges", value) + @property + @pulumi.getter(name="srcNetworkScope") + def src_network_scope(self) -> Optional[pulumi.Input[str]]: + """ + Network scope of the traffic source. + Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + """ + return pulumi.get(self, "src_network_scope") + + @src_network_scope.setter + def src_network_scope(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "src_network_scope", value) + + @property + @pulumi.getter(name="srcNetworks") + def src_networks(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + Networks of the traffic source. It can be either a full or partial url. + """ + return pulumi.get(self, "src_networks") + + @src_networks.setter + def src_networks(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): + pulumi.set(self, "src_networks", value) + @property @pulumi.getter(name="srcRegionCodes") def src_region_codes(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: @@ -7752,6 +7822,11 @@ class FirewallPolicyWithRulesRuleMatchArgsDict(TypedDict): Destination IP address range in CIDR format. Required for EGRESS rules. """ + dest_network_scope: NotRequired[pulumi.Input[str]] + """ + Network scope of the traffic destination. + Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + """ dest_region_codes: NotRequired[pulumi.Input[Sequence[pulumi.Input[str]]]] """ Region codes whose IP addresses will be used to match for destination @@ -7779,6 +7854,15 @@ class FirewallPolicyWithRulesRuleMatchArgsDict(TypedDict): Source IP address range in CIDR format. Required for INGRESS rules. """ + src_network_scope: NotRequired[pulumi.Input[str]] + """ + Network scope of the traffic source. + Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + """ + src_networks: NotRequired[pulumi.Input[Sequence[pulumi.Input[str]]]] + """ + Networks of the traffic source. It can be either a full or partial url. + """ src_region_codes: NotRequired[pulumi.Input[Sequence[pulumi.Input[str]]]] """ Region codes whose IP addresses will be used to match for source @@ -7801,11 +7885,14 @@ def __init__(__self__, *, dest_address_groups: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, dest_fqdns: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, dest_ip_ranges: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, + dest_network_scope: Optional[pulumi.Input[str]] = None, dest_region_codes: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, dest_threat_intelligences: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, src_address_groups: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, src_fqdns: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, src_ip_ranges: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, + src_network_scope: Optional[pulumi.Input[str]] = None, + src_networks: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, src_region_codes: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, src_threat_intelligences: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None): """ @@ -7820,6 +7907,8 @@ def __init__(__self__, *, traffic destination. Maximum number of destination fqdn allowed is 100. :param pulumi.Input[Sequence[pulumi.Input[str]]] dest_ip_ranges: Destination IP address range in CIDR format. Required for EGRESS rules. + :param pulumi.Input[str] dest_network_scope: Network scope of the traffic destination. + Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. :param pulumi.Input[Sequence[pulumi.Input[str]]] dest_region_codes: Region codes whose IP addresses will be used to match for destination of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" @@ -7832,6 +7921,9 @@ def __init__(__self__, *, traffic source. Maximum number of source fqdn allowed is 100. :param pulumi.Input[Sequence[pulumi.Input[str]]] src_ip_ranges: Source IP address range in CIDR format. Required for INGRESS rules. + :param pulumi.Input[str] src_network_scope: Network scope of the traffic source. + Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + :param pulumi.Input[Sequence[pulumi.Input[str]]] src_networks: Networks of the traffic source. It can be either a full or partial url. :param pulumi.Input[Sequence[pulumi.Input[str]]] src_region_codes: Region codes whose IP addresses will be used to match for source of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" @@ -7846,6 +7938,8 @@ def __init__(__self__, *, pulumi.set(__self__, "dest_fqdns", dest_fqdns) if dest_ip_ranges is not None: pulumi.set(__self__, "dest_ip_ranges", dest_ip_ranges) + if dest_network_scope is not None: + pulumi.set(__self__, "dest_network_scope", dest_network_scope) if dest_region_codes is not None: pulumi.set(__self__, "dest_region_codes", dest_region_codes) if dest_threat_intelligences is not None: @@ -7856,6 +7950,10 @@ def __init__(__self__, *, pulumi.set(__self__, "src_fqdns", src_fqdns) if src_ip_ranges is not None: pulumi.set(__self__, "src_ip_ranges", src_ip_ranges) + if src_network_scope is not None: + pulumi.set(__self__, "src_network_scope", src_network_scope) + if src_networks is not None: + pulumi.set(__self__, "src_networks", src_networks) if src_region_codes is not None: pulumi.set(__self__, "src_region_codes", src_region_codes) if src_threat_intelligences is not None: @@ -7916,6 +8014,19 @@ def dest_ip_ranges(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: def dest_ip_ranges(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): pulumi.set(self, "dest_ip_ranges", value) + @property + @pulumi.getter(name="destNetworkScope") + def dest_network_scope(self) -> Optional[pulumi.Input[str]]: + """ + Network scope of the traffic destination. + Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + """ + return pulumi.get(self, "dest_network_scope") + + @dest_network_scope.setter + def dest_network_scope(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "dest_network_scope", value) + @property @pulumi.getter(name="destRegionCodes") def dest_region_codes(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: @@ -7983,6 +8094,31 @@ def src_ip_ranges(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: def src_ip_ranges(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): pulumi.set(self, "src_ip_ranges", value) + @property + @pulumi.getter(name="srcNetworkScope") + def src_network_scope(self) -> Optional[pulumi.Input[str]]: + """ + Network scope of the traffic source. + Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + """ + return pulumi.get(self, "src_network_scope") + + @src_network_scope.setter + def src_network_scope(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "src_network_scope", value) + + @property + @pulumi.getter(name="srcNetworks") + def src_networks(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + Networks of the traffic source. It can be either a full or partial url. + """ + return pulumi.get(self, "src_networks") + + @src_networks.setter + def src_networks(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): + pulumi.set(self, "src_networks", value) + @property @pulumi.getter(name="srcRegionCodes") def src_region_codes(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: @@ -19225,6 +19361,132 @@ def type(self, value: pulumi.Input[str]): pulumi.set(self, "type", value) +if not MYPY: + class InstanceTemplateIamBindingConditionArgsDict(TypedDict): + expression: pulumi.Input[str] + """ + Textual representation of an expression in Common Expression Language syntax. + """ + title: pulumi.Input[str] + """ + A title for the expression, i.e. a short string describing its purpose. + """ + description: NotRequired[pulumi.Input[str]] +elif False: + InstanceTemplateIamBindingConditionArgsDict: TypeAlias = Mapping[str, Any] + +@pulumi.input_type +class InstanceTemplateIamBindingConditionArgs: + def __init__(__self__, *, + expression: pulumi.Input[str], + title: pulumi.Input[str], + description: Optional[pulumi.Input[str]] = None): + """ + :param pulumi.Input[str] expression: Textual representation of an expression in Common Expression Language syntax. + :param pulumi.Input[str] title: A title for the expression, i.e. a short string describing its purpose. + """ + pulumi.set(__self__, "expression", expression) + pulumi.set(__self__, "title", title) + if description is not None: + pulumi.set(__self__, "description", description) + + @property + @pulumi.getter + def expression(self) -> pulumi.Input[str]: + """ + Textual representation of an expression in Common Expression Language syntax. + """ + return pulumi.get(self, "expression") + + @expression.setter + def expression(self, value: pulumi.Input[str]): + pulumi.set(self, "expression", value) + + @property + @pulumi.getter + def title(self) -> pulumi.Input[str]: + """ + A title for the expression, i.e. a short string describing its purpose. + """ + return pulumi.get(self, "title") + + @title.setter + def title(self, value: pulumi.Input[str]): + pulumi.set(self, "title", value) + + @property + @pulumi.getter + def description(self) -> Optional[pulumi.Input[str]]: + return pulumi.get(self, "description") + + @description.setter + def description(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "description", value) + + +if not MYPY: + class InstanceTemplateIamMemberConditionArgsDict(TypedDict): + expression: pulumi.Input[str] + """ + Textual representation of an expression in Common Expression Language syntax. + """ + title: pulumi.Input[str] + """ + A title for the expression, i.e. a short string describing its purpose. + """ + description: NotRequired[pulumi.Input[str]] +elif False: + InstanceTemplateIamMemberConditionArgsDict: TypeAlias = Mapping[str, Any] + +@pulumi.input_type +class InstanceTemplateIamMemberConditionArgs: + def __init__(__self__, *, + expression: pulumi.Input[str], + title: pulumi.Input[str], + description: Optional[pulumi.Input[str]] = None): + """ + :param pulumi.Input[str] expression: Textual representation of an expression in Common Expression Language syntax. + :param pulumi.Input[str] title: A title for the expression, i.e. a short string describing its purpose. + """ + pulumi.set(__self__, "expression", expression) + pulumi.set(__self__, "title", title) + if description is not None: + pulumi.set(__self__, "description", description) + + @property + @pulumi.getter + def expression(self) -> pulumi.Input[str]: + """ + Textual representation of an expression in Common Expression Language syntax. + """ + return pulumi.get(self, "expression") + + @expression.setter + def expression(self, value: pulumi.Input[str]): + pulumi.set(self, "expression", value) + + @property + @pulumi.getter + def title(self) -> pulumi.Input[str]: + """ + A title for the expression, i.e. a short string describing its purpose. + """ + return pulumi.get(self, "title") + + @title.setter + def title(self, value: pulumi.Input[str]): + pulumi.set(self, "title", value) + + @property + @pulumi.getter + def description(self) -> Optional[pulumi.Input[str]]: + return pulumi.get(self, "description") + + @description.setter + def description(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "description", value) + + if not MYPY: class InstanceTemplateNetworkInterfaceArgsDict(TypedDict): access_configs: NotRequired[pulumi.Input[Sequence[pulumi.Input['InstanceTemplateNetworkInterfaceAccessConfigArgsDict']]]] @@ -21795,6 +22057,11 @@ class NetworkFirewallPolicyRuleMatchArgsDict(TypedDict): """ CIDR IP address range. Maximum number of destination CIDR IP ranges allowed is 5000. """ + dest_network_scope: NotRequired[pulumi.Input[str]] + """ + Network scope of the traffic destination. + Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + """ dest_region_codes: NotRequired[pulumi.Input[Sequence[pulumi.Input[str]]]] """ Region codes whose IP addresses will be used to match for destination of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of dest region codes allowed is 5000. @@ -21815,6 +22082,15 @@ class NetworkFirewallPolicyRuleMatchArgsDict(TypedDict): """ CIDR IP address range. Maximum number of source CIDR IP ranges allowed is 5000. """ + src_network_scope: NotRequired[pulumi.Input[str]] + """ + Network scope of the traffic source. + Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + """ + src_networks: NotRequired[pulumi.Input[Sequence[pulumi.Input[str]]]] + """ + Networks of the traffic source. It can be either a full or partial url. + """ src_region_codes: NotRequired[pulumi.Input[Sequence[pulumi.Input[str]]]] """ Region codes whose IP addresses will be used to match for source of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of source region codes allowed is 5000. @@ -21841,11 +22117,14 @@ def __init__(__self__, *, dest_address_groups: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, dest_fqdns: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, dest_ip_ranges: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, + dest_network_scope: Optional[pulumi.Input[str]] = None, dest_region_codes: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, dest_threat_intelligences: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, src_address_groups: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, src_fqdns: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, src_ip_ranges: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, + src_network_scope: Optional[pulumi.Input[str]] = None, + src_networks: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, src_region_codes: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, src_secure_tags: Optional[pulumi.Input[Sequence[pulumi.Input['NetworkFirewallPolicyRuleMatchSrcSecureTagArgs']]]] = None, src_threat_intelligences: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None): @@ -21855,11 +22134,16 @@ def __init__(__self__, *, :param pulumi.Input[Sequence[pulumi.Input[str]]] dest_address_groups: Address groups which should be matched against the traffic destination. Maximum number of destination address groups is 10. :param pulumi.Input[Sequence[pulumi.Input[str]]] dest_fqdns: Fully Qualified Domain Name (FQDN) which should be matched against traffic destination. Maximum number of destination fqdn allowed is 100. :param pulumi.Input[Sequence[pulumi.Input[str]]] dest_ip_ranges: CIDR IP address range. Maximum number of destination CIDR IP ranges allowed is 5000. + :param pulumi.Input[str] dest_network_scope: Network scope of the traffic destination. + Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. :param pulumi.Input[Sequence[pulumi.Input[str]]] dest_region_codes: Region codes whose IP addresses will be used to match for destination of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of dest region codes allowed is 5000. :param pulumi.Input[Sequence[pulumi.Input[str]]] dest_threat_intelligences: Names of Network Threat Intelligence lists. The IPs in these lists will be matched against traffic destination. :param pulumi.Input[Sequence[pulumi.Input[str]]] src_address_groups: Address groups which should be matched against the traffic source. Maximum number of source address groups is 10. :param pulumi.Input[Sequence[pulumi.Input[str]]] src_fqdns: Fully Qualified Domain Name (FQDN) which should be matched against traffic source. Maximum number of source fqdn allowed is 100. :param pulumi.Input[Sequence[pulumi.Input[str]]] src_ip_ranges: CIDR IP address range. Maximum number of source CIDR IP ranges allowed is 5000. + :param pulumi.Input[str] src_network_scope: Network scope of the traffic source. + Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + :param pulumi.Input[Sequence[pulumi.Input[str]]] src_networks: Networks of the traffic source. It can be either a full or partial url. :param pulumi.Input[Sequence[pulumi.Input[str]]] src_region_codes: Region codes whose IP addresses will be used to match for source of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of source region codes allowed is 5000. :param pulumi.Input[Sequence[pulumi.Input['NetworkFirewallPolicyRuleMatchSrcSecureTagArgs']]] src_secure_tags: List of secure tag values, which should be matched at the source of the traffic. For INGRESS rule, if all the srcSecureTag are INEFFECTIVE, and there is no srcIpRange, this rule will be ignored. Maximum number of source tag values allowed is 256. Structure is documented below. @@ -21875,6 +22159,8 @@ def __init__(__self__, *, pulumi.set(__self__, "dest_fqdns", dest_fqdns) if dest_ip_ranges is not None: pulumi.set(__self__, "dest_ip_ranges", dest_ip_ranges) + if dest_network_scope is not None: + pulumi.set(__self__, "dest_network_scope", dest_network_scope) if dest_region_codes is not None: pulumi.set(__self__, "dest_region_codes", dest_region_codes) if dest_threat_intelligences is not None: @@ -21885,6 +22171,10 @@ def __init__(__self__, *, pulumi.set(__self__, "src_fqdns", src_fqdns) if src_ip_ranges is not None: pulumi.set(__self__, "src_ip_ranges", src_ip_ranges) + if src_network_scope is not None: + pulumi.set(__self__, "src_network_scope", src_network_scope) + if src_networks is not None: + pulumi.set(__self__, "src_networks", src_networks) if src_region_codes is not None: pulumi.set(__self__, "src_region_codes", src_region_codes) if src_secure_tags is not None: @@ -21941,6 +22231,19 @@ def dest_ip_ranges(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: def dest_ip_ranges(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): pulumi.set(self, "dest_ip_ranges", value) + @property + @pulumi.getter(name="destNetworkScope") + def dest_network_scope(self) -> Optional[pulumi.Input[str]]: + """ + Network scope of the traffic destination. + Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + """ + return pulumi.get(self, "dest_network_scope") + + @dest_network_scope.setter + def dest_network_scope(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "dest_network_scope", value) + @property @pulumi.getter(name="destRegionCodes") def dest_region_codes(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: @@ -22001,6 +22304,31 @@ def src_ip_ranges(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: def src_ip_ranges(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): pulumi.set(self, "src_ip_ranges", value) + @property + @pulumi.getter(name="srcNetworkScope") + def src_network_scope(self) -> Optional[pulumi.Input[str]]: + """ + Network scope of the traffic source. + Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + """ + return pulumi.get(self, "src_network_scope") + + @src_network_scope.setter + def src_network_scope(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "src_network_scope", value) + + @property + @pulumi.getter(name="srcNetworks") + def src_networks(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + Networks of the traffic source. It can be either a full or partial url. + """ + return pulumi.get(self, "src_networks") + + @src_networks.setter + def src_networks(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): + pulumi.set(self, "src_networks", value) + @property @pulumi.getter(name="srcRegionCodes") def src_region_codes(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: @@ -23473,6 +23801,11 @@ class NetworkFirewallPolicyWithRulesRuleMatchArgsDict(TypedDict): Destination IP address range in CIDR format. Required for EGRESS rules. """ + dest_network_scope: NotRequired[pulumi.Input[str]] + """ + Network scope of the traffic destination. + Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + """ dest_region_codes: NotRequired[pulumi.Input[Sequence[pulumi.Input[str]]]] """ Region codes whose IP addresses will be used to match for destination @@ -23500,6 +23833,15 @@ class NetworkFirewallPolicyWithRulesRuleMatchArgsDict(TypedDict): Source IP address range in CIDR format. Required for INGRESS rules. """ + src_network_scope: NotRequired[pulumi.Input[str]] + """ + Network scope of the traffic source. + Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + """ + src_networks: NotRequired[pulumi.Input[Sequence[pulumi.Input[str]]]] + """ + Networks of the traffic source. It can be either a full or partial url. + """ src_region_codes: NotRequired[pulumi.Input[Sequence[pulumi.Input[str]]]] """ Region codes whose IP addresses will be used to match for source @@ -23534,11 +23876,14 @@ def __init__(__self__, *, dest_address_groups: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, dest_fqdns: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, dest_ip_ranges: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, + dest_network_scope: Optional[pulumi.Input[str]] = None, dest_region_codes: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, dest_threat_intelligences: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, src_address_groups: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, src_fqdns: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, src_ip_ranges: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, + src_network_scope: Optional[pulumi.Input[str]] = None, + src_networks: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, src_region_codes: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, src_secure_tags: Optional[pulumi.Input[Sequence[pulumi.Input['NetworkFirewallPolicyWithRulesRuleMatchSrcSecureTagArgs']]]] = None, src_threat_intelligences: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None): @@ -23551,6 +23896,8 @@ def __init__(__self__, *, traffic destination. Maximum number of destination fqdn allowed is 100. :param pulumi.Input[Sequence[pulumi.Input[str]]] dest_ip_ranges: Destination IP address range in CIDR format. Required for EGRESS rules. + :param pulumi.Input[str] dest_network_scope: Network scope of the traffic destination. + Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. :param pulumi.Input[Sequence[pulumi.Input[str]]] dest_region_codes: Region codes whose IP addresses will be used to match for destination of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" @@ -23563,6 +23910,9 @@ def __init__(__self__, *, traffic source. Maximum number of source fqdn allowed is 100. :param pulumi.Input[Sequence[pulumi.Input[str]]] src_ip_ranges: Source IP address range in CIDR format. Required for INGRESS rules. + :param pulumi.Input[str] src_network_scope: Network scope of the traffic source. + Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + :param pulumi.Input[Sequence[pulumi.Input[str]]] src_networks: Networks of the traffic source. It can be either a full or partial url. :param pulumi.Input[Sequence[pulumi.Input[str]]] src_region_codes: Region codes whose IP addresses will be used to match for source of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" @@ -23586,6 +23936,8 @@ def __init__(__self__, *, pulumi.set(__self__, "dest_fqdns", dest_fqdns) if dest_ip_ranges is not None: pulumi.set(__self__, "dest_ip_ranges", dest_ip_ranges) + if dest_network_scope is not None: + pulumi.set(__self__, "dest_network_scope", dest_network_scope) if dest_region_codes is not None: pulumi.set(__self__, "dest_region_codes", dest_region_codes) if dest_threat_intelligences is not None: @@ -23596,6 +23948,10 @@ def __init__(__self__, *, pulumi.set(__self__, "src_fqdns", src_fqdns) if src_ip_ranges is not None: pulumi.set(__self__, "src_ip_ranges", src_ip_ranges) + if src_network_scope is not None: + pulumi.set(__self__, "src_network_scope", src_network_scope) + if src_networks is not None: + pulumi.set(__self__, "src_networks", src_networks) if src_region_codes is not None: pulumi.set(__self__, "src_region_codes", src_region_codes) if src_secure_tags is not None: @@ -23655,6 +24011,19 @@ def dest_ip_ranges(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: def dest_ip_ranges(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): pulumi.set(self, "dest_ip_ranges", value) + @property + @pulumi.getter(name="destNetworkScope") + def dest_network_scope(self) -> Optional[pulumi.Input[str]]: + """ + Network scope of the traffic destination. + Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + """ + return pulumi.get(self, "dest_network_scope") + + @dest_network_scope.setter + def dest_network_scope(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "dest_network_scope", value) + @property @pulumi.getter(name="destRegionCodes") def dest_region_codes(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: @@ -23722,6 +24091,31 @@ def src_ip_ranges(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: def src_ip_ranges(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): pulumi.set(self, "src_ip_ranges", value) + @property + @pulumi.getter(name="srcNetworkScope") + def src_network_scope(self) -> Optional[pulumi.Input[str]]: + """ + Network scope of the traffic source. + Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + """ + return pulumi.get(self, "src_network_scope") + + @src_network_scope.setter + def src_network_scope(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "src_network_scope", value) + + @property + @pulumi.getter(name="srcNetworks") + def src_networks(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + Networks of the traffic source. It can be either a full or partial url. + """ + return pulumi.get(self, "src_networks") + + @src_networks.setter + def src_networks(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): + pulumi.set(self, "src_networks", value) + @property @pulumi.getter(name="srcRegionCodes") def src_region_codes(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: @@ -34713,6 +35107,11 @@ class RegionNetworkFirewallPolicyRuleMatchArgsDict(TypedDict): """ CIDR IP address range. Maximum number of destination CIDR IP ranges allowed is 5000. """ + dest_network_scope: NotRequired[pulumi.Input[str]] + """ + Network scope of the traffic destination. + Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + """ dest_region_codes: NotRequired[pulumi.Input[Sequence[pulumi.Input[str]]]] """ Region codes whose IP addresses will be used to match for destination of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of dest region codes allowed is 5000. @@ -34733,6 +35132,15 @@ class RegionNetworkFirewallPolicyRuleMatchArgsDict(TypedDict): """ CIDR IP address range. Maximum number of source CIDR IP ranges allowed is 5000. """ + src_network_scope: NotRequired[pulumi.Input[str]] + """ + Network scope of the traffic source. + Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + """ + src_networks: NotRequired[pulumi.Input[Sequence[pulumi.Input[str]]]] + """ + Networks of the traffic source. It can be either a full or partial url. + """ src_region_codes: NotRequired[pulumi.Input[Sequence[pulumi.Input[str]]]] """ Region codes whose IP addresses will be used to match for source of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of source region codes allowed is 5000. @@ -34759,11 +35167,14 @@ def __init__(__self__, *, dest_address_groups: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, dest_fqdns: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, dest_ip_ranges: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, + dest_network_scope: Optional[pulumi.Input[str]] = None, dest_region_codes: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, dest_threat_intelligences: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, src_address_groups: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, src_fqdns: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, src_ip_ranges: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, + src_network_scope: Optional[pulumi.Input[str]] = None, + src_networks: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, src_region_codes: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, src_secure_tags: Optional[pulumi.Input[Sequence[pulumi.Input['RegionNetworkFirewallPolicyRuleMatchSrcSecureTagArgs']]]] = None, src_threat_intelligences: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None): @@ -34773,11 +35184,16 @@ def __init__(__self__, *, :param pulumi.Input[Sequence[pulumi.Input[str]]] dest_address_groups: Address groups which should be matched against the traffic destination. Maximum number of destination address groups is 10. :param pulumi.Input[Sequence[pulumi.Input[str]]] dest_fqdns: Fully Qualified Domain Name (FQDN) which should be matched against traffic destination. Maximum number of destination fqdn allowed is 100. :param pulumi.Input[Sequence[pulumi.Input[str]]] dest_ip_ranges: CIDR IP address range. Maximum number of destination CIDR IP ranges allowed is 5000. + :param pulumi.Input[str] dest_network_scope: Network scope of the traffic destination. + Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. :param pulumi.Input[Sequence[pulumi.Input[str]]] dest_region_codes: Region codes whose IP addresses will be used to match for destination of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of dest region codes allowed is 5000. :param pulumi.Input[Sequence[pulumi.Input[str]]] dest_threat_intelligences: Names of Network Threat Intelligence lists. The IPs in these lists will be matched against traffic destination. :param pulumi.Input[Sequence[pulumi.Input[str]]] src_address_groups: Address groups which should be matched against the traffic source. Maximum number of source address groups is 10. :param pulumi.Input[Sequence[pulumi.Input[str]]] src_fqdns: Fully Qualified Domain Name (FQDN) which should be matched against traffic source. Maximum number of source fqdn allowed is 100. :param pulumi.Input[Sequence[pulumi.Input[str]]] src_ip_ranges: CIDR IP address range. Maximum number of source CIDR IP ranges allowed is 5000. + :param pulumi.Input[str] src_network_scope: Network scope of the traffic source. + Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + :param pulumi.Input[Sequence[pulumi.Input[str]]] src_networks: Networks of the traffic source. It can be either a full or partial url. :param pulumi.Input[Sequence[pulumi.Input[str]]] src_region_codes: Region codes whose IP addresses will be used to match for source of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of source region codes allowed is 5000. :param pulumi.Input[Sequence[pulumi.Input['RegionNetworkFirewallPolicyRuleMatchSrcSecureTagArgs']]] src_secure_tags: List of secure tag values, which should be matched at the source of the traffic. For INGRESS rule, if all the srcSecureTag are INEFFECTIVE, and there is no srcIpRange, this rule will be ignored. Maximum number of source tag values allowed is 256. Structure is documented below. @@ -34793,6 +35209,8 @@ def __init__(__self__, *, pulumi.set(__self__, "dest_fqdns", dest_fqdns) if dest_ip_ranges is not None: pulumi.set(__self__, "dest_ip_ranges", dest_ip_ranges) + if dest_network_scope is not None: + pulumi.set(__self__, "dest_network_scope", dest_network_scope) if dest_region_codes is not None: pulumi.set(__self__, "dest_region_codes", dest_region_codes) if dest_threat_intelligences is not None: @@ -34803,6 +35221,10 @@ def __init__(__self__, *, pulumi.set(__self__, "src_fqdns", src_fqdns) if src_ip_ranges is not None: pulumi.set(__self__, "src_ip_ranges", src_ip_ranges) + if src_network_scope is not None: + pulumi.set(__self__, "src_network_scope", src_network_scope) + if src_networks is not None: + pulumi.set(__self__, "src_networks", src_networks) if src_region_codes is not None: pulumi.set(__self__, "src_region_codes", src_region_codes) if src_secure_tags is not None: @@ -34859,6 +35281,19 @@ def dest_ip_ranges(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: def dest_ip_ranges(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): pulumi.set(self, "dest_ip_ranges", value) + @property + @pulumi.getter(name="destNetworkScope") + def dest_network_scope(self) -> Optional[pulumi.Input[str]]: + """ + Network scope of the traffic destination. + Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + """ + return pulumi.get(self, "dest_network_scope") + + @dest_network_scope.setter + def dest_network_scope(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "dest_network_scope", value) + @property @pulumi.getter(name="destRegionCodes") def dest_region_codes(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: @@ -34919,6 +35354,31 @@ def src_ip_ranges(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: def src_ip_ranges(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): pulumi.set(self, "src_ip_ranges", value) + @property + @pulumi.getter(name="srcNetworkScope") + def src_network_scope(self) -> Optional[pulumi.Input[str]]: + """ + Network scope of the traffic source. + Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + """ + return pulumi.get(self, "src_network_scope") + + @src_network_scope.setter + def src_network_scope(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "src_network_scope", value) + + @property + @pulumi.getter(name="srcNetworks") + def src_networks(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + Networks of the traffic source. It can be either a full or partial url. + """ + return pulumi.get(self, "src_networks") + + @src_networks.setter + def src_networks(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): + pulumi.set(self, "src_networks", value) + @property @pulumi.getter(name="srcRegionCodes") def src_region_codes(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: @@ -36391,6 +36851,11 @@ class RegionNetworkFirewallPolicyWithRulesRuleMatchArgsDict(TypedDict): Destination IP address range in CIDR format. Required for EGRESS rules. """ + dest_network_scope: NotRequired[pulumi.Input[str]] + """ + Network scope of the traffic destination. + Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + """ dest_region_codes: NotRequired[pulumi.Input[Sequence[pulumi.Input[str]]]] """ Region codes whose IP addresses will be used to match for destination @@ -36418,6 +36883,15 @@ class RegionNetworkFirewallPolicyWithRulesRuleMatchArgsDict(TypedDict): Source IP address range in CIDR format. Required for INGRESS rules. """ + src_network_scope: NotRequired[pulumi.Input[str]] + """ + Network scope of the traffic source. + Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + """ + src_networks: NotRequired[pulumi.Input[Sequence[pulumi.Input[str]]]] + """ + Networks of the traffic source. It can be either a full or partial url. + """ src_region_codes: NotRequired[pulumi.Input[Sequence[pulumi.Input[str]]]] """ Region codes whose IP addresses will be used to match for source @@ -36452,11 +36926,14 @@ def __init__(__self__, *, dest_address_groups: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, dest_fqdns: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, dest_ip_ranges: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, + dest_network_scope: Optional[pulumi.Input[str]] = None, dest_region_codes: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, dest_threat_intelligences: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, src_address_groups: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, src_fqdns: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, src_ip_ranges: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, + src_network_scope: Optional[pulumi.Input[str]] = None, + src_networks: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, src_region_codes: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, src_secure_tags: Optional[pulumi.Input[Sequence[pulumi.Input['RegionNetworkFirewallPolicyWithRulesRuleMatchSrcSecureTagArgs']]]] = None, src_threat_intelligences: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None): @@ -36469,6 +36946,8 @@ def __init__(__self__, *, traffic destination. Maximum number of destination fqdn allowed is 100. :param pulumi.Input[Sequence[pulumi.Input[str]]] dest_ip_ranges: Destination IP address range in CIDR format. Required for EGRESS rules. + :param pulumi.Input[str] dest_network_scope: Network scope of the traffic destination. + Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. :param pulumi.Input[Sequence[pulumi.Input[str]]] dest_region_codes: Region codes whose IP addresses will be used to match for destination of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" @@ -36481,6 +36960,9 @@ def __init__(__self__, *, traffic source. Maximum number of source fqdn allowed is 100. :param pulumi.Input[Sequence[pulumi.Input[str]]] src_ip_ranges: Source IP address range in CIDR format. Required for INGRESS rules. + :param pulumi.Input[str] src_network_scope: Network scope of the traffic source. + Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + :param pulumi.Input[Sequence[pulumi.Input[str]]] src_networks: Networks of the traffic source. It can be either a full or partial url. :param pulumi.Input[Sequence[pulumi.Input[str]]] src_region_codes: Region codes whose IP addresses will be used to match for source of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" @@ -36504,6 +36986,8 @@ def __init__(__self__, *, pulumi.set(__self__, "dest_fqdns", dest_fqdns) if dest_ip_ranges is not None: pulumi.set(__self__, "dest_ip_ranges", dest_ip_ranges) + if dest_network_scope is not None: + pulumi.set(__self__, "dest_network_scope", dest_network_scope) if dest_region_codes is not None: pulumi.set(__self__, "dest_region_codes", dest_region_codes) if dest_threat_intelligences is not None: @@ -36514,6 +36998,10 @@ def __init__(__self__, *, pulumi.set(__self__, "src_fqdns", src_fqdns) if src_ip_ranges is not None: pulumi.set(__self__, "src_ip_ranges", src_ip_ranges) + if src_network_scope is not None: + pulumi.set(__self__, "src_network_scope", src_network_scope) + if src_networks is not None: + pulumi.set(__self__, "src_networks", src_networks) if src_region_codes is not None: pulumi.set(__self__, "src_region_codes", src_region_codes) if src_secure_tags is not None: @@ -36573,6 +37061,19 @@ def dest_ip_ranges(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: def dest_ip_ranges(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): pulumi.set(self, "dest_ip_ranges", value) + @property + @pulumi.getter(name="destNetworkScope") + def dest_network_scope(self) -> Optional[pulumi.Input[str]]: + """ + Network scope of the traffic destination. + Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + """ + return pulumi.get(self, "dest_network_scope") + + @dest_network_scope.setter + def dest_network_scope(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "dest_network_scope", value) + @property @pulumi.getter(name="destRegionCodes") def dest_region_codes(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: @@ -36640,6 +37141,31 @@ def src_ip_ranges(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: def src_ip_ranges(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): pulumi.set(self, "src_ip_ranges", value) + @property + @pulumi.getter(name="srcNetworkScope") + def src_network_scope(self) -> Optional[pulumi.Input[str]]: + """ + Network scope of the traffic source. + Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + """ + return pulumi.get(self, "src_network_scope") + + @src_network_scope.setter + def src_network_scope(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "src_network_scope", value) + + @property + @pulumi.getter(name="srcNetworks") + def src_networks(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + Networks of the traffic source. It can be either a full or partial url. + """ + return pulumi.get(self, "src_networks") + + @src_networks.setter + def src_networks(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): + pulumi.set(self, "src_networks", value) + @property @pulumi.getter(name="srcRegionCodes") def src_region_codes(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: diff --git a/sdk/python/pulumi_gcp/compute/firewall_policy_rule.py b/sdk/python/pulumi_gcp/compute/firewall_policy_rule.py index fb69136e00..d430459ead 100644 --- a/sdk/python/pulumi_gcp/compute/firewall_policy_rule.py +++ b/sdk/python/pulumi_gcp/compute/firewall_policy_rule.py @@ -539,7 +539,7 @@ def __init__(__self__, import pulumi_gcp as gcp basic_global_networksecurity_address_group = gcp.networksecurity.AddressGroup("basic_global_networksecurity_address_group", - name="address", + name="address-group", parent="organizations/123456789", description="Sample global networksecurity_address_group", location="global", @@ -552,9 +552,9 @@ def __init__(__self__, deletion_protection=False) default = gcp.compute.FirewallPolicy("default", parent=folder.id, - short_name="policy", + short_name="fw-policy", description="Resource created for Terraform acceptance testing") - policy_rule = gcp.compute.FirewallPolicyRule("policy_rule", + primary = gcp.compute.FirewallPolicyRule("primary", firewall_policy=default.name, description="Resource created for Terraform acceptance testing", priority=9000, @@ -562,7 +562,15 @@ def __init__(__self__, action="allow", direction="EGRESS", disabled=False, + target_service_accounts=["my@service-account.com"], match={ + "dest_ip_ranges": ["11.100.0.1/32"], + "dest_fqdns": [], + "dest_region_codes": ["US"], + "dest_threat_intelligences": ["iplist-known-malicious-ips"], + "src_address_groups": [], + "dest_address_groups": [basic_global_networksecurity_address_group.id], + "dest_network_scope": "INTERNET", "layer4_configs": [ { "ip_protocol": "tcp", @@ -573,14 +581,47 @@ def __init__(__self__, "ports": ["22"], }, ], - "dest_ip_ranges": ["11.100.0.1/32"], - "dest_fqdns": [], - "dest_region_codes": ["US"], - "dest_threat_intelligences": ["iplist-known-malicious-ips"], - "src_address_groups": [], - "dest_address_groups": [basic_global_networksecurity_address_group.id], - }, - target_service_accounts=["my@service-account.com"]) + }) + ``` + ### Firewall Policy Rule Network Scope + + ```python + import pulumi + import pulumi_gcp as gcp + + folder = gcp.organizations.Folder("folder", + display_name="folder", + parent="organizations/123456789", + deletion_protection=False) + default = gcp.compute.FirewallPolicy("default", + parent=folder.id, + short_name="fw-policy", + description="Firewall policy") + network = gcp.compute.Network("network", + name="network", + auto_create_subnetworks=False) + primary = gcp.compute.FirewallPolicyRule("primary", + firewall_policy=default.name, + description="Firewall policy rule with network scope", + priority=9000, + action="allow", + direction="INGRESS", + disabled=False, + match={ + "src_ip_ranges": ["11.100.0.1/32"], + "src_network_scope": "VPC_NETWORKS", + "src_networks": [network.id], + "layer4_configs": [ + { + "ip_protocol": "tcp", + "ports": ["8080"], + }, + { + "ip_protocol": "udp", + "ports": ["22"], + }, + ], + }) ``` ## Import @@ -649,7 +690,7 @@ def __init__(__self__, import pulumi_gcp as gcp basic_global_networksecurity_address_group = gcp.networksecurity.AddressGroup("basic_global_networksecurity_address_group", - name="address", + name="address-group", parent="organizations/123456789", description="Sample global networksecurity_address_group", location="global", @@ -662,9 +703,9 @@ def __init__(__self__, deletion_protection=False) default = gcp.compute.FirewallPolicy("default", parent=folder.id, - short_name="policy", + short_name="fw-policy", description="Resource created for Terraform acceptance testing") - policy_rule = gcp.compute.FirewallPolicyRule("policy_rule", + primary = gcp.compute.FirewallPolicyRule("primary", firewall_policy=default.name, description="Resource created for Terraform acceptance testing", priority=9000, @@ -672,7 +713,15 @@ def __init__(__self__, action="allow", direction="EGRESS", disabled=False, + target_service_accounts=["my@service-account.com"], match={ + "dest_ip_ranges": ["11.100.0.1/32"], + "dest_fqdns": [], + "dest_region_codes": ["US"], + "dest_threat_intelligences": ["iplist-known-malicious-ips"], + "src_address_groups": [], + "dest_address_groups": [basic_global_networksecurity_address_group.id], + "dest_network_scope": "INTERNET", "layer4_configs": [ { "ip_protocol": "tcp", @@ -683,14 +732,47 @@ def __init__(__self__, "ports": ["22"], }, ], - "dest_ip_ranges": ["11.100.0.1/32"], - "dest_fqdns": [], - "dest_region_codes": ["US"], - "dest_threat_intelligences": ["iplist-known-malicious-ips"], - "src_address_groups": [], - "dest_address_groups": [basic_global_networksecurity_address_group.id], - }, - target_service_accounts=["my@service-account.com"]) + }) + ``` + ### Firewall Policy Rule Network Scope + + ```python + import pulumi + import pulumi_gcp as gcp + + folder = gcp.organizations.Folder("folder", + display_name="folder", + parent="organizations/123456789", + deletion_protection=False) + default = gcp.compute.FirewallPolicy("default", + parent=folder.id, + short_name="fw-policy", + description="Firewall policy") + network = gcp.compute.Network("network", + name="network", + auto_create_subnetworks=False) + primary = gcp.compute.FirewallPolicyRule("primary", + firewall_policy=default.name, + description="Firewall policy rule with network scope", + priority=9000, + action="allow", + direction="INGRESS", + disabled=False, + match={ + "src_ip_ranges": ["11.100.0.1/32"], + "src_network_scope": "VPC_NETWORKS", + "src_networks": [network.id], + "layer4_configs": [ + { + "ip_protocol": "tcp", + "ports": ["8080"], + }, + { + "ip_protocol": "udp", + "ports": ["22"], + }, + ], + }) ``` ## Import diff --git a/sdk/python/pulumi_gcp/compute/firewall_policy_with_rules.py b/sdk/python/pulumi_gcp/compute/firewall_policy_with_rules.py index d64cbeaf81..146c17d6b7 100644 --- a/sdk/python/pulumi_gcp/compute/firewall_policy_with_rules.py +++ b/sdk/python/pulumi_gcp/compute/firewall_policy_with_rules.py @@ -306,7 +306,7 @@ def __init__(__self__, project = gcp.organizations.get_project() address_group1 = gcp.networksecurity.AddressGroup("address_group_1", - name="tf-address-group", + name="address-group", parent="organizations/123456789", description="Global address group", location="global", @@ -314,17 +314,20 @@ def __init__(__self__, type="IPV4", capacity=100) security_profile1 = gcp.networksecurity.SecurityProfile("security_profile_1", - name="tf-security-profile", + name="sp", type="THREAT_PREVENTION", parent="organizations/123456789", location="global") security_profile_group1 = gcp.networksecurity.SecurityProfileGroup("security_profile_group_1", - name="tf-security-profile-group", + name="spg", parent="organizations/123456789", description="my description", threat_prevention_profile=security_profile1.id) - firewall_policy_with_rules = gcp.compute.FirewallPolicyWithRules("firewall-policy-with-rules", - short_name="tf-fw-org-policy-with-rules", + network = gcp.compute.Network("network", + name="network", + auto_create_subnetworks=False) + primary = gcp.compute.FirewallPolicyWithRules("primary", + short_name="fw-policy", description="Terraform test", parent="organizations/123456789", rules=[ @@ -334,14 +337,8 @@ def __init__(__self__, "enable_logging": True, "action": "allow", "direction": "EGRESS", + "target_resources": [f"https://www.googleapis.com/compute/beta/projects/{project.name}/global/networks/default"], "match": { - "layer4_configs": [{ - "ip_protocol": "tcp", - "ports": [ - "8080", - "7070", - ], - }], "dest_ip_ranges": ["11.100.0.1/32"], "dest_fqdns": [ "www.yyy.com", @@ -356,8 +353,14 @@ def __init__(__self__, "iplist-tor-exit-nodes", ], "dest_address_groups": [address_group1.id], + "layer4_configs": [{ + "ip_protocol": "tcp", + "ports": [ + "8080", + "7070", + ], + }], }, - "target_resources": [f"https://www.googleapis.com/compute/beta/projects/{project.name}/global/networks/default"], }, { "description": "udp rule", @@ -365,10 +368,8 @@ def __init__(__self__, "enable_logging": False, "action": "deny", "direction": "INGRESS", + "disabled": True, "match": { - "layer4_configs": [{ - "ip_protocol": "udp", - }], "src_ip_ranges": ["0.0.0.0/0"], "src_fqdns": [ "www.abc.com", @@ -383,8 +384,10 @@ def __init__(__self__, "iplist-public-clouds", ], "src_address_groups": [address_group1.id], + "layer4_configs": [{ + "ip_protocol": "udp", + }], }, - "disabled": True, }, { "description": "security profile group rule", @@ -393,15 +396,48 @@ def __init__(__self__, "enable_logging": False, "action": "apply_security_profile_group", "direction": "INGRESS", + "target_service_accounts": ["test@google.com"], + "security_profile_group": security_profile_group1.id.apply(lambda id: f"//networksecurity.googleapis.com/{id}"), + "tls_inspect": True, + "match": { + "src_ip_ranges": ["0.0.0.0/0"], + "layer4_configs": [{ + "ip_protocol": "tcp", + }], + }, + }, + { + "description": "network scope rule 1", + "rule_name": "network scope 1", + "priority": 4000, + "enable_logging": False, + "action": "allow", + "direction": "INGRESS", "match": { + "src_ip_ranges": ["11.100.0.1/32"], + "src_network_scope": "VPC_NETWORKS", + "src_networks": [network.id], "layer4_configs": [{ "ip_protocol": "tcp", + "ports": ["8080"], + }], + }, + }, + { + "description": "network scope rule 2", + "rule_name": "network scope 2", + "priority": 5000, + "enable_logging": False, + "action": "allow", + "direction": "EGRESS", + "match": { + "dest_ip_ranges": ["0.0.0.0/0"], + "dest_network_scope": "INTERNET", + "layer4_configs": [{ + "ip_protocol": "tcp", + "ports": ["8080"], }], - "src_ip_ranges": ["0.0.0.0/0"], }, - "target_service_accounts": ["test@google.com"], - "security_profile_group": security_profile_group1.id.apply(lambda id: f"//networksecurity.googleapis.com/{id}"), - "tls_inspect": True, }, ]) ``` @@ -451,7 +487,7 @@ def __init__(__self__, project = gcp.organizations.get_project() address_group1 = gcp.networksecurity.AddressGroup("address_group_1", - name="tf-address-group", + name="address-group", parent="organizations/123456789", description="Global address group", location="global", @@ -459,17 +495,20 @@ def __init__(__self__, type="IPV4", capacity=100) security_profile1 = gcp.networksecurity.SecurityProfile("security_profile_1", - name="tf-security-profile", + name="sp", type="THREAT_PREVENTION", parent="organizations/123456789", location="global") security_profile_group1 = gcp.networksecurity.SecurityProfileGroup("security_profile_group_1", - name="tf-security-profile-group", + name="spg", parent="organizations/123456789", description="my description", threat_prevention_profile=security_profile1.id) - firewall_policy_with_rules = gcp.compute.FirewallPolicyWithRules("firewall-policy-with-rules", - short_name="tf-fw-org-policy-with-rules", + network = gcp.compute.Network("network", + name="network", + auto_create_subnetworks=False) + primary = gcp.compute.FirewallPolicyWithRules("primary", + short_name="fw-policy", description="Terraform test", parent="organizations/123456789", rules=[ @@ -479,14 +518,8 @@ def __init__(__self__, "enable_logging": True, "action": "allow", "direction": "EGRESS", + "target_resources": [f"https://www.googleapis.com/compute/beta/projects/{project.name}/global/networks/default"], "match": { - "layer4_configs": [{ - "ip_protocol": "tcp", - "ports": [ - "8080", - "7070", - ], - }], "dest_ip_ranges": ["11.100.0.1/32"], "dest_fqdns": [ "www.yyy.com", @@ -501,8 +534,14 @@ def __init__(__self__, "iplist-tor-exit-nodes", ], "dest_address_groups": [address_group1.id], + "layer4_configs": [{ + "ip_protocol": "tcp", + "ports": [ + "8080", + "7070", + ], + }], }, - "target_resources": [f"https://www.googleapis.com/compute/beta/projects/{project.name}/global/networks/default"], }, { "description": "udp rule", @@ -510,10 +549,8 @@ def __init__(__self__, "enable_logging": False, "action": "deny", "direction": "INGRESS", + "disabled": True, "match": { - "layer4_configs": [{ - "ip_protocol": "udp", - }], "src_ip_ranges": ["0.0.0.0/0"], "src_fqdns": [ "www.abc.com", @@ -528,8 +565,10 @@ def __init__(__self__, "iplist-public-clouds", ], "src_address_groups": [address_group1.id], + "layer4_configs": [{ + "ip_protocol": "udp", + }], }, - "disabled": True, }, { "description": "security profile group rule", @@ -538,15 +577,48 @@ def __init__(__self__, "enable_logging": False, "action": "apply_security_profile_group", "direction": "INGRESS", + "target_service_accounts": ["test@google.com"], + "security_profile_group": security_profile_group1.id.apply(lambda id: f"//networksecurity.googleapis.com/{id}"), + "tls_inspect": True, + "match": { + "src_ip_ranges": ["0.0.0.0/0"], + "layer4_configs": [{ + "ip_protocol": "tcp", + }], + }, + }, + { + "description": "network scope rule 1", + "rule_name": "network scope 1", + "priority": 4000, + "enable_logging": False, + "action": "allow", + "direction": "INGRESS", "match": { + "src_ip_ranges": ["11.100.0.1/32"], + "src_network_scope": "VPC_NETWORKS", + "src_networks": [network.id], "layer4_configs": [{ "ip_protocol": "tcp", + "ports": ["8080"], + }], + }, + }, + { + "description": "network scope rule 2", + "rule_name": "network scope 2", + "priority": 5000, + "enable_logging": False, + "action": "allow", + "direction": "EGRESS", + "match": { + "dest_ip_ranges": ["0.0.0.0/0"], + "dest_network_scope": "INTERNET", + "layer4_configs": [{ + "ip_protocol": "tcp", + "ports": ["8080"], }], - "src_ip_ranges": ["0.0.0.0/0"], }, - "target_service_accounts": ["test@google.com"], - "security_profile_group": security_profile_group1.id.apply(lambda id: f"//networksecurity.googleapis.com/{id}"), - "tls_inspect": True, }, ]) ``` diff --git a/sdk/python/pulumi_gcp/compute/get_instance_template_iam_policy.py b/sdk/python/pulumi_gcp/compute/get_instance_template_iam_policy.py new file mode 100644 index 0000000000..6eb8ca32b9 --- /dev/null +++ b/sdk/python/pulumi_gcp/compute/get_instance_template_iam_policy.py @@ -0,0 +1,159 @@ +# coding=utf-8 +# *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +# *** Do not edit by hand unless you're certain you know what you are doing! *** + +import copy +import warnings +import sys +import pulumi +import pulumi.runtime +from typing import Any, Mapping, Optional, Sequence, Union, overload +if sys.version_info >= (3, 11): + from typing import NotRequired, TypedDict, TypeAlias +else: + from typing_extensions import NotRequired, TypedDict, TypeAlias +from .. import _utilities + +__all__ = [ + 'GetInstanceTemplateIamPolicyResult', + 'AwaitableGetInstanceTemplateIamPolicyResult', + 'get_instance_template_iam_policy', + 'get_instance_template_iam_policy_output', +] + +@pulumi.output_type +class GetInstanceTemplateIamPolicyResult: + """ + A collection of values returned by getInstanceTemplateIamPolicy. + """ + def __init__(__self__, etag=None, id=None, name=None, policy_data=None, project=None): + if etag and not isinstance(etag, str): + raise TypeError("Expected argument 'etag' to be a str") + pulumi.set(__self__, "etag", etag) + if id and not isinstance(id, str): + raise TypeError("Expected argument 'id' to be a str") + pulumi.set(__self__, "id", id) + if name and not isinstance(name, str): + raise TypeError("Expected argument 'name' to be a str") + pulumi.set(__self__, "name", name) + if policy_data and not isinstance(policy_data, str): + raise TypeError("Expected argument 'policy_data' to be a str") + pulumi.set(__self__, "policy_data", policy_data) + if project and not isinstance(project, str): + raise TypeError("Expected argument 'project' to be a str") + pulumi.set(__self__, "project", project) + + @property + @pulumi.getter + def etag(self) -> str: + """ + (Computed) The etag of the IAM policy. + """ + return pulumi.get(self, "etag") + + @property + @pulumi.getter + def id(self) -> str: + """ + The provider-assigned unique ID for this managed resource. + """ + return pulumi.get(self, "id") + + @property + @pulumi.getter + def name(self) -> str: + return pulumi.get(self, "name") + + @property + @pulumi.getter(name="policyData") + def policy_data(self) -> str: + """ + (Required only by `compute.InstanceTemplateIamPolicy`) The policy data generated by + a `organizations_get_iam_policy` data source. + """ + return pulumi.get(self, "policy_data") + + @property + @pulumi.getter + def project(self) -> str: + return pulumi.get(self, "project") + + +class AwaitableGetInstanceTemplateIamPolicyResult(GetInstanceTemplateIamPolicyResult): + # pylint: disable=using-constant-test + def __await__(self): + if False: + yield self + return GetInstanceTemplateIamPolicyResult( + etag=self.etag, + id=self.id, + name=self.name, + policy_data=self.policy_data, + project=self.project) + + +def get_instance_template_iam_policy(name: Optional[str] = None, + project: Optional[str] = None, + opts: Optional[pulumi.InvokeOptions] = None) -> AwaitableGetInstanceTemplateIamPolicyResult: + """ + Retrieves the current IAM policy data for instancetemplate + + ## example + + ```python + import pulumi + import pulumi_gcp as gcp + + policy = gcp.compute.get_instance_template_iam_policy(project=default["project"], + name=default["name"]) + ``` + + + :param str name: Used to find the parent resource to bind the IAM policy to + :param str project: The ID of the project in which the resource belongs. + If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + """ + __args__ = dict() + __args__['name'] = name + __args__['project'] = project + opts = pulumi.InvokeOptions.merge(_utilities.get_invoke_opts_defaults(), opts) + __ret__ = pulumi.runtime.invoke('gcp:compute/getInstanceTemplateIamPolicy:getInstanceTemplateIamPolicy', __args__, opts=opts, typ=GetInstanceTemplateIamPolicyResult).value + + return AwaitableGetInstanceTemplateIamPolicyResult( + etag=pulumi.get(__ret__, 'etag'), + id=pulumi.get(__ret__, 'id'), + name=pulumi.get(__ret__, 'name'), + policy_data=pulumi.get(__ret__, 'policy_data'), + project=pulumi.get(__ret__, 'project')) +def get_instance_template_iam_policy_output(name: Optional[pulumi.Input[str]] = None, + project: Optional[pulumi.Input[Optional[str]]] = None, + opts: Optional[Union[pulumi.InvokeOptions, pulumi.InvokeOutputOptions]] = None) -> pulumi.Output[GetInstanceTemplateIamPolicyResult]: + """ + Retrieves the current IAM policy data for instancetemplate + + ## example + + ```python + import pulumi + import pulumi_gcp as gcp + + policy = gcp.compute.get_instance_template_iam_policy(project=default["project"], + name=default["name"]) + ``` + + + :param str name: Used to find the parent resource to bind the IAM policy to + :param str project: The ID of the project in which the resource belongs. + If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + """ + __args__ = dict() + __args__['name'] = name + __args__['project'] = project + opts = pulumi.InvokeOutputOptions.merge(_utilities.get_invoke_opts_defaults(), opts) + __ret__ = pulumi.runtime.invoke_output('gcp:compute/getInstanceTemplateIamPolicy:getInstanceTemplateIamPolicy', __args__, opts=opts, typ=GetInstanceTemplateIamPolicyResult) + return __ret__.apply(lambda __response__: GetInstanceTemplateIamPolicyResult( + etag=pulumi.get(__response__, 'etag'), + id=pulumi.get(__response__, 'id'), + name=pulumi.get(__response__, 'name'), + policy_data=pulumi.get(__response__, 'policy_data'), + project=pulumi.get(__response__, 'project'))) diff --git a/sdk/python/pulumi_gcp/compute/instance_template_iam_binding.py b/sdk/python/pulumi_gcp/compute/instance_template_iam_binding.py new file mode 100644 index 0000000000..052fb88f11 --- /dev/null +++ b/sdk/python/pulumi_gcp/compute/instance_template_iam_binding.py @@ -0,0 +1,998 @@ +# coding=utf-8 +# *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +# *** Do not edit by hand unless you're certain you know what you are doing! *** + +import copy +import warnings +import sys +import pulumi +import pulumi.runtime +from typing import Any, Mapping, Optional, Sequence, Union, overload +if sys.version_info >= (3, 11): + from typing import NotRequired, TypedDict, TypeAlias +else: + from typing_extensions import NotRequired, TypedDict, TypeAlias +from .. import _utilities +from . import outputs +from ._inputs import * + +__all__ = ['InstanceTemplateIamBindingArgs', 'InstanceTemplateIamBinding'] + +@pulumi.input_type +class InstanceTemplateIamBindingArgs: + def __init__(__self__, *, + members: pulumi.Input[Sequence[pulumi.Input[str]]], + role: pulumi.Input[str], + condition: Optional[pulumi.Input['InstanceTemplateIamBindingConditionArgs']] = None, + name: Optional[pulumi.Input[str]] = None, + project: Optional[pulumi.Input[str]] = None): + """ + The set of arguments for constructing a InstanceTemplateIamBinding resource. + :param pulumi.Input[Sequence[pulumi.Input[str]]] members: Identities that will be granted the privilege in `role`. + Each entry can have one of the following values: + * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + :param pulumi.Input[str] role: The role that should be applied. Only one + `compute.InstanceTemplateIamBinding` can be used per role. Note that custom roles must be of the format + `[projects|organizations]/{parent-name}/roles/{role-name}`. + :param pulumi.Input['InstanceTemplateIamBindingConditionArgs'] condition: An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding. + Structure is documented below. + :param pulumi.Input[str] name: Used to find the parent resource to bind the IAM policy to + :param pulumi.Input[str] project: The ID of the project in which the resource belongs. + If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + """ + pulumi.set(__self__, "members", members) + pulumi.set(__self__, "role", role) + if condition is not None: + pulumi.set(__self__, "condition", condition) + if name is not None: + pulumi.set(__self__, "name", name) + if project is not None: + pulumi.set(__self__, "project", project) + + @property + @pulumi.getter + def members(self) -> pulumi.Input[Sequence[pulumi.Input[str]]]: + """ + Identities that will be granted the privilege in `role`. + Each entry can have one of the following values: + * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + """ + return pulumi.get(self, "members") + + @members.setter + def members(self, value: pulumi.Input[Sequence[pulumi.Input[str]]]): + pulumi.set(self, "members", value) + + @property + @pulumi.getter + def role(self) -> pulumi.Input[str]: + """ + The role that should be applied. Only one + `compute.InstanceTemplateIamBinding` can be used per role. Note that custom roles must be of the format + `[projects|organizations]/{parent-name}/roles/{role-name}`. + """ + return pulumi.get(self, "role") + + @role.setter + def role(self, value: pulumi.Input[str]): + pulumi.set(self, "role", value) + + @property + @pulumi.getter + def condition(self) -> Optional[pulumi.Input['InstanceTemplateIamBindingConditionArgs']]: + """ + An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding. + Structure is documented below. + """ + return pulumi.get(self, "condition") + + @condition.setter + def condition(self, value: Optional[pulumi.Input['InstanceTemplateIamBindingConditionArgs']]): + pulumi.set(self, "condition", value) + + @property + @pulumi.getter + def name(self) -> Optional[pulumi.Input[str]]: + """ + Used to find the parent resource to bind the IAM policy to + """ + return pulumi.get(self, "name") + + @name.setter + def name(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "name", value) + + @property + @pulumi.getter + def project(self) -> Optional[pulumi.Input[str]]: + """ + The ID of the project in which the resource belongs. + If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + """ + return pulumi.get(self, "project") + + @project.setter + def project(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "project", value) + + +@pulumi.input_type +class _InstanceTemplateIamBindingState: + def __init__(__self__, *, + condition: Optional[pulumi.Input['InstanceTemplateIamBindingConditionArgs']] = None, + etag: Optional[pulumi.Input[str]] = None, + members: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, + name: Optional[pulumi.Input[str]] = None, + project: Optional[pulumi.Input[str]] = None, + role: Optional[pulumi.Input[str]] = None): + """ + Input properties used for looking up and filtering InstanceTemplateIamBinding resources. + :param pulumi.Input['InstanceTemplateIamBindingConditionArgs'] condition: An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding. + Structure is documented below. + :param pulumi.Input[str] etag: (Computed) The etag of the IAM policy. + :param pulumi.Input[Sequence[pulumi.Input[str]]] members: Identities that will be granted the privilege in `role`. + Each entry can have one of the following values: + * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + :param pulumi.Input[str] name: Used to find the parent resource to bind the IAM policy to + :param pulumi.Input[str] project: The ID of the project in which the resource belongs. + If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + :param pulumi.Input[str] role: The role that should be applied. Only one + `compute.InstanceTemplateIamBinding` can be used per role. Note that custom roles must be of the format + `[projects|organizations]/{parent-name}/roles/{role-name}`. + """ + if condition is not None: + pulumi.set(__self__, "condition", condition) + if etag is not None: + pulumi.set(__self__, "etag", etag) + if members is not None: + pulumi.set(__self__, "members", members) + if name is not None: + pulumi.set(__self__, "name", name) + if project is not None: + pulumi.set(__self__, "project", project) + if role is not None: + pulumi.set(__self__, "role", role) + + @property + @pulumi.getter + def condition(self) -> Optional[pulumi.Input['InstanceTemplateIamBindingConditionArgs']]: + """ + An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding. + Structure is documented below. + """ + return pulumi.get(self, "condition") + + @condition.setter + def condition(self, value: Optional[pulumi.Input['InstanceTemplateIamBindingConditionArgs']]): + pulumi.set(self, "condition", value) + + @property + @pulumi.getter + def etag(self) -> Optional[pulumi.Input[str]]: + """ + (Computed) The etag of the IAM policy. + """ + return pulumi.get(self, "etag") + + @etag.setter + def etag(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "etag", value) + + @property + @pulumi.getter + def members(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + Identities that will be granted the privilege in `role`. + Each entry can have one of the following values: + * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + """ + return pulumi.get(self, "members") + + @members.setter + def members(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): + pulumi.set(self, "members", value) + + @property + @pulumi.getter + def name(self) -> Optional[pulumi.Input[str]]: + """ + Used to find the parent resource to bind the IAM policy to + """ + return pulumi.get(self, "name") + + @name.setter + def name(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "name", value) + + @property + @pulumi.getter + def project(self) -> Optional[pulumi.Input[str]]: + """ + The ID of the project in which the resource belongs. + If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + """ + return pulumi.get(self, "project") + + @project.setter + def project(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "project", value) + + @property + @pulumi.getter + def role(self) -> Optional[pulumi.Input[str]]: + """ + The role that should be applied. Only one + `compute.InstanceTemplateIamBinding` can be used per role. Note that custom roles must be of the format + `[projects|organizations]/{parent-name}/roles/{role-name}`. + """ + return pulumi.get(self, "role") + + @role.setter + def role(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "role", value) + + +class InstanceTemplateIamBinding(pulumi.CustomResource): + @overload + def __init__(__self__, + resource_name: str, + opts: Optional[pulumi.ResourceOptions] = None, + condition: Optional[pulumi.Input[Union['InstanceTemplateIamBindingConditionArgs', 'InstanceTemplateIamBindingConditionArgsDict']]] = None, + members: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, + name: Optional[pulumi.Input[str]] = None, + project: Optional[pulumi.Input[str]] = None, + role: Optional[pulumi.Input[str]] = None, + __props__=None): + """ + Three different resources help you manage your IAM policy for Compute Engine InstanceTemplate. Each of these resources serves a different use case: + + * `compute.InstanceTemplateIamPolicy`: Authoritative. Sets the IAM policy for the instancetemplate and replaces any existing policy already attached. + * `compute.InstanceTemplateIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the instancetemplate are preserved. + * `compute.InstanceTemplateIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the instancetemplate are preserved. + + A data source can be used to retrieve policy data in advent you do not need creation + + * `compute.InstanceTemplateIamPolicy`: Retrieves the IAM policy for the instancetemplate + + > **Note:** `compute.InstanceTemplateIamPolicy` **cannot** be used in conjunction with `compute.InstanceTemplateIamBinding` and `compute.InstanceTemplateIamMember` or they will fight over what your policy should be. + + > **Note:** `compute.InstanceTemplateIamBinding` resources **can be** used in conjunction with `compute.InstanceTemplateIamMember` resources **only if** they do not grant privilege to the same role. + + > **Note:** This resource supports IAM Conditions but they have some known limitations which can be found [here](https://cloud.google.com/iam/docs/conditions-overview#limitations). Please review this article if you are having issues with IAM Conditions. + + ## compute.InstanceTemplateIamPolicy + + ```python + import pulumi + import pulumi_gcp as gcp + + admin = gcp.organizations.get_iam_policy(bindings=[{ + "role": "roles/compute.instanceAdmin", + "members": ["user:jane@example.com"], + }]) + policy = gcp.compute.InstanceTemplateIamPolicy("policy", + project=default["project"], + name=default["name"], + policy_data=admin.policy_data) + ``` + + With IAM Conditions: + + ```python + import pulumi + import pulumi_gcp as gcp + + admin = gcp.organizations.get_iam_policy(bindings=[{ + "role": "roles/compute.instanceAdmin", + "members": ["user:jane@example.com"], + "condition": { + "title": "expires_after_2019_12_31", + "description": "Expiring at midnight of 2019-12-31", + "expression": "request.time < timestamp(\\"2020-01-01T00:00:00Z\\")", + }, + }]) + policy = gcp.compute.InstanceTemplateIamPolicy("policy", + project=default["project"], + name=default["name"], + policy_data=admin.policy_data) + ``` + ## compute.InstanceTemplateIamBinding + + ```python + import pulumi + import pulumi_gcp as gcp + + binding = gcp.compute.InstanceTemplateIamBinding("binding", + project=default["project"], + name=default["name"], + role="roles/compute.instanceAdmin", + members=["user:jane@example.com"]) + ``` + + With IAM Conditions: + + ```python + import pulumi + import pulumi_gcp as gcp + + binding = gcp.compute.InstanceTemplateIamBinding("binding", + project=default["project"], + name=default["name"], + role="roles/compute.instanceAdmin", + members=["user:jane@example.com"], + condition={ + "title": "expires_after_2019_12_31", + "description": "Expiring at midnight of 2019-12-31", + "expression": "request.time < timestamp(\\"2020-01-01T00:00:00Z\\")", + }) + ``` + ## compute.InstanceTemplateIamMember + + ```python + import pulumi + import pulumi_gcp as gcp + + member = gcp.compute.InstanceTemplateIamMember("member", + project=default["project"], + name=default["name"], + role="roles/compute.instanceAdmin", + member="user:jane@example.com") + ``` + + With IAM Conditions: + + ```python + import pulumi + import pulumi_gcp as gcp + + member = gcp.compute.InstanceTemplateIamMember("member", + project=default["project"], + name=default["name"], + role="roles/compute.instanceAdmin", + member="user:jane@example.com", + condition={ + "title": "expires_after_2019_12_31", + "description": "Expiring at midnight of 2019-12-31", + "expression": "request.time < timestamp(\\"2020-01-01T00:00:00Z\\")", + }) + ``` + + ## This resource supports User Project Overrides. + + - + + # IAM policy for Compute Engine InstanceTemplate + Three different resources help you manage your IAM policy for Compute Engine InstanceTemplate. Each of these resources serves a different use case: + + * `compute.InstanceTemplateIamPolicy`: Authoritative. Sets the IAM policy for the instancetemplate and replaces any existing policy already attached. + * `compute.InstanceTemplateIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the instancetemplate are preserved. + * `compute.InstanceTemplateIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the instancetemplate are preserved. + + A data source can be used to retrieve policy data in advent you do not need creation + + * `compute.InstanceTemplateIamPolicy`: Retrieves the IAM policy for the instancetemplate + + > **Note:** `compute.InstanceTemplateIamPolicy` **cannot** be used in conjunction with `compute.InstanceTemplateIamBinding` and `compute.InstanceTemplateIamMember` or they will fight over what your policy should be. + + > **Note:** `compute.InstanceTemplateIamBinding` resources **can be** used in conjunction with `compute.InstanceTemplateIamMember` resources **only if** they do not grant privilege to the same role. + + > **Note:** This resource supports IAM Conditions but they have some known limitations which can be found [here](https://cloud.google.com/iam/docs/conditions-overview#limitations). Please review this article if you are having issues with IAM Conditions. + + ## compute.InstanceTemplateIamPolicy + + ```python + import pulumi + import pulumi_gcp as gcp + + admin = gcp.organizations.get_iam_policy(bindings=[{ + "role": "roles/compute.instanceAdmin", + "members": ["user:jane@example.com"], + }]) + policy = gcp.compute.InstanceTemplateIamPolicy("policy", + project=default["project"], + name=default["name"], + policy_data=admin.policy_data) + ``` + + With IAM Conditions: + + ```python + import pulumi + import pulumi_gcp as gcp + + admin = gcp.organizations.get_iam_policy(bindings=[{ + "role": "roles/compute.instanceAdmin", + "members": ["user:jane@example.com"], + "condition": { + "title": "expires_after_2019_12_31", + "description": "Expiring at midnight of 2019-12-31", + "expression": "request.time < timestamp(\\"2020-01-01T00:00:00Z\\")", + }, + }]) + policy = gcp.compute.InstanceTemplateIamPolicy("policy", + project=default["project"], + name=default["name"], + policy_data=admin.policy_data) + ``` + ## compute.InstanceTemplateIamBinding + + ```python + import pulumi + import pulumi_gcp as gcp + + binding = gcp.compute.InstanceTemplateIamBinding("binding", + project=default["project"], + name=default["name"], + role="roles/compute.instanceAdmin", + members=["user:jane@example.com"]) + ``` + + With IAM Conditions: + + ```python + import pulumi + import pulumi_gcp as gcp + + binding = gcp.compute.InstanceTemplateIamBinding("binding", + project=default["project"], + name=default["name"], + role="roles/compute.instanceAdmin", + members=["user:jane@example.com"], + condition={ + "title": "expires_after_2019_12_31", + "description": "Expiring at midnight of 2019-12-31", + "expression": "request.time < timestamp(\\"2020-01-01T00:00:00Z\\")", + }) + ``` + ## compute.InstanceTemplateIamMember + + ```python + import pulumi + import pulumi_gcp as gcp + + member = gcp.compute.InstanceTemplateIamMember("member", + project=default["project"], + name=default["name"], + role="roles/compute.instanceAdmin", + member="user:jane@example.com") + ``` + + With IAM Conditions: + + ```python + import pulumi + import pulumi_gcp as gcp + + member = gcp.compute.InstanceTemplateIamMember("member", + project=default["project"], + name=default["name"], + role="roles/compute.instanceAdmin", + member="user:jane@example.com", + condition={ + "title": "expires_after_2019_12_31", + "description": "Expiring at midnight of 2019-12-31", + "expression": "request.time < timestamp(\\"2020-01-01T00:00:00Z\\")", + }) + ``` + + ## Import + + For all import syntaxes, the "resource in question" can take any of the following forms: + + * projects/{{project}}/global/instanceTemplates/{{name}} + + * {{project}}/{{name}} + + * {{name}} + + Any variables not passed in the import command will be taken from the provider configuration. + + Compute Engine instancetemplate IAM resources can be imported using the resource identifiers, role, and member. + + IAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g. + + ```sh + $ pulumi import gcp:compute/instanceTemplateIamBinding:InstanceTemplateIamBinding editor "projects/{{project}}/global/instanceTemplates/{{instance_template}} roles/compute.instanceAdmin user:jane@example.com" + ``` + + IAM binding imports use space-delimited identifiers: the resource in question and the role, e.g. + + ```sh + $ pulumi import gcp:compute/instanceTemplateIamBinding:InstanceTemplateIamBinding editor "projects/{{project}}/global/instanceTemplates/{{instance_template}} roles/compute.instanceAdmin" + ``` + + IAM policy imports use the identifier of the resource in question, e.g. + + ```sh + $ pulumi import gcp:compute/instanceTemplateIamBinding:InstanceTemplateIamBinding editor projects/{{project}}/global/instanceTemplates/{{instance_template}} + ``` + + -> **Custom Roles** If you're importing a IAM resource with a custom role, make sure to use the + + full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`. + + :param str resource_name: The name of the resource. + :param pulumi.ResourceOptions opts: Options for the resource. + :param pulumi.Input[Union['InstanceTemplateIamBindingConditionArgs', 'InstanceTemplateIamBindingConditionArgsDict']] condition: An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding. + Structure is documented below. + :param pulumi.Input[Sequence[pulumi.Input[str]]] members: Identities that will be granted the privilege in `role`. + Each entry can have one of the following values: + * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + :param pulumi.Input[str] name: Used to find the parent resource to bind the IAM policy to + :param pulumi.Input[str] project: The ID of the project in which the resource belongs. + If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + :param pulumi.Input[str] role: The role that should be applied. Only one + `compute.InstanceTemplateIamBinding` can be used per role. Note that custom roles must be of the format + `[projects|organizations]/{parent-name}/roles/{role-name}`. + """ + ... + @overload + def __init__(__self__, + resource_name: str, + args: InstanceTemplateIamBindingArgs, + opts: Optional[pulumi.ResourceOptions] = None): + """ + Three different resources help you manage your IAM policy for Compute Engine InstanceTemplate. Each of these resources serves a different use case: + + * `compute.InstanceTemplateIamPolicy`: Authoritative. Sets the IAM policy for the instancetemplate and replaces any existing policy already attached. + * `compute.InstanceTemplateIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the instancetemplate are preserved. + * `compute.InstanceTemplateIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the instancetemplate are preserved. + + A data source can be used to retrieve policy data in advent you do not need creation + + * `compute.InstanceTemplateIamPolicy`: Retrieves the IAM policy for the instancetemplate + + > **Note:** `compute.InstanceTemplateIamPolicy` **cannot** be used in conjunction with `compute.InstanceTemplateIamBinding` and `compute.InstanceTemplateIamMember` or they will fight over what your policy should be. + + > **Note:** `compute.InstanceTemplateIamBinding` resources **can be** used in conjunction with `compute.InstanceTemplateIamMember` resources **only if** they do not grant privilege to the same role. + + > **Note:** This resource supports IAM Conditions but they have some known limitations which can be found [here](https://cloud.google.com/iam/docs/conditions-overview#limitations). Please review this article if you are having issues with IAM Conditions. + + ## compute.InstanceTemplateIamPolicy + + ```python + import pulumi + import pulumi_gcp as gcp + + admin = gcp.organizations.get_iam_policy(bindings=[{ + "role": "roles/compute.instanceAdmin", + "members": ["user:jane@example.com"], + }]) + policy = gcp.compute.InstanceTemplateIamPolicy("policy", + project=default["project"], + name=default["name"], + policy_data=admin.policy_data) + ``` + + With IAM Conditions: + + ```python + import pulumi + import pulumi_gcp as gcp + + admin = gcp.organizations.get_iam_policy(bindings=[{ + "role": "roles/compute.instanceAdmin", + "members": ["user:jane@example.com"], + "condition": { + "title": "expires_after_2019_12_31", + "description": "Expiring at midnight of 2019-12-31", + "expression": "request.time < timestamp(\\"2020-01-01T00:00:00Z\\")", + }, + }]) + policy = gcp.compute.InstanceTemplateIamPolicy("policy", + project=default["project"], + name=default["name"], + policy_data=admin.policy_data) + ``` + ## compute.InstanceTemplateIamBinding + + ```python + import pulumi + import pulumi_gcp as gcp + + binding = gcp.compute.InstanceTemplateIamBinding("binding", + project=default["project"], + name=default["name"], + role="roles/compute.instanceAdmin", + members=["user:jane@example.com"]) + ``` + + With IAM Conditions: + + ```python + import pulumi + import pulumi_gcp as gcp + + binding = gcp.compute.InstanceTemplateIamBinding("binding", + project=default["project"], + name=default["name"], + role="roles/compute.instanceAdmin", + members=["user:jane@example.com"], + condition={ + "title": "expires_after_2019_12_31", + "description": "Expiring at midnight of 2019-12-31", + "expression": "request.time < timestamp(\\"2020-01-01T00:00:00Z\\")", + }) + ``` + ## compute.InstanceTemplateIamMember + + ```python + import pulumi + import pulumi_gcp as gcp + + member = gcp.compute.InstanceTemplateIamMember("member", + project=default["project"], + name=default["name"], + role="roles/compute.instanceAdmin", + member="user:jane@example.com") + ``` + + With IAM Conditions: + + ```python + import pulumi + import pulumi_gcp as gcp + + member = gcp.compute.InstanceTemplateIamMember("member", + project=default["project"], + name=default["name"], + role="roles/compute.instanceAdmin", + member="user:jane@example.com", + condition={ + "title": "expires_after_2019_12_31", + "description": "Expiring at midnight of 2019-12-31", + "expression": "request.time < timestamp(\\"2020-01-01T00:00:00Z\\")", + }) + ``` + + ## This resource supports User Project Overrides. + + - + + # IAM policy for Compute Engine InstanceTemplate + Three different resources help you manage your IAM policy for Compute Engine InstanceTemplate. Each of these resources serves a different use case: + + * `compute.InstanceTemplateIamPolicy`: Authoritative. Sets the IAM policy for the instancetemplate and replaces any existing policy already attached. + * `compute.InstanceTemplateIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the instancetemplate are preserved. + * `compute.InstanceTemplateIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the instancetemplate are preserved. + + A data source can be used to retrieve policy data in advent you do not need creation + + * `compute.InstanceTemplateIamPolicy`: Retrieves the IAM policy for the instancetemplate + + > **Note:** `compute.InstanceTemplateIamPolicy` **cannot** be used in conjunction with `compute.InstanceTemplateIamBinding` and `compute.InstanceTemplateIamMember` or they will fight over what your policy should be. + + > **Note:** `compute.InstanceTemplateIamBinding` resources **can be** used in conjunction with `compute.InstanceTemplateIamMember` resources **only if** they do not grant privilege to the same role. + + > **Note:** This resource supports IAM Conditions but they have some known limitations which can be found [here](https://cloud.google.com/iam/docs/conditions-overview#limitations). Please review this article if you are having issues with IAM Conditions. + + ## compute.InstanceTemplateIamPolicy + + ```python + import pulumi + import pulumi_gcp as gcp + + admin = gcp.organizations.get_iam_policy(bindings=[{ + "role": "roles/compute.instanceAdmin", + "members": ["user:jane@example.com"], + }]) + policy = gcp.compute.InstanceTemplateIamPolicy("policy", + project=default["project"], + name=default["name"], + policy_data=admin.policy_data) + ``` + + With IAM Conditions: + + ```python + import pulumi + import pulumi_gcp as gcp + + admin = gcp.organizations.get_iam_policy(bindings=[{ + "role": "roles/compute.instanceAdmin", + "members": ["user:jane@example.com"], + "condition": { + "title": "expires_after_2019_12_31", + "description": "Expiring at midnight of 2019-12-31", + "expression": "request.time < timestamp(\\"2020-01-01T00:00:00Z\\")", + }, + }]) + policy = gcp.compute.InstanceTemplateIamPolicy("policy", + project=default["project"], + name=default["name"], + policy_data=admin.policy_data) + ``` + ## compute.InstanceTemplateIamBinding + + ```python + import pulumi + import pulumi_gcp as gcp + + binding = gcp.compute.InstanceTemplateIamBinding("binding", + project=default["project"], + name=default["name"], + role="roles/compute.instanceAdmin", + members=["user:jane@example.com"]) + ``` + + With IAM Conditions: + + ```python + import pulumi + import pulumi_gcp as gcp + + binding = gcp.compute.InstanceTemplateIamBinding("binding", + project=default["project"], + name=default["name"], + role="roles/compute.instanceAdmin", + members=["user:jane@example.com"], + condition={ + "title": "expires_after_2019_12_31", + "description": "Expiring at midnight of 2019-12-31", + "expression": "request.time < timestamp(\\"2020-01-01T00:00:00Z\\")", + }) + ``` + ## compute.InstanceTemplateIamMember + + ```python + import pulumi + import pulumi_gcp as gcp + + member = gcp.compute.InstanceTemplateIamMember("member", + project=default["project"], + name=default["name"], + role="roles/compute.instanceAdmin", + member="user:jane@example.com") + ``` + + With IAM Conditions: + + ```python + import pulumi + import pulumi_gcp as gcp + + member = gcp.compute.InstanceTemplateIamMember("member", + project=default["project"], + name=default["name"], + role="roles/compute.instanceAdmin", + member="user:jane@example.com", + condition={ + "title": "expires_after_2019_12_31", + "description": "Expiring at midnight of 2019-12-31", + "expression": "request.time < timestamp(\\"2020-01-01T00:00:00Z\\")", + }) + ``` + + ## Import + + For all import syntaxes, the "resource in question" can take any of the following forms: + + * projects/{{project}}/global/instanceTemplates/{{name}} + + * {{project}}/{{name}} + + * {{name}} + + Any variables not passed in the import command will be taken from the provider configuration. + + Compute Engine instancetemplate IAM resources can be imported using the resource identifiers, role, and member. + + IAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g. + + ```sh + $ pulumi import gcp:compute/instanceTemplateIamBinding:InstanceTemplateIamBinding editor "projects/{{project}}/global/instanceTemplates/{{instance_template}} roles/compute.instanceAdmin user:jane@example.com" + ``` + + IAM binding imports use space-delimited identifiers: the resource in question and the role, e.g. + + ```sh + $ pulumi import gcp:compute/instanceTemplateIamBinding:InstanceTemplateIamBinding editor "projects/{{project}}/global/instanceTemplates/{{instance_template}} roles/compute.instanceAdmin" + ``` + + IAM policy imports use the identifier of the resource in question, e.g. + + ```sh + $ pulumi import gcp:compute/instanceTemplateIamBinding:InstanceTemplateIamBinding editor projects/{{project}}/global/instanceTemplates/{{instance_template}} + ``` + + -> **Custom Roles** If you're importing a IAM resource with a custom role, make sure to use the + + full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`. + + :param str resource_name: The name of the resource. + :param InstanceTemplateIamBindingArgs args: The arguments to use to populate this resource's properties. + :param pulumi.ResourceOptions opts: Options for the resource. + """ + ... + def __init__(__self__, resource_name: str, *args, **kwargs): + resource_args, opts = _utilities.get_resource_args_opts(InstanceTemplateIamBindingArgs, pulumi.ResourceOptions, *args, **kwargs) + if resource_args is not None: + __self__._internal_init(resource_name, opts, **resource_args.__dict__) + else: + __self__._internal_init(resource_name, *args, **kwargs) + + def _internal_init(__self__, + resource_name: str, + opts: Optional[pulumi.ResourceOptions] = None, + condition: Optional[pulumi.Input[Union['InstanceTemplateIamBindingConditionArgs', 'InstanceTemplateIamBindingConditionArgsDict']]] = None, + members: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, + name: Optional[pulumi.Input[str]] = None, + project: Optional[pulumi.Input[str]] = None, + role: Optional[pulumi.Input[str]] = None, + __props__=None): + opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts) + if not isinstance(opts, pulumi.ResourceOptions): + raise TypeError('Expected resource options to be a ResourceOptions instance') + if opts.id is None: + if __props__ is not None: + raise TypeError('__props__ is only valid when passed in combination with a valid opts.id to get an existing resource') + __props__ = InstanceTemplateIamBindingArgs.__new__(InstanceTemplateIamBindingArgs) + + __props__.__dict__["condition"] = condition + if members is None and not opts.urn: + raise TypeError("Missing required property 'members'") + __props__.__dict__["members"] = members + __props__.__dict__["name"] = name + __props__.__dict__["project"] = project + if role is None and not opts.urn: + raise TypeError("Missing required property 'role'") + __props__.__dict__["role"] = role + __props__.__dict__["etag"] = None + super(InstanceTemplateIamBinding, __self__).__init__( + 'gcp:compute/instanceTemplateIamBinding:InstanceTemplateIamBinding', + resource_name, + __props__, + opts) + + @staticmethod + def get(resource_name: str, + id: pulumi.Input[str], + opts: Optional[pulumi.ResourceOptions] = None, + condition: Optional[pulumi.Input[Union['InstanceTemplateIamBindingConditionArgs', 'InstanceTemplateIamBindingConditionArgsDict']]] = None, + etag: Optional[pulumi.Input[str]] = None, + members: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, + name: Optional[pulumi.Input[str]] = None, + project: Optional[pulumi.Input[str]] = None, + role: Optional[pulumi.Input[str]] = None) -> 'InstanceTemplateIamBinding': + """ + Get an existing InstanceTemplateIamBinding resource's state with the given name, id, and optional extra + properties used to qualify the lookup. + + :param str resource_name: The unique name of the resulting resource. + :param pulumi.Input[str] id: The unique provider ID of the resource to lookup. + :param pulumi.ResourceOptions opts: Options for the resource. + :param pulumi.Input[Union['InstanceTemplateIamBindingConditionArgs', 'InstanceTemplateIamBindingConditionArgsDict']] condition: An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding. + Structure is documented below. + :param pulumi.Input[str] etag: (Computed) The etag of the IAM policy. + :param pulumi.Input[Sequence[pulumi.Input[str]]] members: Identities that will be granted the privilege in `role`. + Each entry can have one of the following values: + * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + :param pulumi.Input[str] name: Used to find the parent resource to bind the IAM policy to + :param pulumi.Input[str] project: The ID of the project in which the resource belongs. + If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + :param pulumi.Input[str] role: The role that should be applied. Only one + `compute.InstanceTemplateIamBinding` can be used per role. Note that custom roles must be of the format + `[projects|organizations]/{parent-name}/roles/{role-name}`. + """ + opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id)) + + __props__ = _InstanceTemplateIamBindingState.__new__(_InstanceTemplateIamBindingState) + + __props__.__dict__["condition"] = condition + __props__.__dict__["etag"] = etag + __props__.__dict__["members"] = members + __props__.__dict__["name"] = name + __props__.__dict__["project"] = project + __props__.__dict__["role"] = role + return InstanceTemplateIamBinding(resource_name, opts=opts, __props__=__props__) + + @property + @pulumi.getter + def condition(self) -> pulumi.Output[Optional['outputs.InstanceTemplateIamBindingCondition']]: + """ + An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding. + Structure is documented below. + """ + return pulumi.get(self, "condition") + + @property + @pulumi.getter + def etag(self) -> pulumi.Output[str]: + """ + (Computed) The etag of the IAM policy. + """ + return pulumi.get(self, "etag") + + @property + @pulumi.getter + def members(self) -> pulumi.Output[Sequence[str]]: + """ + Identities that will be granted the privilege in `role`. + Each entry can have one of the following values: + * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + """ + return pulumi.get(self, "members") + + @property + @pulumi.getter + def name(self) -> pulumi.Output[str]: + """ + Used to find the parent resource to bind the IAM policy to + """ + return pulumi.get(self, "name") + + @property + @pulumi.getter + def project(self) -> pulumi.Output[str]: + """ + The ID of the project in which the resource belongs. + If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + """ + return pulumi.get(self, "project") + + @property + @pulumi.getter + def role(self) -> pulumi.Output[str]: + """ + The role that should be applied. Only one + `compute.InstanceTemplateIamBinding` can be used per role. Note that custom roles must be of the format + `[projects|organizations]/{parent-name}/roles/{role-name}`. + """ + return pulumi.get(self, "role") + diff --git a/sdk/python/pulumi_gcp/compute/instance_template_iam_member.py b/sdk/python/pulumi_gcp/compute/instance_template_iam_member.py new file mode 100644 index 0000000000..0ed5c9b5bf --- /dev/null +++ b/sdk/python/pulumi_gcp/compute/instance_template_iam_member.py @@ -0,0 +1,998 @@ +# coding=utf-8 +# *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +# *** Do not edit by hand unless you're certain you know what you are doing! *** + +import copy +import warnings +import sys +import pulumi +import pulumi.runtime +from typing import Any, Mapping, Optional, Sequence, Union, overload +if sys.version_info >= (3, 11): + from typing import NotRequired, TypedDict, TypeAlias +else: + from typing_extensions import NotRequired, TypedDict, TypeAlias +from .. import _utilities +from . import outputs +from ._inputs import * + +__all__ = ['InstanceTemplateIamMemberArgs', 'InstanceTemplateIamMember'] + +@pulumi.input_type +class InstanceTemplateIamMemberArgs: + def __init__(__self__, *, + member: pulumi.Input[str], + role: pulumi.Input[str], + condition: Optional[pulumi.Input['InstanceTemplateIamMemberConditionArgs']] = None, + name: Optional[pulumi.Input[str]] = None, + project: Optional[pulumi.Input[str]] = None): + """ + The set of arguments for constructing a InstanceTemplateIamMember resource. + :param pulumi.Input[str] member: Identities that will be granted the privilege in `role`. + Each entry can have one of the following values: + * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + :param pulumi.Input[str] role: The role that should be applied. Only one + `compute.InstanceTemplateIamBinding` can be used per role. Note that custom roles must be of the format + `[projects|organizations]/{parent-name}/roles/{role-name}`. + :param pulumi.Input['InstanceTemplateIamMemberConditionArgs'] condition: An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding. + Structure is documented below. + :param pulumi.Input[str] name: Used to find the parent resource to bind the IAM policy to + :param pulumi.Input[str] project: The ID of the project in which the resource belongs. + If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + """ + pulumi.set(__self__, "member", member) + pulumi.set(__self__, "role", role) + if condition is not None: + pulumi.set(__self__, "condition", condition) + if name is not None: + pulumi.set(__self__, "name", name) + if project is not None: + pulumi.set(__self__, "project", project) + + @property + @pulumi.getter + def member(self) -> pulumi.Input[str]: + """ + Identities that will be granted the privilege in `role`. + Each entry can have one of the following values: + * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + """ + return pulumi.get(self, "member") + + @member.setter + def member(self, value: pulumi.Input[str]): + pulumi.set(self, "member", value) + + @property + @pulumi.getter + def role(self) -> pulumi.Input[str]: + """ + The role that should be applied. Only one + `compute.InstanceTemplateIamBinding` can be used per role. Note that custom roles must be of the format + `[projects|organizations]/{parent-name}/roles/{role-name}`. + """ + return pulumi.get(self, "role") + + @role.setter + def role(self, value: pulumi.Input[str]): + pulumi.set(self, "role", value) + + @property + @pulumi.getter + def condition(self) -> Optional[pulumi.Input['InstanceTemplateIamMemberConditionArgs']]: + """ + An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding. + Structure is documented below. + """ + return pulumi.get(self, "condition") + + @condition.setter + def condition(self, value: Optional[pulumi.Input['InstanceTemplateIamMemberConditionArgs']]): + pulumi.set(self, "condition", value) + + @property + @pulumi.getter + def name(self) -> Optional[pulumi.Input[str]]: + """ + Used to find the parent resource to bind the IAM policy to + """ + return pulumi.get(self, "name") + + @name.setter + def name(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "name", value) + + @property + @pulumi.getter + def project(self) -> Optional[pulumi.Input[str]]: + """ + The ID of the project in which the resource belongs. + If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + """ + return pulumi.get(self, "project") + + @project.setter + def project(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "project", value) + + +@pulumi.input_type +class _InstanceTemplateIamMemberState: + def __init__(__self__, *, + condition: Optional[pulumi.Input['InstanceTemplateIamMemberConditionArgs']] = None, + etag: Optional[pulumi.Input[str]] = None, + member: Optional[pulumi.Input[str]] = None, + name: Optional[pulumi.Input[str]] = None, + project: Optional[pulumi.Input[str]] = None, + role: Optional[pulumi.Input[str]] = None): + """ + Input properties used for looking up and filtering InstanceTemplateIamMember resources. + :param pulumi.Input['InstanceTemplateIamMemberConditionArgs'] condition: An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding. + Structure is documented below. + :param pulumi.Input[str] etag: (Computed) The etag of the IAM policy. + :param pulumi.Input[str] member: Identities that will be granted the privilege in `role`. + Each entry can have one of the following values: + * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + :param pulumi.Input[str] name: Used to find the parent resource to bind the IAM policy to + :param pulumi.Input[str] project: The ID of the project in which the resource belongs. + If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + :param pulumi.Input[str] role: The role that should be applied. Only one + `compute.InstanceTemplateIamBinding` can be used per role. Note that custom roles must be of the format + `[projects|organizations]/{parent-name}/roles/{role-name}`. + """ + if condition is not None: + pulumi.set(__self__, "condition", condition) + if etag is not None: + pulumi.set(__self__, "etag", etag) + if member is not None: + pulumi.set(__self__, "member", member) + if name is not None: + pulumi.set(__self__, "name", name) + if project is not None: + pulumi.set(__self__, "project", project) + if role is not None: + pulumi.set(__self__, "role", role) + + @property + @pulumi.getter + def condition(self) -> Optional[pulumi.Input['InstanceTemplateIamMemberConditionArgs']]: + """ + An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding. + Structure is documented below. + """ + return pulumi.get(self, "condition") + + @condition.setter + def condition(self, value: Optional[pulumi.Input['InstanceTemplateIamMemberConditionArgs']]): + pulumi.set(self, "condition", value) + + @property + @pulumi.getter + def etag(self) -> Optional[pulumi.Input[str]]: + """ + (Computed) The etag of the IAM policy. + """ + return pulumi.get(self, "etag") + + @etag.setter + def etag(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "etag", value) + + @property + @pulumi.getter + def member(self) -> Optional[pulumi.Input[str]]: + """ + Identities that will be granted the privilege in `role`. + Each entry can have one of the following values: + * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + """ + return pulumi.get(self, "member") + + @member.setter + def member(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "member", value) + + @property + @pulumi.getter + def name(self) -> Optional[pulumi.Input[str]]: + """ + Used to find the parent resource to bind the IAM policy to + """ + return pulumi.get(self, "name") + + @name.setter + def name(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "name", value) + + @property + @pulumi.getter + def project(self) -> Optional[pulumi.Input[str]]: + """ + The ID of the project in which the resource belongs. + If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + """ + return pulumi.get(self, "project") + + @project.setter + def project(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "project", value) + + @property + @pulumi.getter + def role(self) -> Optional[pulumi.Input[str]]: + """ + The role that should be applied. Only one + `compute.InstanceTemplateIamBinding` can be used per role. Note that custom roles must be of the format + `[projects|organizations]/{parent-name}/roles/{role-name}`. + """ + return pulumi.get(self, "role") + + @role.setter + def role(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "role", value) + + +class InstanceTemplateIamMember(pulumi.CustomResource): + @overload + def __init__(__self__, + resource_name: str, + opts: Optional[pulumi.ResourceOptions] = None, + condition: Optional[pulumi.Input[Union['InstanceTemplateIamMemberConditionArgs', 'InstanceTemplateIamMemberConditionArgsDict']]] = None, + member: Optional[pulumi.Input[str]] = None, + name: Optional[pulumi.Input[str]] = None, + project: Optional[pulumi.Input[str]] = None, + role: Optional[pulumi.Input[str]] = None, + __props__=None): + """ + Three different resources help you manage your IAM policy for Compute Engine InstanceTemplate. Each of these resources serves a different use case: + + * `compute.InstanceTemplateIamPolicy`: Authoritative. Sets the IAM policy for the instancetemplate and replaces any existing policy already attached. + * `compute.InstanceTemplateIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the instancetemplate are preserved. + * `compute.InstanceTemplateIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the instancetemplate are preserved. + + A data source can be used to retrieve policy data in advent you do not need creation + + * `compute.InstanceTemplateIamPolicy`: Retrieves the IAM policy for the instancetemplate + + > **Note:** `compute.InstanceTemplateIamPolicy` **cannot** be used in conjunction with `compute.InstanceTemplateIamBinding` and `compute.InstanceTemplateIamMember` or they will fight over what your policy should be. + + > **Note:** `compute.InstanceTemplateIamBinding` resources **can be** used in conjunction with `compute.InstanceTemplateIamMember` resources **only if** they do not grant privilege to the same role. + + > **Note:** This resource supports IAM Conditions but they have some known limitations which can be found [here](https://cloud.google.com/iam/docs/conditions-overview#limitations). Please review this article if you are having issues with IAM Conditions. + + ## compute.InstanceTemplateIamPolicy + + ```python + import pulumi + import pulumi_gcp as gcp + + admin = gcp.organizations.get_iam_policy(bindings=[{ + "role": "roles/compute.instanceAdmin", + "members": ["user:jane@example.com"], + }]) + policy = gcp.compute.InstanceTemplateIamPolicy("policy", + project=default["project"], + name=default["name"], + policy_data=admin.policy_data) + ``` + + With IAM Conditions: + + ```python + import pulumi + import pulumi_gcp as gcp + + admin = gcp.organizations.get_iam_policy(bindings=[{ + "role": "roles/compute.instanceAdmin", + "members": ["user:jane@example.com"], + "condition": { + "title": "expires_after_2019_12_31", + "description": "Expiring at midnight of 2019-12-31", + "expression": "request.time < timestamp(\\"2020-01-01T00:00:00Z\\")", + }, + }]) + policy = gcp.compute.InstanceTemplateIamPolicy("policy", + project=default["project"], + name=default["name"], + policy_data=admin.policy_data) + ``` + ## compute.InstanceTemplateIamBinding + + ```python + import pulumi + import pulumi_gcp as gcp + + binding = gcp.compute.InstanceTemplateIamBinding("binding", + project=default["project"], + name=default["name"], + role="roles/compute.instanceAdmin", + members=["user:jane@example.com"]) + ``` + + With IAM Conditions: + + ```python + import pulumi + import pulumi_gcp as gcp + + binding = gcp.compute.InstanceTemplateIamBinding("binding", + project=default["project"], + name=default["name"], + role="roles/compute.instanceAdmin", + members=["user:jane@example.com"], + condition={ + "title": "expires_after_2019_12_31", + "description": "Expiring at midnight of 2019-12-31", + "expression": "request.time < timestamp(\\"2020-01-01T00:00:00Z\\")", + }) + ``` + ## compute.InstanceTemplateIamMember + + ```python + import pulumi + import pulumi_gcp as gcp + + member = gcp.compute.InstanceTemplateIamMember("member", + project=default["project"], + name=default["name"], + role="roles/compute.instanceAdmin", + member="user:jane@example.com") + ``` + + With IAM Conditions: + + ```python + import pulumi + import pulumi_gcp as gcp + + member = gcp.compute.InstanceTemplateIamMember("member", + project=default["project"], + name=default["name"], + role="roles/compute.instanceAdmin", + member="user:jane@example.com", + condition={ + "title": "expires_after_2019_12_31", + "description": "Expiring at midnight of 2019-12-31", + "expression": "request.time < timestamp(\\"2020-01-01T00:00:00Z\\")", + }) + ``` + + ## This resource supports User Project Overrides. + + - + + # IAM policy for Compute Engine InstanceTemplate + Three different resources help you manage your IAM policy for Compute Engine InstanceTemplate. Each of these resources serves a different use case: + + * `compute.InstanceTemplateIamPolicy`: Authoritative. Sets the IAM policy for the instancetemplate and replaces any existing policy already attached. + * `compute.InstanceTemplateIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the instancetemplate are preserved. + * `compute.InstanceTemplateIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the instancetemplate are preserved. + + A data source can be used to retrieve policy data in advent you do not need creation + + * `compute.InstanceTemplateIamPolicy`: Retrieves the IAM policy for the instancetemplate + + > **Note:** `compute.InstanceTemplateIamPolicy` **cannot** be used in conjunction with `compute.InstanceTemplateIamBinding` and `compute.InstanceTemplateIamMember` or they will fight over what your policy should be. + + > **Note:** `compute.InstanceTemplateIamBinding` resources **can be** used in conjunction with `compute.InstanceTemplateIamMember` resources **only if** they do not grant privilege to the same role. + + > **Note:** This resource supports IAM Conditions but they have some known limitations which can be found [here](https://cloud.google.com/iam/docs/conditions-overview#limitations). Please review this article if you are having issues with IAM Conditions. + + ## compute.InstanceTemplateIamPolicy + + ```python + import pulumi + import pulumi_gcp as gcp + + admin = gcp.organizations.get_iam_policy(bindings=[{ + "role": "roles/compute.instanceAdmin", + "members": ["user:jane@example.com"], + }]) + policy = gcp.compute.InstanceTemplateIamPolicy("policy", + project=default["project"], + name=default["name"], + policy_data=admin.policy_data) + ``` + + With IAM Conditions: + + ```python + import pulumi + import pulumi_gcp as gcp + + admin = gcp.organizations.get_iam_policy(bindings=[{ + "role": "roles/compute.instanceAdmin", + "members": ["user:jane@example.com"], + "condition": { + "title": "expires_after_2019_12_31", + "description": "Expiring at midnight of 2019-12-31", + "expression": "request.time < timestamp(\\"2020-01-01T00:00:00Z\\")", + }, + }]) + policy = gcp.compute.InstanceTemplateIamPolicy("policy", + project=default["project"], + name=default["name"], + policy_data=admin.policy_data) + ``` + ## compute.InstanceTemplateIamBinding + + ```python + import pulumi + import pulumi_gcp as gcp + + binding = gcp.compute.InstanceTemplateIamBinding("binding", + project=default["project"], + name=default["name"], + role="roles/compute.instanceAdmin", + members=["user:jane@example.com"]) + ``` + + With IAM Conditions: + + ```python + import pulumi + import pulumi_gcp as gcp + + binding = gcp.compute.InstanceTemplateIamBinding("binding", + project=default["project"], + name=default["name"], + role="roles/compute.instanceAdmin", + members=["user:jane@example.com"], + condition={ + "title": "expires_after_2019_12_31", + "description": "Expiring at midnight of 2019-12-31", + "expression": "request.time < timestamp(\\"2020-01-01T00:00:00Z\\")", + }) + ``` + ## compute.InstanceTemplateIamMember + + ```python + import pulumi + import pulumi_gcp as gcp + + member = gcp.compute.InstanceTemplateIamMember("member", + project=default["project"], + name=default["name"], + role="roles/compute.instanceAdmin", + member="user:jane@example.com") + ``` + + With IAM Conditions: + + ```python + import pulumi + import pulumi_gcp as gcp + + member = gcp.compute.InstanceTemplateIamMember("member", + project=default["project"], + name=default["name"], + role="roles/compute.instanceAdmin", + member="user:jane@example.com", + condition={ + "title": "expires_after_2019_12_31", + "description": "Expiring at midnight of 2019-12-31", + "expression": "request.time < timestamp(\\"2020-01-01T00:00:00Z\\")", + }) + ``` + + ## Import + + For all import syntaxes, the "resource in question" can take any of the following forms: + + * projects/{{project}}/global/instanceTemplates/{{name}} + + * {{project}}/{{name}} + + * {{name}} + + Any variables not passed in the import command will be taken from the provider configuration. + + Compute Engine instancetemplate IAM resources can be imported using the resource identifiers, role, and member. + + IAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g. + + ```sh + $ pulumi import gcp:compute/instanceTemplateIamMember:InstanceTemplateIamMember editor "projects/{{project}}/global/instanceTemplates/{{instance_template}} roles/compute.instanceAdmin user:jane@example.com" + ``` + + IAM binding imports use space-delimited identifiers: the resource in question and the role, e.g. + + ```sh + $ pulumi import gcp:compute/instanceTemplateIamMember:InstanceTemplateIamMember editor "projects/{{project}}/global/instanceTemplates/{{instance_template}} roles/compute.instanceAdmin" + ``` + + IAM policy imports use the identifier of the resource in question, e.g. + + ```sh + $ pulumi import gcp:compute/instanceTemplateIamMember:InstanceTemplateIamMember editor projects/{{project}}/global/instanceTemplates/{{instance_template}} + ``` + + -> **Custom Roles** If you're importing a IAM resource with a custom role, make sure to use the + + full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`. + + :param str resource_name: The name of the resource. + :param pulumi.ResourceOptions opts: Options for the resource. + :param pulumi.Input[Union['InstanceTemplateIamMemberConditionArgs', 'InstanceTemplateIamMemberConditionArgsDict']] condition: An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding. + Structure is documented below. + :param pulumi.Input[str] member: Identities that will be granted the privilege in `role`. + Each entry can have one of the following values: + * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + :param pulumi.Input[str] name: Used to find the parent resource to bind the IAM policy to + :param pulumi.Input[str] project: The ID of the project in which the resource belongs. + If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + :param pulumi.Input[str] role: The role that should be applied. Only one + `compute.InstanceTemplateIamBinding` can be used per role. Note that custom roles must be of the format + `[projects|organizations]/{parent-name}/roles/{role-name}`. + """ + ... + @overload + def __init__(__self__, + resource_name: str, + args: InstanceTemplateIamMemberArgs, + opts: Optional[pulumi.ResourceOptions] = None): + """ + Three different resources help you manage your IAM policy for Compute Engine InstanceTemplate. Each of these resources serves a different use case: + + * `compute.InstanceTemplateIamPolicy`: Authoritative. Sets the IAM policy for the instancetemplate and replaces any existing policy already attached. + * `compute.InstanceTemplateIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the instancetemplate are preserved. + * `compute.InstanceTemplateIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the instancetemplate are preserved. + + A data source can be used to retrieve policy data in advent you do not need creation + + * `compute.InstanceTemplateIamPolicy`: Retrieves the IAM policy for the instancetemplate + + > **Note:** `compute.InstanceTemplateIamPolicy` **cannot** be used in conjunction with `compute.InstanceTemplateIamBinding` and `compute.InstanceTemplateIamMember` or they will fight over what your policy should be. + + > **Note:** `compute.InstanceTemplateIamBinding` resources **can be** used in conjunction with `compute.InstanceTemplateIamMember` resources **only if** they do not grant privilege to the same role. + + > **Note:** This resource supports IAM Conditions but they have some known limitations which can be found [here](https://cloud.google.com/iam/docs/conditions-overview#limitations). Please review this article if you are having issues with IAM Conditions. + + ## compute.InstanceTemplateIamPolicy + + ```python + import pulumi + import pulumi_gcp as gcp + + admin = gcp.organizations.get_iam_policy(bindings=[{ + "role": "roles/compute.instanceAdmin", + "members": ["user:jane@example.com"], + }]) + policy = gcp.compute.InstanceTemplateIamPolicy("policy", + project=default["project"], + name=default["name"], + policy_data=admin.policy_data) + ``` + + With IAM Conditions: + + ```python + import pulumi + import pulumi_gcp as gcp + + admin = gcp.organizations.get_iam_policy(bindings=[{ + "role": "roles/compute.instanceAdmin", + "members": ["user:jane@example.com"], + "condition": { + "title": "expires_after_2019_12_31", + "description": "Expiring at midnight of 2019-12-31", + "expression": "request.time < timestamp(\\"2020-01-01T00:00:00Z\\")", + }, + }]) + policy = gcp.compute.InstanceTemplateIamPolicy("policy", + project=default["project"], + name=default["name"], + policy_data=admin.policy_data) + ``` + ## compute.InstanceTemplateIamBinding + + ```python + import pulumi + import pulumi_gcp as gcp + + binding = gcp.compute.InstanceTemplateIamBinding("binding", + project=default["project"], + name=default["name"], + role="roles/compute.instanceAdmin", + members=["user:jane@example.com"]) + ``` + + With IAM Conditions: + + ```python + import pulumi + import pulumi_gcp as gcp + + binding = gcp.compute.InstanceTemplateIamBinding("binding", + project=default["project"], + name=default["name"], + role="roles/compute.instanceAdmin", + members=["user:jane@example.com"], + condition={ + "title": "expires_after_2019_12_31", + "description": "Expiring at midnight of 2019-12-31", + "expression": "request.time < timestamp(\\"2020-01-01T00:00:00Z\\")", + }) + ``` + ## compute.InstanceTemplateIamMember + + ```python + import pulumi + import pulumi_gcp as gcp + + member = gcp.compute.InstanceTemplateIamMember("member", + project=default["project"], + name=default["name"], + role="roles/compute.instanceAdmin", + member="user:jane@example.com") + ``` + + With IAM Conditions: + + ```python + import pulumi + import pulumi_gcp as gcp + + member = gcp.compute.InstanceTemplateIamMember("member", + project=default["project"], + name=default["name"], + role="roles/compute.instanceAdmin", + member="user:jane@example.com", + condition={ + "title": "expires_after_2019_12_31", + "description": "Expiring at midnight of 2019-12-31", + "expression": "request.time < timestamp(\\"2020-01-01T00:00:00Z\\")", + }) + ``` + + ## This resource supports User Project Overrides. + + - + + # IAM policy for Compute Engine InstanceTemplate + Three different resources help you manage your IAM policy for Compute Engine InstanceTemplate. Each of these resources serves a different use case: + + * `compute.InstanceTemplateIamPolicy`: Authoritative. Sets the IAM policy for the instancetemplate and replaces any existing policy already attached. + * `compute.InstanceTemplateIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the instancetemplate are preserved. + * `compute.InstanceTemplateIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the instancetemplate are preserved. + + A data source can be used to retrieve policy data in advent you do not need creation + + * `compute.InstanceTemplateIamPolicy`: Retrieves the IAM policy for the instancetemplate + + > **Note:** `compute.InstanceTemplateIamPolicy` **cannot** be used in conjunction with `compute.InstanceTemplateIamBinding` and `compute.InstanceTemplateIamMember` or they will fight over what your policy should be. + + > **Note:** `compute.InstanceTemplateIamBinding` resources **can be** used in conjunction with `compute.InstanceTemplateIamMember` resources **only if** they do not grant privilege to the same role. + + > **Note:** This resource supports IAM Conditions but they have some known limitations which can be found [here](https://cloud.google.com/iam/docs/conditions-overview#limitations). Please review this article if you are having issues with IAM Conditions. + + ## compute.InstanceTemplateIamPolicy + + ```python + import pulumi + import pulumi_gcp as gcp + + admin = gcp.organizations.get_iam_policy(bindings=[{ + "role": "roles/compute.instanceAdmin", + "members": ["user:jane@example.com"], + }]) + policy = gcp.compute.InstanceTemplateIamPolicy("policy", + project=default["project"], + name=default["name"], + policy_data=admin.policy_data) + ``` + + With IAM Conditions: + + ```python + import pulumi + import pulumi_gcp as gcp + + admin = gcp.organizations.get_iam_policy(bindings=[{ + "role": "roles/compute.instanceAdmin", + "members": ["user:jane@example.com"], + "condition": { + "title": "expires_after_2019_12_31", + "description": "Expiring at midnight of 2019-12-31", + "expression": "request.time < timestamp(\\"2020-01-01T00:00:00Z\\")", + }, + }]) + policy = gcp.compute.InstanceTemplateIamPolicy("policy", + project=default["project"], + name=default["name"], + policy_data=admin.policy_data) + ``` + ## compute.InstanceTemplateIamBinding + + ```python + import pulumi + import pulumi_gcp as gcp + + binding = gcp.compute.InstanceTemplateIamBinding("binding", + project=default["project"], + name=default["name"], + role="roles/compute.instanceAdmin", + members=["user:jane@example.com"]) + ``` + + With IAM Conditions: + + ```python + import pulumi + import pulumi_gcp as gcp + + binding = gcp.compute.InstanceTemplateIamBinding("binding", + project=default["project"], + name=default["name"], + role="roles/compute.instanceAdmin", + members=["user:jane@example.com"], + condition={ + "title": "expires_after_2019_12_31", + "description": "Expiring at midnight of 2019-12-31", + "expression": "request.time < timestamp(\\"2020-01-01T00:00:00Z\\")", + }) + ``` + ## compute.InstanceTemplateIamMember + + ```python + import pulumi + import pulumi_gcp as gcp + + member = gcp.compute.InstanceTemplateIamMember("member", + project=default["project"], + name=default["name"], + role="roles/compute.instanceAdmin", + member="user:jane@example.com") + ``` + + With IAM Conditions: + + ```python + import pulumi + import pulumi_gcp as gcp + + member = gcp.compute.InstanceTemplateIamMember("member", + project=default["project"], + name=default["name"], + role="roles/compute.instanceAdmin", + member="user:jane@example.com", + condition={ + "title": "expires_after_2019_12_31", + "description": "Expiring at midnight of 2019-12-31", + "expression": "request.time < timestamp(\\"2020-01-01T00:00:00Z\\")", + }) + ``` + + ## Import + + For all import syntaxes, the "resource in question" can take any of the following forms: + + * projects/{{project}}/global/instanceTemplates/{{name}} + + * {{project}}/{{name}} + + * {{name}} + + Any variables not passed in the import command will be taken from the provider configuration. + + Compute Engine instancetemplate IAM resources can be imported using the resource identifiers, role, and member. + + IAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g. + + ```sh + $ pulumi import gcp:compute/instanceTemplateIamMember:InstanceTemplateIamMember editor "projects/{{project}}/global/instanceTemplates/{{instance_template}} roles/compute.instanceAdmin user:jane@example.com" + ``` + + IAM binding imports use space-delimited identifiers: the resource in question and the role, e.g. + + ```sh + $ pulumi import gcp:compute/instanceTemplateIamMember:InstanceTemplateIamMember editor "projects/{{project}}/global/instanceTemplates/{{instance_template}} roles/compute.instanceAdmin" + ``` + + IAM policy imports use the identifier of the resource in question, e.g. + + ```sh + $ pulumi import gcp:compute/instanceTemplateIamMember:InstanceTemplateIamMember editor projects/{{project}}/global/instanceTemplates/{{instance_template}} + ``` + + -> **Custom Roles** If you're importing a IAM resource with a custom role, make sure to use the + + full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`. + + :param str resource_name: The name of the resource. + :param InstanceTemplateIamMemberArgs args: The arguments to use to populate this resource's properties. + :param pulumi.ResourceOptions opts: Options for the resource. + """ + ... + def __init__(__self__, resource_name: str, *args, **kwargs): + resource_args, opts = _utilities.get_resource_args_opts(InstanceTemplateIamMemberArgs, pulumi.ResourceOptions, *args, **kwargs) + if resource_args is not None: + __self__._internal_init(resource_name, opts, **resource_args.__dict__) + else: + __self__._internal_init(resource_name, *args, **kwargs) + + def _internal_init(__self__, + resource_name: str, + opts: Optional[pulumi.ResourceOptions] = None, + condition: Optional[pulumi.Input[Union['InstanceTemplateIamMemberConditionArgs', 'InstanceTemplateIamMemberConditionArgsDict']]] = None, + member: Optional[pulumi.Input[str]] = None, + name: Optional[pulumi.Input[str]] = None, + project: Optional[pulumi.Input[str]] = None, + role: Optional[pulumi.Input[str]] = None, + __props__=None): + opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts) + if not isinstance(opts, pulumi.ResourceOptions): + raise TypeError('Expected resource options to be a ResourceOptions instance') + if opts.id is None: + if __props__ is not None: + raise TypeError('__props__ is only valid when passed in combination with a valid opts.id to get an existing resource') + __props__ = InstanceTemplateIamMemberArgs.__new__(InstanceTemplateIamMemberArgs) + + __props__.__dict__["condition"] = condition + if member is None and not opts.urn: + raise TypeError("Missing required property 'member'") + __props__.__dict__["member"] = member + __props__.__dict__["name"] = name + __props__.__dict__["project"] = project + if role is None and not opts.urn: + raise TypeError("Missing required property 'role'") + __props__.__dict__["role"] = role + __props__.__dict__["etag"] = None + super(InstanceTemplateIamMember, __self__).__init__( + 'gcp:compute/instanceTemplateIamMember:InstanceTemplateIamMember', + resource_name, + __props__, + opts) + + @staticmethod + def get(resource_name: str, + id: pulumi.Input[str], + opts: Optional[pulumi.ResourceOptions] = None, + condition: Optional[pulumi.Input[Union['InstanceTemplateIamMemberConditionArgs', 'InstanceTemplateIamMemberConditionArgsDict']]] = None, + etag: Optional[pulumi.Input[str]] = None, + member: Optional[pulumi.Input[str]] = None, + name: Optional[pulumi.Input[str]] = None, + project: Optional[pulumi.Input[str]] = None, + role: Optional[pulumi.Input[str]] = None) -> 'InstanceTemplateIamMember': + """ + Get an existing InstanceTemplateIamMember resource's state with the given name, id, and optional extra + properties used to qualify the lookup. + + :param str resource_name: The unique name of the resulting resource. + :param pulumi.Input[str] id: The unique provider ID of the resource to lookup. + :param pulumi.ResourceOptions opts: Options for the resource. + :param pulumi.Input[Union['InstanceTemplateIamMemberConditionArgs', 'InstanceTemplateIamMemberConditionArgsDict']] condition: An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding. + Structure is documented below. + :param pulumi.Input[str] etag: (Computed) The etag of the IAM policy. + :param pulumi.Input[str] member: Identities that will be granted the privilege in `role`. + Each entry can have one of the following values: + * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + :param pulumi.Input[str] name: Used to find the parent resource to bind the IAM policy to + :param pulumi.Input[str] project: The ID of the project in which the resource belongs. + If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + :param pulumi.Input[str] role: The role that should be applied. Only one + `compute.InstanceTemplateIamBinding` can be used per role. Note that custom roles must be of the format + `[projects|organizations]/{parent-name}/roles/{role-name}`. + """ + opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id)) + + __props__ = _InstanceTemplateIamMemberState.__new__(_InstanceTemplateIamMemberState) + + __props__.__dict__["condition"] = condition + __props__.__dict__["etag"] = etag + __props__.__dict__["member"] = member + __props__.__dict__["name"] = name + __props__.__dict__["project"] = project + __props__.__dict__["role"] = role + return InstanceTemplateIamMember(resource_name, opts=opts, __props__=__props__) + + @property + @pulumi.getter + def condition(self) -> pulumi.Output[Optional['outputs.InstanceTemplateIamMemberCondition']]: + """ + An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding. + Structure is documented below. + """ + return pulumi.get(self, "condition") + + @property + @pulumi.getter + def etag(self) -> pulumi.Output[str]: + """ + (Computed) The etag of the IAM policy. + """ + return pulumi.get(self, "etag") + + @property + @pulumi.getter + def member(self) -> pulumi.Output[str]: + """ + Identities that will be granted the privilege in `role`. + Each entry can have one of the following values: + * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + """ + return pulumi.get(self, "member") + + @property + @pulumi.getter + def name(self) -> pulumi.Output[str]: + """ + Used to find the parent resource to bind the IAM policy to + """ + return pulumi.get(self, "name") + + @property + @pulumi.getter + def project(self) -> pulumi.Output[str]: + """ + The ID of the project in which the resource belongs. + If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + """ + return pulumi.get(self, "project") + + @property + @pulumi.getter + def role(self) -> pulumi.Output[str]: + """ + The role that should be applied. Only one + `compute.InstanceTemplateIamBinding` can be used per role. Note that custom roles must be of the format + `[projects|organizations]/{parent-name}/roles/{role-name}`. + """ + return pulumi.get(self, "role") + diff --git a/sdk/python/pulumi_gcp/compute/instance_template_iam_policy.py b/sdk/python/pulumi_gcp/compute/instance_template_iam_policy.py new file mode 100644 index 0000000000..a75f49ac5e --- /dev/null +++ b/sdk/python/pulumi_gcp/compute/instance_template_iam_policy.py @@ -0,0 +1,817 @@ +# coding=utf-8 +# *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +# *** Do not edit by hand unless you're certain you know what you are doing! *** + +import copy +import warnings +import sys +import pulumi +import pulumi.runtime +from typing import Any, Mapping, Optional, Sequence, Union, overload +if sys.version_info >= (3, 11): + from typing import NotRequired, TypedDict, TypeAlias +else: + from typing_extensions import NotRequired, TypedDict, TypeAlias +from .. import _utilities + +__all__ = ['InstanceTemplateIamPolicyArgs', 'InstanceTemplateIamPolicy'] + +@pulumi.input_type +class InstanceTemplateIamPolicyArgs: + def __init__(__self__, *, + policy_data: pulumi.Input[str], + name: Optional[pulumi.Input[str]] = None, + project: Optional[pulumi.Input[str]] = None): + """ + The set of arguments for constructing a InstanceTemplateIamPolicy resource. + :param pulumi.Input[str] policy_data: The policy data generated by + a `organizations_get_iam_policy` data source. + :param pulumi.Input[str] name: Used to find the parent resource to bind the IAM policy to + :param pulumi.Input[str] project: The ID of the project in which the resource belongs. + If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + """ + pulumi.set(__self__, "policy_data", policy_data) + if name is not None: + pulumi.set(__self__, "name", name) + if project is not None: + pulumi.set(__self__, "project", project) + + @property + @pulumi.getter(name="policyData") + def policy_data(self) -> pulumi.Input[str]: + """ + The policy data generated by + a `organizations_get_iam_policy` data source. + """ + return pulumi.get(self, "policy_data") + + @policy_data.setter + def policy_data(self, value: pulumi.Input[str]): + pulumi.set(self, "policy_data", value) + + @property + @pulumi.getter + def name(self) -> Optional[pulumi.Input[str]]: + """ + Used to find the parent resource to bind the IAM policy to + """ + return pulumi.get(self, "name") + + @name.setter + def name(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "name", value) + + @property + @pulumi.getter + def project(self) -> Optional[pulumi.Input[str]]: + """ + The ID of the project in which the resource belongs. + If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + """ + return pulumi.get(self, "project") + + @project.setter + def project(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "project", value) + + +@pulumi.input_type +class _InstanceTemplateIamPolicyState: + def __init__(__self__, *, + etag: Optional[pulumi.Input[str]] = None, + name: Optional[pulumi.Input[str]] = None, + policy_data: Optional[pulumi.Input[str]] = None, + project: Optional[pulumi.Input[str]] = None): + """ + Input properties used for looking up and filtering InstanceTemplateIamPolicy resources. + :param pulumi.Input[str] etag: (Computed) The etag of the IAM policy. + :param pulumi.Input[str] name: Used to find the parent resource to bind the IAM policy to + :param pulumi.Input[str] policy_data: The policy data generated by + a `organizations_get_iam_policy` data source. + :param pulumi.Input[str] project: The ID of the project in which the resource belongs. + If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + """ + if etag is not None: + pulumi.set(__self__, "etag", etag) + if name is not None: + pulumi.set(__self__, "name", name) + if policy_data is not None: + pulumi.set(__self__, "policy_data", policy_data) + if project is not None: + pulumi.set(__self__, "project", project) + + @property + @pulumi.getter + def etag(self) -> Optional[pulumi.Input[str]]: + """ + (Computed) The etag of the IAM policy. + """ + return pulumi.get(self, "etag") + + @etag.setter + def etag(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "etag", value) + + @property + @pulumi.getter + def name(self) -> Optional[pulumi.Input[str]]: + """ + Used to find the parent resource to bind the IAM policy to + """ + return pulumi.get(self, "name") + + @name.setter + def name(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "name", value) + + @property + @pulumi.getter(name="policyData") + def policy_data(self) -> Optional[pulumi.Input[str]]: + """ + The policy data generated by + a `organizations_get_iam_policy` data source. + """ + return pulumi.get(self, "policy_data") + + @policy_data.setter + def policy_data(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "policy_data", value) + + @property + @pulumi.getter + def project(self) -> Optional[pulumi.Input[str]]: + """ + The ID of the project in which the resource belongs. + If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + """ + return pulumi.get(self, "project") + + @project.setter + def project(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "project", value) + + +class InstanceTemplateIamPolicy(pulumi.CustomResource): + @overload + def __init__(__self__, + resource_name: str, + opts: Optional[pulumi.ResourceOptions] = None, + name: Optional[pulumi.Input[str]] = None, + policy_data: Optional[pulumi.Input[str]] = None, + project: Optional[pulumi.Input[str]] = None, + __props__=None): + """ + Three different resources help you manage your IAM policy for Compute Engine InstanceTemplate. Each of these resources serves a different use case: + + * `compute.InstanceTemplateIamPolicy`: Authoritative. Sets the IAM policy for the instancetemplate and replaces any existing policy already attached. + * `compute.InstanceTemplateIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the instancetemplate are preserved. + * `compute.InstanceTemplateIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the instancetemplate are preserved. + + A data source can be used to retrieve policy data in advent you do not need creation + + * `compute.InstanceTemplateIamPolicy`: Retrieves the IAM policy for the instancetemplate + + > **Note:** `compute.InstanceTemplateIamPolicy` **cannot** be used in conjunction with `compute.InstanceTemplateIamBinding` and `compute.InstanceTemplateIamMember` or they will fight over what your policy should be. + + > **Note:** `compute.InstanceTemplateIamBinding` resources **can be** used in conjunction with `compute.InstanceTemplateIamMember` resources **only if** they do not grant privilege to the same role. + + > **Note:** This resource supports IAM Conditions but they have some known limitations which can be found [here](https://cloud.google.com/iam/docs/conditions-overview#limitations). Please review this article if you are having issues with IAM Conditions. + + ## compute.InstanceTemplateIamPolicy + + ```python + import pulumi + import pulumi_gcp as gcp + + admin = gcp.organizations.get_iam_policy(bindings=[{ + "role": "roles/compute.instanceAdmin", + "members": ["user:jane@example.com"], + }]) + policy = gcp.compute.InstanceTemplateIamPolicy("policy", + project=default["project"], + name=default["name"], + policy_data=admin.policy_data) + ``` + + With IAM Conditions: + + ```python + import pulumi + import pulumi_gcp as gcp + + admin = gcp.organizations.get_iam_policy(bindings=[{ + "role": "roles/compute.instanceAdmin", + "members": ["user:jane@example.com"], + "condition": { + "title": "expires_after_2019_12_31", + "description": "Expiring at midnight of 2019-12-31", + "expression": "request.time < timestamp(\\"2020-01-01T00:00:00Z\\")", + }, + }]) + policy = gcp.compute.InstanceTemplateIamPolicy("policy", + project=default["project"], + name=default["name"], + policy_data=admin.policy_data) + ``` + ## compute.InstanceTemplateIamBinding + + ```python + import pulumi + import pulumi_gcp as gcp + + binding = gcp.compute.InstanceTemplateIamBinding("binding", + project=default["project"], + name=default["name"], + role="roles/compute.instanceAdmin", + members=["user:jane@example.com"]) + ``` + + With IAM Conditions: + + ```python + import pulumi + import pulumi_gcp as gcp + + binding = gcp.compute.InstanceTemplateIamBinding("binding", + project=default["project"], + name=default["name"], + role="roles/compute.instanceAdmin", + members=["user:jane@example.com"], + condition={ + "title": "expires_after_2019_12_31", + "description": "Expiring at midnight of 2019-12-31", + "expression": "request.time < timestamp(\\"2020-01-01T00:00:00Z\\")", + }) + ``` + ## compute.InstanceTemplateIamMember + + ```python + import pulumi + import pulumi_gcp as gcp + + member = gcp.compute.InstanceTemplateIamMember("member", + project=default["project"], + name=default["name"], + role="roles/compute.instanceAdmin", + member="user:jane@example.com") + ``` + + With IAM Conditions: + + ```python + import pulumi + import pulumi_gcp as gcp + + member = gcp.compute.InstanceTemplateIamMember("member", + project=default["project"], + name=default["name"], + role="roles/compute.instanceAdmin", + member="user:jane@example.com", + condition={ + "title": "expires_after_2019_12_31", + "description": "Expiring at midnight of 2019-12-31", + "expression": "request.time < timestamp(\\"2020-01-01T00:00:00Z\\")", + }) + ``` + + ## This resource supports User Project Overrides. + + - + + # IAM policy for Compute Engine InstanceTemplate + Three different resources help you manage your IAM policy for Compute Engine InstanceTemplate. Each of these resources serves a different use case: + + * `compute.InstanceTemplateIamPolicy`: Authoritative. Sets the IAM policy for the instancetemplate and replaces any existing policy already attached. + * `compute.InstanceTemplateIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the instancetemplate are preserved. + * `compute.InstanceTemplateIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the instancetemplate are preserved. + + A data source can be used to retrieve policy data in advent you do not need creation + + * `compute.InstanceTemplateIamPolicy`: Retrieves the IAM policy for the instancetemplate + + > **Note:** `compute.InstanceTemplateIamPolicy` **cannot** be used in conjunction with `compute.InstanceTemplateIamBinding` and `compute.InstanceTemplateIamMember` or they will fight over what your policy should be. + + > **Note:** `compute.InstanceTemplateIamBinding` resources **can be** used in conjunction with `compute.InstanceTemplateIamMember` resources **only if** they do not grant privilege to the same role. + + > **Note:** This resource supports IAM Conditions but they have some known limitations which can be found [here](https://cloud.google.com/iam/docs/conditions-overview#limitations). Please review this article if you are having issues with IAM Conditions. + + ## compute.InstanceTemplateIamPolicy + + ```python + import pulumi + import pulumi_gcp as gcp + + admin = gcp.organizations.get_iam_policy(bindings=[{ + "role": "roles/compute.instanceAdmin", + "members": ["user:jane@example.com"], + }]) + policy = gcp.compute.InstanceTemplateIamPolicy("policy", + project=default["project"], + name=default["name"], + policy_data=admin.policy_data) + ``` + + With IAM Conditions: + + ```python + import pulumi + import pulumi_gcp as gcp + + admin = gcp.organizations.get_iam_policy(bindings=[{ + "role": "roles/compute.instanceAdmin", + "members": ["user:jane@example.com"], + "condition": { + "title": "expires_after_2019_12_31", + "description": "Expiring at midnight of 2019-12-31", + "expression": "request.time < timestamp(\\"2020-01-01T00:00:00Z\\")", + }, + }]) + policy = gcp.compute.InstanceTemplateIamPolicy("policy", + project=default["project"], + name=default["name"], + policy_data=admin.policy_data) + ``` + ## compute.InstanceTemplateIamBinding + + ```python + import pulumi + import pulumi_gcp as gcp + + binding = gcp.compute.InstanceTemplateIamBinding("binding", + project=default["project"], + name=default["name"], + role="roles/compute.instanceAdmin", + members=["user:jane@example.com"]) + ``` + + With IAM Conditions: + + ```python + import pulumi + import pulumi_gcp as gcp + + binding = gcp.compute.InstanceTemplateIamBinding("binding", + project=default["project"], + name=default["name"], + role="roles/compute.instanceAdmin", + members=["user:jane@example.com"], + condition={ + "title": "expires_after_2019_12_31", + "description": "Expiring at midnight of 2019-12-31", + "expression": "request.time < timestamp(\\"2020-01-01T00:00:00Z\\")", + }) + ``` + ## compute.InstanceTemplateIamMember + + ```python + import pulumi + import pulumi_gcp as gcp + + member = gcp.compute.InstanceTemplateIamMember("member", + project=default["project"], + name=default["name"], + role="roles/compute.instanceAdmin", + member="user:jane@example.com") + ``` + + With IAM Conditions: + + ```python + import pulumi + import pulumi_gcp as gcp + + member = gcp.compute.InstanceTemplateIamMember("member", + project=default["project"], + name=default["name"], + role="roles/compute.instanceAdmin", + member="user:jane@example.com", + condition={ + "title": "expires_after_2019_12_31", + "description": "Expiring at midnight of 2019-12-31", + "expression": "request.time < timestamp(\\"2020-01-01T00:00:00Z\\")", + }) + ``` + + ## Import + + For all import syntaxes, the "resource in question" can take any of the following forms: + + * projects/{{project}}/global/instanceTemplates/{{name}} + + * {{project}}/{{name}} + + * {{name}} + + Any variables not passed in the import command will be taken from the provider configuration. + + Compute Engine instancetemplate IAM resources can be imported using the resource identifiers, role, and member. + + IAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g. + + ```sh + $ pulumi import gcp:compute/instanceTemplateIamPolicy:InstanceTemplateIamPolicy editor "projects/{{project}}/global/instanceTemplates/{{instance_template}} roles/compute.instanceAdmin user:jane@example.com" + ``` + + IAM binding imports use space-delimited identifiers: the resource in question and the role, e.g. + + ```sh + $ pulumi import gcp:compute/instanceTemplateIamPolicy:InstanceTemplateIamPolicy editor "projects/{{project}}/global/instanceTemplates/{{instance_template}} roles/compute.instanceAdmin" + ``` + + IAM policy imports use the identifier of the resource in question, e.g. + + ```sh + $ pulumi import gcp:compute/instanceTemplateIamPolicy:InstanceTemplateIamPolicy editor projects/{{project}}/global/instanceTemplates/{{instance_template}} + ``` + + -> **Custom Roles** If you're importing a IAM resource with a custom role, make sure to use the + + full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`. + + :param str resource_name: The name of the resource. + :param pulumi.ResourceOptions opts: Options for the resource. + :param pulumi.Input[str] name: Used to find the parent resource to bind the IAM policy to + :param pulumi.Input[str] policy_data: The policy data generated by + a `organizations_get_iam_policy` data source. + :param pulumi.Input[str] project: The ID of the project in which the resource belongs. + If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + """ + ... + @overload + def __init__(__self__, + resource_name: str, + args: InstanceTemplateIamPolicyArgs, + opts: Optional[pulumi.ResourceOptions] = None): + """ + Three different resources help you manage your IAM policy for Compute Engine InstanceTemplate. Each of these resources serves a different use case: + + * `compute.InstanceTemplateIamPolicy`: Authoritative. Sets the IAM policy for the instancetemplate and replaces any existing policy already attached. + * `compute.InstanceTemplateIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the instancetemplate are preserved. + * `compute.InstanceTemplateIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the instancetemplate are preserved. + + A data source can be used to retrieve policy data in advent you do not need creation + + * `compute.InstanceTemplateIamPolicy`: Retrieves the IAM policy for the instancetemplate + + > **Note:** `compute.InstanceTemplateIamPolicy` **cannot** be used in conjunction with `compute.InstanceTemplateIamBinding` and `compute.InstanceTemplateIamMember` or they will fight over what your policy should be. + + > **Note:** `compute.InstanceTemplateIamBinding` resources **can be** used in conjunction with `compute.InstanceTemplateIamMember` resources **only if** they do not grant privilege to the same role. + + > **Note:** This resource supports IAM Conditions but they have some known limitations which can be found [here](https://cloud.google.com/iam/docs/conditions-overview#limitations). Please review this article if you are having issues with IAM Conditions. + + ## compute.InstanceTemplateIamPolicy + + ```python + import pulumi + import pulumi_gcp as gcp + + admin = gcp.organizations.get_iam_policy(bindings=[{ + "role": "roles/compute.instanceAdmin", + "members": ["user:jane@example.com"], + }]) + policy = gcp.compute.InstanceTemplateIamPolicy("policy", + project=default["project"], + name=default["name"], + policy_data=admin.policy_data) + ``` + + With IAM Conditions: + + ```python + import pulumi + import pulumi_gcp as gcp + + admin = gcp.organizations.get_iam_policy(bindings=[{ + "role": "roles/compute.instanceAdmin", + "members": ["user:jane@example.com"], + "condition": { + "title": "expires_after_2019_12_31", + "description": "Expiring at midnight of 2019-12-31", + "expression": "request.time < timestamp(\\"2020-01-01T00:00:00Z\\")", + }, + }]) + policy = gcp.compute.InstanceTemplateIamPolicy("policy", + project=default["project"], + name=default["name"], + policy_data=admin.policy_data) + ``` + ## compute.InstanceTemplateIamBinding + + ```python + import pulumi + import pulumi_gcp as gcp + + binding = gcp.compute.InstanceTemplateIamBinding("binding", + project=default["project"], + name=default["name"], + role="roles/compute.instanceAdmin", + members=["user:jane@example.com"]) + ``` + + With IAM Conditions: + + ```python + import pulumi + import pulumi_gcp as gcp + + binding = gcp.compute.InstanceTemplateIamBinding("binding", + project=default["project"], + name=default["name"], + role="roles/compute.instanceAdmin", + members=["user:jane@example.com"], + condition={ + "title": "expires_after_2019_12_31", + "description": "Expiring at midnight of 2019-12-31", + "expression": "request.time < timestamp(\\"2020-01-01T00:00:00Z\\")", + }) + ``` + ## compute.InstanceTemplateIamMember + + ```python + import pulumi + import pulumi_gcp as gcp + + member = gcp.compute.InstanceTemplateIamMember("member", + project=default["project"], + name=default["name"], + role="roles/compute.instanceAdmin", + member="user:jane@example.com") + ``` + + With IAM Conditions: + + ```python + import pulumi + import pulumi_gcp as gcp + + member = gcp.compute.InstanceTemplateIamMember("member", + project=default["project"], + name=default["name"], + role="roles/compute.instanceAdmin", + member="user:jane@example.com", + condition={ + "title": "expires_after_2019_12_31", + "description": "Expiring at midnight of 2019-12-31", + "expression": "request.time < timestamp(\\"2020-01-01T00:00:00Z\\")", + }) + ``` + + ## This resource supports User Project Overrides. + + - + + # IAM policy for Compute Engine InstanceTemplate + Three different resources help you manage your IAM policy for Compute Engine InstanceTemplate. Each of these resources serves a different use case: + + * `compute.InstanceTemplateIamPolicy`: Authoritative. Sets the IAM policy for the instancetemplate and replaces any existing policy already attached. + * `compute.InstanceTemplateIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the instancetemplate are preserved. + * `compute.InstanceTemplateIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the instancetemplate are preserved. + + A data source can be used to retrieve policy data in advent you do not need creation + + * `compute.InstanceTemplateIamPolicy`: Retrieves the IAM policy for the instancetemplate + + > **Note:** `compute.InstanceTemplateIamPolicy` **cannot** be used in conjunction with `compute.InstanceTemplateIamBinding` and `compute.InstanceTemplateIamMember` or they will fight over what your policy should be. + + > **Note:** `compute.InstanceTemplateIamBinding` resources **can be** used in conjunction with `compute.InstanceTemplateIamMember` resources **only if** they do not grant privilege to the same role. + + > **Note:** This resource supports IAM Conditions but they have some known limitations which can be found [here](https://cloud.google.com/iam/docs/conditions-overview#limitations). Please review this article if you are having issues with IAM Conditions. + + ## compute.InstanceTemplateIamPolicy + + ```python + import pulumi + import pulumi_gcp as gcp + + admin = gcp.organizations.get_iam_policy(bindings=[{ + "role": "roles/compute.instanceAdmin", + "members": ["user:jane@example.com"], + }]) + policy = gcp.compute.InstanceTemplateIamPolicy("policy", + project=default["project"], + name=default["name"], + policy_data=admin.policy_data) + ``` + + With IAM Conditions: + + ```python + import pulumi + import pulumi_gcp as gcp + + admin = gcp.organizations.get_iam_policy(bindings=[{ + "role": "roles/compute.instanceAdmin", + "members": ["user:jane@example.com"], + "condition": { + "title": "expires_after_2019_12_31", + "description": "Expiring at midnight of 2019-12-31", + "expression": "request.time < timestamp(\\"2020-01-01T00:00:00Z\\")", + }, + }]) + policy = gcp.compute.InstanceTemplateIamPolicy("policy", + project=default["project"], + name=default["name"], + policy_data=admin.policy_data) + ``` + ## compute.InstanceTemplateIamBinding + + ```python + import pulumi + import pulumi_gcp as gcp + + binding = gcp.compute.InstanceTemplateIamBinding("binding", + project=default["project"], + name=default["name"], + role="roles/compute.instanceAdmin", + members=["user:jane@example.com"]) + ``` + + With IAM Conditions: + + ```python + import pulumi + import pulumi_gcp as gcp + + binding = gcp.compute.InstanceTemplateIamBinding("binding", + project=default["project"], + name=default["name"], + role="roles/compute.instanceAdmin", + members=["user:jane@example.com"], + condition={ + "title": "expires_after_2019_12_31", + "description": "Expiring at midnight of 2019-12-31", + "expression": "request.time < timestamp(\\"2020-01-01T00:00:00Z\\")", + }) + ``` + ## compute.InstanceTemplateIamMember + + ```python + import pulumi + import pulumi_gcp as gcp + + member = gcp.compute.InstanceTemplateIamMember("member", + project=default["project"], + name=default["name"], + role="roles/compute.instanceAdmin", + member="user:jane@example.com") + ``` + + With IAM Conditions: + + ```python + import pulumi + import pulumi_gcp as gcp + + member = gcp.compute.InstanceTemplateIamMember("member", + project=default["project"], + name=default["name"], + role="roles/compute.instanceAdmin", + member="user:jane@example.com", + condition={ + "title": "expires_after_2019_12_31", + "description": "Expiring at midnight of 2019-12-31", + "expression": "request.time < timestamp(\\"2020-01-01T00:00:00Z\\")", + }) + ``` + + ## Import + + For all import syntaxes, the "resource in question" can take any of the following forms: + + * projects/{{project}}/global/instanceTemplates/{{name}} + + * {{project}}/{{name}} + + * {{name}} + + Any variables not passed in the import command will be taken from the provider configuration. + + Compute Engine instancetemplate IAM resources can be imported using the resource identifiers, role, and member. + + IAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g. + + ```sh + $ pulumi import gcp:compute/instanceTemplateIamPolicy:InstanceTemplateIamPolicy editor "projects/{{project}}/global/instanceTemplates/{{instance_template}} roles/compute.instanceAdmin user:jane@example.com" + ``` + + IAM binding imports use space-delimited identifiers: the resource in question and the role, e.g. + + ```sh + $ pulumi import gcp:compute/instanceTemplateIamPolicy:InstanceTemplateIamPolicy editor "projects/{{project}}/global/instanceTemplates/{{instance_template}} roles/compute.instanceAdmin" + ``` + + IAM policy imports use the identifier of the resource in question, e.g. + + ```sh + $ pulumi import gcp:compute/instanceTemplateIamPolicy:InstanceTemplateIamPolicy editor projects/{{project}}/global/instanceTemplates/{{instance_template}} + ``` + + -> **Custom Roles** If you're importing a IAM resource with a custom role, make sure to use the + + full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`. + + :param str resource_name: The name of the resource. + :param InstanceTemplateIamPolicyArgs args: The arguments to use to populate this resource's properties. + :param pulumi.ResourceOptions opts: Options for the resource. + """ + ... + def __init__(__self__, resource_name: str, *args, **kwargs): + resource_args, opts = _utilities.get_resource_args_opts(InstanceTemplateIamPolicyArgs, pulumi.ResourceOptions, *args, **kwargs) + if resource_args is not None: + __self__._internal_init(resource_name, opts, **resource_args.__dict__) + else: + __self__._internal_init(resource_name, *args, **kwargs) + + def _internal_init(__self__, + resource_name: str, + opts: Optional[pulumi.ResourceOptions] = None, + name: Optional[pulumi.Input[str]] = None, + policy_data: Optional[pulumi.Input[str]] = None, + project: Optional[pulumi.Input[str]] = None, + __props__=None): + opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts) + if not isinstance(opts, pulumi.ResourceOptions): + raise TypeError('Expected resource options to be a ResourceOptions instance') + if opts.id is None: + if __props__ is not None: + raise TypeError('__props__ is only valid when passed in combination with a valid opts.id to get an existing resource') + __props__ = InstanceTemplateIamPolicyArgs.__new__(InstanceTemplateIamPolicyArgs) + + __props__.__dict__["name"] = name + if policy_data is None and not opts.urn: + raise TypeError("Missing required property 'policy_data'") + __props__.__dict__["policy_data"] = policy_data + __props__.__dict__["project"] = project + __props__.__dict__["etag"] = None + super(InstanceTemplateIamPolicy, __self__).__init__( + 'gcp:compute/instanceTemplateIamPolicy:InstanceTemplateIamPolicy', + resource_name, + __props__, + opts) + + @staticmethod + def get(resource_name: str, + id: pulumi.Input[str], + opts: Optional[pulumi.ResourceOptions] = None, + etag: Optional[pulumi.Input[str]] = None, + name: Optional[pulumi.Input[str]] = None, + policy_data: Optional[pulumi.Input[str]] = None, + project: Optional[pulumi.Input[str]] = None) -> 'InstanceTemplateIamPolicy': + """ + Get an existing InstanceTemplateIamPolicy resource's state with the given name, id, and optional extra + properties used to qualify the lookup. + + :param str resource_name: The unique name of the resulting resource. + :param pulumi.Input[str] id: The unique provider ID of the resource to lookup. + :param pulumi.ResourceOptions opts: Options for the resource. + :param pulumi.Input[str] etag: (Computed) The etag of the IAM policy. + :param pulumi.Input[str] name: Used to find the parent resource to bind the IAM policy to + :param pulumi.Input[str] policy_data: The policy data generated by + a `organizations_get_iam_policy` data source. + :param pulumi.Input[str] project: The ID of the project in which the resource belongs. + If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + """ + opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id)) + + __props__ = _InstanceTemplateIamPolicyState.__new__(_InstanceTemplateIamPolicyState) + + __props__.__dict__["etag"] = etag + __props__.__dict__["name"] = name + __props__.__dict__["policy_data"] = policy_data + __props__.__dict__["project"] = project + return InstanceTemplateIamPolicy(resource_name, opts=opts, __props__=__props__) + + @property + @pulumi.getter + def etag(self) -> pulumi.Output[str]: + """ + (Computed) The etag of the IAM policy. + """ + return pulumi.get(self, "etag") + + @property + @pulumi.getter + def name(self) -> pulumi.Output[str]: + """ + Used to find the parent resource to bind the IAM policy to + """ + return pulumi.get(self, "name") + + @property + @pulumi.getter(name="policyData") + def policy_data(self) -> pulumi.Output[str]: + """ + The policy data generated by + a `organizations_get_iam_policy` data source. + """ + return pulumi.get(self, "policy_data") + + @property + @pulumi.getter + def project(self) -> pulumi.Output[str]: + """ + The ID of the project in which the resource belongs. + If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + """ + return pulumi.get(self, "project") + diff --git a/sdk/python/pulumi_gcp/compute/interconnect_attachment.py b/sdk/python/pulumi_gcp/compute/interconnect_attachment.py index 56bb7bcbb1..88355cdc29 100644 --- a/sdk/python/pulumi_gcp/compute/interconnect_attachment.py +++ b/sdk/python/pulumi_gcp/compute/interconnect_attachment.py @@ -30,6 +30,7 @@ def __init__(__self__, *, encryption: Optional[pulumi.Input[str]] = None, interconnect: Optional[pulumi.Input[str]] = None, ipsec_internal_addresses: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, + labels: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None, mtu: Optional[pulumi.Input[str]] = None, name: Optional[pulumi.Input[str]] = None, project: Optional[pulumi.Input[str]] = None, @@ -97,6 +98,11 @@ def __init__(__self__, *, encryption option as IPSEC, later on when creating HA VPN gateway on this interconnect attachment, the HA VPN gateway's IP address will be allocated from regional external IP address pool. + :param pulumi.Input[Mapping[str, pulumi.Input[str]]] labels: Labels for this resource. These can only be added or modified by the setLabels + method. Each label key/value pair must comply with RFC1035. Label values may be empty. + + **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. + Please refer to the field `effective_labels` for all of the labels present on the resource. :param pulumi.Input[str] mtu: Maximum Transmission Unit (MTU), in bytes, of packets passing through this interconnect attachment. Currently, only 1440 and 1500 are allowed. If not specified, the value will default to 1440. :param pulumi.Input[str] name: Name of the resource. Provided by the client when the resource is created. The @@ -145,6 +151,8 @@ def __init__(__self__, *, pulumi.set(__self__, "interconnect", interconnect) if ipsec_internal_addresses is not None: pulumi.set(__self__, "ipsec_internal_addresses", ipsec_internal_addresses) + if labels is not None: + pulumi.set(__self__, "labels", labels) if mtu is not None: pulumi.set(__self__, "mtu", mtu) if name is not None: @@ -318,6 +326,22 @@ def ipsec_internal_addresses(self) -> Optional[pulumi.Input[Sequence[pulumi.Inpu def ipsec_internal_addresses(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): pulumi.set(self, "ipsec_internal_addresses", value) + @property + @pulumi.getter + def labels(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]: + """ + Labels for this resource. These can only be added or modified by the setLabels + method. Each label key/value pair must comply with RFC1035. Label values may be empty. + + **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. + Please refer to the field `effective_labels` for all of the labels present on the resource. + """ + return pulumi.get(self, "labels") + + @labels.setter + def labels(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]): + pulumi.set(self, "labels", value) + @property @pulumi.getter def mtu(self) -> Optional[pulumi.Input[str]]: @@ -450,16 +474,20 @@ def __init__(__self__, *, customer_router_ipv6_address: Optional[pulumi.Input[str]] = None, description: Optional[pulumi.Input[str]] = None, edge_availability_domain: Optional[pulumi.Input[str]] = None, + effective_labels: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None, encryption: Optional[pulumi.Input[str]] = None, google_reference_id: Optional[pulumi.Input[str]] = None, interconnect: Optional[pulumi.Input[str]] = None, ipsec_internal_addresses: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, + label_fingerprint: Optional[pulumi.Input[str]] = None, + labels: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None, mtu: Optional[pulumi.Input[str]] = None, name: Optional[pulumi.Input[str]] = None, pairing_key: Optional[pulumi.Input[str]] = None, partner_asn: Optional[pulumi.Input[str]] = None, private_interconnect_infos: Optional[pulumi.Input[Sequence[pulumi.Input['InterconnectAttachmentPrivateInterconnectInfoArgs']]]] = None, project: Optional[pulumi.Input[str]] = None, + pulumi_labels: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None, region: Optional[pulumi.Input[str]] = None, router: Optional[pulumi.Input[str]] = None, self_link: Optional[pulumi.Input[str]] = None, @@ -501,6 +529,7 @@ def __init__(__self__, *, selected availability domain will be provided to the Partner via the pairing key so that the provisioned circuit will lie in the specified domain. If not specified, the value will default to AVAILABILITY_DOMAIN_ANY. + :param pulumi.Input[Mapping[str, pulumi.Input[str]]] effective_labels: All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. :param pulumi.Input[str] encryption: Indicates the user-supplied encryption option of this interconnect attachment. Can only be specified at attachment creation for PARTNER or DEDICATED attachments. @@ -534,6 +563,16 @@ def __init__(__self__, *, encryption option as IPSEC, later on when creating HA VPN gateway on this interconnect attachment, the HA VPN gateway's IP address will be allocated from regional external IP address pool. + :param pulumi.Input[str] label_fingerprint: A fingerprint for the labels being applied to this Interconnect, which is essentially a hash + of the labels set used for optimistic locking. The fingerprint is initially generated by + Compute Engine and changes after every request to modify or update labels. + You must always provide an up-to-date fingerprint hash in order to update or change labels, + otherwise the request will fail with error 412 conditionNotMet. + :param pulumi.Input[Mapping[str, pulumi.Input[str]]] labels: Labels for this resource. These can only be added or modified by the setLabels + method. Each label key/value pair must comply with RFC1035. Label values may be empty. + + **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. + Please refer to the field `effective_labels` for all of the labels present on the resource. :param pulumi.Input[str] mtu: Maximum Transmission Unit (MTU), in bytes, of packets passing through this interconnect attachment. Currently, only 1440 and 1500 are allowed. If not specified, the value will default to 1440. :param pulumi.Input[str] name: Name of the resource. Provided by the client when the resource is created. The @@ -556,6 +595,8 @@ def __init__(__self__, *, Structure is documented below. :param pulumi.Input[str] project: The ID of the project in which the resource belongs. If it is not provided, the provider project is used. + :param pulumi.Input[Mapping[str, pulumi.Input[str]]] pulumi_labels: The combination of labels configured directly on the resource + and default labels configured on the provider. :param pulumi.Input[str] region: Region where the regional interconnect attachment resides. :param pulumi.Input[str] router: URL of the cloud router to be used for dynamic routing. This router must be in the same region as this InterconnectAttachment. The InterconnectAttachment will @@ -600,6 +641,8 @@ def __init__(__self__, *, pulumi.set(__self__, "description", description) if edge_availability_domain is not None: pulumi.set(__self__, "edge_availability_domain", edge_availability_domain) + if effective_labels is not None: + pulumi.set(__self__, "effective_labels", effective_labels) if encryption is not None: pulumi.set(__self__, "encryption", encryption) if google_reference_id is not None: @@ -608,6 +651,10 @@ def __init__(__self__, *, pulumi.set(__self__, "interconnect", interconnect) if ipsec_internal_addresses is not None: pulumi.set(__self__, "ipsec_internal_addresses", ipsec_internal_addresses) + if label_fingerprint is not None: + pulumi.set(__self__, "label_fingerprint", label_fingerprint) + if labels is not None: + pulumi.set(__self__, "labels", labels) if mtu is not None: pulumi.set(__self__, "mtu", mtu) if name is not None: @@ -620,6 +667,8 @@ def __init__(__self__, *, pulumi.set(__self__, "private_interconnect_infos", private_interconnect_infos) if project is not None: pulumi.set(__self__, "project", project) + if pulumi_labels is not None: + pulumi.set(__self__, "pulumi_labels", pulumi_labels) if region is not None: pulumi.set(__self__, "region", region) if router is not None: @@ -778,6 +827,18 @@ def edge_availability_domain(self) -> Optional[pulumi.Input[str]]: def edge_availability_domain(self, value: Optional[pulumi.Input[str]]): pulumi.set(self, "edge_availability_domain", value) + @property + @pulumi.getter(name="effectiveLabels") + def effective_labels(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]: + """ + All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. + """ + return pulumi.get(self, "effective_labels") + + @effective_labels.setter + def effective_labels(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]): + pulumi.set(self, "effective_labels", value) + @property @pulumi.getter def encryption(self) -> Optional[pulumi.Input[str]]: @@ -855,6 +916,38 @@ def ipsec_internal_addresses(self) -> Optional[pulumi.Input[Sequence[pulumi.Inpu def ipsec_internal_addresses(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): pulumi.set(self, "ipsec_internal_addresses", value) + @property + @pulumi.getter(name="labelFingerprint") + def label_fingerprint(self) -> Optional[pulumi.Input[str]]: + """ + A fingerprint for the labels being applied to this Interconnect, which is essentially a hash + of the labels set used for optimistic locking. The fingerprint is initially generated by + Compute Engine and changes after every request to modify or update labels. + You must always provide an up-to-date fingerprint hash in order to update or change labels, + otherwise the request will fail with error 412 conditionNotMet. + """ + return pulumi.get(self, "label_fingerprint") + + @label_fingerprint.setter + def label_fingerprint(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "label_fingerprint", value) + + @property + @pulumi.getter + def labels(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]: + """ + Labels for this resource. These can only be added or modified by the setLabels + method. Each label key/value pair must comply with RFC1035. Label values may be empty. + + **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. + Please refer to the field `effective_labels` for all of the labels present on the resource. + """ + return pulumi.get(self, "labels") + + @labels.setter + def labels(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]): + pulumi.set(self, "labels", value) + @property @pulumi.getter def mtu(self) -> Optional[pulumi.Input[str]]: @@ -943,6 +1036,19 @@ def project(self) -> Optional[pulumi.Input[str]]: def project(self, value: Optional[pulumi.Input[str]]): pulumi.set(self, "project", value) + @property + @pulumi.getter(name="pulumiLabels") + def pulumi_labels(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]: + """ + The combination of labels configured directly on the resource + and default labels configured on the provider. + """ + return pulumi.get(self, "pulumi_labels") + + @pulumi_labels.setter + def pulumi_labels(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]): + pulumi.set(self, "pulumi_labels", value) + @property @pulumi.getter def region(self) -> Optional[pulumi.Input[str]]: @@ -1068,6 +1174,7 @@ def __init__(__self__, encryption: Optional[pulumi.Input[str]] = None, interconnect: Optional[pulumi.Input[str]] = None, ipsec_internal_addresses: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, + labels: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None, mtu: Optional[pulumi.Input[str]] = None, name: Optional[pulumi.Input[str]] = None, project: Optional[pulumi.Input[str]] = None, @@ -1104,7 +1211,10 @@ def __init__(__self__, edge_availability_domain="AVAILABILITY_DOMAIN_1", type="PARTNER", router=foobar.id, - mtu="1500") + mtu="1500", + labels={ + "mykey": "myvalue", + }) ``` ### Compute Interconnect Attachment Ipsec Encryption @@ -1223,6 +1333,11 @@ def __init__(__self__, encryption option as IPSEC, later on when creating HA VPN gateway on this interconnect attachment, the HA VPN gateway's IP address will be allocated from regional external IP address pool. + :param pulumi.Input[Mapping[str, pulumi.Input[str]]] labels: Labels for this resource. These can only be added or modified by the setLabels + method. Each label key/value pair must comply with RFC1035. Label values may be empty. + + **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. + Please refer to the field `effective_labels` for all of the labels present on the resource. :param pulumi.Input[str] mtu: Maximum Transmission Unit (MTU), in bytes, of packets passing through this interconnect attachment. Currently, only 1440 and 1500 are allowed. If not specified, the value will default to 1440. :param pulumi.Input[str] name: Name of the resource. Provided by the client when the resource is created. The @@ -1290,7 +1405,10 @@ def __init__(__self__, edge_availability_domain="AVAILABILITY_DOMAIN_1", type="PARTNER", router=foobar.id, - mtu="1500") + mtu="1500", + labels={ + "mykey": "myvalue", + }) ``` ### Compute Interconnect Attachment Ipsec Encryption @@ -1377,6 +1495,7 @@ def _internal_init(__self__, encryption: Optional[pulumi.Input[str]] = None, interconnect: Optional[pulumi.Input[str]] = None, ipsec_internal_addresses: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, + labels: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None, mtu: Optional[pulumi.Input[str]] = None, name: Optional[pulumi.Input[str]] = None, project: Optional[pulumi.Input[str]] = None, @@ -1403,6 +1522,7 @@ def _internal_init(__self__, __props__.__dict__["encryption"] = encryption __props__.__dict__["interconnect"] = interconnect __props__.__dict__["ipsec_internal_addresses"] = ipsec_internal_addresses + __props__.__dict__["labels"] = labels __props__.__dict__["mtu"] = mtu __props__.__dict__["name"] = name __props__.__dict__["project"] = project @@ -1419,12 +1539,17 @@ def _internal_init(__self__, __props__.__dict__["creation_timestamp"] = None __props__.__dict__["customer_router_ip_address"] = None __props__.__dict__["customer_router_ipv6_address"] = None + __props__.__dict__["effective_labels"] = None __props__.__dict__["google_reference_id"] = None + __props__.__dict__["label_fingerprint"] = None __props__.__dict__["pairing_key"] = None __props__.__dict__["partner_asn"] = None __props__.__dict__["private_interconnect_infos"] = None + __props__.__dict__["pulumi_labels"] = None __props__.__dict__["self_link"] = None __props__.__dict__["state"] = None + secret_opts = pulumi.ResourceOptions(additional_secret_outputs=["effectiveLabels", "pulumiLabels"]) + opts = pulumi.ResourceOptions.merge(opts, secret_opts) super(InterconnectAttachment, __self__).__init__( 'gcp:compute/interconnectAttachment:InterconnectAttachment', resource_name, @@ -1445,16 +1570,20 @@ def get(resource_name: str, customer_router_ipv6_address: Optional[pulumi.Input[str]] = None, description: Optional[pulumi.Input[str]] = None, edge_availability_domain: Optional[pulumi.Input[str]] = None, + effective_labels: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None, encryption: Optional[pulumi.Input[str]] = None, google_reference_id: Optional[pulumi.Input[str]] = None, interconnect: Optional[pulumi.Input[str]] = None, ipsec_internal_addresses: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, + label_fingerprint: Optional[pulumi.Input[str]] = None, + labels: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None, mtu: Optional[pulumi.Input[str]] = None, name: Optional[pulumi.Input[str]] = None, pairing_key: Optional[pulumi.Input[str]] = None, partner_asn: Optional[pulumi.Input[str]] = None, private_interconnect_infos: Optional[pulumi.Input[Sequence[pulumi.Input[Union['InterconnectAttachmentPrivateInterconnectInfoArgs', 'InterconnectAttachmentPrivateInterconnectInfoArgsDict']]]]] = None, project: Optional[pulumi.Input[str]] = None, + pulumi_labels: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None, region: Optional[pulumi.Input[str]] = None, router: Optional[pulumi.Input[str]] = None, self_link: Optional[pulumi.Input[str]] = None, @@ -1501,6 +1630,7 @@ def get(resource_name: str, selected availability domain will be provided to the Partner via the pairing key so that the provisioned circuit will lie in the specified domain. If not specified, the value will default to AVAILABILITY_DOMAIN_ANY. + :param pulumi.Input[Mapping[str, pulumi.Input[str]]] effective_labels: All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. :param pulumi.Input[str] encryption: Indicates the user-supplied encryption option of this interconnect attachment. Can only be specified at attachment creation for PARTNER or DEDICATED attachments. @@ -1534,6 +1664,16 @@ def get(resource_name: str, encryption option as IPSEC, later on when creating HA VPN gateway on this interconnect attachment, the HA VPN gateway's IP address will be allocated from regional external IP address pool. + :param pulumi.Input[str] label_fingerprint: A fingerprint for the labels being applied to this Interconnect, which is essentially a hash + of the labels set used for optimistic locking. The fingerprint is initially generated by + Compute Engine and changes after every request to modify or update labels. + You must always provide an up-to-date fingerprint hash in order to update or change labels, + otherwise the request will fail with error 412 conditionNotMet. + :param pulumi.Input[Mapping[str, pulumi.Input[str]]] labels: Labels for this resource. These can only be added or modified by the setLabels + method. Each label key/value pair must comply with RFC1035. Label values may be empty. + + **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. + Please refer to the field `effective_labels` for all of the labels present on the resource. :param pulumi.Input[str] mtu: Maximum Transmission Unit (MTU), in bytes, of packets passing through this interconnect attachment. Currently, only 1440 and 1500 are allowed. If not specified, the value will default to 1440. :param pulumi.Input[str] name: Name of the resource. Provided by the client when the resource is created. The @@ -1556,6 +1696,8 @@ def get(resource_name: str, Structure is documented below. :param pulumi.Input[str] project: The ID of the project in which the resource belongs. If it is not provided, the provider project is used. + :param pulumi.Input[Mapping[str, pulumi.Input[str]]] pulumi_labels: The combination of labels configured directly on the resource + and default labels configured on the provider. :param pulumi.Input[str] region: Region where the regional interconnect attachment resides. :param pulumi.Input[str] router: URL of the cloud router to be used for dynamic routing. This router must be in the same region as this InterconnectAttachment. The InterconnectAttachment will @@ -1594,16 +1736,20 @@ def get(resource_name: str, __props__.__dict__["customer_router_ipv6_address"] = customer_router_ipv6_address __props__.__dict__["description"] = description __props__.__dict__["edge_availability_domain"] = edge_availability_domain + __props__.__dict__["effective_labels"] = effective_labels __props__.__dict__["encryption"] = encryption __props__.__dict__["google_reference_id"] = google_reference_id __props__.__dict__["interconnect"] = interconnect __props__.__dict__["ipsec_internal_addresses"] = ipsec_internal_addresses + __props__.__dict__["label_fingerprint"] = label_fingerprint + __props__.__dict__["labels"] = labels __props__.__dict__["mtu"] = mtu __props__.__dict__["name"] = name __props__.__dict__["pairing_key"] = pairing_key __props__.__dict__["partner_asn"] = partner_asn __props__.__dict__["private_interconnect_infos"] = private_interconnect_infos __props__.__dict__["project"] = project + __props__.__dict__["pulumi_labels"] = pulumi_labels __props__.__dict__["region"] = region __props__.__dict__["router"] = router __props__.__dict__["self_link"] = self_link @@ -1715,6 +1861,14 @@ def edge_availability_domain(self) -> pulumi.Output[str]: """ return pulumi.get(self, "edge_availability_domain") + @property + @pulumi.getter(name="effectiveLabels") + def effective_labels(self) -> pulumi.Output[Mapping[str, str]]: + """ + All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. + """ + return pulumi.get(self, "effective_labels") + @property @pulumi.getter def encryption(self) -> pulumi.Output[Optional[str]]: @@ -1776,6 +1930,30 @@ def ipsec_internal_addresses(self) -> pulumi.Output[Optional[Sequence[str]]]: """ return pulumi.get(self, "ipsec_internal_addresses") + @property + @pulumi.getter(name="labelFingerprint") + def label_fingerprint(self) -> pulumi.Output[str]: + """ + A fingerprint for the labels being applied to this Interconnect, which is essentially a hash + of the labels set used for optimistic locking. The fingerprint is initially generated by + Compute Engine and changes after every request to modify or update labels. + You must always provide an up-to-date fingerprint hash in order to update or change labels, + otherwise the request will fail with error 412 conditionNotMet. + """ + return pulumi.get(self, "label_fingerprint") + + @property + @pulumi.getter + def labels(self) -> pulumi.Output[Optional[Mapping[str, str]]]: + """ + Labels for this resource. These can only be added or modified by the setLabels + method. Each label key/value pair must comply with RFC1035. Label values may be empty. + + **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. + Please refer to the field `effective_labels` for all of the labels present on the resource. + """ + return pulumi.get(self, "labels") + @property @pulumi.getter def mtu(self) -> pulumi.Output[str]: @@ -1840,6 +2018,15 @@ def project(self) -> pulumi.Output[str]: """ return pulumi.get(self, "project") + @property + @pulumi.getter(name="pulumiLabels") + def pulumi_labels(self) -> pulumi.Output[Mapping[str, str]]: + """ + The combination of labels configured directly on the resource + and default labels configured on the provider. + """ + return pulumi.get(self, "pulumi_labels") + @property @pulumi.getter def region(self) -> pulumi.Output[str]: diff --git a/sdk/python/pulumi_gcp/compute/network_firewall_policy_rule.py b/sdk/python/pulumi_gcp/compute/network_firewall_policy_rule.py index 301f1ca9b3..bc0e23a1d2 100644 --- a/sdk/python/pulumi_gcp/compute/network_firewall_policy_rule.py +++ b/sdk/python/pulumi_gcp/compute/network_firewall_policy_rule.py @@ -609,7 +609,7 @@ def __init__(__self__, import pulumi_gcp as gcp basic_global_networksecurity_address_group = gcp.networksecurity.AddressGroup("basic_global_networksecurity_address_group", - name="address", + name="address-group", parent="projects/my-project-name", description="Sample global networksecurity_address_group", location="global", @@ -617,7 +617,7 @@ def __init__(__self__, type="IPV4", capacity=100) basic_network_firewall_policy = gcp.compute.NetworkFirewallPolicy("basic_network_firewall_policy", - name="policy", + name="fw-policy", description="Sample global network firewall policy", project="my-project-name") basic_network = gcp.compute.Network("basic_network", name="network") @@ -625,14 +625,14 @@ def __init__(__self__, description="For keyname resources.", parent="organizations/123456789", purpose="GCE_FIREWALL", - short_name="tagkey", + short_name="tag-key", purpose_data={ "network": basic_network.name.apply(lambda name: f"my-project-name/{name}"), }) basic_value = gcp.tags.TagValue("basic_value", description="For valuename resources.", parent=basic_key.id, - short_name="tagvalue") + short_name="tag-value") primary = gcp.compute.NetworkFirewallPolicyRule("primary", action="allow", description="This is a simple rule description", @@ -644,6 +644,7 @@ def __init__(__self__, rule_name="test-rule", target_service_accounts=["my@service-account.com"], match={ + "src_address_groups": [basic_global_networksecurity_address_group.id], "src_ip_ranges": ["10.100.0.1/32"], "src_fqdns": ["google.com"], "src_region_codes": ["US"], @@ -654,7 +655,62 @@ def __init__(__self__, "layer4_configs": [{ "ip_protocol": "all", }], - "src_address_groups": [basic_global_networksecurity_address_group.id], + }) + ``` + ### Network Firewall Policy Rule Network Scope Egress + + ```python + import pulumi + import pulumi_gcp as gcp + + basic_network_firewall_policy = gcp.compute.NetworkFirewallPolicy("basic_network_firewall_policy", + name="fw-policy", + description="Sample global network firewall policy", + project="my-project-name") + primary = gcp.compute.NetworkFirewallPolicyRule("primary", + action="allow", + description="This is a simple rule description", + direction="EGRESS", + disabled=False, + enable_logging=True, + firewall_policy=basic_network_firewall_policy.name, + priority=1000, + rule_name="test-rule", + match={ + "dest_ip_ranges": ["10.100.0.1/32"], + "dest_network_scope": "INTERNET", + "layer4_configs": [{ + "ip_protocol": "all", + }], + }) + ``` + ### Network Firewall Policy Rule Network Scope Ingress + + ```python + import pulumi + import pulumi_gcp as gcp + + basic_network_firewall_policy = gcp.compute.NetworkFirewallPolicy("basic_network_firewall_policy", + name="fw-policy", + description="Sample global network firewall policy", + project="my-project-name") + network = gcp.compute.Network("network", name="network") + primary = gcp.compute.NetworkFirewallPolicyRule("primary", + action="allow", + description="This is a simple rule description", + direction="INGRESS", + disabled=False, + enable_logging=True, + firewall_policy=basic_network_firewall_policy.name, + priority=1000, + rule_name="test-rule", + match={ + "src_ip_ranges": ["11.100.0.1/32"], + "src_network_scope": "VPC_NETWORKS", + "src_networks": [network.id], + "layer4_configs": [{ + "ip_protocol": "all", + }], }) ``` @@ -734,7 +790,7 @@ def __init__(__self__, import pulumi_gcp as gcp basic_global_networksecurity_address_group = gcp.networksecurity.AddressGroup("basic_global_networksecurity_address_group", - name="address", + name="address-group", parent="projects/my-project-name", description="Sample global networksecurity_address_group", location="global", @@ -742,7 +798,7 @@ def __init__(__self__, type="IPV4", capacity=100) basic_network_firewall_policy = gcp.compute.NetworkFirewallPolicy("basic_network_firewall_policy", - name="policy", + name="fw-policy", description="Sample global network firewall policy", project="my-project-name") basic_network = gcp.compute.Network("basic_network", name="network") @@ -750,14 +806,14 @@ def __init__(__self__, description="For keyname resources.", parent="organizations/123456789", purpose="GCE_FIREWALL", - short_name="tagkey", + short_name="tag-key", purpose_data={ "network": basic_network.name.apply(lambda name: f"my-project-name/{name}"), }) basic_value = gcp.tags.TagValue("basic_value", description="For valuename resources.", parent=basic_key.id, - short_name="tagvalue") + short_name="tag-value") primary = gcp.compute.NetworkFirewallPolicyRule("primary", action="allow", description="This is a simple rule description", @@ -769,6 +825,7 @@ def __init__(__self__, rule_name="test-rule", target_service_accounts=["my@service-account.com"], match={ + "src_address_groups": [basic_global_networksecurity_address_group.id], "src_ip_ranges": ["10.100.0.1/32"], "src_fqdns": ["google.com"], "src_region_codes": ["US"], @@ -779,7 +836,62 @@ def __init__(__self__, "layer4_configs": [{ "ip_protocol": "all", }], - "src_address_groups": [basic_global_networksecurity_address_group.id], + }) + ``` + ### Network Firewall Policy Rule Network Scope Egress + + ```python + import pulumi + import pulumi_gcp as gcp + + basic_network_firewall_policy = gcp.compute.NetworkFirewallPolicy("basic_network_firewall_policy", + name="fw-policy", + description="Sample global network firewall policy", + project="my-project-name") + primary = gcp.compute.NetworkFirewallPolicyRule("primary", + action="allow", + description="This is a simple rule description", + direction="EGRESS", + disabled=False, + enable_logging=True, + firewall_policy=basic_network_firewall_policy.name, + priority=1000, + rule_name="test-rule", + match={ + "dest_ip_ranges": ["10.100.0.1/32"], + "dest_network_scope": "INTERNET", + "layer4_configs": [{ + "ip_protocol": "all", + }], + }) + ``` + ### Network Firewall Policy Rule Network Scope Ingress + + ```python + import pulumi + import pulumi_gcp as gcp + + basic_network_firewall_policy = gcp.compute.NetworkFirewallPolicy("basic_network_firewall_policy", + name="fw-policy", + description="Sample global network firewall policy", + project="my-project-name") + network = gcp.compute.Network("network", name="network") + primary = gcp.compute.NetworkFirewallPolicyRule("primary", + action="allow", + description="This is a simple rule description", + direction="INGRESS", + disabled=False, + enable_logging=True, + firewall_policy=basic_network_firewall_policy.name, + priority=1000, + rule_name="test-rule", + match={ + "src_ip_ranges": ["11.100.0.1/32"], + "src_network_scope": "VPC_NETWORKS", + "src_networks": [network.id], + "layer4_configs": [{ + "ip_protocol": "all", + }], }) ``` diff --git a/sdk/python/pulumi_gcp/compute/network_firewall_policy_with_rules.py b/sdk/python/pulumi_gcp/compute/network_firewall_policy_with_rules.py index 76a5c0b5c8..1243869100 100644 --- a/sdk/python/pulumi_gcp/compute/network_firewall_policy_with_rules.py +++ b/sdk/python/pulumi_gcp/compute/network_firewall_policy_with_rules.py @@ -316,7 +316,7 @@ def __init__(__self__, project = gcp.organizations.get_project() address_group1 = gcp.networksecurity.AddressGroup("address_group_1", - name="tf-address-group", + name="address-group", parent=project.id, description="Global address group", location="global", @@ -327,26 +327,29 @@ def __init__(__self__, description="Tag key", parent=project.id, purpose="GCE_FIREWALL", - short_name="tf-tag-key", + short_name="tag-key", purpose_data={ "network": f"{project.name}/default", }) secure_tag_value1 = gcp.tags.TagValue("secure_tag_value_1", description="Tag value", parent=secure_tag_key1.id, - short_name="tf-tag-value") + short_name="tag-value") security_profile1 = gcp.networksecurity.SecurityProfile("security_profile_1", - name="tf-security-profile", + name="sp", type="THREAT_PREVENTION", parent="organizations/123456789", location="global") security_profile_group1 = gcp.networksecurity.SecurityProfileGroup("security_profile_group_1", - name="tf-security-profile-group", + name="spg", parent="organizations/123456789", description="my description", threat_prevention_profile=security_profile1.id) - network_firewall_policy_with_rules = gcp.compute.NetworkFirewallPolicyWithRules("network-firewall-policy-with-rules", - name="tf-fw-policy-with-rules", + network = gcp.compute.Network("network", + name="network", + auto_create_subnetworks=False) + primary = gcp.compute.NetworkFirewallPolicyWithRules("primary", + name="fw-policy", description="Terraform test", rules=[ { @@ -356,13 +359,6 @@ def __init__(__self__, "action": "allow", "direction": "EGRESS", "match": { - "layer4_configs": [{ - "ip_protocol": "tcp", - "ports": [ - "8080", - "7070", - ], - }], "dest_ip_ranges": ["11.100.0.1/32"], "dest_fqdns": [ "www.yyy.com", @@ -377,6 +373,13 @@ def __init__(__self__, "iplist-tor-exit-nodes", ], "dest_address_groups": [address_group1.id], + "layer4_configs": [{ + "ip_protocol": "tcp", + "ports": [ + "8080", + "7070", + ], + }], }, "target_secure_tags": [{ "name": secure_tag_value1.id, @@ -388,10 +391,8 @@ def __init__(__self__, "enable_logging": False, "action": "deny", "direction": "INGRESS", + "disabled": True, "match": { - "layer4_configs": [{ - "ip_protocol": "udp", - }], "src_ip_ranges": ["0.0.0.0/0"], "src_fqdns": [ "www.abc.com", @@ -409,8 +410,10 @@ def __init__(__self__, "src_secure_tags": [{ "name": secure_tag_value1.id, }], + "layer4_configs": [{ + "ip_protocol": "udp", + }], }, - "disabled": True, }, { "description": "security profile group rule", @@ -419,15 +422,48 @@ def __init__(__self__, "enable_logging": False, "action": "apply_security_profile_group", "direction": "INGRESS", + "target_service_accounts": ["test@google.com"], + "security_profile_group": security_profile_group1.id.apply(lambda id: f"//networksecurity.googleapis.com/{id}"), + "tls_inspect": True, + "match": { + "src_ip_ranges": ["0.0.0.0/0"], + "layer4_configs": [{ + "ip_protocol": "tcp", + }], + }, + }, + { + "description": "network scope rule 1", + "rule_name": "network scope 1", + "priority": 4000, + "enable_logging": False, + "action": "allow", + "direction": "INGRESS", "match": { + "src_ip_ranges": ["11.100.0.1/32"], + "src_network_scope": "VPC_NETWORKS", + "src_networks": [network.id], "layer4_configs": [{ "ip_protocol": "tcp", + "ports": ["8080"], + }], + }, + }, + { + "description": "network scope rule 2", + "rule_name": "network scope 2", + "priority": 5000, + "enable_logging": False, + "action": "allow", + "direction": "EGRESS", + "match": { + "dest_ip_ranges": ["0.0.0.0/0"], + "dest_network_scope": "INTERNET", + "layer4_configs": [{ + "ip_protocol": "tcp", + "ports": ["8080"], }], - "src_ip_ranges": ["0.0.0.0/0"], }, - "target_service_accounts": ["test@google.com"], - "security_profile_group": security_profile_group1.id.apply(lambda id: f"//networksecurity.googleapis.com/{id}"), - "tls_inspect": True, }, ]) ``` @@ -486,7 +522,7 @@ def __init__(__self__, project = gcp.organizations.get_project() address_group1 = gcp.networksecurity.AddressGroup("address_group_1", - name="tf-address-group", + name="address-group", parent=project.id, description="Global address group", location="global", @@ -497,26 +533,29 @@ def __init__(__self__, description="Tag key", parent=project.id, purpose="GCE_FIREWALL", - short_name="tf-tag-key", + short_name="tag-key", purpose_data={ "network": f"{project.name}/default", }) secure_tag_value1 = gcp.tags.TagValue("secure_tag_value_1", description="Tag value", parent=secure_tag_key1.id, - short_name="tf-tag-value") + short_name="tag-value") security_profile1 = gcp.networksecurity.SecurityProfile("security_profile_1", - name="tf-security-profile", + name="sp", type="THREAT_PREVENTION", parent="organizations/123456789", location="global") security_profile_group1 = gcp.networksecurity.SecurityProfileGroup("security_profile_group_1", - name="tf-security-profile-group", + name="spg", parent="organizations/123456789", description="my description", threat_prevention_profile=security_profile1.id) - network_firewall_policy_with_rules = gcp.compute.NetworkFirewallPolicyWithRules("network-firewall-policy-with-rules", - name="tf-fw-policy-with-rules", + network = gcp.compute.Network("network", + name="network", + auto_create_subnetworks=False) + primary = gcp.compute.NetworkFirewallPolicyWithRules("primary", + name="fw-policy", description="Terraform test", rules=[ { @@ -526,13 +565,6 @@ def __init__(__self__, "action": "allow", "direction": "EGRESS", "match": { - "layer4_configs": [{ - "ip_protocol": "tcp", - "ports": [ - "8080", - "7070", - ], - }], "dest_ip_ranges": ["11.100.0.1/32"], "dest_fqdns": [ "www.yyy.com", @@ -547,6 +579,13 @@ def __init__(__self__, "iplist-tor-exit-nodes", ], "dest_address_groups": [address_group1.id], + "layer4_configs": [{ + "ip_protocol": "tcp", + "ports": [ + "8080", + "7070", + ], + }], }, "target_secure_tags": [{ "name": secure_tag_value1.id, @@ -558,10 +597,8 @@ def __init__(__self__, "enable_logging": False, "action": "deny", "direction": "INGRESS", + "disabled": True, "match": { - "layer4_configs": [{ - "ip_protocol": "udp", - }], "src_ip_ranges": ["0.0.0.0/0"], "src_fqdns": [ "www.abc.com", @@ -579,8 +616,10 @@ def __init__(__self__, "src_secure_tags": [{ "name": secure_tag_value1.id, }], + "layer4_configs": [{ + "ip_protocol": "udp", + }], }, - "disabled": True, }, { "description": "security profile group rule", @@ -589,15 +628,48 @@ def __init__(__self__, "enable_logging": False, "action": "apply_security_profile_group", "direction": "INGRESS", + "target_service_accounts": ["test@google.com"], + "security_profile_group": security_profile_group1.id.apply(lambda id: f"//networksecurity.googleapis.com/{id}"), + "tls_inspect": True, + "match": { + "src_ip_ranges": ["0.0.0.0/0"], + "layer4_configs": [{ + "ip_protocol": "tcp", + }], + }, + }, + { + "description": "network scope rule 1", + "rule_name": "network scope 1", + "priority": 4000, + "enable_logging": False, + "action": "allow", + "direction": "INGRESS", "match": { + "src_ip_ranges": ["11.100.0.1/32"], + "src_network_scope": "VPC_NETWORKS", + "src_networks": [network.id], "layer4_configs": [{ "ip_protocol": "tcp", + "ports": ["8080"], + }], + }, + }, + { + "description": "network scope rule 2", + "rule_name": "network scope 2", + "priority": 5000, + "enable_logging": False, + "action": "allow", + "direction": "EGRESS", + "match": { + "dest_ip_ranges": ["0.0.0.0/0"], + "dest_network_scope": "INTERNET", + "layer4_configs": [{ + "ip_protocol": "tcp", + "ports": ["8080"], }], - "src_ip_ranges": ["0.0.0.0/0"], }, - "target_service_accounts": ["test@google.com"], - "security_profile_group": security_profile_group1.id.apply(lambda id: f"//networksecurity.googleapis.com/{id}"), - "tls_inspect": True, }, ]) ``` diff --git a/sdk/python/pulumi_gcp/compute/outputs.py b/sdk/python/pulumi_gcp/compute/outputs.py index 1f3be0a742..a2667c59b4 100644 --- a/sdk/python/pulumi_gcp/compute/outputs.py +++ b/sdk/python/pulumi_gcp/compute/outputs.py @@ -186,6 +186,8 @@ 'InstanceTemplateDiskSourceImageEncryptionKey', 'InstanceTemplateDiskSourceSnapshotEncryptionKey', 'InstanceTemplateGuestAccelerator', + 'InstanceTemplateIamBindingCondition', + 'InstanceTemplateIamMemberCondition', 'InstanceTemplateNetworkInterface', 'InstanceTemplateNetworkInterfaceAccessConfig', 'InstanceTemplateNetworkInterfaceAliasIpRange', @@ -4590,6 +4592,8 @@ def __key_warning(key: str): suggest = "dest_fqdns" elif key == "destIpRanges": suggest = "dest_ip_ranges" + elif key == "destNetworkScope": + suggest = "dest_network_scope" elif key == "destRegionCodes": suggest = "dest_region_codes" elif key == "destThreatIntelligences": @@ -4600,6 +4604,10 @@ def __key_warning(key: str): suggest = "src_fqdns" elif key == "srcIpRanges": suggest = "src_ip_ranges" + elif key == "srcNetworkScope": + suggest = "src_network_scope" + elif key == "srcNetworks": + suggest = "src_networks" elif key == "srcRegionCodes": suggest = "src_region_codes" elif key == "srcThreatIntelligences": @@ -4621,11 +4629,14 @@ def __init__(__self__, *, dest_address_groups: Optional[Sequence[str]] = None, dest_fqdns: Optional[Sequence[str]] = None, dest_ip_ranges: Optional[Sequence[str]] = None, + dest_network_scope: Optional[str] = None, dest_region_codes: Optional[Sequence[str]] = None, dest_threat_intelligences: Optional[Sequence[str]] = None, src_address_groups: Optional[Sequence[str]] = None, src_fqdns: Optional[Sequence[str]] = None, src_ip_ranges: Optional[Sequence[str]] = None, + src_network_scope: Optional[str] = None, + src_networks: Optional[Sequence[str]] = None, src_region_codes: Optional[Sequence[str]] = None, src_threat_intelligences: Optional[Sequence[str]] = None): """ @@ -4634,11 +4645,16 @@ def __init__(__self__, *, :param Sequence[str] dest_address_groups: Address groups which should be matched against the traffic destination. Maximum number of destination address groups is 10. :param Sequence[str] dest_fqdns: Fully Qualified Domain Name (FQDN) which should be matched against traffic destination. Maximum number of destination fqdn allowed is 100. :param Sequence[str] dest_ip_ranges: CIDR IP address range. Maximum number of destination CIDR IP ranges allowed is 5000. + :param str dest_network_scope: Network scope of the traffic destination. + Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. :param Sequence[str] dest_region_codes: Region codes whose IP addresses will be used to match for destination of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of dest region codes allowed is 5000. :param Sequence[str] dest_threat_intelligences: Names of Network Threat Intelligence lists. The IPs in these lists will be matched against traffic destination. :param Sequence[str] src_address_groups: Address groups which should be matched against the traffic source. Maximum number of source address groups is 10. :param Sequence[str] src_fqdns: Fully Qualified Domain Name (FQDN) which should be matched against traffic source. Maximum number of source fqdn allowed is 100. :param Sequence[str] src_ip_ranges: CIDR IP address range. Maximum number of source CIDR IP ranges allowed is 5000. + :param str src_network_scope: Network scope of the traffic source. + Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + :param Sequence[str] src_networks: Networks of the traffic source. It can be either a full or partial url. :param Sequence[str] src_region_codes: Region codes whose IP addresses will be used to match for source of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of source region codes allowed is 5000. :param Sequence[str] src_threat_intelligences: Names of Network Threat Intelligence lists. The IPs in these lists will be matched against traffic source. @@ -4652,6 +4668,8 @@ def __init__(__self__, *, pulumi.set(__self__, "dest_fqdns", dest_fqdns) if dest_ip_ranges is not None: pulumi.set(__self__, "dest_ip_ranges", dest_ip_ranges) + if dest_network_scope is not None: + pulumi.set(__self__, "dest_network_scope", dest_network_scope) if dest_region_codes is not None: pulumi.set(__self__, "dest_region_codes", dest_region_codes) if dest_threat_intelligences is not None: @@ -4662,6 +4680,10 @@ def __init__(__self__, *, pulumi.set(__self__, "src_fqdns", src_fqdns) if src_ip_ranges is not None: pulumi.set(__self__, "src_ip_ranges", src_ip_ranges) + if src_network_scope is not None: + pulumi.set(__self__, "src_network_scope", src_network_scope) + if src_networks is not None: + pulumi.set(__self__, "src_networks", src_networks) if src_region_codes is not None: pulumi.set(__self__, "src_region_codes", src_region_codes) if src_threat_intelligences is not None: @@ -4700,6 +4722,15 @@ def dest_ip_ranges(self) -> Optional[Sequence[str]]: """ return pulumi.get(self, "dest_ip_ranges") + @property + @pulumi.getter(name="destNetworkScope") + def dest_network_scope(self) -> Optional[str]: + """ + Network scope of the traffic destination. + Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + """ + return pulumi.get(self, "dest_network_scope") + @property @pulumi.getter(name="destRegionCodes") def dest_region_codes(self) -> Optional[Sequence[str]]: @@ -4740,6 +4771,23 @@ def src_ip_ranges(self) -> Optional[Sequence[str]]: """ return pulumi.get(self, "src_ip_ranges") + @property + @pulumi.getter(name="srcNetworkScope") + def src_network_scope(self) -> Optional[str]: + """ + Network scope of the traffic source. + Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + """ + return pulumi.get(self, "src_network_scope") + + @property + @pulumi.getter(name="srcNetworks") + def src_networks(self) -> Optional[Sequence[str]]: + """ + Networks of the traffic source. It can be either a full or partial url. + """ + return pulumi.get(self, "src_networks") + @property @pulumi.getter(name="srcRegionCodes") def src_region_codes(self) -> Optional[Sequence[str]]: @@ -5557,6 +5605,8 @@ def __key_warning(key: str): suggest = "dest_fqdns" elif key == "destIpRanges": suggest = "dest_ip_ranges" + elif key == "destNetworkScope": + suggest = "dest_network_scope" elif key == "destRegionCodes": suggest = "dest_region_codes" elif key == "destThreatIntelligences": @@ -5567,6 +5617,10 @@ def __key_warning(key: str): suggest = "src_fqdns" elif key == "srcIpRanges": suggest = "src_ip_ranges" + elif key == "srcNetworkScope": + suggest = "src_network_scope" + elif key == "srcNetworks": + suggest = "src_networks" elif key == "srcRegionCodes": suggest = "src_region_codes" elif key == "srcThreatIntelligences": @@ -5588,11 +5642,14 @@ def __init__(__self__, *, dest_address_groups: Optional[Sequence[str]] = None, dest_fqdns: Optional[Sequence[str]] = None, dest_ip_ranges: Optional[Sequence[str]] = None, + dest_network_scope: Optional[str] = None, dest_region_codes: Optional[Sequence[str]] = None, dest_threat_intelligences: Optional[Sequence[str]] = None, src_address_groups: Optional[Sequence[str]] = None, src_fqdns: Optional[Sequence[str]] = None, src_ip_ranges: Optional[Sequence[str]] = None, + src_network_scope: Optional[str] = None, + src_networks: Optional[Sequence[str]] = None, src_region_codes: Optional[Sequence[str]] = None, src_threat_intelligences: Optional[Sequence[str]] = None): """ @@ -5607,6 +5664,8 @@ def __init__(__self__, *, traffic destination. Maximum number of destination fqdn allowed is 100. :param Sequence[str] dest_ip_ranges: Destination IP address range in CIDR format. Required for EGRESS rules. + :param str dest_network_scope: Network scope of the traffic destination. + Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. :param Sequence[str] dest_region_codes: Region codes whose IP addresses will be used to match for destination of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" @@ -5619,6 +5678,9 @@ def __init__(__self__, *, traffic source. Maximum number of source fqdn allowed is 100. :param Sequence[str] src_ip_ranges: Source IP address range in CIDR format. Required for INGRESS rules. + :param str src_network_scope: Network scope of the traffic source. + Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + :param Sequence[str] src_networks: Networks of the traffic source. It can be either a full or partial url. :param Sequence[str] src_region_codes: Region codes whose IP addresses will be used to match for source of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" @@ -5633,6 +5695,8 @@ def __init__(__self__, *, pulumi.set(__self__, "dest_fqdns", dest_fqdns) if dest_ip_ranges is not None: pulumi.set(__self__, "dest_ip_ranges", dest_ip_ranges) + if dest_network_scope is not None: + pulumi.set(__self__, "dest_network_scope", dest_network_scope) if dest_region_codes is not None: pulumi.set(__self__, "dest_region_codes", dest_region_codes) if dest_threat_intelligences is not None: @@ -5643,6 +5707,10 @@ def __init__(__self__, *, pulumi.set(__self__, "src_fqdns", src_fqdns) if src_ip_ranges is not None: pulumi.set(__self__, "src_ip_ranges", src_ip_ranges) + if src_network_scope is not None: + pulumi.set(__self__, "src_network_scope", src_network_scope) + if src_networks is not None: + pulumi.set(__self__, "src_networks", src_networks) if src_region_codes is not None: pulumi.set(__self__, "src_region_codes", src_region_codes) if src_threat_intelligences is not None: @@ -5687,6 +5755,15 @@ def dest_ip_ranges(self) -> Optional[Sequence[str]]: """ return pulumi.get(self, "dest_ip_ranges") + @property + @pulumi.getter(name="destNetworkScope") + def dest_network_scope(self) -> Optional[str]: + """ + Network scope of the traffic destination. + Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + """ + return pulumi.get(self, "dest_network_scope") + @property @pulumi.getter(name="destRegionCodes") def dest_region_codes(self) -> Optional[Sequence[str]]: @@ -5734,6 +5811,23 @@ def src_ip_ranges(self) -> Optional[Sequence[str]]: """ return pulumi.get(self, "src_ip_ranges") + @property + @pulumi.getter(name="srcNetworkScope") + def src_network_scope(self) -> Optional[str]: + """ + Network scope of the traffic source. + Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + """ + return pulumi.get(self, "src_network_scope") + + @property + @pulumi.getter(name="srcNetworks") + def src_networks(self) -> Optional[Sequence[str]]: + """ + Networks of the traffic source. It can be either a full or partial url. + """ + return pulumi.get(self, "src_networks") + @property @pulumi.getter(name="srcRegionCodes") def src_region_codes(self) -> Optional[Sequence[str]]: @@ -14289,6 +14383,80 @@ def type(self) -> str: return pulumi.get(self, "type") +@pulumi.output_type +class InstanceTemplateIamBindingCondition(dict): + def __init__(__self__, *, + expression: str, + title: str, + description: Optional[str] = None): + """ + :param str expression: Textual representation of an expression in Common Expression Language syntax. + :param str title: A title for the expression, i.e. a short string describing its purpose. + """ + pulumi.set(__self__, "expression", expression) + pulumi.set(__self__, "title", title) + if description is not None: + pulumi.set(__self__, "description", description) + + @property + @pulumi.getter + def expression(self) -> str: + """ + Textual representation of an expression in Common Expression Language syntax. + """ + return pulumi.get(self, "expression") + + @property + @pulumi.getter + def title(self) -> str: + """ + A title for the expression, i.e. a short string describing its purpose. + """ + return pulumi.get(self, "title") + + @property + @pulumi.getter + def description(self) -> Optional[str]: + return pulumi.get(self, "description") + + +@pulumi.output_type +class InstanceTemplateIamMemberCondition(dict): + def __init__(__self__, *, + expression: str, + title: str, + description: Optional[str] = None): + """ + :param str expression: Textual representation of an expression in Common Expression Language syntax. + :param str title: A title for the expression, i.e. a short string describing its purpose. + """ + pulumi.set(__self__, "expression", expression) + pulumi.set(__self__, "title", title) + if description is not None: + pulumi.set(__self__, "description", description) + + @property + @pulumi.getter + def expression(self) -> str: + """ + Textual representation of an expression in Common Expression Language syntax. + """ + return pulumi.get(self, "expression") + + @property + @pulumi.getter + def title(self) -> str: + """ + A title for the expression, i.e. a short string describing its purpose. + """ + return pulumi.get(self, "title") + + @property + @pulumi.getter + def description(self) -> Optional[str]: + return pulumi.get(self, "description") + + @pulumi.output_type class InstanceTemplateNetworkInterface(dict): @staticmethod @@ -16198,6 +16366,8 @@ def __key_warning(key: str): suggest = "dest_fqdns" elif key == "destIpRanges": suggest = "dest_ip_ranges" + elif key == "destNetworkScope": + suggest = "dest_network_scope" elif key == "destRegionCodes": suggest = "dest_region_codes" elif key == "destThreatIntelligences": @@ -16208,6 +16378,10 @@ def __key_warning(key: str): suggest = "src_fqdns" elif key == "srcIpRanges": suggest = "src_ip_ranges" + elif key == "srcNetworkScope": + suggest = "src_network_scope" + elif key == "srcNetworks": + suggest = "src_networks" elif key == "srcRegionCodes": suggest = "src_region_codes" elif key == "srcSecureTags": @@ -16231,11 +16405,14 @@ def __init__(__self__, *, dest_address_groups: Optional[Sequence[str]] = None, dest_fqdns: Optional[Sequence[str]] = None, dest_ip_ranges: Optional[Sequence[str]] = None, + dest_network_scope: Optional[str] = None, dest_region_codes: Optional[Sequence[str]] = None, dest_threat_intelligences: Optional[Sequence[str]] = None, src_address_groups: Optional[Sequence[str]] = None, src_fqdns: Optional[Sequence[str]] = None, src_ip_ranges: Optional[Sequence[str]] = None, + src_network_scope: Optional[str] = None, + src_networks: Optional[Sequence[str]] = None, src_region_codes: Optional[Sequence[str]] = None, src_secure_tags: Optional[Sequence['outputs.NetworkFirewallPolicyRuleMatchSrcSecureTag']] = None, src_threat_intelligences: Optional[Sequence[str]] = None): @@ -16245,11 +16422,16 @@ def __init__(__self__, *, :param Sequence[str] dest_address_groups: Address groups which should be matched against the traffic destination. Maximum number of destination address groups is 10. :param Sequence[str] dest_fqdns: Fully Qualified Domain Name (FQDN) which should be matched against traffic destination. Maximum number of destination fqdn allowed is 100. :param Sequence[str] dest_ip_ranges: CIDR IP address range. Maximum number of destination CIDR IP ranges allowed is 5000. + :param str dest_network_scope: Network scope of the traffic destination. + Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. :param Sequence[str] dest_region_codes: Region codes whose IP addresses will be used to match for destination of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of dest region codes allowed is 5000. :param Sequence[str] dest_threat_intelligences: Names of Network Threat Intelligence lists. The IPs in these lists will be matched against traffic destination. :param Sequence[str] src_address_groups: Address groups which should be matched against the traffic source. Maximum number of source address groups is 10. :param Sequence[str] src_fqdns: Fully Qualified Domain Name (FQDN) which should be matched against traffic source. Maximum number of source fqdn allowed is 100. :param Sequence[str] src_ip_ranges: CIDR IP address range. Maximum number of source CIDR IP ranges allowed is 5000. + :param str src_network_scope: Network scope of the traffic source. + Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + :param Sequence[str] src_networks: Networks of the traffic source. It can be either a full or partial url. :param Sequence[str] src_region_codes: Region codes whose IP addresses will be used to match for source of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of source region codes allowed is 5000. :param Sequence['NetworkFirewallPolicyRuleMatchSrcSecureTagArgs'] src_secure_tags: List of secure tag values, which should be matched at the source of the traffic. For INGRESS rule, if all the srcSecureTag are INEFFECTIVE, and there is no srcIpRange, this rule will be ignored. Maximum number of source tag values allowed is 256. Structure is documented below. @@ -16265,6 +16447,8 @@ def __init__(__self__, *, pulumi.set(__self__, "dest_fqdns", dest_fqdns) if dest_ip_ranges is not None: pulumi.set(__self__, "dest_ip_ranges", dest_ip_ranges) + if dest_network_scope is not None: + pulumi.set(__self__, "dest_network_scope", dest_network_scope) if dest_region_codes is not None: pulumi.set(__self__, "dest_region_codes", dest_region_codes) if dest_threat_intelligences is not None: @@ -16275,6 +16459,10 @@ def __init__(__self__, *, pulumi.set(__self__, "src_fqdns", src_fqdns) if src_ip_ranges is not None: pulumi.set(__self__, "src_ip_ranges", src_ip_ranges) + if src_network_scope is not None: + pulumi.set(__self__, "src_network_scope", src_network_scope) + if src_networks is not None: + pulumi.set(__self__, "src_networks", src_networks) if src_region_codes is not None: pulumi.set(__self__, "src_region_codes", src_region_codes) if src_secure_tags is not None: @@ -16315,6 +16503,15 @@ def dest_ip_ranges(self) -> Optional[Sequence[str]]: """ return pulumi.get(self, "dest_ip_ranges") + @property + @pulumi.getter(name="destNetworkScope") + def dest_network_scope(self) -> Optional[str]: + """ + Network scope of the traffic destination. + Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + """ + return pulumi.get(self, "dest_network_scope") + @property @pulumi.getter(name="destRegionCodes") def dest_region_codes(self) -> Optional[Sequence[str]]: @@ -16355,6 +16552,23 @@ def src_ip_ranges(self) -> Optional[Sequence[str]]: """ return pulumi.get(self, "src_ip_ranges") + @property + @pulumi.getter(name="srcNetworkScope") + def src_network_scope(self) -> Optional[str]: + """ + Network scope of the traffic source. + Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + """ + return pulumi.get(self, "src_network_scope") + + @property + @pulumi.getter(name="srcNetworks") + def src_networks(self) -> Optional[Sequence[str]]: + """ + Networks of the traffic source. It can be either a full or partial url. + """ + return pulumi.get(self, "src_networks") + @property @pulumi.getter(name="srcRegionCodes") def src_region_codes(self) -> Optional[Sequence[str]]: @@ -17389,6 +17603,8 @@ def __key_warning(key: str): suggest = "dest_fqdns" elif key == "destIpRanges": suggest = "dest_ip_ranges" + elif key == "destNetworkScope": + suggest = "dest_network_scope" elif key == "destRegionCodes": suggest = "dest_region_codes" elif key == "destThreatIntelligences": @@ -17399,6 +17615,10 @@ def __key_warning(key: str): suggest = "src_fqdns" elif key == "srcIpRanges": suggest = "src_ip_ranges" + elif key == "srcNetworkScope": + suggest = "src_network_scope" + elif key == "srcNetworks": + suggest = "src_networks" elif key == "srcRegionCodes": suggest = "src_region_codes" elif key == "srcSecureTags": @@ -17422,11 +17642,14 @@ def __init__(__self__, *, dest_address_groups: Optional[Sequence[str]] = None, dest_fqdns: Optional[Sequence[str]] = None, dest_ip_ranges: Optional[Sequence[str]] = None, + dest_network_scope: Optional[str] = None, dest_region_codes: Optional[Sequence[str]] = None, dest_threat_intelligences: Optional[Sequence[str]] = None, src_address_groups: Optional[Sequence[str]] = None, src_fqdns: Optional[Sequence[str]] = None, src_ip_ranges: Optional[Sequence[str]] = None, + src_network_scope: Optional[str] = None, + src_networks: Optional[Sequence[str]] = None, src_region_codes: Optional[Sequence[str]] = None, src_secure_tags: Optional[Sequence['outputs.NetworkFirewallPolicyWithRulesRuleMatchSrcSecureTag']] = None, src_threat_intelligences: Optional[Sequence[str]] = None): @@ -17439,6 +17662,8 @@ def __init__(__self__, *, traffic destination. Maximum number of destination fqdn allowed is 100. :param Sequence[str] dest_ip_ranges: Destination IP address range in CIDR format. Required for EGRESS rules. + :param str dest_network_scope: Network scope of the traffic destination. + Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. :param Sequence[str] dest_region_codes: Region codes whose IP addresses will be used to match for destination of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" @@ -17451,6 +17676,9 @@ def __init__(__self__, *, traffic source. Maximum number of source fqdn allowed is 100. :param Sequence[str] src_ip_ranges: Source IP address range in CIDR format. Required for INGRESS rules. + :param str src_network_scope: Network scope of the traffic source. + Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + :param Sequence[str] src_networks: Networks of the traffic source. It can be either a full or partial url. :param Sequence[str] src_region_codes: Region codes whose IP addresses will be used to match for source of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" @@ -17474,6 +17702,8 @@ def __init__(__self__, *, pulumi.set(__self__, "dest_fqdns", dest_fqdns) if dest_ip_ranges is not None: pulumi.set(__self__, "dest_ip_ranges", dest_ip_ranges) + if dest_network_scope is not None: + pulumi.set(__self__, "dest_network_scope", dest_network_scope) if dest_region_codes is not None: pulumi.set(__self__, "dest_region_codes", dest_region_codes) if dest_threat_intelligences is not None: @@ -17484,6 +17714,10 @@ def __init__(__self__, *, pulumi.set(__self__, "src_fqdns", src_fqdns) if src_ip_ranges is not None: pulumi.set(__self__, "src_ip_ranges", src_ip_ranges) + if src_network_scope is not None: + pulumi.set(__self__, "src_network_scope", src_network_scope) + if src_networks is not None: + pulumi.set(__self__, "src_networks", src_networks) if src_region_codes is not None: pulumi.set(__self__, "src_region_codes", src_region_codes) if src_secure_tags is not None: @@ -17527,6 +17761,15 @@ def dest_ip_ranges(self) -> Optional[Sequence[str]]: """ return pulumi.get(self, "dest_ip_ranges") + @property + @pulumi.getter(name="destNetworkScope") + def dest_network_scope(self) -> Optional[str]: + """ + Network scope of the traffic destination. + Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + """ + return pulumi.get(self, "dest_network_scope") + @property @pulumi.getter(name="destRegionCodes") def dest_region_codes(self) -> Optional[Sequence[str]]: @@ -17574,6 +17817,23 @@ def src_ip_ranges(self) -> Optional[Sequence[str]]: """ return pulumi.get(self, "src_ip_ranges") + @property + @pulumi.getter(name="srcNetworkScope") + def src_network_scope(self) -> Optional[str]: + """ + Network scope of the traffic source. + Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + """ + return pulumi.get(self, "src_network_scope") + + @property + @pulumi.getter(name="srcNetworks") + def src_networks(self) -> Optional[Sequence[str]]: + """ + Networks of the traffic source. It can be either a full or partial url. + """ + return pulumi.get(self, "src_networks") + @property @pulumi.getter(name="srcRegionCodes") def src_region_codes(self) -> Optional[Sequence[str]]: @@ -25893,6 +26153,8 @@ def __key_warning(key: str): suggest = "dest_fqdns" elif key == "destIpRanges": suggest = "dest_ip_ranges" + elif key == "destNetworkScope": + suggest = "dest_network_scope" elif key == "destRegionCodes": suggest = "dest_region_codes" elif key == "destThreatIntelligences": @@ -25903,6 +26165,10 @@ def __key_warning(key: str): suggest = "src_fqdns" elif key == "srcIpRanges": suggest = "src_ip_ranges" + elif key == "srcNetworkScope": + suggest = "src_network_scope" + elif key == "srcNetworks": + suggest = "src_networks" elif key == "srcRegionCodes": suggest = "src_region_codes" elif key == "srcSecureTags": @@ -25926,11 +26192,14 @@ def __init__(__self__, *, dest_address_groups: Optional[Sequence[str]] = None, dest_fqdns: Optional[Sequence[str]] = None, dest_ip_ranges: Optional[Sequence[str]] = None, + dest_network_scope: Optional[str] = None, dest_region_codes: Optional[Sequence[str]] = None, dest_threat_intelligences: Optional[Sequence[str]] = None, src_address_groups: Optional[Sequence[str]] = None, src_fqdns: Optional[Sequence[str]] = None, src_ip_ranges: Optional[Sequence[str]] = None, + src_network_scope: Optional[str] = None, + src_networks: Optional[Sequence[str]] = None, src_region_codes: Optional[Sequence[str]] = None, src_secure_tags: Optional[Sequence['outputs.RegionNetworkFirewallPolicyRuleMatchSrcSecureTag']] = None, src_threat_intelligences: Optional[Sequence[str]] = None): @@ -25940,11 +26209,16 @@ def __init__(__self__, *, :param Sequence[str] dest_address_groups: Address groups which should be matched against the traffic destination. Maximum number of destination address groups is 10. :param Sequence[str] dest_fqdns: Fully Qualified Domain Name (FQDN) which should be matched against traffic destination. Maximum number of destination fqdn allowed is 100. :param Sequence[str] dest_ip_ranges: CIDR IP address range. Maximum number of destination CIDR IP ranges allowed is 5000. + :param str dest_network_scope: Network scope of the traffic destination. + Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. :param Sequence[str] dest_region_codes: Region codes whose IP addresses will be used to match for destination of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of dest region codes allowed is 5000. :param Sequence[str] dest_threat_intelligences: Names of Network Threat Intelligence lists. The IPs in these lists will be matched against traffic destination. :param Sequence[str] src_address_groups: Address groups which should be matched against the traffic source. Maximum number of source address groups is 10. :param Sequence[str] src_fqdns: Fully Qualified Domain Name (FQDN) which should be matched against traffic source. Maximum number of source fqdn allowed is 100. :param Sequence[str] src_ip_ranges: CIDR IP address range. Maximum number of source CIDR IP ranges allowed is 5000. + :param str src_network_scope: Network scope of the traffic source. + Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + :param Sequence[str] src_networks: Networks of the traffic source. It can be either a full or partial url. :param Sequence[str] src_region_codes: Region codes whose IP addresses will be used to match for source of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" Maximum number of source region codes allowed is 5000. :param Sequence['RegionNetworkFirewallPolicyRuleMatchSrcSecureTagArgs'] src_secure_tags: List of secure tag values, which should be matched at the source of the traffic. For INGRESS rule, if all the srcSecureTag are INEFFECTIVE, and there is no srcIpRange, this rule will be ignored. Maximum number of source tag values allowed is 256. Structure is documented below. @@ -25960,6 +26234,8 @@ def __init__(__self__, *, pulumi.set(__self__, "dest_fqdns", dest_fqdns) if dest_ip_ranges is not None: pulumi.set(__self__, "dest_ip_ranges", dest_ip_ranges) + if dest_network_scope is not None: + pulumi.set(__self__, "dest_network_scope", dest_network_scope) if dest_region_codes is not None: pulumi.set(__self__, "dest_region_codes", dest_region_codes) if dest_threat_intelligences is not None: @@ -25970,6 +26246,10 @@ def __init__(__self__, *, pulumi.set(__self__, "src_fqdns", src_fqdns) if src_ip_ranges is not None: pulumi.set(__self__, "src_ip_ranges", src_ip_ranges) + if src_network_scope is not None: + pulumi.set(__self__, "src_network_scope", src_network_scope) + if src_networks is not None: + pulumi.set(__self__, "src_networks", src_networks) if src_region_codes is not None: pulumi.set(__self__, "src_region_codes", src_region_codes) if src_secure_tags is not None: @@ -26010,6 +26290,15 @@ def dest_ip_ranges(self) -> Optional[Sequence[str]]: """ return pulumi.get(self, "dest_ip_ranges") + @property + @pulumi.getter(name="destNetworkScope") + def dest_network_scope(self) -> Optional[str]: + """ + Network scope of the traffic destination. + Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + """ + return pulumi.get(self, "dest_network_scope") + @property @pulumi.getter(name="destRegionCodes") def dest_region_codes(self) -> Optional[Sequence[str]]: @@ -26050,6 +26339,23 @@ def src_ip_ranges(self) -> Optional[Sequence[str]]: """ return pulumi.get(self, "src_ip_ranges") + @property + @pulumi.getter(name="srcNetworkScope") + def src_network_scope(self) -> Optional[str]: + """ + Network scope of the traffic source. + Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + """ + return pulumi.get(self, "src_network_scope") + + @property + @pulumi.getter(name="srcNetworks") + def src_networks(self) -> Optional[Sequence[str]]: + """ + Networks of the traffic source. It can be either a full or partial url. + """ + return pulumi.get(self, "src_networks") + @property @pulumi.getter(name="srcRegionCodes") def src_region_codes(self) -> Optional[Sequence[str]]: @@ -27084,6 +27390,8 @@ def __key_warning(key: str): suggest = "dest_fqdns" elif key == "destIpRanges": suggest = "dest_ip_ranges" + elif key == "destNetworkScope": + suggest = "dest_network_scope" elif key == "destRegionCodes": suggest = "dest_region_codes" elif key == "destThreatIntelligences": @@ -27094,6 +27402,10 @@ def __key_warning(key: str): suggest = "src_fqdns" elif key == "srcIpRanges": suggest = "src_ip_ranges" + elif key == "srcNetworkScope": + suggest = "src_network_scope" + elif key == "srcNetworks": + suggest = "src_networks" elif key == "srcRegionCodes": suggest = "src_region_codes" elif key == "srcSecureTags": @@ -27117,11 +27429,14 @@ def __init__(__self__, *, dest_address_groups: Optional[Sequence[str]] = None, dest_fqdns: Optional[Sequence[str]] = None, dest_ip_ranges: Optional[Sequence[str]] = None, + dest_network_scope: Optional[str] = None, dest_region_codes: Optional[Sequence[str]] = None, dest_threat_intelligences: Optional[Sequence[str]] = None, src_address_groups: Optional[Sequence[str]] = None, src_fqdns: Optional[Sequence[str]] = None, src_ip_ranges: Optional[Sequence[str]] = None, + src_network_scope: Optional[str] = None, + src_networks: Optional[Sequence[str]] = None, src_region_codes: Optional[Sequence[str]] = None, src_secure_tags: Optional[Sequence['outputs.RegionNetworkFirewallPolicyWithRulesRuleMatchSrcSecureTag']] = None, src_threat_intelligences: Optional[Sequence[str]] = None): @@ -27134,6 +27449,8 @@ def __init__(__self__, *, traffic destination. Maximum number of destination fqdn allowed is 100. :param Sequence[str] dest_ip_ranges: Destination IP address range in CIDR format. Required for EGRESS rules. + :param str dest_network_scope: Network scope of the traffic destination. + Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. :param Sequence[str] dest_region_codes: Region codes whose IP addresses will be used to match for destination of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" @@ -27146,6 +27463,9 @@ def __init__(__self__, *, traffic source. Maximum number of source fqdn allowed is 100. :param Sequence[str] src_ip_ranges: Source IP address range in CIDR format. Required for INGRESS rules. + :param str src_network_scope: Network scope of the traffic source. + Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + :param Sequence[str] src_networks: Networks of the traffic source. It can be either a full or partial url. :param Sequence[str] src_region_codes: Region codes whose IP addresses will be used to match for source of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex."US" @@ -27169,6 +27489,8 @@ def __init__(__self__, *, pulumi.set(__self__, "dest_fqdns", dest_fqdns) if dest_ip_ranges is not None: pulumi.set(__self__, "dest_ip_ranges", dest_ip_ranges) + if dest_network_scope is not None: + pulumi.set(__self__, "dest_network_scope", dest_network_scope) if dest_region_codes is not None: pulumi.set(__self__, "dest_region_codes", dest_region_codes) if dest_threat_intelligences is not None: @@ -27179,6 +27501,10 @@ def __init__(__self__, *, pulumi.set(__self__, "src_fqdns", src_fqdns) if src_ip_ranges is not None: pulumi.set(__self__, "src_ip_ranges", src_ip_ranges) + if src_network_scope is not None: + pulumi.set(__self__, "src_network_scope", src_network_scope) + if src_networks is not None: + pulumi.set(__self__, "src_networks", src_networks) if src_region_codes is not None: pulumi.set(__self__, "src_region_codes", src_region_codes) if src_secure_tags is not None: @@ -27222,6 +27548,15 @@ def dest_ip_ranges(self) -> Optional[Sequence[str]]: """ return pulumi.get(self, "dest_ip_ranges") + @property + @pulumi.getter(name="destNetworkScope") + def dest_network_scope(self) -> Optional[str]: + """ + Network scope of the traffic destination. + Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + """ + return pulumi.get(self, "dest_network_scope") + @property @pulumi.getter(name="destRegionCodes") def dest_region_codes(self) -> Optional[Sequence[str]]: @@ -27269,6 +27604,23 @@ def src_ip_ranges(self) -> Optional[Sequence[str]]: """ return pulumi.get(self, "src_ip_ranges") + @property + @pulumi.getter(name="srcNetworkScope") + def src_network_scope(self) -> Optional[str]: + """ + Network scope of the traffic source. + Possible values are: `INTERNET`, `INTRA_VPC`, `NON_INTERNET`, `VPC_NETWORKS`. + """ + return pulumi.get(self, "src_network_scope") + + @property + @pulumi.getter(name="srcNetworks") + def src_networks(self) -> Optional[Sequence[str]]: + """ + Networks of the traffic source. It can be either a full or partial url. + """ + return pulumi.get(self, "src_networks") + @property @pulumi.getter(name="srcRegionCodes") def src_region_codes(self) -> Optional[Sequence[str]]: diff --git a/sdk/python/pulumi_gcp/compute/project_metadata_item.py b/sdk/python/pulumi_gcp/compute/project_metadata_item.py index e601092746..2b3bb2d3f3 100644 --- a/sdk/python/pulumi_gcp/compute/project_metadata_item.py +++ b/sdk/python/pulumi_gcp/compute/project_metadata_item.py @@ -170,12 +170,18 @@ def __init__(__self__, * `{{key}}` + * `projects/{{project}}/meta-data/{{key}}` + When using the `pulumi import` command, project metadata items can be imported using one of the formats above. For example: ```sh $ pulumi import gcp:compute/projectMetadataItem:ProjectMetadataItem default {{key}} ``` + ```sh + $ pulumi import gcp:compute/projectMetadataItem:ProjectMetadataItem default projects/{{project}}/meta-data/{{key}} + ``` + :param str resource_name: The name of the resource. :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[str] key: The metadata key to set. @@ -214,12 +220,18 @@ def __init__(__self__, * `{{key}}` + * `projects/{{project}}/meta-data/{{key}}` + When using the `pulumi import` command, project metadata items can be imported using one of the formats above. For example: ```sh $ pulumi import gcp:compute/projectMetadataItem:ProjectMetadataItem default {{key}} ``` + ```sh + $ pulumi import gcp:compute/projectMetadataItem:ProjectMetadataItem default projects/{{project}}/meta-data/{{key}} + ``` + :param str resource_name: The name of the resource. :param ProjectMetadataItemArgs args: The arguments to use to populate this resource's properties. :param pulumi.ResourceOptions opts: Options for the resource. diff --git a/sdk/python/pulumi_gcp/compute/public_advertised_prefix.py b/sdk/python/pulumi_gcp/compute/public_advertised_prefix.py index f603ce5731..3773935a8f 100644 --- a/sdk/python/pulumi_gcp/compute/public_advertised_prefix.py +++ b/sdk/python/pulumi_gcp/compute/public_advertised_prefix.py @@ -23,6 +23,7 @@ def __init__(__self__, *, ip_cidr_range: pulumi.Input[str], description: Optional[pulumi.Input[str]] = None, name: Optional[pulumi.Input[str]] = None, + pdp_scope: Optional[pulumi.Input[str]] = None, project: Optional[pulumi.Input[str]] = None): """ The set of arguments for constructing a PublicAdvertisedPrefix resource. @@ -38,6 +39,9 @@ def __init__(__self__, *, which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. + :param pulumi.Input[str] pdp_scope: Specifies how child public delegated prefix will be scoped. pdpScope + must be one of: GLOBAL, REGIONAL + Possible values are: `GLOBAL`, `REGIONAL`. :param pulumi.Input[str] project: The ID of the project in which the resource belongs. If it is not provided, the provider project is used. """ @@ -47,6 +51,8 @@ def __init__(__self__, *, pulumi.set(__self__, "description", description) if name is not None: pulumi.set(__self__, "name", name) + if pdp_scope is not None: + pulumi.set(__self__, "pdp_scope", pdp_scope) if project is not None: pulumi.set(__self__, "project", project) @@ -106,6 +112,20 @@ def name(self) -> Optional[pulumi.Input[str]]: def name(self, value: Optional[pulumi.Input[str]]): pulumi.set(self, "name", value) + @property + @pulumi.getter(name="pdpScope") + def pdp_scope(self) -> Optional[pulumi.Input[str]]: + """ + Specifies how child public delegated prefix will be scoped. pdpScope + must be one of: GLOBAL, REGIONAL + Possible values are: `GLOBAL`, `REGIONAL`. + """ + return pulumi.get(self, "pdp_scope") + + @pdp_scope.setter + def pdp_scope(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "pdp_scope", value) + @property @pulumi.getter def project(self) -> Optional[pulumi.Input[str]]: @@ -127,6 +147,7 @@ def __init__(__self__, *, dns_verification_ip: Optional[pulumi.Input[str]] = None, ip_cidr_range: Optional[pulumi.Input[str]] = None, name: Optional[pulumi.Input[str]] = None, + pdp_scope: Optional[pulumi.Input[str]] = None, project: Optional[pulumi.Input[str]] = None, self_link: Optional[pulumi.Input[str]] = None, shared_secret: Optional[pulumi.Input[str]] = None): @@ -144,6 +165,9 @@ def __init__(__self__, *, which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. + :param pulumi.Input[str] pdp_scope: Specifies how child public delegated prefix will be scoped. pdpScope + must be one of: GLOBAL, REGIONAL + Possible values are: `GLOBAL`, `REGIONAL`. :param pulumi.Input[str] project: The ID of the project in which the resource belongs. If it is not provided, the provider project is used. :param pulumi.Input[str] self_link: The URI of the created resource. @@ -157,6 +181,8 @@ def __init__(__self__, *, pulumi.set(__self__, "ip_cidr_range", ip_cidr_range) if name is not None: pulumi.set(__self__, "name", name) + if pdp_scope is not None: + pulumi.set(__self__, "pdp_scope", pdp_scope) if project is not None: pulumi.set(__self__, "project", project) if self_link is not None: @@ -220,6 +246,20 @@ def name(self) -> Optional[pulumi.Input[str]]: def name(self, value: Optional[pulumi.Input[str]]): pulumi.set(self, "name", value) + @property + @pulumi.getter(name="pdpScope") + def pdp_scope(self) -> Optional[pulumi.Input[str]]: + """ + Specifies how child public delegated prefix will be scoped. pdpScope + must be one of: GLOBAL, REGIONAL + Possible values are: `GLOBAL`, `REGIONAL`. + """ + return pulumi.get(self, "pdp_scope") + + @pdp_scope.setter + def pdp_scope(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "pdp_scope", value) + @property @pulumi.getter def project(self) -> Optional[pulumi.Input[str]]: @@ -267,6 +307,7 @@ def __init__(__self__, dns_verification_ip: Optional[pulumi.Input[str]] = None, ip_cidr_range: Optional[pulumi.Input[str]] = None, name: Optional[pulumi.Input[str]] = None, + pdp_scope: Optional[pulumi.Input[str]] = None, project: Optional[pulumi.Input[str]] = None, __props__=None): """ @@ -292,6 +333,19 @@ def __init__(__self__, dns_verification_ip="127.127.0.0", ip_cidr_range="127.127.0.0/16") ``` + ### Public Advertised Prefixes Pdp Scope + + ```python + import pulumi + import pulumi_gcp as gcp + + prefixes = gcp.compute.PublicAdvertisedPrefix("prefixes", + name="my-pap", + description="description", + dns_verification_ip="127.127.0.0", + ip_cidr_range="127.127.0.0/16", + pdp_scope="REGIONAL") + ``` ## Import @@ -331,6 +385,9 @@ def __init__(__self__, which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. + :param pulumi.Input[str] pdp_scope: Specifies how child public delegated prefix will be scoped. pdpScope + must be one of: GLOBAL, REGIONAL + Possible values are: `GLOBAL`, `REGIONAL`. :param pulumi.Input[str] project: The ID of the project in which the resource belongs. If it is not provided, the provider project is used. """ @@ -363,6 +420,19 @@ def __init__(__self__, dns_verification_ip="127.127.0.0", ip_cidr_range="127.127.0.0/16") ``` + ### Public Advertised Prefixes Pdp Scope + + ```python + import pulumi + import pulumi_gcp as gcp + + prefixes = gcp.compute.PublicAdvertisedPrefix("prefixes", + name="my-pap", + description="description", + dns_verification_ip="127.127.0.0", + ip_cidr_range="127.127.0.0/16", + pdp_scope="REGIONAL") + ``` ## Import @@ -407,6 +477,7 @@ def _internal_init(__self__, dns_verification_ip: Optional[pulumi.Input[str]] = None, ip_cidr_range: Optional[pulumi.Input[str]] = None, name: Optional[pulumi.Input[str]] = None, + pdp_scope: Optional[pulumi.Input[str]] = None, project: Optional[pulumi.Input[str]] = None, __props__=None): opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts) @@ -425,6 +496,7 @@ def _internal_init(__self__, raise TypeError("Missing required property 'ip_cidr_range'") __props__.__dict__["ip_cidr_range"] = ip_cidr_range __props__.__dict__["name"] = name + __props__.__dict__["pdp_scope"] = pdp_scope __props__.__dict__["project"] = project __props__.__dict__["self_link"] = None __props__.__dict__["shared_secret"] = None @@ -442,6 +514,7 @@ def get(resource_name: str, dns_verification_ip: Optional[pulumi.Input[str]] = None, ip_cidr_range: Optional[pulumi.Input[str]] = None, name: Optional[pulumi.Input[str]] = None, + pdp_scope: Optional[pulumi.Input[str]] = None, project: Optional[pulumi.Input[str]] = None, self_link: Optional[pulumi.Input[str]] = None, shared_secret: Optional[pulumi.Input[str]] = None) -> 'PublicAdvertisedPrefix': @@ -464,6 +537,9 @@ def get(resource_name: str, which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. + :param pulumi.Input[str] pdp_scope: Specifies how child public delegated prefix will be scoped. pdpScope + must be one of: GLOBAL, REGIONAL + Possible values are: `GLOBAL`, `REGIONAL`. :param pulumi.Input[str] project: The ID of the project in which the resource belongs. If it is not provided, the provider project is used. :param pulumi.Input[str] self_link: The URI of the created resource. @@ -477,6 +553,7 @@ def get(resource_name: str, __props__.__dict__["dns_verification_ip"] = dns_verification_ip __props__.__dict__["ip_cidr_range"] = ip_cidr_range __props__.__dict__["name"] = name + __props__.__dict__["pdp_scope"] = pdp_scope __props__.__dict__["project"] = project __props__.__dict__["self_link"] = self_link __props__.__dict__["shared_secret"] = shared_secret @@ -522,6 +599,16 @@ def name(self) -> pulumi.Output[str]: """ return pulumi.get(self, "name") + @property + @pulumi.getter(name="pdpScope") + def pdp_scope(self) -> pulumi.Output[Optional[str]]: + """ + Specifies how child public delegated prefix will be scoped. pdpScope + must be one of: GLOBAL, REGIONAL + Possible values are: `GLOBAL`, `REGIONAL`. + """ + return pulumi.get(self, "pdp_scope") + @property @pulumi.getter def project(self) -> pulumi.Output[str]: diff --git a/sdk/python/pulumi_gcp/compute/region_network_firewall_policy_rule.py b/sdk/python/pulumi_gcp/compute/region_network_firewall_policy_rule.py index fc261e0786..1935a06a2a 100644 --- a/sdk/python/pulumi_gcp/compute/region_network_firewall_policy_rule.py +++ b/sdk/python/pulumi_gcp/compute/region_network_firewall_policy_rule.py @@ -646,7 +646,7 @@ def __init__(__self__, import pulumi_gcp as gcp basic_regional_networksecurity_address_group = gcp.networksecurity.AddressGroup("basic_regional_networksecurity_address_group", - name="address", + name="address-group", parent="projects/my-project-name", description="Sample regional networksecurity_address_group", location="us-west1", @@ -654,7 +654,7 @@ def __init__(__self__, type="IPV4", capacity=100) basic_regional_network_firewall_policy = gcp.compute.RegionNetworkFirewallPolicy("basic_regional_network_firewall_policy", - name="policy", + name="fw-policy", description="Sample regional network firewall policy", project="my-project-name", region="us-west1") @@ -663,14 +663,14 @@ def __init__(__self__, description="For keyname resources.", parent="organizations/123456789", purpose="GCE_FIREWALL", - short_name="tagkey", + short_name="tag-key", purpose_data={ "network": basic_network.name.apply(lambda name: f"my-project-name/{name}"), }) basic_value = gcp.tags.TagValue("basic_value", description="For valuename resources.", parent=basic_key.id, - short_name="tagvalue") + short_name="tag-value") primary = gcp.compute.RegionNetworkFirewallPolicyRule("primary", action="allow", description="This is a simple rule description", @@ -683,6 +683,7 @@ def __init__(__self__, rule_name="test-rule", target_service_accounts=["my@service-account.com"], match={ + "src_address_groups": [basic_regional_networksecurity_address_group.id], "src_ip_ranges": ["10.100.0.1/32"], "src_fqdns": ["example.com"], "src_region_codes": ["US"], @@ -693,7 +694,66 @@ def __init__(__self__, "src_secure_tags": [{ "name": basic_value.id, }], - "src_address_groups": [basic_regional_networksecurity_address_group.id], + }) + ``` + ### Region Network Firewall Policy Rule Network Scope Egress + + ```python + import pulumi + import pulumi_gcp as gcp + + basic_regional_network_firewall_policy = gcp.compute.RegionNetworkFirewallPolicy("basic_regional_network_firewall_policy", + name="fw-policy", + description="Sample regional network firewall policy", + project="my-project-name", + region="us-west1") + primary = gcp.compute.RegionNetworkFirewallPolicyRule("primary", + action="allow", + description="This is a simple rule description", + direction="EGRESS", + disabled=False, + enable_logging=True, + firewall_policy=basic_regional_network_firewall_policy.name, + priority=1000, + region="us-west1", + rule_name="test-rule", + match={ + "dest_ip_ranges": ["10.100.0.1/32"], + "dest_network_scope": "INTERNET", + "layer4_configs": [{ + "ip_protocol": "all", + }], + }) + ``` + ### Region Network Firewall Policy Rule Network Scope Ingress + + ```python + import pulumi + import pulumi_gcp as gcp + + basic_regional_network_firewall_policy = gcp.compute.RegionNetworkFirewallPolicy("basic_regional_network_firewall_policy", + name="fw-policy", + description="Sample regional network firewall policy", + project="my-project-name", + region="us-west1") + network = gcp.compute.Network("network", name="network") + primary = gcp.compute.RegionNetworkFirewallPolicyRule("primary", + action="allow", + description="This is a simple rule description", + direction="INGRESS", + disabled=False, + enable_logging=True, + firewall_policy=basic_regional_network_firewall_policy.name, + priority=1000, + region="us-west1", + rule_name="test-rule", + match={ + "src_ip_ranges": ["10.100.0.1/32"], + "src_network_scope": "VPC_NETWORKS", + "src_networks": [network.id], + "layer4_configs": [{ + "ip_protocol": "all", + }], }) ``` @@ -781,7 +841,7 @@ def __init__(__self__, import pulumi_gcp as gcp basic_regional_networksecurity_address_group = gcp.networksecurity.AddressGroup("basic_regional_networksecurity_address_group", - name="address", + name="address-group", parent="projects/my-project-name", description="Sample regional networksecurity_address_group", location="us-west1", @@ -789,7 +849,7 @@ def __init__(__self__, type="IPV4", capacity=100) basic_regional_network_firewall_policy = gcp.compute.RegionNetworkFirewallPolicy("basic_regional_network_firewall_policy", - name="policy", + name="fw-policy", description="Sample regional network firewall policy", project="my-project-name", region="us-west1") @@ -798,14 +858,14 @@ def __init__(__self__, description="For keyname resources.", parent="organizations/123456789", purpose="GCE_FIREWALL", - short_name="tagkey", + short_name="tag-key", purpose_data={ "network": basic_network.name.apply(lambda name: f"my-project-name/{name}"), }) basic_value = gcp.tags.TagValue("basic_value", description="For valuename resources.", parent=basic_key.id, - short_name="tagvalue") + short_name="tag-value") primary = gcp.compute.RegionNetworkFirewallPolicyRule("primary", action="allow", description="This is a simple rule description", @@ -818,6 +878,7 @@ def __init__(__self__, rule_name="test-rule", target_service_accounts=["my@service-account.com"], match={ + "src_address_groups": [basic_regional_networksecurity_address_group.id], "src_ip_ranges": ["10.100.0.1/32"], "src_fqdns": ["example.com"], "src_region_codes": ["US"], @@ -828,7 +889,66 @@ def __init__(__self__, "src_secure_tags": [{ "name": basic_value.id, }], - "src_address_groups": [basic_regional_networksecurity_address_group.id], + }) + ``` + ### Region Network Firewall Policy Rule Network Scope Egress + + ```python + import pulumi + import pulumi_gcp as gcp + + basic_regional_network_firewall_policy = gcp.compute.RegionNetworkFirewallPolicy("basic_regional_network_firewall_policy", + name="fw-policy", + description="Sample regional network firewall policy", + project="my-project-name", + region="us-west1") + primary = gcp.compute.RegionNetworkFirewallPolicyRule("primary", + action="allow", + description="This is a simple rule description", + direction="EGRESS", + disabled=False, + enable_logging=True, + firewall_policy=basic_regional_network_firewall_policy.name, + priority=1000, + region="us-west1", + rule_name="test-rule", + match={ + "dest_ip_ranges": ["10.100.0.1/32"], + "dest_network_scope": "INTERNET", + "layer4_configs": [{ + "ip_protocol": "all", + }], + }) + ``` + ### Region Network Firewall Policy Rule Network Scope Ingress + + ```python + import pulumi + import pulumi_gcp as gcp + + basic_regional_network_firewall_policy = gcp.compute.RegionNetworkFirewallPolicy("basic_regional_network_firewall_policy", + name="fw-policy", + description="Sample regional network firewall policy", + project="my-project-name", + region="us-west1") + network = gcp.compute.Network("network", name="network") + primary = gcp.compute.RegionNetworkFirewallPolicyRule("primary", + action="allow", + description="This is a simple rule description", + direction="INGRESS", + disabled=False, + enable_logging=True, + firewall_policy=basic_regional_network_firewall_policy.name, + priority=1000, + region="us-west1", + rule_name="test-rule", + match={ + "src_ip_ranges": ["10.100.0.1/32"], + "src_network_scope": "VPC_NETWORKS", + "src_networks": [network.id], + "layer4_configs": [{ + "ip_protocol": "all", + }], }) ``` diff --git a/sdk/python/pulumi_gcp/compute/region_network_firewall_policy_with_rules.py b/sdk/python/pulumi_gcp/compute/region_network_firewall_policy_with_rules.py index 62cf6e40c3..508ab6440b 100644 --- a/sdk/python/pulumi_gcp/compute/region_network_firewall_policy_with_rules.py +++ b/sdk/python/pulumi_gcp/compute/region_network_firewall_policy_with_rules.py @@ -349,7 +349,7 @@ def __init__(__self__, project = gcp.organizations.get_project() address_group1 = gcp.networksecurity.AddressGroup("address_group_1", - name="tf-address-group", + name="address-group", parent=project.id, description="Regional address group", location="us-west2", @@ -360,16 +360,19 @@ def __init__(__self__, description="Tag key", parent=project.id, purpose="GCE_FIREWALL", - short_name="tf-tag-key", + short_name="tag-key", purpose_data={ "network": f"{project.name}/default", }) secure_tag_value1 = gcp.tags.TagValue("secure_tag_value_1", description="Tag value", parent=secure_tag_key1.id, - short_name="tf-tag-value") - region_network_firewall_policy_with_rules = gcp.compute.RegionNetworkFirewallPolicyWithRules("region-network-firewall-policy-with-rules", - name="tf-region-fw-policy-with-rules", + short_name="tag-value") + network = gcp.compute.Network("network", + name="network", + auto_create_subnetworks=False) + primary = gcp.compute.RegionNetworkFirewallPolicyWithRules("primary", + name="fw-policy", region="us-west2", description="Terraform test", rules=[ @@ -380,13 +383,6 @@ def __init__(__self__, "action": "allow", "direction": "EGRESS", "match": { - "layer4_configs": [{ - "ip_protocol": "tcp", - "ports": [ - "8080", - "7070", - ], - }], "dest_ip_ranges": ["11.100.0.1/32"], "dest_fqdns": [ "www.yyy.com", @@ -401,6 +397,13 @@ def __init__(__self__, "iplist-tor-exit-nodes", ], "dest_address_groups": [address_group1.id], + "layer4_configs": [{ + "ip_protocol": "tcp", + "ports": [ + "8080", + "7070", + ], + }], }, "target_secure_tags": [{ "name": secure_tag_value1.id, @@ -413,10 +416,8 @@ def __init__(__self__, "enable_logging": False, "action": "deny", "direction": "INGRESS", + "disabled": True, "match": { - "layer4_configs": [{ - "ip_protocol": "udp", - }], "src_ip_ranges": ["0.0.0.0/0"], "src_fqdns": [ "www.abc.com", @@ -434,8 +435,43 @@ def __init__(__self__, "src_secure_tags": [{ "name": secure_tag_value1.id, }], + "layer4_configs": [{ + "ip_protocol": "udp", + }], + }, + }, + { + "description": "network scope rule 1", + "rule_name": "network scope 1", + "priority": 4000, + "enable_logging": False, + "action": "allow", + "direction": "INGRESS", + "match": { + "src_ip_ranges": ["11.100.0.1/32"], + "src_network_scope": "VPC_NETWORKS", + "src_networks": [network.id], + "layer4_configs": [{ + "ip_protocol": "tcp", + "ports": ["8080"], + }], + }, + }, + { + "description": "network scope rule 2", + "rule_name": "network scope 2", + "priority": 5000, + "enable_logging": False, + "action": "allow", + "direction": "EGRESS", + "match": { + "dest_ip_ranges": ["0.0.0.0/0"], + "dest_network_scope": "NON_INTERNET", + "layer4_configs": [{ + "ip_protocol": "tcp", + "ports": ["8080"], + }], }, - "disabled": True, }, ]) ``` @@ -501,7 +537,7 @@ def __init__(__self__, project = gcp.organizations.get_project() address_group1 = gcp.networksecurity.AddressGroup("address_group_1", - name="tf-address-group", + name="address-group", parent=project.id, description="Regional address group", location="us-west2", @@ -512,16 +548,19 @@ def __init__(__self__, description="Tag key", parent=project.id, purpose="GCE_FIREWALL", - short_name="tf-tag-key", + short_name="tag-key", purpose_data={ "network": f"{project.name}/default", }) secure_tag_value1 = gcp.tags.TagValue("secure_tag_value_1", description="Tag value", parent=secure_tag_key1.id, - short_name="tf-tag-value") - region_network_firewall_policy_with_rules = gcp.compute.RegionNetworkFirewallPolicyWithRules("region-network-firewall-policy-with-rules", - name="tf-region-fw-policy-with-rules", + short_name="tag-value") + network = gcp.compute.Network("network", + name="network", + auto_create_subnetworks=False) + primary = gcp.compute.RegionNetworkFirewallPolicyWithRules("primary", + name="fw-policy", region="us-west2", description="Terraform test", rules=[ @@ -532,13 +571,6 @@ def __init__(__self__, "action": "allow", "direction": "EGRESS", "match": { - "layer4_configs": [{ - "ip_protocol": "tcp", - "ports": [ - "8080", - "7070", - ], - }], "dest_ip_ranges": ["11.100.0.1/32"], "dest_fqdns": [ "www.yyy.com", @@ -553,6 +585,13 @@ def __init__(__self__, "iplist-tor-exit-nodes", ], "dest_address_groups": [address_group1.id], + "layer4_configs": [{ + "ip_protocol": "tcp", + "ports": [ + "8080", + "7070", + ], + }], }, "target_secure_tags": [{ "name": secure_tag_value1.id, @@ -565,10 +604,8 @@ def __init__(__self__, "enable_logging": False, "action": "deny", "direction": "INGRESS", + "disabled": True, "match": { - "layer4_configs": [{ - "ip_protocol": "udp", - }], "src_ip_ranges": ["0.0.0.0/0"], "src_fqdns": [ "www.abc.com", @@ -586,8 +623,43 @@ def __init__(__self__, "src_secure_tags": [{ "name": secure_tag_value1.id, }], + "layer4_configs": [{ + "ip_protocol": "udp", + }], + }, + }, + { + "description": "network scope rule 1", + "rule_name": "network scope 1", + "priority": 4000, + "enable_logging": False, + "action": "allow", + "direction": "INGRESS", + "match": { + "src_ip_ranges": ["11.100.0.1/32"], + "src_network_scope": "VPC_NETWORKS", + "src_networks": [network.id], + "layer4_configs": [{ + "ip_protocol": "tcp", + "ports": ["8080"], + }], + }, + }, + { + "description": "network scope rule 2", + "rule_name": "network scope 2", + "priority": 5000, + "enable_logging": False, + "action": "allow", + "direction": "EGRESS", + "match": { + "dest_ip_ranges": ["0.0.0.0/0"], + "dest_network_scope": "NON_INTERNET", + "layer4_configs": [{ + "ip_protocol": "tcp", + "ports": ["8080"], + }], }, - "disabled": True, }, ]) ``` diff --git a/sdk/python/pulumi_gcp/compute/router_peer.py b/sdk/python/pulumi_gcp/compute/router_peer.py index 82d0e73cfe..4686a211c0 100644 --- a/sdk/python/pulumi_gcp/compute/router_peer.py +++ b/sdk/python/pulumi_gcp/compute/router_peer.py @@ -46,7 +46,8 @@ def __init__(__self__, *, peer_ipv6_nexthop_address: Optional[pulumi.Input[str]] = None, project: Optional[pulumi.Input[str]] = None, region: Optional[pulumi.Input[str]] = None, - router_appliance_instance: Optional[pulumi.Input[str]] = None): + router_appliance_instance: Optional[pulumi.Input[str]] = None, + zero_custom_learned_route_priority: Optional[pulumi.Input[bool]] = None): """ The set of arguments for constructing a RouterPeer resource. :param pulumi.Input[str] interface: Name of the interface the BGP peer is associated with. @@ -129,6 +130,8 @@ def __init__(__self__, *, such as Next Gen Firewalls, Virtual Routers, or Router Appliances. The VM instance must be located in zones contained in the same region as this Cloud Router. The VM instance is the peer side of the BGP session. + :param pulumi.Input[bool] zero_custom_learned_route_priority: The user-defined zero-custom-learned-route-priority for a custom-learned-route-priority in BGP session. + This value has to be set true to force the custom_learned_route_priority to be 0. """ pulumi.set(__self__, "interface", interface) pulumi.set(__self__, "peer_asn", peer_asn) @@ -179,6 +182,8 @@ def __init__(__self__, *, pulumi.set(__self__, "region", region) if router_appliance_instance is not None: pulumi.set(__self__, "router_appliance_instance", router_appliance_instance) + if zero_custom_learned_route_priority is not None: + pulumi.set(__self__, "zero_custom_learned_route_priority", zero_custom_learned_route_priority) @property @pulumi.getter @@ -546,6 +551,19 @@ def router_appliance_instance(self) -> Optional[pulumi.Input[str]]: def router_appliance_instance(self, value: Optional[pulumi.Input[str]]): pulumi.set(self, "router_appliance_instance", value) + @property + @pulumi.getter(name="zeroCustomLearnedRoutePriority") + def zero_custom_learned_route_priority(self) -> Optional[pulumi.Input[bool]]: + """ + The user-defined zero-custom-learned-route-priority for a custom-learned-route-priority in BGP session. + This value has to be set true to force the custom_learned_route_priority to be 0. + """ + return pulumi.get(self, "zero_custom_learned_route_priority") + + @zero_custom_learned_route_priority.setter + def zero_custom_learned_route_priority(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "zero_custom_learned_route_priority", value) + @pulumi.input_type class _RouterPeerState: @@ -566,6 +584,7 @@ def __init__(__self__, *, ip_address: Optional[pulumi.Input[str]] = None, ipv4_nexthop_address: Optional[pulumi.Input[str]] = None, ipv6_nexthop_address: Optional[pulumi.Input[str]] = None, + is_custom_learned_priority_set: Optional[pulumi.Input[bool]] = None, management_type: Optional[pulumi.Input[str]] = None, md5_authentication_key: Optional[pulumi.Input['RouterPeerMd5AuthenticationKeyArgs']] = None, name: Optional[pulumi.Input[str]] = None, @@ -576,7 +595,8 @@ def __init__(__self__, *, project: Optional[pulumi.Input[str]] = None, region: Optional[pulumi.Input[str]] = None, router: Optional[pulumi.Input[str]] = None, - router_appliance_instance: Optional[pulumi.Input[str]] = None): + router_appliance_instance: Optional[pulumi.Input[str]] = None, + zero_custom_learned_route_priority: Optional[pulumi.Input[bool]] = None): """ Input properties used for looking up and filtering RouterPeer resources. :param pulumi.Input[str] advertise_mode: User-specified flag to indicate which mode to use for advertisement. @@ -630,6 +650,7 @@ def __init__(__self__, *, The address must be in the range 2600:2d00:0:2::/64 or 2600:2d00:0:3::/64. If you do not specify the next hop addresses, Google Cloud automatically assigns unused addresses from the 2600:2d00:0:2::/64 or 2600:2d00:0:3::/64 range for you. + :param pulumi.Input[bool] is_custom_learned_priority_set: An internal boolean field for provider use. :param pulumi.Input[str] management_type: The resource that configures and manages this BGP peer. * `MANAGED_BY_USER` is the default value and can be managed by you or other users @@ -668,6 +689,8 @@ def __init__(__self__, *, such as Next Gen Firewalls, Virtual Routers, or Router Appliances. The VM instance must be located in zones contained in the same region as this Cloud Router. The VM instance is the peer side of the BGP session. + :param pulumi.Input[bool] zero_custom_learned_route_priority: The user-defined zero-custom-learned-route-priority for a custom-learned-route-priority in BGP session. + This value has to be set true to force the custom_learned_route_priority to be 0. """ if advertise_mode is not None: pulumi.set(__self__, "advertise_mode", advertise_mode) @@ -701,6 +724,8 @@ def __init__(__self__, *, pulumi.set(__self__, "ipv4_nexthop_address", ipv4_nexthop_address) if ipv6_nexthop_address is not None: pulumi.set(__self__, "ipv6_nexthop_address", ipv6_nexthop_address) + if is_custom_learned_priority_set is not None: + pulumi.set(__self__, "is_custom_learned_priority_set", is_custom_learned_priority_set) if management_type is not None: pulumi.set(__self__, "management_type", management_type) if md5_authentication_key is not None: @@ -723,6 +748,8 @@ def __init__(__self__, *, pulumi.set(__self__, "router", router) if router_appliance_instance is not None: pulumi.set(__self__, "router_appliance_instance", router_appliance_instance) + if zero_custom_learned_route_priority is not None: + pulumi.set(__self__, "zero_custom_learned_route_priority", zero_custom_learned_route_priority) @property @pulumi.getter(name="advertiseMode") @@ -951,6 +978,18 @@ def ipv6_nexthop_address(self) -> Optional[pulumi.Input[str]]: def ipv6_nexthop_address(self, value: Optional[pulumi.Input[str]]): pulumi.set(self, "ipv6_nexthop_address", value) + @property + @pulumi.getter(name="isCustomLearnedPrioritySet") + def is_custom_learned_priority_set(self) -> Optional[pulumi.Input[bool]]: + """ + An internal boolean field for provider use. + """ + return pulumi.get(self, "is_custom_learned_priority_set") + + @is_custom_learned_priority_set.setter + def is_custom_learned_priority_set(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "is_custom_learned_priority_set", value) + @property @pulumi.getter(name="managementType") def management_type(self) -> Optional[pulumi.Input[str]]: @@ -1110,6 +1149,19 @@ def router_appliance_instance(self) -> Optional[pulumi.Input[str]]: def router_appliance_instance(self, value: Optional[pulumi.Input[str]]): pulumi.set(self, "router_appliance_instance", value) + @property + @pulumi.getter(name="zeroCustomLearnedRoutePriority") + def zero_custom_learned_route_priority(self) -> Optional[pulumi.Input[bool]]: + """ + The user-defined zero-custom-learned-route-priority for a custom-learned-route-priority in BGP session. + This value has to be set true to force the custom_learned_route_priority to be 0. + """ + return pulumi.get(self, "zero_custom_learned_route_priority") + + @zero_custom_learned_route_priority.setter + def zero_custom_learned_route_priority(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "zero_custom_learned_route_priority", value) + class RouterPeer(pulumi.CustomResource): @overload @@ -1142,6 +1194,7 @@ def __init__(__self__, region: Optional[pulumi.Input[str]] = None, router: Optional[pulumi.Input[str]] = None, router_appliance_instance: Optional[pulumi.Input[str]] = None, + zero_custom_learned_route_priority: Optional[pulumi.Input[bool]] = None, __props__=None): """ BGP information that must be configured into the routing stack to @@ -1208,6 +1261,21 @@ def __init__(__self__, "session_initialization_mode": "ACTIVE", }) ``` + ### Router Zero Custom Learend Route Priority + + ```python + import pulumi + import pulumi_gcp as gcp + + peer = gcp.compute.RouterPeer("peer", + name="my-router-peer", + router="my-router", + region="us-central1", + interface="interface-1", + peer_asn=65513, + custom_learned_route_priority=0, + zero_custom_learned_route_priority=True) + ``` ### Router Peer Router Appliance ```python @@ -1532,6 +1600,8 @@ def __init__(__self__, such as Next Gen Firewalls, Virtual Routers, or Router Appliances. The VM instance must be located in zones contained in the same region as this Cloud Router. The VM instance is the peer side of the BGP session. + :param pulumi.Input[bool] zero_custom_learned_route_priority: The user-defined zero-custom-learned-route-priority for a custom-learned-route-priority in BGP session. + This value has to be set true to force the custom_learned_route_priority to be 0. """ ... @overload @@ -1604,6 +1674,21 @@ def __init__(__self__, "session_initialization_mode": "ACTIVE", }) ``` + ### Router Zero Custom Learend Route Priority + + ```python + import pulumi + import pulumi_gcp as gcp + + peer = gcp.compute.RouterPeer("peer", + name="my-router-peer", + router="my-router", + region="us-central1", + interface="interface-1", + peer_asn=65513, + custom_learned_route_priority=0, + zero_custom_learned_route_priority=True) + ``` ### Router Peer Router Appliance ```python @@ -1887,6 +1972,7 @@ def _internal_init(__self__, region: Optional[pulumi.Input[str]] = None, router: Optional[pulumi.Input[str]] = None, router_appliance_instance: Optional[pulumi.Input[str]] = None, + zero_custom_learned_route_priority: Optional[pulumi.Input[bool]] = None, __props__=None): opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts) if not isinstance(opts, pulumi.ResourceOptions): @@ -1928,6 +2014,8 @@ def _internal_init(__self__, raise TypeError("Missing required property 'router'") __props__.__dict__["router"] = router __props__.__dict__["router_appliance_instance"] = router_appliance_instance + __props__.__dict__["zero_custom_learned_route_priority"] = zero_custom_learned_route_priority + __props__.__dict__["is_custom_learned_priority_set"] = None __props__.__dict__["management_type"] = None super(RouterPeer, __self__).__init__( 'gcp:compute/routerPeer:RouterPeer', @@ -1955,6 +2043,7 @@ def get(resource_name: str, ip_address: Optional[pulumi.Input[str]] = None, ipv4_nexthop_address: Optional[pulumi.Input[str]] = None, ipv6_nexthop_address: Optional[pulumi.Input[str]] = None, + is_custom_learned_priority_set: Optional[pulumi.Input[bool]] = None, management_type: Optional[pulumi.Input[str]] = None, md5_authentication_key: Optional[pulumi.Input[Union['RouterPeerMd5AuthenticationKeyArgs', 'RouterPeerMd5AuthenticationKeyArgsDict']]] = None, name: Optional[pulumi.Input[str]] = None, @@ -1965,7 +2054,8 @@ def get(resource_name: str, project: Optional[pulumi.Input[str]] = None, region: Optional[pulumi.Input[str]] = None, router: Optional[pulumi.Input[str]] = None, - router_appliance_instance: Optional[pulumi.Input[str]] = None) -> 'RouterPeer': + router_appliance_instance: Optional[pulumi.Input[str]] = None, + zero_custom_learned_route_priority: Optional[pulumi.Input[bool]] = None) -> 'RouterPeer': """ Get an existing RouterPeer resource's state with the given name, id, and optional extra properties used to qualify the lookup. @@ -2024,6 +2114,7 @@ def get(resource_name: str, The address must be in the range 2600:2d00:0:2::/64 or 2600:2d00:0:3::/64. If you do not specify the next hop addresses, Google Cloud automatically assigns unused addresses from the 2600:2d00:0:2::/64 or 2600:2d00:0:3::/64 range for you. + :param pulumi.Input[bool] is_custom_learned_priority_set: An internal boolean field for provider use. :param pulumi.Input[str] management_type: The resource that configures and manages this BGP peer. * `MANAGED_BY_USER` is the default value and can be managed by you or other users @@ -2062,6 +2153,8 @@ def get(resource_name: str, such as Next Gen Firewalls, Virtual Routers, or Router Appliances. The VM instance must be located in zones contained in the same region as this Cloud Router. The VM instance is the peer side of the BGP session. + :param pulumi.Input[bool] zero_custom_learned_route_priority: The user-defined zero-custom-learned-route-priority for a custom-learned-route-priority in BGP session. + This value has to be set true to force the custom_learned_route_priority to be 0. """ opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id)) @@ -2083,6 +2176,7 @@ def get(resource_name: str, __props__.__dict__["ip_address"] = ip_address __props__.__dict__["ipv4_nexthop_address"] = ipv4_nexthop_address __props__.__dict__["ipv6_nexthop_address"] = ipv6_nexthop_address + __props__.__dict__["is_custom_learned_priority_set"] = is_custom_learned_priority_set __props__.__dict__["management_type"] = management_type __props__.__dict__["md5_authentication_key"] = md5_authentication_key __props__.__dict__["name"] = name @@ -2094,6 +2188,7 @@ def get(resource_name: str, __props__.__dict__["region"] = region __props__.__dict__["router"] = router __props__.__dict__["router_appliance_instance"] = router_appliance_instance + __props__.__dict__["zero_custom_learned_route_priority"] = zero_custom_learned_route_priority return RouterPeer(resource_name, opts=opts, __props__=__props__) @property @@ -2259,6 +2354,14 @@ def ipv6_nexthop_address(self) -> pulumi.Output[str]: """ return pulumi.get(self, "ipv6_nexthop_address") + @property + @pulumi.getter(name="isCustomLearnedPrioritySet") + def is_custom_learned_priority_set(self) -> pulumi.Output[bool]: + """ + An internal boolean field for provider use. + """ + return pulumi.get(self, "is_custom_learned_priority_set") + @property @pulumi.getter(name="managementType") def management_type(self) -> pulumi.Output[str]: @@ -2374,3 +2477,12 @@ def router_appliance_instance(self) -> pulumi.Output[Optional[str]]: """ return pulumi.get(self, "router_appliance_instance") + @property + @pulumi.getter(name="zeroCustomLearnedRoutePriority") + def zero_custom_learned_route_priority(self) -> pulumi.Output[Optional[bool]]: + """ + The user-defined zero-custom-learned-route-priority for a custom-learned-route-priority in BGP session. + This value has to be set true to force the custom_learned_route_priority to be 0. + """ + return pulumi.get(self, "zero_custom_learned_route_priority") + diff --git a/sdk/python/pulumi_gcp/config/__init__.pyi b/sdk/python/pulumi_gcp/config/__init__.pyi index 41cd2a9904..e44d8d0698 100644 --- a/sdk/python/pulumi_gcp/config/__init__.pyi +++ b/sdk/python/pulumi_gcp/config/__init__.pyi @@ -31,6 +31,8 @@ apiGatewayCustomEndpoint: Optional[str] apigeeCustomEndpoint: Optional[str] +apihubCustomEndpoint: Optional[str] + apikeysCustomEndpoint: Optional[str] appEngineCustomEndpoint: Optional[str] diff --git a/sdk/python/pulumi_gcp/config/vars.py b/sdk/python/pulumi_gcp/config/vars.py index a0f350d7ea..34a5fc6754 100644 --- a/sdk/python/pulumi_gcp/config/vars.py +++ b/sdk/python/pulumi_gcp/config/vars.py @@ -53,6 +53,10 @@ def api_gateway_custom_endpoint(self) -> Optional[str]: def apigee_custom_endpoint(self) -> Optional[str]: return __config__.get('apigeeCustomEndpoint') + @property + def apihub_custom_endpoint(self) -> Optional[str]: + return __config__.get('apihubCustomEndpoint') + @property def apikeys_custom_endpoint(self) -> Optional[str]: return __config__.get('apikeysCustomEndpoint') diff --git a/sdk/python/pulumi_gcp/filestore/get_instance.py b/sdk/python/pulumi_gcp/filestore/get_instance.py index 8c25a46fbf..2fb73e8f63 100644 --- a/sdk/python/pulumi_gcp/filestore/get_instance.py +++ b/sdk/python/pulumi_gcp/filestore/get_instance.py @@ -27,7 +27,7 @@ class GetInstanceResult: """ A collection of values returned by getInstance. """ - def __init__(__self__, create_time=None, deletion_protection_enabled=None, deletion_protection_reason=None, description=None, effective_labels=None, etag=None, file_shares=None, id=None, kms_key_name=None, labels=None, location=None, name=None, networks=None, performance_configs=None, project=None, protocol=None, pulumi_labels=None, tier=None, zone=None): + def __init__(__self__, create_time=None, deletion_protection_enabled=None, deletion_protection_reason=None, description=None, effective_labels=None, etag=None, file_shares=None, id=None, kms_key_name=None, labels=None, location=None, name=None, networks=None, performance_configs=None, project=None, protocol=None, pulumi_labels=None, tags=None, tier=None, zone=None): if create_time and not isinstance(create_time, str): raise TypeError("Expected argument 'create_time' to be a str") pulumi.set(__self__, "create_time", create_time) @@ -79,6 +79,9 @@ def __init__(__self__, create_time=None, deletion_protection_enabled=None, delet if pulumi_labels and not isinstance(pulumi_labels, dict): raise TypeError("Expected argument 'pulumi_labels' to be a dict") pulumi.set(__self__, "pulumi_labels", pulumi_labels) + if tags and not isinstance(tags, dict): + raise TypeError("Expected argument 'tags' to be a dict") + pulumi.set(__self__, "tags", tags) if tier and not isinstance(tier, str): raise TypeError("Expected argument 'tier' to be a str") pulumi.set(__self__, "tier", tier) @@ -174,6 +177,11 @@ def protocol(self) -> str: def pulumi_labels(self) -> Mapping[str, str]: return pulumi.get(self, "pulumi_labels") + @property + @pulumi.getter + def tags(self) -> Mapping[str, str]: + return pulumi.get(self, "tags") + @property @pulumi.getter def tier(self) -> str: @@ -208,6 +216,7 @@ def __await__(self): project=self.project, protocol=self.protocol, pulumi_labels=self.pulumi_labels, + tags=self.tags, tier=self.tier, zone=self.zone) @@ -266,6 +275,7 @@ def get_instance(location: Optional[str] = None, project=pulumi.get(__ret__, 'project'), protocol=pulumi.get(__ret__, 'protocol'), pulumi_labels=pulumi.get(__ret__, 'pulumi_labels'), + tags=pulumi.get(__ret__, 'tags'), tier=pulumi.get(__ret__, 'tier'), zone=pulumi.get(__ret__, 'zone')) def get_instance_output(location: Optional[pulumi.Input[Optional[str]]] = None, @@ -321,5 +331,6 @@ def get_instance_output(location: Optional[pulumi.Input[Optional[str]]] = None, project=pulumi.get(__response__, 'project'), protocol=pulumi.get(__response__, 'protocol'), pulumi_labels=pulumi.get(__response__, 'pulumi_labels'), + tags=pulumi.get(__response__, 'tags'), tier=pulumi.get(__response__, 'tier'), zone=pulumi.get(__response__, 'zone'))) diff --git a/sdk/python/pulumi_gcp/filestore/instance.py b/sdk/python/pulumi_gcp/filestore/instance.py index 486edb65ec..a54f561e5d 100644 --- a/sdk/python/pulumi_gcp/filestore/instance.py +++ b/sdk/python/pulumi_gcp/filestore/instance.py @@ -34,6 +34,7 @@ def __init__(__self__, *, performance_config: Optional[pulumi.Input['InstancePerformanceConfigArgs']] = None, project: Optional[pulumi.Input[str]] = None, protocol: Optional[pulumi.Input[str]] = None, + tags: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None, zone: Optional[pulumi.Input[str]] = None): """ The set of arguments for constructing a Instance resource. @@ -58,6 +59,11 @@ def __init__(__self__, *, :param pulumi.Input[str] protocol: Either NFSv3, for using NFS version 3 as file sharing protocol, or NFSv4.1, for using NFS version 4.1 as file sharing protocol. NFSv4.1 can be used with HIGH_SCALE_SSD, ZONAL, REGIONAL and ENTERPRISE. The default is NFSv3. Default value: "NFS_V3" Possible values: ["NFS_V3", "NFS_V4_1"] + :param pulumi.Input[Mapping[str, pulumi.Input[str]]] tags: A map of resource manager tags. Resource manager tag keys and values have the same definition as resource manager tags. + Keys must be in the format tagKeys/{tag_key_id}, and values are in the format tagValues/456. The field is ignored when + empty. The field is immutable and causes resource replacement when mutated. This field is only set at create time and + modifying this field after creation will trigger recreation. To apply tags to an existing resource, see the + 'google_tags_tag_value' resource. :param pulumi.Input[str] zone: The name of the Filestore zone of the instance. """ pulumi.set(__self__, "file_shares", file_shares) @@ -83,6 +89,8 @@ def __init__(__self__, *, pulumi.set(__self__, "project", project) if protocol is not None: pulumi.set(__self__, "protocol", protocol) + if tags is not None: + pulumi.set(__self__, "tags", tags) if zone is not None: warnings.warn("""`zone` is deprecated and will be removed in a future major release. Use `location` instead.""", DeprecationWarning) pulumi.log.warn("""zone is deprecated: `zone` is deprecated and will be removed in a future major release. Use `location` instead.""") @@ -251,6 +259,22 @@ def protocol(self) -> Optional[pulumi.Input[str]]: def protocol(self, value: Optional[pulumi.Input[str]]): pulumi.set(self, "protocol", value) + @property + @pulumi.getter + def tags(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]: + """ + A map of resource manager tags. Resource manager tag keys and values have the same definition as resource manager tags. + Keys must be in the format tagKeys/{tag_key_id}, and values are in the format tagValues/456. The field is ignored when + empty. The field is immutable and causes resource replacement when mutated. This field is only set at create time and + modifying this field after creation will trigger recreation. To apply tags to an existing resource, see the + 'google_tags_tag_value' resource. + """ + return pulumi.get(self, "tags") + + @tags.setter + def tags(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]): + pulumi.set(self, "tags", value) + @property @pulumi.getter @_utilities.deprecated("""`zone` is deprecated and will be removed in a future major release. Use `location` instead.""") @@ -284,6 +308,7 @@ def __init__(__self__, *, project: Optional[pulumi.Input[str]] = None, protocol: Optional[pulumi.Input[str]] = None, pulumi_labels: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None, + tags: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None, tier: Optional[pulumi.Input[str]] = None, zone: Optional[pulumi.Input[str]] = None): """ @@ -313,6 +338,11 @@ def __init__(__self__, *, "NFS_V3" Possible values: ["NFS_V3", "NFS_V4_1"] :param pulumi.Input[Mapping[str, pulumi.Input[str]]] pulumi_labels: The combination of labels configured directly on the resource and default labels configured on the provider. + :param pulumi.Input[Mapping[str, pulumi.Input[str]]] tags: A map of resource manager tags. Resource manager tag keys and values have the same definition as resource manager tags. + Keys must be in the format tagKeys/{tag_key_id}, and values are in the format tagValues/456. The field is ignored when + empty. The field is immutable and causes resource replacement when mutated. This field is only set at create time and + modifying this field after creation will trigger recreation. To apply tags to an existing resource, see the + 'google_tags_tag_value' resource. :param pulumi.Input[str] tier: The service tier of the instance. Possible values include: STANDARD, PREMIUM, BASIC_HDD, BASIC_SSD, HIGH_SCALE_SSD, ZONAL, REGIONAL and ENTERPRISE :param pulumi.Input[str] zone: The name of the Filestore zone of the instance. @@ -349,6 +379,8 @@ def __init__(__self__, *, pulumi.set(__self__, "protocol", protocol) if pulumi_labels is not None: pulumi.set(__self__, "pulumi_labels", pulumi_labels) + if tags is not None: + pulumi.set(__self__, "tags", tags) if tier is not None: pulumi.set(__self__, "tier", tier) if zone is not None: @@ -556,6 +588,22 @@ def pulumi_labels(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]] def pulumi_labels(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]): pulumi.set(self, "pulumi_labels", value) + @property + @pulumi.getter + def tags(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]: + """ + A map of resource manager tags. Resource manager tag keys and values have the same definition as resource manager tags. + Keys must be in the format tagKeys/{tag_key_id}, and values are in the format tagValues/456. The field is ignored when + empty. The field is immutable and causes resource replacement when mutated. This field is only set at create time and + modifying this field after creation will trigger recreation. To apply tags to an existing resource, see the + 'google_tags_tag_value' resource. + """ + return pulumi.get(self, "tags") + + @tags.setter + def tags(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]): + pulumi.set(self, "tags", value) + @property @pulumi.getter def tier(self) -> Optional[pulumi.Input[str]]: @@ -600,6 +648,7 @@ def __init__(__self__, performance_config: Optional[pulumi.Input[Union['InstancePerformanceConfigArgs', 'InstancePerformanceConfigArgsDict']]] = None, project: Optional[pulumi.Input[str]] = None, protocol: Optional[pulumi.Input[str]] = None, + tags: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None, tier: Optional[pulumi.Input[str]] = None, zone: Optional[pulumi.Input[str]] = None, __props__=None): @@ -761,6 +810,11 @@ def __init__(__self__, :param pulumi.Input[str] protocol: Either NFSv3, for using NFS version 3 as file sharing protocol, or NFSv4.1, for using NFS version 4.1 as file sharing protocol. NFSv4.1 can be used with HIGH_SCALE_SSD, ZONAL, REGIONAL and ENTERPRISE. The default is NFSv3. Default value: "NFS_V3" Possible values: ["NFS_V3", "NFS_V4_1"] + :param pulumi.Input[Mapping[str, pulumi.Input[str]]] tags: A map of resource manager tags. Resource manager tag keys and values have the same definition as resource manager tags. + Keys must be in the format tagKeys/{tag_key_id}, and values are in the format tagValues/456. The field is ignored when + empty. The field is immutable and causes resource replacement when mutated. This field is only set at create time and + modifying this field after creation will trigger recreation. To apply tags to an existing resource, see the + 'google_tags_tag_value' resource. :param pulumi.Input[str] tier: The service tier of the instance. Possible values include: STANDARD, PREMIUM, BASIC_HDD, BASIC_SSD, HIGH_SCALE_SSD, ZONAL, REGIONAL and ENTERPRISE :param pulumi.Input[str] zone: The name of the Filestore zone of the instance. @@ -935,6 +989,7 @@ def _internal_init(__self__, performance_config: Optional[pulumi.Input[Union['InstancePerformanceConfigArgs', 'InstancePerformanceConfigArgsDict']]] = None, project: Optional[pulumi.Input[str]] = None, protocol: Optional[pulumi.Input[str]] = None, + tags: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None, tier: Optional[pulumi.Input[str]] = None, zone: Optional[pulumi.Input[str]] = None, __props__=None): @@ -962,6 +1017,7 @@ def _internal_init(__self__, __props__.__dict__["performance_config"] = performance_config __props__.__dict__["project"] = project __props__.__dict__["protocol"] = protocol + __props__.__dict__["tags"] = tags if tier is None and not opts.urn: raise TypeError("Missing required property 'tier'") __props__.__dict__["tier"] = tier @@ -998,6 +1054,7 @@ def get(resource_name: str, project: Optional[pulumi.Input[str]] = None, protocol: Optional[pulumi.Input[str]] = None, pulumi_labels: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None, + tags: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None, tier: Optional[pulumi.Input[str]] = None, zone: Optional[pulumi.Input[str]] = None) -> 'Instance': """ @@ -1032,6 +1089,11 @@ def get(resource_name: str, "NFS_V3" Possible values: ["NFS_V3", "NFS_V4_1"] :param pulumi.Input[Mapping[str, pulumi.Input[str]]] pulumi_labels: The combination of labels configured directly on the resource and default labels configured on the provider. + :param pulumi.Input[Mapping[str, pulumi.Input[str]]] tags: A map of resource manager tags. Resource manager tag keys and values have the same definition as resource manager tags. + Keys must be in the format tagKeys/{tag_key_id}, and values are in the format tagValues/456. The field is ignored when + empty. The field is immutable and causes resource replacement when mutated. This field is only set at create time and + modifying this field after creation will trigger recreation. To apply tags to an existing resource, see the + 'google_tags_tag_value' resource. :param pulumi.Input[str] tier: The service tier of the instance. Possible values include: STANDARD, PREMIUM, BASIC_HDD, BASIC_SSD, HIGH_SCALE_SSD, ZONAL, REGIONAL and ENTERPRISE :param pulumi.Input[str] zone: The name of the Filestore zone of the instance. @@ -1056,6 +1118,7 @@ def get(resource_name: str, __props__.__dict__["project"] = project __props__.__dict__["protocol"] = protocol __props__.__dict__["pulumi_labels"] = pulumi_labels + __props__.__dict__["tags"] = tags __props__.__dict__["tier"] = tier __props__.__dict__["zone"] = zone return Instance(resource_name, opts=opts, __props__=__props__) @@ -1195,6 +1258,18 @@ def pulumi_labels(self) -> pulumi.Output[Mapping[str, str]]: """ return pulumi.get(self, "pulumi_labels") + @property + @pulumi.getter + def tags(self) -> pulumi.Output[Optional[Mapping[str, str]]]: + """ + A map of resource manager tags. Resource manager tag keys and values have the same definition as resource manager tags. + Keys must be in the format tagKeys/{tag_key_id}, and values are in the format tagValues/456. The field is ignored when + empty. The field is immutable and causes resource replacement when mutated. This field is only set at create time and + modifying this field after creation will trigger recreation. To apply tags to an existing resource, see the + 'google_tags_tag_value' resource. + """ + return pulumi.get(self, "tags") + @property @pulumi.getter def tier(self) -> pulumi.Output[str]: diff --git a/sdk/python/pulumi_gcp/gemini/code_repository_index.py b/sdk/python/pulumi_gcp/gemini/code_repository_index.py index fa70343810..12e0607d01 100644 --- a/sdk/python/pulumi_gcp/gemini/code_repository_index.py +++ b/sdk/python/pulumi_gcp/gemini/code_repository_index.py @@ -34,7 +34,7 @@ def __init__(__self__, *, :param pulumi.Input[str] location: The location of the Code Repository Index, for example `us-central1`. :param pulumi.Input[bool] force_destroy: If set to true, will allow deletion of the CodeRepositoryIndex even if there are existing RepositoryGroups for the resource. These RepositoryGroups will also be deleted. :param pulumi.Input[str] kms_key: Optional. Immutable. Customer-managed encryption key name, in the format - projects/*/locations/*/keyRings/*/cryptoKeys/*. + `projects/*/locations/*/keyRings/*/cryptoKeys/*`. :param pulumi.Input[Mapping[str, pulumi.Input[str]]] labels: Optional. Labels as key value pairs. **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field `effective_labels` for all of the labels present on the resource. @@ -96,7 +96,7 @@ def force_destroy(self, value: Optional[pulumi.Input[bool]]): def kms_key(self) -> Optional[pulumi.Input[str]]: """ Optional. Immutable. Customer-managed encryption key name, in the format - projects/*/locations/*/keyRings/*/cryptoKeys/*. + `projects/*/locations/*/keyRings/*/cryptoKeys/*`. """ return pulumi.get(self, "kms_key") @@ -157,7 +157,7 @@ def __init__(__self__, *, :param pulumi.Input[Mapping[str, pulumi.Input[str]]] effective_labels: All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. :param pulumi.Input[bool] force_destroy: If set to true, will allow deletion of the CodeRepositoryIndex even if there are existing RepositoryGroups for the resource. These RepositoryGroups will also be deleted. :param pulumi.Input[str] kms_key: Optional. Immutable. Customer-managed encryption key name, in the format - projects/*/locations/*/keyRings/*/cryptoKeys/*. + `projects/*/locations/*/keyRings/*/cryptoKeys/*`. :param pulumi.Input[Mapping[str, pulumi.Input[str]]] labels: Optional. Labels as key value pairs. **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field `effective_labels` for all of the labels present on the resource. @@ -168,12 +168,7 @@ def __init__(__self__, *, :param pulumi.Input[Mapping[str, pulumi.Input[str]]] pulumi_labels: The combination of labels configured directly on the resource and default labels configured on the provider. :param pulumi.Input[str] state: Output only. Code Repository Index instance State. - Possible values: - STATE_UNSPECIFIED - CREATING - ACTIVE - DELETING - SUSPENDED + Possible values are: `STATE_UNSPECIFIED`, `CREATING`, `ACTIVE`, `DELETING`, `SUSPENDED`. :param pulumi.Input[str] update_time: Output only. Update time stamp. """ if code_repository_index_id is not None: @@ -257,7 +252,7 @@ def force_destroy(self, value: Optional[pulumi.Input[bool]]): def kms_key(self) -> Optional[pulumi.Input[str]]: """ Optional. Immutable. Customer-managed encryption key name, in the format - projects/*/locations/*/keyRings/*/cryptoKeys/*. + `projects/*/locations/*/keyRings/*/cryptoKeys/*`. """ return pulumi.get(self, "kms_key") @@ -334,12 +329,7 @@ def pulumi_labels(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[s def state(self) -> Optional[pulumi.Input[str]]: """ Output only. Code Repository Index instance State. - Possible values: - STATE_UNSPECIFIED - CREATING - ACTIVE - DELETING - SUSPENDED + Possible values are: `STATE_UNSPECIFIED`, `CREATING`, `ACTIVE`, `DELETING`, `SUSPENDED`. """ return pulumi.get(self, "state") @@ -373,6 +363,14 @@ def __init__(__self__, project: Optional[pulumi.Input[str]] = None, __props__=None): """ + The resource for managing Code Repository Index for Gemini Code Assist. + + To get more information about CodeRepositoryIndex, see: + + * [API documentation](https://cloud.google.com/gemini/docs/api/reference/rest/v1/projects.locations.codeRepositoryIndexes) + * How-to Guides + * [Gemini Code Assist overview](https://cloud.google.com/gemini/docs/codeassist/overview) + ## Example Usage ### Gemini Code Repository Index Basic @@ -383,7 +381,7 @@ def __init__(__self__, example = gcp.gemini.CodeRepositoryIndex("example", location="us-central1", - code_repository_index_id="", + code_repository_index_id="code-repository-index-example", kms_key="projects/projectExample/locations/locationExample/keyRings/keyRingExample/cryptoKeys/cryptoKeyExample") ``` @@ -419,7 +417,7 @@ def __init__(__self__, - - - :param pulumi.Input[bool] force_destroy: If set to true, will allow deletion of the CodeRepositoryIndex even if there are existing RepositoryGroups for the resource. These RepositoryGroups will also be deleted. :param pulumi.Input[str] kms_key: Optional. Immutable. Customer-managed encryption key name, in the format - projects/*/locations/*/keyRings/*/cryptoKeys/*. + `projects/*/locations/*/keyRings/*/cryptoKeys/*`. :param pulumi.Input[Mapping[str, pulumi.Input[str]]] labels: Optional. Labels as key value pairs. **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field `effective_labels` for all of the labels present on the resource. @@ -434,6 +432,14 @@ def __init__(__self__, args: CodeRepositoryIndexArgs, opts: Optional[pulumi.ResourceOptions] = None): """ + The resource for managing Code Repository Index for Gemini Code Assist. + + To get more information about CodeRepositoryIndex, see: + + * [API documentation](https://cloud.google.com/gemini/docs/api/reference/rest/v1/projects.locations.codeRepositoryIndexes) + * How-to Guides + * [Gemini Code Assist overview](https://cloud.google.com/gemini/docs/codeassist/overview) + ## Example Usage ### Gemini Code Repository Index Basic @@ -444,7 +450,7 @@ def __init__(__self__, example = gcp.gemini.CodeRepositoryIndex("example", location="us-central1", - code_repository_index_id="", + code_repository_index_id="code-repository-index-example", kms_key="projects/projectExample/locations/locationExample/keyRings/keyRingExample/cryptoKeys/cryptoKeyExample") ``` @@ -557,7 +563,7 @@ def get(resource_name: str, :param pulumi.Input[Mapping[str, pulumi.Input[str]]] effective_labels: All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. :param pulumi.Input[bool] force_destroy: If set to true, will allow deletion of the CodeRepositoryIndex even if there are existing RepositoryGroups for the resource. These RepositoryGroups will also be deleted. :param pulumi.Input[str] kms_key: Optional. Immutable. Customer-managed encryption key name, in the format - projects/*/locations/*/keyRings/*/cryptoKeys/*. + `projects/*/locations/*/keyRings/*/cryptoKeys/*`. :param pulumi.Input[Mapping[str, pulumi.Input[str]]] labels: Optional. Labels as key value pairs. **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field `effective_labels` for all of the labels present on the resource. @@ -568,12 +574,7 @@ def get(resource_name: str, :param pulumi.Input[Mapping[str, pulumi.Input[str]]] pulumi_labels: The combination of labels configured directly on the resource and default labels configured on the provider. :param pulumi.Input[str] state: Output only. Code Repository Index instance State. - Possible values: - STATE_UNSPECIFIED - CREATING - ACTIVE - DELETING - SUSPENDED + Possible values are: `STATE_UNSPECIFIED`, `CREATING`, `ACTIVE`, `DELETING`, `SUSPENDED`. :param pulumi.Input[str] update_time: Output only. Update time stamp. """ opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id)) @@ -634,7 +635,7 @@ def force_destroy(self) -> pulumi.Output[Optional[bool]]: def kms_key(self) -> pulumi.Output[Optional[str]]: """ Optional. Immutable. Customer-managed encryption key name, in the format - projects/*/locations/*/keyRings/*/cryptoKeys/*. + `projects/*/locations/*/keyRings/*/cryptoKeys/*`. """ return pulumi.get(self, "kms_key") @@ -687,12 +688,7 @@ def pulumi_labels(self) -> pulumi.Output[Mapping[str, str]]: def state(self) -> pulumi.Output[str]: """ Output only. Code Repository Index instance State. - Possible values: - STATE_UNSPECIFIED - CREATING - ACTIVE - DELETING - SUSPENDED + Possible values are: `STATE_UNSPECIFIED`, `CREATING`, `ACTIVE`, `DELETING`, `SUSPENDED`. """ return pulumi.get(self, "state") diff --git a/sdk/python/pulumi_gcp/gemini/get_repository_group_iam_policy.py b/sdk/python/pulumi_gcp/gemini/get_repository_group_iam_policy.py index bef81429cc..aebceed362 100644 --- a/sdk/python/pulumi_gcp/gemini/get_repository_group_iam_policy.py +++ b/sdk/python/pulumi_gcp/gemini/get_repository_group_iam_policy.py @@ -116,7 +116,20 @@ def get_repository_group_iam_policy(code_repository_index: Optional[str] = None, repository_group_id: Optional[str] = None, opts: Optional[pulumi.InvokeOptions] = None) -> AwaitableGetRepositoryGroupIamPolicyResult: """ - Use this data source to access information about an existing resource. + Retrieves the current IAM policy data for repositorygroup + + ## example + + ```python + import pulumi + import pulumi_gcp as gcp + + policy = gcp.gemini.get_repository_group_iam_policy(project=example["project"], + location=example["location"], + code_repository_index=example["codeRepositoryIndex"], + repository_group_id=example["repositoryGroupId"]) + ``` + :param str location: The location of the Code Repository Index, for example `us-central1`. Used to find the parent resource to bind the IAM policy to. If not specified, the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no @@ -146,7 +159,20 @@ def get_repository_group_iam_policy_output(code_repository_index: Optional[pulum repository_group_id: Optional[pulumi.Input[str]] = None, opts: Optional[Union[pulumi.InvokeOptions, pulumi.InvokeOutputOptions]] = None) -> pulumi.Output[GetRepositoryGroupIamPolicyResult]: """ - Use this data source to access information about an existing resource. + Retrieves the current IAM policy data for repositorygroup + + ## example + + ```python + import pulumi + import pulumi_gcp as gcp + + policy = gcp.gemini.get_repository_group_iam_policy(project=example["project"], + location=example["location"], + code_repository_index=example["codeRepositoryIndex"], + repository_group_id=example["repositoryGroupId"]) + ``` + :param str location: The location of the Code Repository Index, for example `us-central1`. Used to find the parent resource to bind the IAM policy to. If not specified, the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no diff --git a/sdk/python/pulumi_gcp/gemini/repository_group.py b/sdk/python/pulumi_gcp/gemini/repository_group.py index 43152ae7e0..57effac145 100644 --- a/sdk/python/pulumi_gcp/gemini/repository_group.py +++ b/sdk/python/pulumi_gcp/gemini/repository_group.py @@ -31,10 +31,10 @@ def __init__(__self__, *, The set of arguments for constructing a RepositoryGroup resource. :param pulumi.Input[str] code_repository_index: Required. Id of the Code Repository Index. :param pulumi.Input[str] location: The location of the Code Repository Index, for example `us-central1`. - :param pulumi.Input[Sequence[pulumi.Input['RepositoryGroupRepositoryArgs']]] repositories: Required. List of repositories to group + :param pulumi.Input[Sequence[pulumi.Input['RepositoryGroupRepositoryArgs']]] repositories: Required. List of repositories to group. Structure is documented below. :param pulumi.Input[str] repository_group_id: Required. Id of the Repository Group. - :param pulumi.Input[Mapping[str, pulumi.Input[str]]] labels: Optional. Labels as key value pairs **Note**: This field is non-authoritative, and will only manage the labels present + :param pulumi.Input[Mapping[str, pulumi.Input[str]]] labels: Optional. Labels as key value pairs. **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels present on the resource. """ pulumi.set(__self__, "code_repository_index", code_repository_index) @@ -74,7 +74,7 @@ def location(self, value: pulumi.Input[str]): @pulumi.getter def repositories(self) -> pulumi.Input[Sequence[pulumi.Input['RepositoryGroupRepositoryArgs']]]: """ - Required. List of repositories to group + Required. List of repositories to group. Structure is documented below. """ return pulumi.get(self, "repositories") @@ -99,7 +99,7 @@ def repository_group_id(self, value: pulumi.Input[str]): @pulumi.getter def labels(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]: """ - Optional. Labels as key value pairs **Note**: This field is non-authoritative, and will only manage the labels present + Optional. Labels as key value pairs. **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels present on the resource. """ return pulumi.get(self, "labels") @@ -135,18 +135,18 @@ def __init__(__self__, *, """ Input properties used for looking up and filtering RepositoryGroup resources. :param pulumi.Input[str] code_repository_index: Required. Id of the Code Repository Index. - :param pulumi.Input[str] create_time: Output only. Create time stamp + :param pulumi.Input[str] create_time: Output only. Create time stamp. :param pulumi.Input[Mapping[str, pulumi.Input[str]]] effective_labels: All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. - :param pulumi.Input[Mapping[str, pulumi.Input[str]]] labels: Optional. Labels as key value pairs **Note**: This field is non-authoritative, and will only manage the labels present + :param pulumi.Input[Mapping[str, pulumi.Input[str]]] labels: Optional. Labels as key value pairs. **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels present on the resource. :param pulumi.Input[str] location: The location of the Code Repository Index, for example `us-central1`. - :param pulumi.Input[str] name: Immutable. Identifier. name of resource + :param pulumi.Input[str] name: Immutable. Identifier. Name of Repository Group. :param pulumi.Input[Mapping[str, pulumi.Input[str]]] pulumi_labels: The combination of labels configured directly on the resource and default labels configured on the provider. - :param pulumi.Input[Sequence[pulumi.Input['RepositoryGroupRepositoryArgs']]] repositories: Required. List of repositories to group + :param pulumi.Input[Sequence[pulumi.Input['RepositoryGroupRepositoryArgs']]] repositories: Required. List of repositories to group. Structure is documented below. :param pulumi.Input[str] repository_group_id: Required. Id of the Repository Group. - :param pulumi.Input[str] update_time: Output only. Update time stamp + :param pulumi.Input[str] update_time: Output only. Update time stamp. """ if code_repository_index is not None: pulumi.set(__self__, "code_repository_index", code_repository_index) @@ -187,7 +187,7 @@ def code_repository_index(self, value: Optional[pulumi.Input[str]]): @pulumi.getter(name="createTime") def create_time(self) -> Optional[pulumi.Input[str]]: """ - Output only. Create time stamp + Output only. Create time stamp. """ return pulumi.get(self, "create_time") @@ -211,7 +211,7 @@ def effective_labels(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Inpu @pulumi.getter def labels(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]: """ - Optional. Labels as key value pairs **Note**: This field is non-authoritative, and will only manage the labels present + Optional. Labels as key value pairs. **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels present on the resource. """ return pulumi.get(self, "labels") @@ -236,7 +236,7 @@ def location(self, value: Optional[pulumi.Input[str]]): @pulumi.getter def name(self) -> Optional[pulumi.Input[str]]: """ - Immutable. Identifier. name of resource + Immutable. Identifier. Name of Repository Group. """ return pulumi.get(self, "name") @@ -270,7 +270,7 @@ def pulumi_labels(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[s @pulumi.getter def repositories(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['RepositoryGroupRepositoryArgs']]]]: """ - Required. List of repositories to group + Required. List of repositories to group. Structure is documented below. """ return pulumi.get(self, "repositories") @@ -295,7 +295,7 @@ def repository_group_id(self, value: Optional[pulumi.Input[str]]): @pulumi.getter(name="updateTime") def update_time(self) -> Optional[pulumi.Input[str]]: """ - Output only. Update time stamp + Output only. Update time stamp. """ return pulumi.get(self, "update_time") @@ -317,8 +317,33 @@ def __init__(__self__, repository_group_id: Optional[pulumi.Input[str]] = None, __props__=None): """ + The resource for managing Repository Group for Gemini Code Assist. + + To get more information about RepositoryGroup, see: + + * [API documentation](https://cloud.google.com/gemini/docs/api/reference/rest/v1/projects.locations.codeRepositoryIndexes.repositoryGroups) + ## Example Usage + ### Gemini Repository Group Basic + + ```python + import pulumi + import pulumi_gcp as gcp + + example = gcp.gemini.RepositoryGroup("example", + location="us-central1", + code_repository_index="example-cri", + repository_group_id="example-repository-group", + repositories=[{ + "resource": "projects/example-project/locations/us-central1/connections/example-connection/gitRepositoryLinks/example-repo", + "branch_pattern": "main", + }], + labels={ + "label1": "value1", + }) + ``` + ## Import RepositoryGroup can be imported using any of these accepted formats: @@ -346,10 +371,10 @@ def __init__(__self__, :param str resource_name: The name of the resource. :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[str] code_repository_index: Required. Id of the Code Repository Index. - :param pulumi.Input[Mapping[str, pulumi.Input[str]]] labels: Optional. Labels as key value pairs **Note**: This field is non-authoritative, and will only manage the labels present + :param pulumi.Input[Mapping[str, pulumi.Input[str]]] labels: Optional. Labels as key value pairs. **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels present on the resource. :param pulumi.Input[str] location: The location of the Code Repository Index, for example `us-central1`. - :param pulumi.Input[Sequence[pulumi.Input[Union['RepositoryGroupRepositoryArgs', 'RepositoryGroupRepositoryArgsDict']]]] repositories: Required. List of repositories to group + :param pulumi.Input[Sequence[pulumi.Input[Union['RepositoryGroupRepositoryArgs', 'RepositoryGroupRepositoryArgsDict']]]] repositories: Required. List of repositories to group. Structure is documented below. :param pulumi.Input[str] repository_group_id: Required. Id of the Repository Group. """ @@ -360,8 +385,33 @@ def __init__(__self__, args: RepositoryGroupArgs, opts: Optional[pulumi.ResourceOptions] = None): """ + The resource for managing Repository Group for Gemini Code Assist. + + To get more information about RepositoryGroup, see: + + * [API documentation](https://cloud.google.com/gemini/docs/api/reference/rest/v1/projects.locations.codeRepositoryIndexes.repositoryGroups) + ## Example Usage + ### Gemini Repository Group Basic + + ```python + import pulumi + import pulumi_gcp as gcp + + example = gcp.gemini.RepositoryGroup("example", + location="us-central1", + code_repository_index="example-cri", + repository_group_id="example-repository-group", + repositories=[{ + "resource": "projects/example-project/locations/us-central1/connections/example-connection/gitRepositoryLinks/example-repo", + "branch_pattern": "main", + }], + labels={ + "label1": "value1", + }) + ``` + ## Import RepositoryGroup can be imported using any of these accepted formats: @@ -466,18 +516,18 @@ def get(resource_name: str, :param pulumi.Input[str] id: The unique provider ID of the resource to lookup. :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[str] code_repository_index: Required. Id of the Code Repository Index. - :param pulumi.Input[str] create_time: Output only. Create time stamp + :param pulumi.Input[str] create_time: Output only. Create time stamp. :param pulumi.Input[Mapping[str, pulumi.Input[str]]] effective_labels: All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. - :param pulumi.Input[Mapping[str, pulumi.Input[str]]] labels: Optional. Labels as key value pairs **Note**: This field is non-authoritative, and will only manage the labels present + :param pulumi.Input[Mapping[str, pulumi.Input[str]]] labels: Optional. Labels as key value pairs. **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels present on the resource. :param pulumi.Input[str] location: The location of the Code Repository Index, for example `us-central1`. - :param pulumi.Input[str] name: Immutable. Identifier. name of resource + :param pulumi.Input[str] name: Immutable. Identifier. Name of Repository Group. :param pulumi.Input[Mapping[str, pulumi.Input[str]]] pulumi_labels: The combination of labels configured directly on the resource and default labels configured on the provider. - :param pulumi.Input[Sequence[pulumi.Input[Union['RepositoryGroupRepositoryArgs', 'RepositoryGroupRepositoryArgsDict']]]] repositories: Required. List of repositories to group + :param pulumi.Input[Sequence[pulumi.Input[Union['RepositoryGroupRepositoryArgs', 'RepositoryGroupRepositoryArgsDict']]]] repositories: Required. List of repositories to group. Structure is documented below. :param pulumi.Input[str] repository_group_id: Required. Id of the Repository Group. - :param pulumi.Input[str] update_time: Output only. Update time stamp + :param pulumi.Input[str] update_time: Output only. Update time stamp. """ opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id)) @@ -508,7 +558,7 @@ def code_repository_index(self) -> pulumi.Output[str]: @pulumi.getter(name="createTime") def create_time(self) -> pulumi.Output[str]: """ - Output only. Create time stamp + Output only. Create time stamp. """ return pulumi.get(self, "create_time") @@ -524,7 +574,7 @@ def effective_labels(self) -> pulumi.Output[Mapping[str, str]]: @pulumi.getter def labels(self) -> pulumi.Output[Optional[Mapping[str, str]]]: """ - Optional. Labels as key value pairs **Note**: This field is non-authoritative, and will only manage the labels present + Optional. Labels as key value pairs. **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels present on the resource. """ return pulumi.get(self, "labels") @@ -541,7 +591,7 @@ def location(self) -> pulumi.Output[str]: @pulumi.getter def name(self) -> pulumi.Output[str]: """ - Immutable. Identifier. name of resource + Immutable. Identifier. Name of Repository Group. """ return pulumi.get(self, "name") @@ -563,7 +613,7 @@ def pulumi_labels(self) -> pulumi.Output[Mapping[str, str]]: @pulumi.getter def repositories(self) -> pulumi.Output[Sequence['outputs.RepositoryGroupRepository']]: """ - Required. List of repositories to group + Required. List of repositories to group. Structure is documented below. """ return pulumi.get(self, "repositories") @@ -580,7 +630,7 @@ def repository_group_id(self) -> pulumi.Output[str]: @pulumi.getter(name="updateTime") def update_time(self) -> pulumi.Output[str]: """ - Output only. Update time stamp + Output only. Update time stamp. """ return pulumi.get(self, "update_time") diff --git a/sdk/python/pulumi_gcp/gemini/repository_group_iam_binding.py b/sdk/python/pulumi_gcp/gemini/repository_group_iam_binding.py index e389b0bfa8..65cb28cf50 100644 --- a/sdk/python/pulumi_gcp/gemini/repository_group_iam_binding.py +++ b/sdk/python/pulumi_gcp/gemini/repository_group_iam_binding.py @@ -320,6 +320,135 @@ def __init__(__self__, role: Optional[pulumi.Input[str]] = None, __props__=None): """ + Three different resources help you manage your IAM policy for Gemini for Google Cloud RepositoryGroup. Each of these resources serves a different use case: + + * `gemini.RepositoryGroupIamPolicy`: Authoritative. Sets the IAM policy for the repositorygroup and replaces any existing policy already attached. + * `gemini.RepositoryGroupIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the repositorygroup are preserved. + * `gemini.RepositoryGroupIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the repositorygroup are preserved. + + A data source can be used to retrieve policy data in advent you do not need creation + + * `gemini.RepositoryGroupIamPolicy`: Retrieves the IAM policy for the repositorygroup + + > **Note:** `gemini.RepositoryGroupIamPolicy` **cannot** be used in conjunction with `gemini.RepositoryGroupIamBinding` and `gemini.RepositoryGroupIamMember` or they will fight over what your policy should be. + + > **Note:** `gemini.RepositoryGroupIamBinding` resources **can be** used in conjunction with `gemini.RepositoryGroupIamMember` resources **only if** they do not grant privilege to the same role. + + ## gemini.RepositoryGroupIamPolicy + + ```python + import pulumi + import pulumi_gcp as gcp + + admin = gcp.organizations.get_iam_policy(bindings=[{ + "role": "roles/cloudaicompanion.repositoryGroupsUser", + "members": ["user:jane@example.com"], + }]) + policy = gcp.gemini.RepositoryGroupIamPolicy("policy", + project=example["project"], + location=example["location"], + code_repository_index=example["codeRepositoryIndex"], + repository_group_id=example["repositoryGroupId"], + policy_data=admin.policy_data) + ``` + + ## gemini.RepositoryGroupIamBinding + + ```python + import pulumi + import pulumi_gcp as gcp + + binding = gcp.gemini.RepositoryGroupIamBinding("binding", + project=example["project"], + location=example["location"], + code_repository_index=example["codeRepositoryIndex"], + repository_group_id=example["repositoryGroupId"], + role="roles/cloudaicompanion.repositoryGroupsUser", + members=["user:jane@example.com"]) + ``` + + ## gemini.RepositoryGroupIamMember + + ```python + import pulumi + import pulumi_gcp as gcp + + member = gcp.gemini.RepositoryGroupIamMember("member", + project=example["project"], + location=example["location"], + code_repository_index=example["codeRepositoryIndex"], + repository_group_id=example["repositoryGroupId"], + role="roles/cloudaicompanion.repositoryGroupsUser", + member="user:jane@example.com") + ``` + + ## This resource supports User Project Overrides. + + - + + # IAM policy for Gemini for Google Cloud RepositoryGroup + Three different resources help you manage your IAM policy for Gemini for Google Cloud RepositoryGroup. Each of these resources serves a different use case: + + * `gemini.RepositoryGroupIamPolicy`: Authoritative. Sets the IAM policy for the repositorygroup and replaces any existing policy already attached. + * `gemini.RepositoryGroupIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the repositorygroup are preserved. + * `gemini.RepositoryGroupIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the repositorygroup are preserved. + + A data source can be used to retrieve policy data in advent you do not need creation + + * `gemini.RepositoryGroupIamPolicy`: Retrieves the IAM policy for the repositorygroup + + > **Note:** `gemini.RepositoryGroupIamPolicy` **cannot** be used in conjunction with `gemini.RepositoryGroupIamBinding` and `gemini.RepositoryGroupIamMember` or they will fight over what your policy should be. + + > **Note:** `gemini.RepositoryGroupIamBinding` resources **can be** used in conjunction with `gemini.RepositoryGroupIamMember` resources **only if** they do not grant privilege to the same role. + + ## gemini.RepositoryGroupIamPolicy + + ```python + import pulumi + import pulumi_gcp as gcp + + admin = gcp.organizations.get_iam_policy(bindings=[{ + "role": "roles/cloudaicompanion.repositoryGroupsUser", + "members": ["user:jane@example.com"], + }]) + policy = gcp.gemini.RepositoryGroupIamPolicy("policy", + project=example["project"], + location=example["location"], + code_repository_index=example["codeRepositoryIndex"], + repository_group_id=example["repositoryGroupId"], + policy_data=admin.policy_data) + ``` + + ## gemini.RepositoryGroupIamBinding + + ```python + import pulumi + import pulumi_gcp as gcp + + binding = gcp.gemini.RepositoryGroupIamBinding("binding", + project=example["project"], + location=example["location"], + code_repository_index=example["codeRepositoryIndex"], + repository_group_id=example["repositoryGroupId"], + role="roles/cloudaicompanion.repositoryGroupsUser", + members=["user:jane@example.com"]) + ``` + + ## gemini.RepositoryGroupIamMember + + ```python + import pulumi + import pulumi_gcp as gcp + + member = gcp.gemini.RepositoryGroupIamMember("member", + project=example["project"], + location=example["location"], + code_repository_index=example["codeRepositoryIndex"], + repository_group_id=example["repositoryGroupId"], + role="roles/cloudaicompanion.repositoryGroupsUser", + member="user:jane@example.com") + ``` + ## Import For all import syntaxes, the "resource in question" can take any of the following forms: @@ -387,6 +516,135 @@ def __init__(__self__, args: RepositoryGroupIamBindingArgs, opts: Optional[pulumi.ResourceOptions] = None): """ + Three different resources help you manage your IAM policy for Gemini for Google Cloud RepositoryGroup. Each of these resources serves a different use case: + + * `gemini.RepositoryGroupIamPolicy`: Authoritative. Sets the IAM policy for the repositorygroup and replaces any existing policy already attached. + * `gemini.RepositoryGroupIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the repositorygroup are preserved. + * `gemini.RepositoryGroupIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the repositorygroup are preserved. + + A data source can be used to retrieve policy data in advent you do not need creation + + * `gemini.RepositoryGroupIamPolicy`: Retrieves the IAM policy for the repositorygroup + + > **Note:** `gemini.RepositoryGroupIamPolicy` **cannot** be used in conjunction with `gemini.RepositoryGroupIamBinding` and `gemini.RepositoryGroupIamMember` or they will fight over what your policy should be. + + > **Note:** `gemini.RepositoryGroupIamBinding` resources **can be** used in conjunction with `gemini.RepositoryGroupIamMember` resources **only if** they do not grant privilege to the same role. + + ## gemini.RepositoryGroupIamPolicy + + ```python + import pulumi + import pulumi_gcp as gcp + + admin = gcp.organizations.get_iam_policy(bindings=[{ + "role": "roles/cloudaicompanion.repositoryGroupsUser", + "members": ["user:jane@example.com"], + }]) + policy = gcp.gemini.RepositoryGroupIamPolicy("policy", + project=example["project"], + location=example["location"], + code_repository_index=example["codeRepositoryIndex"], + repository_group_id=example["repositoryGroupId"], + policy_data=admin.policy_data) + ``` + + ## gemini.RepositoryGroupIamBinding + + ```python + import pulumi + import pulumi_gcp as gcp + + binding = gcp.gemini.RepositoryGroupIamBinding("binding", + project=example["project"], + location=example["location"], + code_repository_index=example["codeRepositoryIndex"], + repository_group_id=example["repositoryGroupId"], + role="roles/cloudaicompanion.repositoryGroupsUser", + members=["user:jane@example.com"]) + ``` + + ## gemini.RepositoryGroupIamMember + + ```python + import pulumi + import pulumi_gcp as gcp + + member = gcp.gemini.RepositoryGroupIamMember("member", + project=example["project"], + location=example["location"], + code_repository_index=example["codeRepositoryIndex"], + repository_group_id=example["repositoryGroupId"], + role="roles/cloudaicompanion.repositoryGroupsUser", + member="user:jane@example.com") + ``` + + ## This resource supports User Project Overrides. + + - + + # IAM policy for Gemini for Google Cloud RepositoryGroup + Three different resources help you manage your IAM policy for Gemini for Google Cloud RepositoryGroup. Each of these resources serves a different use case: + + * `gemini.RepositoryGroupIamPolicy`: Authoritative. Sets the IAM policy for the repositorygroup and replaces any existing policy already attached. + * `gemini.RepositoryGroupIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the repositorygroup are preserved. + * `gemini.RepositoryGroupIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the repositorygroup are preserved. + + A data source can be used to retrieve policy data in advent you do not need creation + + * `gemini.RepositoryGroupIamPolicy`: Retrieves the IAM policy for the repositorygroup + + > **Note:** `gemini.RepositoryGroupIamPolicy` **cannot** be used in conjunction with `gemini.RepositoryGroupIamBinding` and `gemini.RepositoryGroupIamMember` or they will fight over what your policy should be. + + > **Note:** `gemini.RepositoryGroupIamBinding` resources **can be** used in conjunction with `gemini.RepositoryGroupIamMember` resources **only if** they do not grant privilege to the same role. + + ## gemini.RepositoryGroupIamPolicy + + ```python + import pulumi + import pulumi_gcp as gcp + + admin = gcp.organizations.get_iam_policy(bindings=[{ + "role": "roles/cloudaicompanion.repositoryGroupsUser", + "members": ["user:jane@example.com"], + }]) + policy = gcp.gemini.RepositoryGroupIamPolicy("policy", + project=example["project"], + location=example["location"], + code_repository_index=example["codeRepositoryIndex"], + repository_group_id=example["repositoryGroupId"], + policy_data=admin.policy_data) + ``` + + ## gemini.RepositoryGroupIamBinding + + ```python + import pulumi + import pulumi_gcp as gcp + + binding = gcp.gemini.RepositoryGroupIamBinding("binding", + project=example["project"], + location=example["location"], + code_repository_index=example["codeRepositoryIndex"], + repository_group_id=example["repositoryGroupId"], + role="roles/cloudaicompanion.repositoryGroupsUser", + members=["user:jane@example.com"]) + ``` + + ## gemini.RepositoryGroupIamMember + + ```python + import pulumi + import pulumi_gcp as gcp + + member = gcp.gemini.RepositoryGroupIamMember("member", + project=example["project"], + location=example["location"], + code_repository_index=example["codeRepositoryIndex"], + repository_group_id=example["repositoryGroupId"], + role="roles/cloudaicompanion.repositoryGroupsUser", + member="user:jane@example.com") + ``` + ## Import For all import syntaxes, the "resource in question" can take any of the following forms: diff --git a/sdk/python/pulumi_gcp/gemini/repository_group_iam_member.py b/sdk/python/pulumi_gcp/gemini/repository_group_iam_member.py index 50a1a2153a..d9581c703f 100644 --- a/sdk/python/pulumi_gcp/gemini/repository_group_iam_member.py +++ b/sdk/python/pulumi_gcp/gemini/repository_group_iam_member.py @@ -320,6 +320,135 @@ def __init__(__self__, role: Optional[pulumi.Input[str]] = None, __props__=None): """ + Three different resources help you manage your IAM policy for Gemini for Google Cloud RepositoryGroup. Each of these resources serves a different use case: + + * `gemini.RepositoryGroupIamPolicy`: Authoritative. Sets the IAM policy for the repositorygroup and replaces any existing policy already attached. + * `gemini.RepositoryGroupIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the repositorygroup are preserved. + * `gemini.RepositoryGroupIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the repositorygroup are preserved. + + A data source can be used to retrieve policy data in advent you do not need creation + + * `gemini.RepositoryGroupIamPolicy`: Retrieves the IAM policy for the repositorygroup + + > **Note:** `gemini.RepositoryGroupIamPolicy` **cannot** be used in conjunction with `gemini.RepositoryGroupIamBinding` and `gemini.RepositoryGroupIamMember` or they will fight over what your policy should be. + + > **Note:** `gemini.RepositoryGroupIamBinding` resources **can be** used in conjunction with `gemini.RepositoryGroupIamMember` resources **only if** they do not grant privilege to the same role. + + ## gemini.RepositoryGroupIamPolicy + + ```python + import pulumi + import pulumi_gcp as gcp + + admin = gcp.organizations.get_iam_policy(bindings=[{ + "role": "roles/cloudaicompanion.repositoryGroupsUser", + "members": ["user:jane@example.com"], + }]) + policy = gcp.gemini.RepositoryGroupIamPolicy("policy", + project=example["project"], + location=example["location"], + code_repository_index=example["codeRepositoryIndex"], + repository_group_id=example["repositoryGroupId"], + policy_data=admin.policy_data) + ``` + + ## gemini.RepositoryGroupIamBinding + + ```python + import pulumi + import pulumi_gcp as gcp + + binding = gcp.gemini.RepositoryGroupIamBinding("binding", + project=example["project"], + location=example["location"], + code_repository_index=example["codeRepositoryIndex"], + repository_group_id=example["repositoryGroupId"], + role="roles/cloudaicompanion.repositoryGroupsUser", + members=["user:jane@example.com"]) + ``` + + ## gemini.RepositoryGroupIamMember + + ```python + import pulumi + import pulumi_gcp as gcp + + member = gcp.gemini.RepositoryGroupIamMember("member", + project=example["project"], + location=example["location"], + code_repository_index=example["codeRepositoryIndex"], + repository_group_id=example["repositoryGroupId"], + role="roles/cloudaicompanion.repositoryGroupsUser", + member="user:jane@example.com") + ``` + + ## This resource supports User Project Overrides. + + - + + # IAM policy for Gemini for Google Cloud RepositoryGroup + Three different resources help you manage your IAM policy for Gemini for Google Cloud RepositoryGroup. Each of these resources serves a different use case: + + * `gemini.RepositoryGroupIamPolicy`: Authoritative. Sets the IAM policy for the repositorygroup and replaces any existing policy already attached. + * `gemini.RepositoryGroupIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the repositorygroup are preserved. + * `gemini.RepositoryGroupIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the repositorygroup are preserved. + + A data source can be used to retrieve policy data in advent you do not need creation + + * `gemini.RepositoryGroupIamPolicy`: Retrieves the IAM policy for the repositorygroup + + > **Note:** `gemini.RepositoryGroupIamPolicy` **cannot** be used in conjunction with `gemini.RepositoryGroupIamBinding` and `gemini.RepositoryGroupIamMember` or they will fight over what your policy should be. + + > **Note:** `gemini.RepositoryGroupIamBinding` resources **can be** used in conjunction with `gemini.RepositoryGroupIamMember` resources **only if** they do not grant privilege to the same role. + + ## gemini.RepositoryGroupIamPolicy + + ```python + import pulumi + import pulumi_gcp as gcp + + admin = gcp.organizations.get_iam_policy(bindings=[{ + "role": "roles/cloudaicompanion.repositoryGroupsUser", + "members": ["user:jane@example.com"], + }]) + policy = gcp.gemini.RepositoryGroupIamPolicy("policy", + project=example["project"], + location=example["location"], + code_repository_index=example["codeRepositoryIndex"], + repository_group_id=example["repositoryGroupId"], + policy_data=admin.policy_data) + ``` + + ## gemini.RepositoryGroupIamBinding + + ```python + import pulumi + import pulumi_gcp as gcp + + binding = gcp.gemini.RepositoryGroupIamBinding("binding", + project=example["project"], + location=example["location"], + code_repository_index=example["codeRepositoryIndex"], + repository_group_id=example["repositoryGroupId"], + role="roles/cloudaicompanion.repositoryGroupsUser", + members=["user:jane@example.com"]) + ``` + + ## gemini.RepositoryGroupIamMember + + ```python + import pulumi + import pulumi_gcp as gcp + + member = gcp.gemini.RepositoryGroupIamMember("member", + project=example["project"], + location=example["location"], + code_repository_index=example["codeRepositoryIndex"], + repository_group_id=example["repositoryGroupId"], + role="roles/cloudaicompanion.repositoryGroupsUser", + member="user:jane@example.com") + ``` + ## Import For all import syntaxes, the "resource in question" can take any of the following forms: @@ -387,6 +516,135 @@ def __init__(__self__, args: RepositoryGroupIamMemberArgs, opts: Optional[pulumi.ResourceOptions] = None): """ + Three different resources help you manage your IAM policy for Gemini for Google Cloud RepositoryGroup. Each of these resources serves a different use case: + + * `gemini.RepositoryGroupIamPolicy`: Authoritative. Sets the IAM policy for the repositorygroup and replaces any existing policy already attached. + * `gemini.RepositoryGroupIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the repositorygroup are preserved. + * `gemini.RepositoryGroupIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the repositorygroup are preserved. + + A data source can be used to retrieve policy data in advent you do not need creation + + * `gemini.RepositoryGroupIamPolicy`: Retrieves the IAM policy for the repositorygroup + + > **Note:** `gemini.RepositoryGroupIamPolicy` **cannot** be used in conjunction with `gemini.RepositoryGroupIamBinding` and `gemini.RepositoryGroupIamMember` or they will fight over what your policy should be. + + > **Note:** `gemini.RepositoryGroupIamBinding` resources **can be** used in conjunction with `gemini.RepositoryGroupIamMember` resources **only if** they do not grant privilege to the same role. + + ## gemini.RepositoryGroupIamPolicy + + ```python + import pulumi + import pulumi_gcp as gcp + + admin = gcp.organizations.get_iam_policy(bindings=[{ + "role": "roles/cloudaicompanion.repositoryGroupsUser", + "members": ["user:jane@example.com"], + }]) + policy = gcp.gemini.RepositoryGroupIamPolicy("policy", + project=example["project"], + location=example["location"], + code_repository_index=example["codeRepositoryIndex"], + repository_group_id=example["repositoryGroupId"], + policy_data=admin.policy_data) + ``` + + ## gemini.RepositoryGroupIamBinding + + ```python + import pulumi + import pulumi_gcp as gcp + + binding = gcp.gemini.RepositoryGroupIamBinding("binding", + project=example["project"], + location=example["location"], + code_repository_index=example["codeRepositoryIndex"], + repository_group_id=example["repositoryGroupId"], + role="roles/cloudaicompanion.repositoryGroupsUser", + members=["user:jane@example.com"]) + ``` + + ## gemini.RepositoryGroupIamMember + + ```python + import pulumi + import pulumi_gcp as gcp + + member = gcp.gemini.RepositoryGroupIamMember("member", + project=example["project"], + location=example["location"], + code_repository_index=example["codeRepositoryIndex"], + repository_group_id=example["repositoryGroupId"], + role="roles/cloudaicompanion.repositoryGroupsUser", + member="user:jane@example.com") + ``` + + ## This resource supports User Project Overrides. + + - + + # IAM policy for Gemini for Google Cloud RepositoryGroup + Three different resources help you manage your IAM policy for Gemini for Google Cloud RepositoryGroup. Each of these resources serves a different use case: + + * `gemini.RepositoryGroupIamPolicy`: Authoritative. Sets the IAM policy for the repositorygroup and replaces any existing policy already attached. + * `gemini.RepositoryGroupIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the repositorygroup are preserved. + * `gemini.RepositoryGroupIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the repositorygroup are preserved. + + A data source can be used to retrieve policy data in advent you do not need creation + + * `gemini.RepositoryGroupIamPolicy`: Retrieves the IAM policy for the repositorygroup + + > **Note:** `gemini.RepositoryGroupIamPolicy` **cannot** be used in conjunction with `gemini.RepositoryGroupIamBinding` and `gemini.RepositoryGroupIamMember` or they will fight over what your policy should be. + + > **Note:** `gemini.RepositoryGroupIamBinding` resources **can be** used in conjunction with `gemini.RepositoryGroupIamMember` resources **only if** they do not grant privilege to the same role. + + ## gemini.RepositoryGroupIamPolicy + + ```python + import pulumi + import pulumi_gcp as gcp + + admin = gcp.organizations.get_iam_policy(bindings=[{ + "role": "roles/cloudaicompanion.repositoryGroupsUser", + "members": ["user:jane@example.com"], + }]) + policy = gcp.gemini.RepositoryGroupIamPolicy("policy", + project=example["project"], + location=example["location"], + code_repository_index=example["codeRepositoryIndex"], + repository_group_id=example["repositoryGroupId"], + policy_data=admin.policy_data) + ``` + + ## gemini.RepositoryGroupIamBinding + + ```python + import pulumi + import pulumi_gcp as gcp + + binding = gcp.gemini.RepositoryGroupIamBinding("binding", + project=example["project"], + location=example["location"], + code_repository_index=example["codeRepositoryIndex"], + repository_group_id=example["repositoryGroupId"], + role="roles/cloudaicompanion.repositoryGroupsUser", + members=["user:jane@example.com"]) + ``` + + ## gemini.RepositoryGroupIamMember + + ```python + import pulumi + import pulumi_gcp as gcp + + member = gcp.gemini.RepositoryGroupIamMember("member", + project=example["project"], + location=example["location"], + code_repository_index=example["codeRepositoryIndex"], + repository_group_id=example["repositoryGroupId"], + role="roles/cloudaicompanion.repositoryGroupsUser", + member="user:jane@example.com") + ``` + ## Import For all import syntaxes, the "resource in question" can take any of the following forms: diff --git a/sdk/python/pulumi_gcp/gemini/repository_group_iam_policy.py b/sdk/python/pulumi_gcp/gemini/repository_group_iam_policy.py index 6bcee48468..10d10d4105 100644 --- a/sdk/python/pulumi_gcp/gemini/repository_group_iam_policy.py +++ b/sdk/python/pulumi_gcp/gemini/repository_group_iam_policy.py @@ -217,6 +217,135 @@ def __init__(__self__, repository_group_id: Optional[pulumi.Input[str]] = None, __props__=None): """ + Three different resources help you manage your IAM policy for Gemini for Google Cloud RepositoryGroup. Each of these resources serves a different use case: + + * `gemini.RepositoryGroupIamPolicy`: Authoritative. Sets the IAM policy for the repositorygroup and replaces any existing policy already attached. + * `gemini.RepositoryGroupIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the repositorygroup are preserved. + * `gemini.RepositoryGroupIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the repositorygroup are preserved. + + A data source can be used to retrieve policy data in advent you do not need creation + + * `gemini.RepositoryGroupIamPolicy`: Retrieves the IAM policy for the repositorygroup + + > **Note:** `gemini.RepositoryGroupIamPolicy` **cannot** be used in conjunction with `gemini.RepositoryGroupIamBinding` and `gemini.RepositoryGroupIamMember` or they will fight over what your policy should be. + + > **Note:** `gemini.RepositoryGroupIamBinding` resources **can be** used in conjunction with `gemini.RepositoryGroupIamMember` resources **only if** they do not grant privilege to the same role. + + ## gemini.RepositoryGroupIamPolicy + + ```python + import pulumi + import pulumi_gcp as gcp + + admin = gcp.organizations.get_iam_policy(bindings=[{ + "role": "roles/cloudaicompanion.repositoryGroupsUser", + "members": ["user:jane@example.com"], + }]) + policy = gcp.gemini.RepositoryGroupIamPolicy("policy", + project=example["project"], + location=example["location"], + code_repository_index=example["codeRepositoryIndex"], + repository_group_id=example["repositoryGroupId"], + policy_data=admin.policy_data) + ``` + + ## gemini.RepositoryGroupIamBinding + + ```python + import pulumi + import pulumi_gcp as gcp + + binding = gcp.gemini.RepositoryGroupIamBinding("binding", + project=example["project"], + location=example["location"], + code_repository_index=example["codeRepositoryIndex"], + repository_group_id=example["repositoryGroupId"], + role="roles/cloudaicompanion.repositoryGroupsUser", + members=["user:jane@example.com"]) + ``` + + ## gemini.RepositoryGroupIamMember + + ```python + import pulumi + import pulumi_gcp as gcp + + member = gcp.gemini.RepositoryGroupIamMember("member", + project=example["project"], + location=example["location"], + code_repository_index=example["codeRepositoryIndex"], + repository_group_id=example["repositoryGroupId"], + role="roles/cloudaicompanion.repositoryGroupsUser", + member="user:jane@example.com") + ``` + + ## This resource supports User Project Overrides. + + - + + # IAM policy for Gemini for Google Cloud RepositoryGroup + Three different resources help you manage your IAM policy for Gemini for Google Cloud RepositoryGroup. Each of these resources serves a different use case: + + * `gemini.RepositoryGroupIamPolicy`: Authoritative. Sets the IAM policy for the repositorygroup and replaces any existing policy already attached. + * `gemini.RepositoryGroupIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the repositorygroup are preserved. + * `gemini.RepositoryGroupIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the repositorygroup are preserved. + + A data source can be used to retrieve policy data in advent you do not need creation + + * `gemini.RepositoryGroupIamPolicy`: Retrieves the IAM policy for the repositorygroup + + > **Note:** `gemini.RepositoryGroupIamPolicy` **cannot** be used in conjunction with `gemini.RepositoryGroupIamBinding` and `gemini.RepositoryGroupIamMember` or they will fight over what your policy should be. + + > **Note:** `gemini.RepositoryGroupIamBinding` resources **can be** used in conjunction with `gemini.RepositoryGroupIamMember` resources **only if** they do not grant privilege to the same role. + + ## gemini.RepositoryGroupIamPolicy + + ```python + import pulumi + import pulumi_gcp as gcp + + admin = gcp.organizations.get_iam_policy(bindings=[{ + "role": "roles/cloudaicompanion.repositoryGroupsUser", + "members": ["user:jane@example.com"], + }]) + policy = gcp.gemini.RepositoryGroupIamPolicy("policy", + project=example["project"], + location=example["location"], + code_repository_index=example["codeRepositoryIndex"], + repository_group_id=example["repositoryGroupId"], + policy_data=admin.policy_data) + ``` + + ## gemini.RepositoryGroupIamBinding + + ```python + import pulumi + import pulumi_gcp as gcp + + binding = gcp.gemini.RepositoryGroupIamBinding("binding", + project=example["project"], + location=example["location"], + code_repository_index=example["codeRepositoryIndex"], + repository_group_id=example["repositoryGroupId"], + role="roles/cloudaicompanion.repositoryGroupsUser", + members=["user:jane@example.com"]) + ``` + + ## gemini.RepositoryGroupIamMember + + ```python + import pulumi + import pulumi_gcp as gcp + + member = gcp.gemini.RepositoryGroupIamMember("member", + project=example["project"], + location=example["location"], + code_repository_index=example["codeRepositoryIndex"], + repository_group_id=example["repositoryGroupId"], + role="roles/cloudaicompanion.repositoryGroupsUser", + member="user:jane@example.com") + ``` + ## Import For all import syntaxes, the "resource in question" can take any of the following forms: @@ -272,6 +401,135 @@ def __init__(__self__, args: RepositoryGroupIamPolicyArgs, opts: Optional[pulumi.ResourceOptions] = None): """ + Three different resources help you manage your IAM policy for Gemini for Google Cloud RepositoryGroup. Each of these resources serves a different use case: + + * `gemini.RepositoryGroupIamPolicy`: Authoritative. Sets the IAM policy for the repositorygroup and replaces any existing policy already attached. + * `gemini.RepositoryGroupIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the repositorygroup are preserved. + * `gemini.RepositoryGroupIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the repositorygroup are preserved. + + A data source can be used to retrieve policy data in advent you do not need creation + + * `gemini.RepositoryGroupIamPolicy`: Retrieves the IAM policy for the repositorygroup + + > **Note:** `gemini.RepositoryGroupIamPolicy` **cannot** be used in conjunction with `gemini.RepositoryGroupIamBinding` and `gemini.RepositoryGroupIamMember` or they will fight over what your policy should be. + + > **Note:** `gemini.RepositoryGroupIamBinding` resources **can be** used in conjunction with `gemini.RepositoryGroupIamMember` resources **only if** they do not grant privilege to the same role. + + ## gemini.RepositoryGroupIamPolicy + + ```python + import pulumi + import pulumi_gcp as gcp + + admin = gcp.organizations.get_iam_policy(bindings=[{ + "role": "roles/cloudaicompanion.repositoryGroupsUser", + "members": ["user:jane@example.com"], + }]) + policy = gcp.gemini.RepositoryGroupIamPolicy("policy", + project=example["project"], + location=example["location"], + code_repository_index=example["codeRepositoryIndex"], + repository_group_id=example["repositoryGroupId"], + policy_data=admin.policy_data) + ``` + + ## gemini.RepositoryGroupIamBinding + + ```python + import pulumi + import pulumi_gcp as gcp + + binding = gcp.gemini.RepositoryGroupIamBinding("binding", + project=example["project"], + location=example["location"], + code_repository_index=example["codeRepositoryIndex"], + repository_group_id=example["repositoryGroupId"], + role="roles/cloudaicompanion.repositoryGroupsUser", + members=["user:jane@example.com"]) + ``` + + ## gemini.RepositoryGroupIamMember + + ```python + import pulumi + import pulumi_gcp as gcp + + member = gcp.gemini.RepositoryGroupIamMember("member", + project=example["project"], + location=example["location"], + code_repository_index=example["codeRepositoryIndex"], + repository_group_id=example["repositoryGroupId"], + role="roles/cloudaicompanion.repositoryGroupsUser", + member="user:jane@example.com") + ``` + + ## This resource supports User Project Overrides. + + - + + # IAM policy for Gemini for Google Cloud RepositoryGroup + Three different resources help you manage your IAM policy for Gemini for Google Cloud RepositoryGroup. Each of these resources serves a different use case: + + * `gemini.RepositoryGroupIamPolicy`: Authoritative. Sets the IAM policy for the repositorygroup and replaces any existing policy already attached. + * `gemini.RepositoryGroupIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the repositorygroup are preserved. + * `gemini.RepositoryGroupIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the repositorygroup are preserved. + + A data source can be used to retrieve policy data in advent you do not need creation + + * `gemini.RepositoryGroupIamPolicy`: Retrieves the IAM policy for the repositorygroup + + > **Note:** `gemini.RepositoryGroupIamPolicy` **cannot** be used in conjunction with `gemini.RepositoryGroupIamBinding` and `gemini.RepositoryGroupIamMember` or they will fight over what your policy should be. + + > **Note:** `gemini.RepositoryGroupIamBinding` resources **can be** used in conjunction with `gemini.RepositoryGroupIamMember` resources **only if** they do not grant privilege to the same role. + + ## gemini.RepositoryGroupIamPolicy + + ```python + import pulumi + import pulumi_gcp as gcp + + admin = gcp.organizations.get_iam_policy(bindings=[{ + "role": "roles/cloudaicompanion.repositoryGroupsUser", + "members": ["user:jane@example.com"], + }]) + policy = gcp.gemini.RepositoryGroupIamPolicy("policy", + project=example["project"], + location=example["location"], + code_repository_index=example["codeRepositoryIndex"], + repository_group_id=example["repositoryGroupId"], + policy_data=admin.policy_data) + ``` + + ## gemini.RepositoryGroupIamBinding + + ```python + import pulumi + import pulumi_gcp as gcp + + binding = gcp.gemini.RepositoryGroupIamBinding("binding", + project=example["project"], + location=example["location"], + code_repository_index=example["codeRepositoryIndex"], + repository_group_id=example["repositoryGroupId"], + role="roles/cloudaicompanion.repositoryGroupsUser", + members=["user:jane@example.com"]) + ``` + + ## gemini.RepositoryGroupIamMember + + ```python + import pulumi + import pulumi_gcp as gcp + + member = gcp.gemini.RepositoryGroupIamMember("member", + project=example["project"], + location=example["location"], + code_repository_index=example["codeRepositoryIndex"], + repository_group_id=example["repositoryGroupId"], + role="roles/cloudaicompanion.repositoryGroupsUser", + member="user:jane@example.com") + ``` + ## Import For all import syntaxes, the "resource in question" can take any of the following forms: diff --git a/sdk/python/pulumi_gcp/kms/__init__.py b/sdk/python/pulumi_gcp/kms/__init__.py index 9f77fedfa1..ec701abac8 100644 --- a/sdk/python/pulumi_gcp/kms/__init__.py +++ b/sdk/python/pulumi_gcp/kms/__init__.py @@ -22,6 +22,7 @@ from .get_crypto_keys import * from .get_ekm_connection_iam_policy import * from .get_key_handle import * +from .get_key_handles import * from .get_key_ring_iam_policy import * from .get_key_rings import * from .get_kms_crypto_key import * diff --git a/sdk/python/pulumi_gcp/kms/get_key_handles.py b/sdk/python/pulumi_gcp/kms/get_key_handles.py new file mode 100644 index 0000000000..884924f047 --- /dev/null +++ b/sdk/python/pulumi_gcp/kms/get_key_handles.py @@ -0,0 +1,172 @@ +# coding=utf-8 +# *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +# *** Do not edit by hand unless you're certain you know what you are doing! *** + +import copy +import warnings +import sys +import pulumi +import pulumi.runtime +from typing import Any, Mapping, Optional, Sequence, Union, overload +if sys.version_info >= (3, 11): + from typing import NotRequired, TypedDict, TypeAlias +else: + from typing_extensions import NotRequired, TypedDict, TypeAlias +from .. import _utilities +from . import outputs + +__all__ = [ + 'GetKeyHandlesResult', + 'AwaitableGetKeyHandlesResult', + 'get_key_handles', + 'get_key_handles_output', +] + +@pulumi.output_type +class GetKeyHandlesResult: + """ + A collection of values returned by getKeyHandles. + """ + def __init__(__self__, id=None, key_handles=None, location=None, project=None, resource_type_selector=None): + if id and not isinstance(id, str): + raise TypeError("Expected argument 'id' to be a str") + pulumi.set(__self__, "id", id) + if key_handles and not isinstance(key_handles, list): + raise TypeError("Expected argument 'key_handles' to be a list") + pulumi.set(__self__, "key_handles", key_handles) + if location and not isinstance(location, str): + raise TypeError("Expected argument 'location' to be a str") + pulumi.set(__self__, "location", location) + if project and not isinstance(project, str): + raise TypeError("Expected argument 'project' to be a str") + pulumi.set(__self__, "project", project) + if resource_type_selector and not isinstance(resource_type_selector, str): + raise TypeError("Expected argument 'resource_type_selector' to be a str") + pulumi.set(__self__, "resource_type_selector", resource_type_selector) + + @property + @pulumi.getter + def id(self) -> str: + """ + The provider-assigned unique ID for this managed resource. + """ + return pulumi.get(self, "id") + + @property + @pulumi.getter(name="keyHandles") + def key_handles(self) -> Sequence['outputs.GetKeyHandlesKeyHandleResult']: + return pulumi.get(self, "key_handles") + + @property + @pulumi.getter + def location(self) -> str: + """ + The location of the KMS Key and KeyHandle. + """ + return pulumi.get(self, "location") + + @property + @pulumi.getter + def project(self) -> Optional[str]: + """ + The identifier of the project where KMS KeyHandle is created. + """ + return pulumi.get(self, "project") + + @property + @pulumi.getter(name="resourceTypeSelector") + def resource_type_selector(self) -> str: + """ + Indicates the resource type that the resulting CryptoKey is meant to protect, e.g. {SERVICE}.googleapis.com/{TYPE}. See documentation for supported resource types. + """ + return pulumi.get(self, "resource_type_selector") + + +class AwaitableGetKeyHandlesResult(GetKeyHandlesResult): + # pylint: disable=using-constant-test + def __await__(self): + if False: + yield self + return GetKeyHandlesResult( + id=self.id, + key_handles=self.key_handles, + location=self.location, + project=self.project, + resource_type_selector=self.resource_type_selector) + + +def get_key_handles(location: Optional[str] = None, + project: Optional[str] = None, + resource_type_selector: Optional[str] = None, + opts: Optional[pulumi.InvokeOptions] = None) -> AwaitableGetKeyHandlesResult: + """ + ## Example Usage + + ```python + import pulumi + import pulumi_gcp as gcp + + my_key_handles = gcp.kms.get_key_handles(project="resource-project-id", + location="us-central1", + resource_type_selector="storage.googleapis.com/Bucket") + ``` + + + :param str location: The Google Cloud Platform location for the KeyHandle. + A full list of valid locations can be found by running `gcloud kms locations list`. + :param str project: The project in which the resource belongs. If it + is not provided, the provider project is used. + :param str resource_type_selector: The resource type by which to filter KeyHandle e.g. {SERVICE}.googleapis.com/{TYPE}. See documentation for supported resource types. + + - - - + """ + __args__ = dict() + __args__['location'] = location + __args__['project'] = project + __args__['resourceTypeSelector'] = resource_type_selector + opts = pulumi.InvokeOptions.merge(_utilities.get_invoke_opts_defaults(), opts) + __ret__ = pulumi.runtime.invoke('gcp:kms/getKeyHandles:getKeyHandles', __args__, opts=opts, typ=GetKeyHandlesResult).value + + return AwaitableGetKeyHandlesResult( + id=pulumi.get(__ret__, 'id'), + key_handles=pulumi.get(__ret__, 'key_handles'), + location=pulumi.get(__ret__, 'location'), + project=pulumi.get(__ret__, 'project'), + resource_type_selector=pulumi.get(__ret__, 'resource_type_selector')) +def get_key_handles_output(location: Optional[pulumi.Input[str]] = None, + project: Optional[pulumi.Input[Optional[str]]] = None, + resource_type_selector: Optional[pulumi.Input[str]] = None, + opts: Optional[Union[pulumi.InvokeOptions, pulumi.InvokeOutputOptions]] = None) -> pulumi.Output[GetKeyHandlesResult]: + """ + ## Example Usage + + ```python + import pulumi + import pulumi_gcp as gcp + + my_key_handles = gcp.kms.get_key_handles(project="resource-project-id", + location="us-central1", + resource_type_selector="storage.googleapis.com/Bucket") + ``` + + + :param str location: The Google Cloud Platform location for the KeyHandle. + A full list of valid locations can be found by running `gcloud kms locations list`. + :param str project: The project in which the resource belongs. If it + is not provided, the provider project is used. + :param str resource_type_selector: The resource type by which to filter KeyHandle e.g. {SERVICE}.googleapis.com/{TYPE}. See documentation for supported resource types. + + - - - + """ + __args__ = dict() + __args__['location'] = location + __args__['project'] = project + __args__['resourceTypeSelector'] = resource_type_selector + opts = pulumi.InvokeOutputOptions.merge(_utilities.get_invoke_opts_defaults(), opts) + __ret__ = pulumi.runtime.invoke_output('gcp:kms/getKeyHandles:getKeyHandles', __args__, opts=opts, typ=GetKeyHandlesResult) + return __ret__.apply(lambda __response__: GetKeyHandlesResult( + id=pulumi.get(__response__, 'id'), + key_handles=pulumi.get(__response__, 'key_handles'), + location=pulumi.get(__response__, 'location'), + project=pulumi.get(__response__, 'project'), + resource_type_selector=pulumi.get(__response__, 'resource_type_selector'))) diff --git a/sdk/python/pulumi_gcp/kms/outputs.py b/sdk/python/pulumi_gcp/kms/outputs.py index 39d092e772..c4b1cfb2d8 100644 --- a/sdk/python/pulumi_gcp/kms/outputs.py +++ b/sdk/python/pulumi_gcp/kms/outputs.py @@ -45,6 +45,7 @@ 'GetKMSCryptoKeyPrimaryResult', 'GetKMSCryptoKeyVersionPublicKeyResult', 'GetKMSCryptoKeyVersionTemplateResult', + 'GetKeyHandlesKeyHandleResult', 'GetKeyRingsKeyRingResult', ] @@ -1554,6 +1555,50 @@ def protection_level(self) -> str: return pulumi.get(self, "protection_level") +@pulumi.output_type +class GetKeyHandlesKeyHandleResult(dict): + def __init__(__self__, *, + kms_key: str, + name: str, + resource_type_selector: str): + """ + :param str kms_key: The identifier of the KMS Key created for the KeyHandle. Its format is `projects/{projectId}/locations/{location}/keyRings/{keyRingName}/cryptoKeys/{cryptoKeyName}`. + :param str name: The name of the KeyHandle. Its format is `projects/{projectId}/locations/{location}/keyHandles/{keyHandleName}`. + :param str resource_type_selector: The resource type by which to filter KeyHandle e.g. {SERVICE}.googleapis.com/{TYPE}. See documentation for supported resource types. + + - - - + """ + pulumi.set(__self__, "kms_key", kms_key) + pulumi.set(__self__, "name", name) + pulumi.set(__self__, "resource_type_selector", resource_type_selector) + + @property + @pulumi.getter(name="kmsKey") + def kms_key(self) -> str: + """ + The identifier of the KMS Key created for the KeyHandle. Its format is `projects/{projectId}/locations/{location}/keyRings/{keyRingName}/cryptoKeys/{cryptoKeyName}`. + """ + return pulumi.get(self, "kms_key") + + @property + @pulumi.getter + def name(self) -> str: + """ + The name of the KeyHandle. Its format is `projects/{projectId}/locations/{location}/keyHandles/{keyHandleName}`. + """ + return pulumi.get(self, "name") + + @property + @pulumi.getter(name="resourceTypeSelector") + def resource_type_selector(self) -> str: + """ + The resource type by which to filter KeyHandle e.g. {SERVICE}.googleapis.com/{TYPE}. See documentation for supported resource types. + + - - - + """ + return pulumi.get(self, "resource_type_selector") + + @pulumi.output_type class GetKeyRingsKeyRingResult(dict): def __init__(__self__, *, diff --git a/sdk/python/pulumi_gcp/networksecurity/_inputs.py b/sdk/python/pulumi_gcp/networksecurity/_inputs.py index 5677f29e3e..b49e0d2c9c 100644 --- a/sdk/python/pulumi_gcp/networksecurity/_inputs.py +++ b/sdk/python/pulumi_gcp/networksecurity/_inputs.py @@ -93,6 +93,10 @@ 'MirroringDeploymentGroupConnectedEndpointGroupArgsDict', 'MirroringEndpointGroupAssociationLocationsDetailArgs', 'MirroringEndpointGroupAssociationLocationsDetailArgsDict', + 'SecurityProfileCustomInterceptProfileArgs', + 'SecurityProfileCustomInterceptProfileArgsDict', + 'SecurityProfileCustomMirroringProfileArgs', + 'SecurityProfileCustomMirroringProfileArgsDict', 'SecurityProfileThreatPreventionProfileArgs', 'SecurityProfileThreatPreventionProfileArgsDict', 'SecurityProfileThreatPreventionProfileSeverityOverrideArgs', @@ -2760,6 +2764,74 @@ def state(self, value: Optional[pulumi.Input[str]]): pulumi.set(self, "state", value) +if not MYPY: + class SecurityProfileCustomInterceptProfileArgsDict(TypedDict): + intercept_endpoint_group: pulumi.Input[str] + """ + The Intercept Endpoint Group to which matching traffic should be intercepted. + Format: projects/{project_id}/locations/global/interceptEndpointGroups/{endpoint_group_id} + """ +elif False: + SecurityProfileCustomInterceptProfileArgsDict: TypeAlias = Mapping[str, Any] + +@pulumi.input_type +class SecurityProfileCustomInterceptProfileArgs: + def __init__(__self__, *, + intercept_endpoint_group: pulumi.Input[str]): + """ + :param pulumi.Input[str] intercept_endpoint_group: The Intercept Endpoint Group to which matching traffic should be intercepted. + Format: projects/{project_id}/locations/global/interceptEndpointGroups/{endpoint_group_id} + """ + pulumi.set(__self__, "intercept_endpoint_group", intercept_endpoint_group) + + @property + @pulumi.getter(name="interceptEndpointGroup") + def intercept_endpoint_group(self) -> pulumi.Input[str]: + """ + The Intercept Endpoint Group to which matching traffic should be intercepted. + Format: projects/{project_id}/locations/global/interceptEndpointGroups/{endpoint_group_id} + """ + return pulumi.get(self, "intercept_endpoint_group") + + @intercept_endpoint_group.setter + def intercept_endpoint_group(self, value: pulumi.Input[str]): + pulumi.set(self, "intercept_endpoint_group", value) + + +if not MYPY: + class SecurityProfileCustomMirroringProfileArgsDict(TypedDict): + mirroring_endpoint_group: pulumi.Input[str] + """ + The Mirroring Endpoint Group to which matching traffic should be mirrored. + Format: projects/{project_id}/locations/global/mirroringEndpointGroups/{endpoint_group_id} + """ +elif False: + SecurityProfileCustomMirroringProfileArgsDict: TypeAlias = Mapping[str, Any] + +@pulumi.input_type +class SecurityProfileCustomMirroringProfileArgs: + def __init__(__self__, *, + mirroring_endpoint_group: pulumi.Input[str]): + """ + :param pulumi.Input[str] mirroring_endpoint_group: The Mirroring Endpoint Group to which matching traffic should be mirrored. + Format: projects/{project_id}/locations/global/mirroringEndpointGroups/{endpoint_group_id} + """ + pulumi.set(__self__, "mirroring_endpoint_group", mirroring_endpoint_group) + + @property + @pulumi.getter(name="mirroringEndpointGroup") + def mirroring_endpoint_group(self) -> pulumi.Input[str]: + """ + The Mirroring Endpoint Group to which matching traffic should be mirrored. + Format: projects/{project_id}/locations/global/mirroringEndpointGroups/{endpoint_group_id} + """ + return pulumi.get(self, "mirroring_endpoint_group") + + @mirroring_endpoint_group.setter + def mirroring_endpoint_group(self, value: pulumi.Input[str]): + pulumi.set(self, "mirroring_endpoint_group", value) + + if not MYPY: class SecurityProfileThreatPreventionProfileArgsDict(TypedDict): severity_overrides: NotRequired[pulumi.Input[Sequence[pulumi.Input['SecurityProfileThreatPreventionProfileSeverityOverrideArgsDict']]]] diff --git a/sdk/python/pulumi_gcp/networksecurity/outputs.py b/sdk/python/pulumi_gcp/networksecurity/outputs.py index 10e54d4251..5ade8e5e23 100644 --- a/sdk/python/pulumi_gcp/networksecurity/outputs.py +++ b/sdk/python/pulumi_gcp/networksecurity/outputs.py @@ -55,6 +55,8 @@ 'InterceptEndpointGroupAssociationLocationsDetail', 'MirroringDeploymentGroupConnectedEndpointGroup', 'MirroringEndpointGroupAssociationLocationsDetail', + 'SecurityProfileCustomInterceptProfile', + 'SecurityProfileCustomMirroringProfile', 'SecurityProfileThreatPreventionProfile', 'SecurityProfileThreatPreventionProfileSeverityOverride', 'SecurityProfileThreatPreventionProfileThreatOverride', @@ -2065,6 +2067,80 @@ def state(self) -> Optional[str]: return pulumi.get(self, "state") +@pulumi.output_type +class SecurityProfileCustomInterceptProfile(dict): + @staticmethod + def __key_warning(key: str): + suggest = None + if key == "interceptEndpointGroup": + suggest = "intercept_endpoint_group" + + if suggest: + pulumi.log.warn(f"Key '{key}' not found in SecurityProfileCustomInterceptProfile. Access the value via the '{suggest}' property getter instead.") + + def __getitem__(self, key: str) -> Any: + SecurityProfileCustomInterceptProfile.__key_warning(key) + return super().__getitem__(key) + + def get(self, key: str, default = None) -> Any: + SecurityProfileCustomInterceptProfile.__key_warning(key) + return super().get(key, default) + + def __init__(__self__, *, + intercept_endpoint_group: str): + """ + :param str intercept_endpoint_group: The Intercept Endpoint Group to which matching traffic should be intercepted. + Format: projects/{project_id}/locations/global/interceptEndpointGroups/{endpoint_group_id} + """ + pulumi.set(__self__, "intercept_endpoint_group", intercept_endpoint_group) + + @property + @pulumi.getter(name="interceptEndpointGroup") + def intercept_endpoint_group(self) -> str: + """ + The Intercept Endpoint Group to which matching traffic should be intercepted. + Format: projects/{project_id}/locations/global/interceptEndpointGroups/{endpoint_group_id} + """ + return pulumi.get(self, "intercept_endpoint_group") + + +@pulumi.output_type +class SecurityProfileCustomMirroringProfile(dict): + @staticmethod + def __key_warning(key: str): + suggest = None + if key == "mirroringEndpointGroup": + suggest = "mirroring_endpoint_group" + + if suggest: + pulumi.log.warn(f"Key '{key}' not found in SecurityProfileCustomMirroringProfile. Access the value via the '{suggest}' property getter instead.") + + def __getitem__(self, key: str) -> Any: + SecurityProfileCustomMirroringProfile.__key_warning(key) + return super().__getitem__(key) + + def get(self, key: str, default = None) -> Any: + SecurityProfileCustomMirroringProfile.__key_warning(key) + return super().get(key, default) + + def __init__(__self__, *, + mirroring_endpoint_group: str): + """ + :param str mirroring_endpoint_group: The Mirroring Endpoint Group to which matching traffic should be mirrored. + Format: projects/{project_id}/locations/global/mirroringEndpointGroups/{endpoint_group_id} + """ + pulumi.set(__self__, "mirroring_endpoint_group", mirroring_endpoint_group) + + @property + @pulumi.getter(name="mirroringEndpointGroup") + def mirroring_endpoint_group(self) -> str: + """ + The Mirroring Endpoint Group to which matching traffic should be mirrored. + Format: projects/{project_id}/locations/global/mirroringEndpointGroups/{endpoint_group_id} + """ + return pulumi.get(self, "mirroring_endpoint_group") + + @pulumi.output_type class SecurityProfileThreatPreventionProfile(dict): @staticmethod diff --git a/sdk/python/pulumi_gcp/networksecurity/security_profile.py b/sdk/python/pulumi_gcp/networksecurity/security_profile.py index 9728266f21..14f3d6e10e 100644 --- a/sdk/python/pulumi_gcp/networksecurity/security_profile.py +++ b/sdk/python/pulumi_gcp/networksecurity/security_profile.py @@ -22,6 +22,8 @@ class SecurityProfileArgs: def __init__(__self__, *, type: pulumi.Input[str], + custom_intercept_profile: Optional[pulumi.Input['SecurityProfileCustomInterceptProfileArgs']] = None, + custom_mirroring_profile: Optional[pulumi.Input['SecurityProfileCustomMirroringProfileArgs']] = None, description: Optional[pulumi.Input[str]] = None, labels: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None, location: Optional[pulumi.Input[str]] = None, @@ -31,7 +33,13 @@ def __init__(__self__, *, """ The set of arguments for constructing a SecurityProfile resource. :param pulumi.Input[str] type: The type of security profile. - Possible values are: `THREAT_PREVENTION`. + Possible values are: `THREAT_PREVENTION`, `CUSTOM_MIRRORING`, `CUSTOM_INTERCEPT`. + :param pulumi.Input['SecurityProfileCustomInterceptProfileArgs'] custom_intercept_profile: The configuration for defining the Intercept Endpoint Group used to + intercept traffic to third-party firewall appliances. + Structure is documented below. + :param pulumi.Input['SecurityProfileCustomMirroringProfileArgs'] custom_mirroring_profile: The configuration for defining the Mirroring Endpoint Group used to + mirror traffic to third-party collectors. + Structure is documented below. :param pulumi.Input[str] description: An optional description of the security profile. The Max length is 512 characters. :param pulumi.Input[Mapping[str, pulumi.Input[str]]] labels: A map of key/value label pairs to assign to the resource. @@ -49,6 +57,10 @@ def __init__(__self__, *, Structure is documented below. """ pulumi.set(__self__, "type", type) + if custom_intercept_profile is not None: + pulumi.set(__self__, "custom_intercept_profile", custom_intercept_profile) + if custom_mirroring_profile is not None: + pulumi.set(__self__, "custom_mirroring_profile", custom_mirroring_profile) if description is not None: pulumi.set(__self__, "description", description) if labels is not None: @@ -67,7 +79,7 @@ def __init__(__self__, *, def type(self) -> pulumi.Input[str]: """ The type of security profile. - Possible values are: `THREAT_PREVENTION`. + Possible values are: `THREAT_PREVENTION`, `CUSTOM_MIRRORING`, `CUSTOM_INTERCEPT`. """ return pulumi.get(self, "type") @@ -75,6 +87,34 @@ def type(self) -> pulumi.Input[str]: def type(self, value: pulumi.Input[str]): pulumi.set(self, "type", value) + @property + @pulumi.getter(name="customInterceptProfile") + def custom_intercept_profile(self) -> Optional[pulumi.Input['SecurityProfileCustomInterceptProfileArgs']]: + """ + The configuration for defining the Intercept Endpoint Group used to + intercept traffic to third-party firewall appliances. + Structure is documented below. + """ + return pulumi.get(self, "custom_intercept_profile") + + @custom_intercept_profile.setter + def custom_intercept_profile(self, value: Optional[pulumi.Input['SecurityProfileCustomInterceptProfileArgs']]): + pulumi.set(self, "custom_intercept_profile", value) + + @property + @pulumi.getter(name="customMirroringProfile") + def custom_mirroring_profile(self) -> Optional[pulumi.Input['SecurityProfileCustomMirroringProfileArgs']]: + """ + The configuration for defining the Mirroring Endpoint Group used to + mirror traffic to third-party collectors. + Structure is documented below. + """ + return pulumi.get(self, "custom_mirroring_profile") + + @custom_mirroring_profile.setter + def custom_mirroring_profile(self, value: Optional[pulumi.Input['SecurityProfileCustomMirroringProfileArgs']]): + pulumi.set(self, "custom_mirroring_profile", value) + @property @pulumi.getter def description(self) -> Optional[pulumi.Input[str]]: @@ -161,6 +201,8 @@ def threat_prevention_profile(self, value: Optional[pulumi.Input['SecurityProfil class _SecurityProfileState: def __init__(__self__, *, create_time: Optional[pulumi.Input[str]] = None, + custom_intercept_profile: Optional[pulumi.Input['SecurityProfileCustomInterceptProfileArgs']] = None, + custom_mirroring_profile: Optional[pulumi.Input['SecurityProfileCustomMirroringProfileArgs']] = None, description: Optional[pulumi.Input[str]] = None, effective_labels: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None, etag: Optional[pulumi.Input[str]] = None, @@ -176,6 +218,12 @@ def __init__(__self__, *, """ Input properties used for looking up and filtering SecurityProfile resources. :param pulumi.Input[str] create_time: Time the security profile was created in UTC. + :param pulumi.Input['SecurityProfileCustomInterceptProfileArgs'] custom_intercept_profile: The configuration for defining the Intercept Endpoint Group used to + intercept traffic to third-party firewall appliances. + Structure is documented below. + :param pulumi.Input['SecurityProfileCustomMirroringProfileArgs'] custom_mirroring_profile: The configuration for defining the Mirroring Endpoint Group used to + mirror traffic to third-party collectors. + Structure is documented below. :param pulumi.Input[str] description: An optional description of the security profile. The Max length is 512 characters. :param pulumi.Input[Mapping[str, pulumi.Input[str]]] effective_labels: All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. :param pulumi.Input[str] etag: This checksum is computed by the server based on the value of other fields, @@ -199,11 +247,15 @@ def __init__(__self__, *, :param pulumi.Input['SecurityProfileThreatPreventionProfileArgs'] threat_prevention_profile: The threat prevention configuration for the security profile. Structure is documented below. :param pulumi.Input[str] type: The type of security profile. - Possible values are: `THREAT_PREVENTION`. + Possible values are: `THREAT_PREVENTION`, `CUSTOM_MIRRORING`, `CUSTOM_INTERCEPT`. :param pulumi.Input[str] update_time: Time the security profile was updated in UTC. """ if create_time is not None: pulumi.set(__self__, "create_time", create_time) + if custom_intercept_profile is not None: + pulumi.set(__self__, "custom_intercept_profile", custom_intercept_profile) + if custom_mirroring_profile is not None: + pulumi.set(__self__, "custom_mirroring_profile", custom_mirroring_profile) if description is not None: pulumi.set(__self__, "description", description) if effective_labels is not None: @@ -241,6 +293,34 @@ def create_time(self) -> Optional[pulumi.Input[str]]: def create_time(self, value: Optional[pulumi.Input[str]]): pulumi.set(self, "create_time", value) + @property + @pulumi.getter(name="customInterceptProfile") + def custom_intercept_profile(self) -> Optional[pulumi.Input['SecurityProfileCustomInterceptProfileArgs']]: + """ + The configuration for defining the Intercept Endpoint Group used to + intercept traffic to third-party firewall appliances. + Structure is documented below. + """ + return pulumi.get(self, "custom_intercept_profile") + + @custom_intercept_profile.setter + def custom_intercept_profile(self, value: Optional[pulumi.Input['SecurityProfileCustomInterceptProfileArgs']]): + pulumi.set(self, "custom_intercept_profile", value) + + @property + @pulumi.getter(name="customMirroringProfile") + def custom_mirroring_profile(self) -> Optional[pulumi.Input['SecurityProfileCustomMirroringProfileArgs']]: + """ + The configuration for defining the Mirroring Endpoint Group used to + mirror traffic to third-party collectors. + Structure is documented below. + """ + return pulumi.get(self, "custom_mirroring_profile") + + @custom_mirroring_profile.setter + def custom_mirroring_profile(self, value: Optional[pulumi.Input['SecurityProfileCustomMirroringProfileArgs']]): + pulumi.set(self, "custom_mirroring_profile", value) + @property @pulumi.getter def description(self) -> Optional[pulumi.Input[str]]: @@ -378,7 +458,7 @@ def threat_prevention_profile(self, value: Optional[pulumi.Input['SecurityProfil def type(self) -> Optional[pulumi.Input[str]]: """ The type of security profile. - Possible values are: `THREAT_PREVENTION`. + Possible values are: `THREAT_PREVENTION`, `CUSTOM_MIRRORING`, `CUSTOM_INTERCEPT`. """ return pulumi.get(self, "type") @@ -404,6 +484,8 @@ class SecurityProfile(pulumi.CustomResource): def __init__(__self__, resource_name: str, opts: Optional[pulumi.ResourceOptions] = None, + custom_intercept_profile: Optional[pulumi.Input[Union['SecurityProfileCustomInterceptProfileArgs', 'SecurityProfileCustomInterceptProfileArgsDict']]] = None, + custom_mirroring_profile: Optional[pulumi.Input[Union['SecurityProfileCustomMirroringProfileArgs', 'SecurityProfileCustomMirroringProfileArgsDict']]] = None, description: Optional[pulumi.Input[str]] = None, labels: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None, location: Optional[pulumi.Input[str]] = None, @@ -466,6 +548,58 @@ def __init__(__self__, }], }) ``` + ### Network Security Security Profile Mirroring + + ```python + import pulumi + import pulumi_gcp as gcp + + default = gcp.compute.Network("default", + name="my-network", + auto_create_subnetworks=False) + default_mirroring_deployment_group = gcp.networksecurity.MirroringDeploymentGroup("default", + mirroring_deployment_group_id="my-dg", + location="global", + network=default.id) + default_mirroring_endpoint_group = gcp.networksecurity.MirroringEndpointGroup("default", + mirroring_endpoint_group_id="my-eg", + location="global", + mirroring_deployment_group=default_mirroring_deployment_group.id) + default_security_profile = gcp.networksecurity.SecurityProfile("default", + name="my-security-profile", + parent="organizations/123456789", + description="my description", + type="CUSTOM_MIRRORING", + custom_mirroring_profile={ + "mirroring_endpoint_group": default_mirroring_endpoint_group.id, + }) + ``` + ### Network Security Security Profile Intercept + + ```python + import pulumi + import pulumi_gcp as gcp + + default = gcp.compute.Network("default", + name="my-network", + auto_create_subnetworks=False) + default_intercept_deployment_group = gcp.networksecurity.InterceptDeploymentGroup("default", + intercept_deployment_group_id="my-dg", + location="global", + network=default.id) + default_intercept_endpoint_group = gcp.networksecurity.InterceptEndpointGroup("default", + intercept_endpoint_group_id="my-eg", + location="global", + intercept_deployment_group=default_intercept_deployment_group.id) + default_security_profile = gcp.networksecurity.SecurityProfile("default", + name="my-security-profile", + parent="organizations/123456789", + description="my description", + type="CUSTOM_INTERCEPT", + custom_intercept_profile={ + "intercept_endpoint_group": default_intercept_endpoint_group.id, + }) + ``` ## Import @@ -481,6 +615,12 @@ def __init__(__self__, :param str resource_name: The name of the resource. :param pulumi.ResourceOptions opts: Options for the resource. + :param pulumi.Input[Union['SecurityProfileCustomInterceptProfileArgs', 'SecurityProfileCustomInterceptProfileArgsDict']] custom_intercept_profile: The configuration for defining the Intercept Endpoint Group used to + intercept traffic to third-party firewall appliances. + Structure is documented below. + :param pulumi.Input[Union['SecurityProfileCustomMirroringProfileArgs', 'SecurityProfileCustomMirroringProfileArgsDict']] custom_mirroring_profile: The configuration for defining the Mirroring Endpoint Group used to + mirror traffic to third-party collectors. + Structure is documented below. :param pulumi.Input[str] description: An optional description of the security profile. The Max length is 512 characters. :param pulumi.Input[Mapping[str, pulumi.Input[str]]] labels: A map of key/value label pairs to assign to the resource. @@ -497,7 +637,7 @@ def __init__(__self__, :param pulumi.Input[Union['SecurityProfileThreatPreventionProfileArgs', 'SecurityProfileThreatPreventionProfileArgsDict']] threat_prevention_profile: The threat prevention configuration for the security profile. Structure is documented below. :param pulumi.Input[str] type: The type of security profile. - Possible values are: `THREAT_PREVENTION`. + Possible values are: `THREAT_PREVENTION`, `CUSTOM_MIRRORING`, `CUSTOM_INTERCEPT`. """ ... @overload @@ -559,6 +699,58 @@ def __init__(__self__, }], }) ``` + ### Network Security Security Profile Mirroring + + ```python + import pulumi + import pulumi_gcp as gcp + + default = gcp.compute.Network("default", + name="my-network", + auto_create_subnetworks=False) + default_mirroring_deployment_group = gcp.networksecurity.MirroringDeploymentGroup("default", + mirroring_deployment_group_id="my-dg", + location="global", + network=default.id) + default_mirroring_endpoint_group = gcp.networksecurity.MirroringEndpointGroup("default", + mirroring_endpoint_group_id="my-eg", + location="global", + mirroring_deployment_group=default_mirroring_deployment_group.id) + default_security_profile = gcp.networksecurity.SecurityProfile("default", + name="my-security-profile", + parent="organizations/123456789", + description="my description", + type="CUSTOM_MIRRORING", + custom_mirroring_profile={ + "mirroring_endpoint_group": default_mirroring_endpoint_group.id, + }) + ``` + ### Network Security Security Profile Intercept + + ```python + import pulumi + import pulumi_gcp as gcp + + default = gcp.compute.Network("default", + name="my-network", + auto_create_subnetworks=False) + default_intercept_deployment_group = gcp.networksecurity.InterceptDeploymentGroup("default", + intercept_deployment_group_id="my-dg", + location="global", + network=default.id) + default_intercept_endpoint_group = gcp.networksecurity.InterceptEndpointGroup("default", + intercept_endpoint_group_id="my-eg", + location="global", + intercept_deployment_group=default_intercept_deployment_group.id) + default_security_profile = gcp.networksecurity.SecurityProfile("default", + name="my-security-profile", + parent="organizations/123456789", + description="my description", + type="CUSTOM_INTERCEPT", + custom_intercept_profile={ + "intercept_endpoint_group": default_intercept_endpoint_group.id, + }) + ``` ## Import @@ -587,6 +779,8 @@ def __init__(__self__, resource_name: str, *args, **kwargs): def _internal_init(__self__, resource_name: str, opts: Optional[pulumi.ResourceOptions] = None, + custom_intercept_profile: Optional[pulumi.Input[Union['SecurityProfileCustomInterceptProfileArgs', 'SecurityProfileCustomInterceptProfileArgsDict']]] = None, + custom_mirroring_profile: Optional[pulumi.Input[Union['SecurityProfileCustomMirroringProfileArgs', 'SecurityProfileCustomMirroringProfileArgsDict']]] = None, description: Optional[pulumi.Input[str]] = None, labels: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None, location: Optional[pulumi.Input[str]] = None, @@ -603,6 +797,8 @@ def _internal_init(__self__, raise TypeError('__props__ is only valid when passed in combination with a valid opts.id to get an existing resource') __props__ = SecurityProfileArgs.__new__(SecurityProfileArgs) + __props__.__dict__["custom_intercept_profile"] = custom_intercept_profile + __props__.__dict__["custom_mirroring_profile"] = custom_mirroring_profile __props__.__dict__["description"] = description __props__.__dict__["labels"] = labels __props__.__dict__["location"] = location @@ -631,6 +827,8 @@ def get(resource_name: str, id: pulumi.Input[str], opts: Optional[pulumi.ResourceOptions] = None, create_time: Optional[pulumi.Input[str]] = None, + custom_intercept_profile: Optional[pulumi.Input[Union['SecurityProfileCustomInterceptProfileArgs', 'SecurityProfileCustomInterceptProfileArgsDict']]] = None, + custom_mirroring_profile: Optional[pulumi.Input[Union['SecurityProfileCustomMirroringProfileArgs', 'SecurityProfileCustomMirroringProfileArgsDict']]] = None, description: Optional[pulumi.Input[str]] = None, effective_labels: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None, etag: Optional[pulumi.Input[str]] = None, @@ -651,6 +849,12 @@ def get(resource_name: str, :param pulumi.Input[str] id: The unique provider ID of the resource to lookup. :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[str] create_time: Time the security profile was created in UTC. + :param pulumi.Input[Union['SecurityProfileCustomInterceptProfileArgs', 'SecurityProfileCustomInterceptProfileArgsDict']] custom_intercept_profile: The configuration for defining the Intercept Endpoint Group used to + intercept traffic to third-party firewall appliances. + Structure is documented below. + :param pulumi.Input[Union['SecurityProfileCustomMirroringProfileArgs', 'SecurityProfileCustomMirroringProfileArgsDict']] custom_mirroring_profile: The configuration for defining the Mirroring Endpoint Group used to + mirror traffic to third-party collectors. + Structure is documented below. :param pulumi.Input[str] description: An optional description of the security profile. The Max length is 512 characters. :param pulumi.Input[Mapping[str, pulumi.Input[str]]] effective_labels: All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. :param pulumi.Input[str] etag: This checksum is computed by the server based on the value of other fields, @@ -674,7 +878,7 @@ def get(resource_name: str, :param pulumi.Input[Union['SecurityProfileThreatPreventionProfileArgs', 'SecurityProfileThreatPreventionProfileArgsDict']] threat_prevention_profile: The threat prevention configuration for the security profile. Structure is documented below. :param pulumi.Input[str] type: The type of security profile. - Possible values are: `THREAT_PREVENTION`. + Possible values are: `THREAT_PREVENTION`, `CUSTOM_MIRRORING`, `CUSTOM_INTERCEPT`. :param pulumi.Input[str] update_time: Time the security profile was updated in UTC. """ opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id)) @@ -682,6 +886,8 @@ def get(resource_name: str, __props__ = _SecurityProfileState.__new__(_SecurityProfileState) __props__.__dict__["create_time"] = create_time + __props__.__dict__["custom_intercept_profile"] = custom_intercept_profile + __props__.__dict__["custom_mirroring_profile"] = custom_mirroring_profile __props__.__dict__["description"] = description __props__.__dict__["effective_labels"] = effective_labels __props__.__dict__["etag"] = etag @@ -704,6 +910,26 @@ def create_time(self) -> pulumi.Output[str]: """ return pulumi.get(self, "create_time") + @property + @pulumi.getter(name="customInterceptProfile") + def custom_intercept_profile(self) -> pulumi.Output[Optional['outputs.SecurityProfileCustomInterceptProfile']]: + """ + The configuration for defining the Intercept Endpoint Group used to + intercept traffic to third-party firewall appliances. + Structure is documented below. + """ + return pulumi.get(self, "custom_intercept_profile") + + @property + @pulumi.getter(name="customMirroringProfile") + def custom_mirroring_profile(self) -> pulumi.Output[Optional['outputs.SecurityProfileCustomMirroringProfile']]: + """ + The configuration for defining the Mirroring Endpoint Group used to + mirror traffic to third-party collectors. + Structure is documented below. + """ + return pulumi.get(self, "custom_mirroring_profile") + @property @pulumi.getter def description(self) -> pulumi.Output[Optional[str]]: @@ -801,7 +1027,7 @@ def threat_prevention_profile(self) -> pulumi.Output[Optional['outputs.SecurityP def type(self) -> pulumi.Output[str]: """ The type of security profile. - Possible values are: `THREAT_PREVENTION`. + Possible values are: `THREAT_PREVENTION`, `CUSTOM_MIRRORING`, `CUSTOM_INTERCEPT`. """ return pulumi.get(self, "type") diff --git a/sdk/python/pulumi_gcp/networksecurity/security_profile_group.py b/sdk/python/pulumi_gcp/networksecurity/security_profile_group.py index 846e386cab..2bd8756e01 100644 --- a/sdk/python/pulumi_gcp/networksecurity/security_profile_group.py +++ b/sdk/python/pulumi_gcp/networksecurity/security_profile_group.py @@ -19,6 +19,8 @@ @pulumi.input_type class SecurityProfileGroupArgs: def __init__(__self__, *, + custom_intercept_profile: Optional[pulumi.Input[str]] = None, + custom_mirroring_profile: Optional[pulumi.Input[str]] = None, description: Optional[pulumi.Input[str]] = None, labels: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None, location: Optional[pulumi.Input[str]] = None, @@ -27,6 +29,8 @@ def __init__(__self__, *, threat_prevention_profile: Optional[pulumi.Input[str]] = None): """ The set of arguments for constructing a SecurityProfileGroup resource. + :param pulumi.Input[str] custom_intercept_profile: Reference to a SecurityProfile with the CustomIntercept configuration. + :param pulumi.Input[str] custom_mirroring_profile: Reference to a SecurityProfile with the custom mirroring configuration for the SecurityProfileGroup. :param pulumi.Input[str] description: An optional description of the profile. The Max length is 512 characters. :param pulumi.Input[Mapping[str, pulumi.Input[str]]] labels: A map of key/value label pairs to assign to the resource. @@ -42,6 +46,10 @@ def __init__(__self__, *, Format: organizations/{organization_id}. :param pulumi.Input[str] threat_prevention_profile: Reference to a SecurityProfile with the threat prevention configuration for the SecurityProfileGroup. """ + if custom_intercept_profile is not None: + pulumi.set(__self__, "custom_intercept_profile", custom_intercept_profile) + if custom_mirroring_profile is not None: + pulumi.set(__self__, "custom_mirroring_profile", custom_mirroring_profile) if description is not None: pulumi.set(__self__, "description", description) if labels is not None: @@ -55,6 +63,30 @@ def __init__(__self__, *, if threat_prevention_profile is not None: pulumi.set(__self__, "threat_prevention_profile", threat_prevention_profile) + @property + @pulumi.getter(name="customInterceptProfile") + def custom_intercept_profile(self) -> Optional[pulumi.Input[str]]: + """ + Reference to a SecurityProfile with the CustomIntercept configuration. + """ + return pulumi.get(self, "custom_intercept_profile") + + @custom_intercept_profile.setter + def custom_intercept_profile(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "custom_intercept_profile", value) + + @property + @pulumi.getter(name="customMirroringProfile") + def custom_mirroring_profile(self) -> Optional[pulumi.Input[str]]: + """ + Reference to a SecurityProfile with the custom mirroring configuration for the SecurityProfileGroup. + """ + return pulumi.get(self, "custom_mirroring_profile") + + @custom_mirroring_profile.setter + def custom_mirroring_profile(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "custom_mirroring_profile", value) + @property @pulumi.getter def description(self) -> Optional[pulumi.Input[str]]: @@ -140,6 +172,8 @@ def threat_prevention_profile(self, value: Optional[pulumi.Input[str]]): class _SecurityProfileGroupState: def __init__(__self__, *, create_time: Optional[pulumi.Input[str]] = None, + custom_intercept_profile: Optional[pulumi.Input[str]] = None, + custom_mirroring_profile: Optional[pulumi.Input[str]] = None, description: Optional[pulumi.Input[str]] = None, effective_labels: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None, etag: Optional[pulumi.Input[str]] = None, @@ -153,6 +187,8 @@ def __init__(__self__, *, """ Input properties used for looking up and filtering SecurityProfileGroup resources. :param pulumi.Input[str] create_time: Time the security profile group was created in UTC. + :param pulumi.Input[str] custom_intercept_profile: Reference to a SecurityProfile with the CustomIntercept configuration. + :param pulumi.Input[str] custom_mirroring_profile: Reference to a SecurityProfile with the custom mirroring configuration for the SecurityProfileGroup. :param pulumi.Input[str] description: An optional description of the profile. The Max length is 512 characters. :param pulumi.Input[Mapping[str, pulumi.Input[str]]] effective_labels: All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. :param pulumi.Input[str] etag: This checksum is computed by the server based on the value of other fields, @@ -177,6 +213,10 @@ def __init__(__self__, *, """ if create_time is not None: pulumi.set(__self__, "create_time", create_time) + if custom_intercept_profile is not None: + pulumi.set(__self__, "custom_intercept_profile", custom_intercept_profile) + if custom_mirroring_profile is not None: + pulumi.set(__self__, "custom_mirroring_profile", custom_mirroring_profile) if description is not None: pulumi.set(__self__, "description", description) if effective_labels is not None: @@ -210,6 +250,30 @@ def create_time(self) -> Optional[pulumi.Input[str]]: def create_time(self, value: Optional[pulumi.Input[str]]): pulumi.set(self, "create_time", value) + @property + @pulumi.getter(name="customInterceptProfile") + def custom_intercept_profile(self) -> Optional[pulumi.Input[str]]: + """ + Reference to a SecurityProfile with the CustomIntercept configuration. + """ + return pulumi.get(self, "custom_intercept_profile") + + @custom_intercept_profile.setter + def custom_intercept_profile(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "custom_intercept_profile", value) + + @property + @pulumi.getter(name="customMirroringProfile") + def custom_mirroring_profile(self) -> Optional[pulumi.Input[str]]: + """ + Reference to a SecurityProfile with the custom mirroring configuration for the SecurityProfileGroup. + """ + return pulumi.get(self, "custom_mirroring_profile") + + @custom_mirroring_profile.setter + def custom_mirroring_profile(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "custom_mirroring_profile", value) + @property @pulumi.getter def description(self) -> Optional[pulumi.Input[str]]: @@ -347,6 +411,8 @@ class SecurityProfileGroup(pulumi.CustomResource): def __init__(__self__, resource_name: str, opts: Optional[pulumi.ResourceOptions] = None, + custom_intercept_profile: Optional[pulumi.Input[str]] = None, + custom_mirroring_profile: Optional[pulumi.Input[str]] = None, description: Optional[pulumi.Input[str]] = None, labels: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None, location: Optional[pulumi.Input[str]] = None, @@ -386,6 +452,68 @@ def __init__(__self__, "foo": "bar", }) ``` + ### Network Security Security Profile Group Mirroring + + ```python + import pulumi + import pulumi_gcp as gcp + + default = gcp.compute.Network("default", + name="network", + auto_create_subnetworks=False) + default_mirroring_deployment_group = gcp.networksecurity.MirroringDeploymentGroup("default", + mirroring_deployment_group_id="deployment-group", + location="global", + network=default.id) + default_mirroring_endpoint_group = gcp.networksecurity.MirroringEndpointGroup("default", + mirroring_endpoint_group_id="endpoint-group", + location="global", + mirroring_deployment_group=default_mirroring_deployment_group.id) + default_security_profile = gcp.networksecurity.SecurityProfile("default", + name="sec-profile", + parent="organizations/123456789", + description="my description", + type="CUSTOM_MIRRORING", + custom_mirroring_profile={ + "mirroring_endpoint_group": default_mirroring_endpoint_group.id, + }) + default_security_profile_group = gcp.networksecurity.SecurityProfileGroup("default", + name="sec-profile-group", + parent="organizations/123456789", + description="my description", + custom_mirroring_profile=default_security_profile.id) + ``` + ### Network Security Security Profile Group Intercept + + ```python + import pulumi + import pulumi_gcp as gcp + + default = gcp.compute.Network("default", + name="network", + auto_create_subnetworks=False) + default_intercept_deployment_group = gcp.networksecurity.InterceptDeploymentGroup("default", + intercept_deployment_group_id="deployment-group", + location="global", + network=default.id) + default_intercept_endpoint_group = gcp.networksecurity.InterceptEndpointGroup("default", + intercept_endpoint_group_id="endpoint-group", + location="global", + intercept_deployment_group=default_intercept_deployment_group.id) + default_security_profile = gcp.networksecurity.SecurityProfile("default", + name="sec-profile", + parent="organizations/123456789", + description="my description", + type="CUSTOM_INTERCEPT", + custom_intercept_profile={ + "intercept_endpoint_group": default_intercept_endpoint_group.id, + }) + default_security_profile_group = gcp.networksecurity.SecurityProfileGroup("default", + name="sec-profile-group", + parent="organizations/123456789", + description="my description", + custom_intercept_profile=default_security_profile.id) + ``` ## Import @@ -401,6 +529,8 @@ def __init__(__self__, :param str resource_name: The name of the resource. :param pulumi.ResourceOptions opts: Options for the resource. + :param pulumi.Input[str] custom_intercept_profile: Reference to a SecurityProfile with the CustomIntercept configuration. + :param pulumi.Input[str] custom_mirroring_profile: Reference to a SecurityProfile with the custom mirroring configuration for the SecurityProfileGroup. :param pulumi.Input[str] description: An optional description of the profile. The Max length is 512 characters. :param pulumi.Input[Mapping[str, pulumi.Input[str]]] labels: A map of key/value label pairs to assign to the resource. @@ -454,6 +584,68 @@ def __init__(__self__, "foo": "bar", }) ``` + ### Network Security Security Profile Group Mirroring + + ```python + import pulumi + import pulumi_gcp as gcp + + default = gcp.compute.Network("default", + name="network", + auto_create_subnetworks=False) + default_mirroring_deployment_group = gcp.networksecurity.MirroringDeploymentGroup("default", + mirroring_deployment_group_id="deployment-group", + location="global", + network=default.id) + default_mirroring_endpoint_group = gcp.networksecurity.MirroringEndpointGroup("default", + mirroring_endpoint_group_id="endpoint-group", + location="global", + mirroring_deployment_group=default_mirroring_deployment_group.id) + default_security_profile = gcp.networksecurity.SecurityProfile("default", + name="sec-profile", + parent="organizations/123456789", + description="my description", + type="CUSTOM_MIRRORING", + custom_mirroring_profile={ + "mirroring_endpoint_group": default_mirroring_endpoint_group.id, + }) + default_security_profile_group = gcp.networksecurity.SecurityProfileGroup("default", + name="sec-profile-group", + parent="organizations/123456789", + description="my description", + custom_mirroring_profile=default_security_profile.id) + ``` + ### Network Security Security Profile Group Intercept + + ```python + import pulumi + import pulumi_gcp as gcp + + default = gcp.compute.Network("default", + name="network", + auto_create_subnetworks=False) + default_intercept_deployment_group = gcp.networksecurity.InterceptDeploymentGroup("default", + intercept_deployment_group_id="deployment-group", + location="global", + network=default.id) + default_intercept_endpoint_group = gcp.networksecurity.InterceptEndpointGroup("default", + intercept_endpoint_group_id="endpoint-group", + location="global", + intercept_deployment_group=default_intercept_deployment_group.id) + default_security_profile = gcp.networksecurity.SecurityProfile("default", + name="sec-profile", + parent="organizations/123456789", + description="my description", + type="CUSTOM_INTERCEPT", + custom_intercept_profile={ + "intercept_endpoint_group": default_intercept_endpoint_group.id, + }) + default_security_profile_group = gcp.networksecurity.SecurityProfileGroup("default", + name="sec-profile-group", + parent="organizations/123456789", + description="my description", + custom_intercept_profile=default_security_profile.id) + ``` ## Import @@ -482,6 +674,8 @@ def __init__(__self__, resource_name: str, *args, **kwargs): def _internal_init(__self__, resource_name: str, opts: Optional[pulumi.ResourceOptions] = None, + custom_intercept_profile: Optional[pulumi.Input[str]] = None, + custom_mirroring_profile: Optional[pulumi.Input[str]] = None, description: Optional[pulumi.Input[str]] = None, labels: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None, location: Optional[pulumi.Input[str]] = None, @@ -497,6 +691,8 @@ def _internal_init(__self__, raise TypeError('__props__ is only valid when passed in combination with a valid opts.id to get an existing resource') __props__ = SecurityProfileGroupArgs.__new__(SecurityProfileGroupArgs) + __props__.__dict__["custom_intercept_profile"] = custom_intercept_profile + __props__.__dict__["custom_mirroring_profile"] = custom_mirroring_profile __props__.__dict__["description"] = description __props__.__dict__["labels"] = labels __props__.__dict__["location"] = location @@ -521,6 +717,8 @@ def get(resource_name: str, id: pulumi.Input[str], opts: Optional[pulumi.ResourceOptions] = None, create_time: Optional[pulumi.Input[str]] = None, + custom_intercept_profile: Optional[pulumi.Input[str]] = None, + custom_mirroring_profile: Optional[pulumi.Input[str]] = None, description: Optional[pulumi.Input[str]] = None, effective_labels: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None, etag: Optional[pulumi.Input[str]] = None, @@ -539,6 +737,8 @@ def get(resource_name: str, :param pulumi.Input[str] id: The unique provider ID of the resource to lookup. :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[str] create_time: Time the security profile group was created in UTC. + :param pulumi.Input[str] custom_intercept_profile: Reference to a SecurityProfile with the CustomIntercept configuration. + :param pulumi.Input[str] custom_mirroring_profile: Reference to a SecurityProfile with the custom mirroring configuration for the SecurityProfileGroup. :param pulumi.Input[str] description: An optional description of the profile. The Max length is 512 characters. :param pulumi.Input[Mapping[str, pulumi.Input[str]]] effective_labels: All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. :param pulumi.Input[str] etag: This checksum is computed by the server based on the value of other fields, @@ -566,6 +766,8 @@ def get(resource_name: str, __props__ = _SecurityProfileGroupState.__new__(_SecurityProfileGroupState) __props__.__dict__["create_time"] = create_time + __props__.__dict__["custom_intercept_profile"] = custom_intercept_profile + __props__.__dict__["custom_mirroring_profile"] = custom_mirroring_profile __props__.__dict__["description"] = description __props__.__dict__["effective_labels"] = effective_labels __props__.__dict__["etag"] = etag @@ -586,6 +788,22 @@ def create_time(self) -> pulumi.Output[str]: """ return pulumi.get(self, "create_time") + @property + @pulumi.getter(name="customInterceptProfile") + def custom_intercept_profile(self) -> pulumi.Output[Optional[str]]: + """ + Reference to a SecurityProfile with the CustomIntercept configuration. + """ + return pulumi.get(self, "custom_intercept_profile") + + @property + @pulumi.getter(name="customMirroringProfile") + def custom_mirroring_profile(self) -> pulumi.Output[Optional[str]]: + """ + Reference to a SecurityProfile with the custom mirroring configuration for the SecurityProfileGroup. + """ + return pulumi.get(self, "custom_mirroring_profile") + @property @pulumi.getter def description(self) -> pulumi.Output[Optional[str]]: diff --git a/sdk/python/pulumi_gcp/organizations/__init__.py b/sdk/python/pulumi_gcp/organizations/__init__.py index 18f141c05e..e9c8be2096 100644 --- a/sdk/python/pulumi_gcp/organizations/__init__.py +++ b/sdk/python/pulumi_gcp/organizations/__init__.py @@ -16,6 +16,7 @@ from .get_iam_policy import * from .get_organization import * from .get_project import * +from .get_s import * from .iam_audit_config import * from .iam_binding import * from .iam_custom_role import * diff --git a/sdk/python/pulumi_gcp/organizations/get_s.py b/sdk/python/pulumi_gcp/organizations/get_s.py new file mode 100644 index 0000000000..d2bec1b6be --- /dev/null +++ b/sdk/python/pulumi_gcp/organizations/get_s.py @@ -0,0 +1,128 @@ +# coding=utf-8 +# *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +# *** Do not edit by hand unless you're certain you know what you are doing! *** + +import copy +import warnings +import sys +import pulumi +import pulumi.runtime +from typing import Any, Mapping, Optional, Sequence, Union, overload +if sys.version_info >= (3, 11): + from typing import NotRequired, TypedDict, TypeAlias +else: + from typing_extensions import NotRequired, TypedDict, TypeAlias +from .. import _utilities +from . import outputs + +__all__ = [ + 'GetSResult', + 'AwaitableGetSResult', + 'get_s', + 'get_s_output', +] + +@pulumi.output_type +class GetSResult: + """ + A collection of values returned by getS. + """ + def __init__(__self__, filter=None, id=None, organizations=None): + if filter and not isinstance(filter, str): + raise TypeError("Expected argument 'filter' to be a str") + pulumi.set(__self__, "filter", filter) + if id and not isinstance(id, str): + raise TypeError("Expected argument 'id' to be a str") + pulumi.set(__self__, "id", id) + if organizations and not isinstance(organizations, list): + raise TypeError("Expected argument 'organizations' to be a list") + pulumi.set(__self__, "organizations", organizations) + + @property + @pulumi.getter + def filter(self) -> Optional[str]: + return pulumi.get(self, "filter") + + @property + @pulumi.getter + def id(self) -> str: + """ + The provider-assigned unique ID for this managed resource. + """ + return pulumi.get(self, "id") + + @property + @pulumi.getter + def organizations(self) -> Sequence['outputs.GetSOrganizationResult']: + """ + A list of all retrieved organizations. Structure is defined below. + """ + return pulumi.get(self, "organizations") + + +class AwaitableGetSResult(GetSResult): + # pylint: disable=using-constant-test + def __await__(self): + if False: + yield self + return GetSResult( + filter=self.filter, + id=self.id, + organizations=self.organizations) + + +def get_s(filter: Optional[str] = None, + opts: Optional[pulumi.InvokeOptions] = None) -> AwaitableGetSResult: + """ + Gets a list of all organizations. + See [the official documentation](https://cloud.google.com/resource-manager/docs/creating-managing-organization) + and [API](https://cloud.google.com/resource-manager/reference/rest/v1/organizations/search). + + ## Example Usage + + ```python + import pulumi + import pulumi_gcp as gcp + + example = gcp.organizations.get_s(filter="domain:example.com") + ``` + + + :param str filter: An optional query string used to filter the Organizations to return in the response. Filter rules are case-insensitive. Further information can be found in the [REST API](https://cloud.google.com/resource-manager/reference/rest/v1/organizations/search#request-body). + """ + __args__ = dict() + __args__['filter'] = filter + opts = pulumi.InvokeOptions.merge(_utilities.get_invoke_opts_defaults(), opts) + __ret__ = pulumi.runtime.invoke('gcp:organizations/getS:getS', __args__, opts=opts, typ=GetSResult).value + + return AwaitableGetSResult( + filter=pulumi.get(__ret__, 'filter'), + id=pulumi.get(__ret__, 'id'), + organizations=pulumi.get(__ret__, 'organizations')) +def get_s_output(filter: Optional[pulumi.Input[Optional[str]]] = None, + opts: Optional[Union[pulumi.InvokeOptions, pulumi.InvokeOutputOptions]] = None) -> pulumi.Output[GetSResult]: + """ + Gets a list of all organizations. + See [the official documentation](https://cloud.google.com/resource-manager/docs/creating-managing-organization) + and [API](https://cloud.google.com/resource-manager/reference/rest/v1/organizations/search). + + ## Example Usage + + ```python + import pulumi + import pulumi_gcp as gcp + + example = gcp.organizations.get_s(filter="domain:example.com") + ``` + + + :param str filter: An optional query string used to filter the Organizations to return in the response. Filter rules are case-insensitive. Further information can be found in the [REST API](https://cloud.google.com/resource-manager/reference/rest/v1/organizations/search#request-body). + """ + __args__ = dict() + __args__['filter'] = filter + opts = pulumi.InvokeOutputOptions.merge(_utilities.get_invoke_opts_defaults(), opts) + __ret__ = pulumi.runtime.invoke_output('gcp:organizations/getS:getS', __args__, opts=opts, typ=GetSResult) + return __ret__.apply(lambda __response__: GetSResult( + filter=pulumi.get(__response__, 'filter'), + id=pulumi.get(__response__, 'id'), + organizations=pulumi.get(__response__, 'organizations'))) diff --git a/sdk/python/pulumi_gcp/organizations/outputs.py b/sdk/python/pulumi_gcp/organizations/outputs.py index 4b74488115..203d65cf2b 100644 --- a/sdk/python/pulumi_gcp/organizations/outputs.py +++ b/sdk/python/pulumi_gcp/organizations/outputs.py @@ -30,6 +30,7 @@ 'GetIAMPolicyAuditConfigAuditLogConfigResult', 'GetIAMPolicyBindingResult', 'GetIAMPolicyBindingConditionResult', + 'GetSOrganizationResult', ] @pulumi.output_type @@ -676,3 +677,65 @@ def description(self) -> Optional[str]: return pulumi.get(self, "description") +@pulumi.output_type +class GetSOrganizationResult(dict): + def __init__(__self__, *, + directory_customer_id: str, + display_name: str, + lifecycle_state: str, + name: str, + org_id: str): + """ + :param str directory_customer_id: The Google for Work customer ID of the Organization. + :param str display_name: A human-readable string that refers to the Organization in the Google Cloud console. The string will be set to the primary domain (for example, `"google.com"`) of the G Suite customer that owns the organization. + :param str lifecycle_state: The Organization's current lifecycle state. + :param str name: The resource name of the Organization in the form `organizations/{organization_id}`. + :param str org_id: The Organization ID. + """ + pulumi.set(__self__, "directory_customer_id", directory_customer_id) + pulumi.set(__self__, "display_name", display_name) + pulumi.set(__self__, "lifecycle_state", lifecycle_state) + pulumi.set(__self__, "name", name) + pulumi.set(__self__, "org_id", org_id) + + @property + @pulumi.getter(name="directoryCustomerId") + def directory_customer_id(self) -> str: + """ + The Google for Work customer ID of the Organization. + """ + return pulumi.get(self, "directory_customer_id") + + @property + @pulumi.getter(name="displayName") + def display_name(self) -> str: + """ + A human-readable string that refers to the Organization in the Google Cloud console. The string will be set to the primary domain (for example, `"google.com"`) of the G Suite customer that owns the organization. + """ + return pulumi.get(self, "display_name") + + @property + @pulumi.getter(name="lifecycleState") + def lifecycle_state(self) -> str: + """ + The Organization's current lifecycle state. + """ + return pulumi.get(self, "lifecycle_state") + + @property + @pulumi.getter + def name(self) -> str: + """ + The resource name of the Organization in the form `organizations/{organization_id}`. + """ + return pulumi.get(self, "name") + + @property + @pulumi.getter(name="orgId") + def org_id(self) -> str: + """ + The Organization ID. + """ + return pulumi.get(self, "org_id") + + diff --git a/sdk/python/pulumi_gcp/parametermanager/__init__.py b/sdk/python/pulumi_gcp/parametermanager/__init__.py index 7eee037f61..1ff31796fb 100644 --- a/sdk/python/pulumi_gcp/parametermanager/__init__.py +++ b/sdk/python/pulumi_gcp/parametermanager/__init__.py @@ -5,8 +5,11 @@ from .. import _utilities import typing # Export this package's modules as members: +from .get_parameter import * from .get_regional_parameter import * +from .get_regional_parameters import * from .parameter import * +from .parameter_version import * from .regional_parameter import * from .regional_parameter_version import * from ._inputs import * diff --git a/sdk/python/pulumi_gcp/parametermanager/get_parameter.py b/sdk/python/pulumi_gcp/parametermanager/get_parameter.py new file mode 100644 index 0000000000..c701a761ab --- /dev/null +++ b/sdk/python/pulumi_gcp/parametermanager/get_parameter.py @@ -0,0 +1,211 @@ +# coding=utf-8 +# *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +# *** Do not edit by hand unless you're certain you know what you are doing! *** + +import copy +import warnings +import sys +import pulumi +import pulumi.runtime +from typing import Any, Mapping, Optional, Sequence, Union, overload +if sys.version_info >= (3, 11): + from typing import NotRequired, TypedDict, TypeAlias +else: + from typing_extensions import NotRequired, TypedDict, TypeAlias +from .. import _utilities +from . import outputs + +__all__ = [ + 'GetParameterResult', + 'AwaitableGetParameterResult', + 'get_parameter', + 'get_parameter_output', +] + +@pulumi.output_type +class GetParameterResult: + """ + A collection of values returned by getParameter. + """ + def __init__(__self__, create_time=None, effective_labels=None, format=None, id=None, labels=None, name=None, parameter_id=None, policy_members=None, project=None, pulumi_labels=None, update_time=None): + if create_time and not isinstance(create_time, str): + raise TypeError("Expected argument 'create_time' to be a str") + pulumi.set(__self__, "create_time", create_time) + if effective_labels and not isinstance(effective_labels, dict): + raise TypeError("Expected argument 'effective_labels' to be a dict") + pulumi.set(__self__, "effective_labels", effective_labels) + if format and not isinstance(format, str): + raise TypeError("Expected argument 'format' to be a str") + pulumi.set(__self__, "format", format) + if id and not isinstance(id, str): + raise TypeError("Expected argument 'id' to be a str") + pulumi.set(__self__, "id", id) + if labels and not isinstance(labels, dict): + raise TypeError("Expected argument 'labels' to be a dict") + pulumi.set(__self__, "labels", labels) + if name and not isinstance(name, str): + raise TypeError("Expected argument 'name' to be a str") + pulumi.set(__self__, "name", name) + if parameter_id and not isinstance(parameter_id, str): + raise TypeError("Expected argument 'parameter_id' to be a str") + pulumi.set(__self__, "parameter_id", parameter_id) + if policy_members and not isinstance(policy_members, list): + raise TypeError("Expected argument 'policy_members' to be a list") + pulumi.set(__self__, "policy_members", policy_members) + if project and not isinstance(project, str): + raise TypeError("Expected argument 'project' to be a str") + pulumi.set(__self__, "project", project) + if pulumi_labels and not isinstance(pulumi_labels, dict): + raise TypeError("Expected argument 'pulumi_labels' to be a dict") + pulumi.set(__self__, "pulumi_labels", pulumi_labels) + if update_time and not isinstance(update_time, str): + raise TypeError("Expected argument 'update_time' to be a str") + pulumi.set(__self__, "update_time", update_time) + + @property + @pulumi.getter(name="createTime") + def create_time(self) -> str: + return pulumi.get(self, "create_time") + + @property + @pulumi.getter(name="effectiveLabels") + def effective_labels(self) -> Mapping[str, str]: + return pulumi.get(self, "effective_labels") + + @property + @pulumi.getter + def format(self) -> str: + return pulumi.get(self, "format") + + @property + @pulumi.getter + def id(self) -> str: + """ + The provider-assigned unique ID for this managed resource. + """ + return pulumi.get(self, "id") + + @property + @pulumi.getter + def labels(self) -> Mapping[str, str]: + return pulumi.get(self, "labels") + + @property + @pulumi.getter + def name(self) -> str: + return pulumi.get(self, "name") + + @property + @pulumi.getter(name="parameterId") + def parameter_id(self) -> str: + return pulumi.get(self, "parameter_id") + + @property + @pulumi.getter(name="policyMembers") + def policy_members(self) -> Sequence['outputs.GetParameterPolicyMemberResult']: + return pulumi.get(self, "policy_members") + + @property + @pulumi.getter + def project(self) -> Optional[str]: + return pulumi.get(self, "project") + + @property + @pulumi.getter(name="pulumiLabels") + def pulumi_labels(self) -> Mapping[str, str]: + return pulumi.get(self, "pulumi_labels") + + @property + @pulumi.getter(name="updateTime") + def update_time(self) -> str: + return pulumi.get(self, "update_time") + + +class AwaitableGetParameterResult(GetParameterResult): + # pylint: disable=using-constant-test + def __await__(self): + if False: + yield self + return GetParameterResult( + create_time=self.create_time, + effective_labels=self.effective_labels, + format=self.format, + id=self.id, + labels=self.labels, + name=self.name, + parameter_id=self.parameter_id, + policy_members=self.policy_members, + project=self.project, + pulumi_labels=self.pulumi_labels, + update_time=self.update_time) + + +def get_parameter(parameter_id: Optional[str] = None, + project: Optional[str] = None, + opts: Optional[pulumi.InvokeOptions] = None) -> AwaitableGetParameterResult: + """ + ## Example Usage + + ```python + import pulumi + import pulumi_gcp as gcp + + parameter_datasource = gcp.parametermanager.get_parameter(parameter_id="foobar") + ``` + + + :param str parameter_id: The name of the parameter. + :param str project: The ID of the project in which the resource belongs. + """ + __args__ = dict() + __args__['parameterId'] = parameter_id + __args__['project'] = project + opts = pulumi.InvokeOptions.merge(_utilities.get_invoke_opts_defaults(), opts) + __ret__ = pulumi.runtime.invoke('gcp:parametermanager/getParameter:getParameter', __args__, opts=opts, typ=GetParameterResult).value + + return AwaitableGetParameterResult( + create_time=pulumi.get(__ret__, 'create_time'), + effective_labels=pulumi.get(__ret__, 'effective_labels'), + format=pulumi.get(__ret__, 'format'), + id=pulumi.get(__ret__, 'id'), + labels=pulumi.get(__ret__, 'labels'), + name=pulumi.get(__ret__, 'name'), + parameter_id=pulumi.get(__ret__, 'parameter_id'), + policy_members=pulumi.get(__ret__, 'policy_members'), + project=pulumi.get(__ret__, 'project'), + pulumi_labels=pulumi.get(__ret__, 'pulumi_labels'), + update_time=pulumi.get(__ret__, 'update_time')) +def get_parameter_output(parameter_id: Optional[pulumi.Input[str]] = None, + project: Optional[pulumi.Input[Optional[str]]] = None, + opts: Optional[Union[pulumi.InvokeOptions, pulumi.InvokeOutputOptions]] = None) -> pulumi.Output[GetParameterResult]: + """ + ## Example Usage + + ```python + import pulumi + import pulumi_gcp as gcp + + parameter_datasource = gcp.parametermanager.get_parameter(parameter_id="foobar") + ``` + + + :param str parameter_id: The name of the parameter. + :param str project: The ID of the project in which the resource belongs. + """ + __args__ = dict() + __args__['parameterId'] = parameter_id + __args__['project'] = project + opts = pulumi.InvokeOutputOptions.merge(_utilities.get_invoke_opts_defaults(), opts) + __ret__ = pulumi.runtime.invoke_output('gcp:parametermanager/getParameter:getParameter', __args__, opts=opts, typ=GetParameterResult) + return __ret__.apply(lambda __response__: GetParameterResult( + create_time=pulumi.get(__response__, 'create_time'), + effective_labels=pulumi.get(__response__, 'effective_labels'), + format=pulumi.get(__response__, 'format'), + id=pulumi.get(__response__, 'id'), + labels=pulumi.get(__response__, 'labels'), + name=pulumi.get(__response__, 'name'), + parameter_id=pulumi.get(__response__, 'parameter_id'), + policy_members=pulumi.get(__response__, 'policy_members'), + project=pulumi.get(__response__, 'project'), + pulumi_labels=pulumi.get(__response__, 'pulumi_labels'), + update_time=pulumi.get(__response__, 'update_time'))) diff --git a/sdk/python/pulumi_gcp/parametermanager/get_regional_parameters.py b/sdk/python/pulumi_gcp/parametermanager/get_regional_parameters.py new file mode 100644 index 0000000000..892256f601 --- /dev/null +++ b/sdk/python/pulumi_gcp/parametermanager/get_regional_parameters.py @@ -0,0 +1,157 @@ +# coding=utf-8 +# *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +# *** Do not edit by hand unless you're certain you know what you are doing! *** + +import copy +import warnings +import sys +import pulumi +import pulumi.runtime +from typing import Any, Mapping, Optional, Sequence, Union, overload +if sys.version_info >= (3, 11): + from typing import NotRequired, TypedDict, TypeAlias +else: + from typing_extensions import NotRequired, TypedDict, TypeAlias +from .. import _utilities +from . import outputs + +__all__ = [ + 'GetRegionalParametersResult', + 'AwaitableGetRegionalParametersResult', + 'get_regional_parameters', + 'get_regional_parameters_output', +] + +@pulumi.output_type +class GetRegionalParametersResult: + """ + A collection of values returned by getRegionalParameters. + """ + def __init__(__self__, filter=None, id=None, location=None, parameters=None, project=None): + if filter and not isinstance(filter, str): + raise TypeError("Expected argument 'filter' to be a str") + pulumi.set(__self__, "filter", filter) + if id and not isinstance(id, str): + raise TypeError("Expected argument 'id' to be a str") + pulumi.set(__self__, "id", id) + if location and not isinstance(location, str): + raise TypeError("Expected argument 'location' to be a str") + pulumi.set(__self__, "location", location) + if parameters and not isinstance(parameters, list): + raise TypeError("Expected argument 'parameters' to be a list") + pulumi.set(__self__, "parameters", parameters) + if project and not isinstance(project, str): + raise TypeError("Expected argument 'project' to be a str") + pulumi.set(__self__, "project", project) + + @property + @pulumi.getter + def filter(self) -> Optional[str]: + return pulumi.get(self, "filter") + + @property + @pulumi.getter + def id(self) -> str: + """ + The provider-assigned unique ID for this managed resource. + """ + return pulumi.get(self, "id") + + @property + @pulumi.getter + def location(self) -> str: + return pulumi.get(self, "location") + + @property + @pulumi.getter + def parameters(self) -> Sequence['outputs.GetRegionalParametersParameterResult']: + """ + A list of regional parameters matching the filter. Structure is defined below. + """ + return pulumi.get(self, "parameters") + + @property + @pulumi.getter + def project(self) -> str: + """ + The ID of the project in which the resource belongs. + """ + return pulumi.get(self, "project") + + +class AwaitableGetRegionalParametersResult(GetRegionalParametersResult): + # pylint: disable=using-constant-test + def __await__(self): + if False: + yield self + return GetRegionalParametersResult( + filter=self.filter, + id=self.id, + location=self.location, + parameters=self.parameters, + project=self.project) + + +def get_regional_parameters(filter: Optional[str] = None, + location: Optional[str] = None, + project: Optional[str] = None, + opts: Optional[pulumi.InvokeOptions] = None) -> AwaitableGetRegionalParametersResult: + """ + ## Example Usage + + ```python + import pulumi + import pulumi_gcp as gcp + + regional_parameters = gcp.parametermanager.get_regional_parameters(location="us-central1") + ``` + + + :param str filter: Filter string, adhering to the rules in List-operation filtering. List only parameters matching the filter. If filter is empty, all regional parameters are listed. + :param str location: The location of regional parameter. + :param str project: The ID of the project. + """ + __args__ = dict() + __args__['filter'] = filter + __args__['location'] = location + __args__['project'] = project + opts = pulumi.InvokeOptions.merge(_utilities.get_invoke_opts_defaults(), opts) + __ret__ = pulumi.runtime.invoke('gcp:parametermanager/getRegionalParameters:getRegionalParameters', __args__, opts=opts, typ=GetRegionalParametersResult).value + + return AwaitableGetRegionalParametersResult( + filter=pulumi.get(__ret__, 'filter'), + id=pulumi.get(__ret__, 'id'), + location=pulumi.get(__ret__, 'location'), + parameters=pulumi.get(__ret__, 'parameters'), + project=pulumi.get(__ret__, 'project')) +def get_regional_parameters_output(filter: Optional[pulumi.Input[Optional[str]]] = None, + location: Optional[pulumi.Input[str]] = None, + project: Optional[pulumi.Input[Optional[str]]] = None, + opts: Optional[Union[pulumi.InvokeOptions, pulumi.InvokeOutputOptions]] = None) -> pulumi.Output[GetRegionalParametersResult]: + """ + ## Example Usage + + ```python + import pulumi + import pulumi_gcp as gcp + + regional_parameters = gcp.parametermanager.get_regional_parameters(location="us-central1") + ``` + + + :param str filter: Filter string, adhering to the rules in List-operation filtering. List only parameters matching the filter. If filter is empty, all regional parameters are listed. + :param str location: The location of regional parameter. + :param str project: The ID of the project. + """ + __args__ = dict() + __args__['filter'] = filter + __args__['location'] = location + __args__['project'] = project + opts = pulumi.InvokeOutputOptions.merge(_utilities.get_invoke_opts_defaults(), opts) + __ret__ = pulumi.runtime.invoke_output('gcp:parametermanager/getRegionalParameters:getRegionalParameters', __args__, opts=opts, typ=GetRegionalParametersResult) + return __ret__.apply(lambda __response__: GetRegionalParametersResult( + filter=pulumi.get(__response__, 'filter'), + id=pulumi.get(__response__, 'id'), + location=pulumi.get(__response__, 'location'), + parameters=pulumi.get(__response__, 'parameters'), + project=pulumi.get(__response__, 'project'))) diff --git a/sdk/python/pulumi_gcp/parametermanager/outputs.py b/sdk/python/pulumi_gcp/parametermanager/outputs.py index b569fb9cc0..9108218c0c 100644 --- a/sdk/python/pulumi_gcp/parametermanager/outputs.py +++ b/sdk/python/pulumi_gcp/parametermanager/outputs.py @@ -13,11 +13,15 @@ else: from typing_extensions import NotRequired, TypedDict, TypeAlias from .. import _utilities +from . import outputs __all__ = [ 'ParameterPolicyMember', 'RegionalParameterPolicyMember', + 'GetParameterPolicyMemberResult', 'GetRegionalParameterPolicyMemberResult', + 'GetRegionalParametersParameterResult', + 'GetRegionalParametersParameterPolicyMemberResult', ] @pulumi.output_type @@ -150,6 +154,47 @@ def iam_policy_uid_principal(self) -> Optional[str]: return pulumi.get(self, "iam_policy_uid_principal") +@pulumi.output_type +class GetParameterPolicyMemberResult(dict): + def __init__(__self__, *, + iam_policy_name_principal: str, + iam_policy_uid_principal: str): + """ + :param str iam_policy_name_principal: IAM policy binding member referring to a Google Cloud resource by user-assigned name. If a + resource is deleted and recreated with the same name, the binding will be applicable to the + new resource. Format: + 'principal://parametermanager.googleapis.com/projects/{{project}}/name/locations/global/parameters/{{parameter_id}}' + :param str iam_policy_uid_principal: IAM policy binding member referring to a Google Cloud resource by system-assigned unique identifier. + If a resource is deleted and recreated with the same name, the binding will not be applicable to the + new resource. Format: + 'principal://parametermanager.googleapis.com/projects/{{project}}/uid/locations/global/parameters/{{uid}}' + """ + pulumi.set(__self__, "iam_policy_name_principal", iam_policy_name_principal) + pulumi.set(__self__, "iam_policy_uid_principal", iam_policy_uid_principal) + + @property + @pulumi.getter(name="iamPolicyNamePrincipal") + def iam_policy_name_principal(self) -> str: + """ + IAM policy binding member referring to a Google Cloud resource by user-assigned name. If a + resource is deleted and recreated with the same name, the binding will be applicable to the + new resource. Format: + 'principal://parametermanager.googleapis.com/projects/{{project}}/name/locations/global/parameters/{{parameter_id}}' + """ + return pulumi.get(self, "iam_policy_name_principal") + + @property + @pulumi.getter(name="iamPolicyUidPrincipal") + def iam_policy_uid_principal(self) -> str: + """ + IAM policy binding member referring to a Google Cloud resource by system-assigned unique identifier. + If a resource is deleted and recreated with the same name, the binding will not be applicable to the + new resource. Format: + 'principal://parametermanager.googleapis.com/projects/{{project}}/uid/locations/global/parameters/{{uid}}' + """ + return pulumi.get(self, "iam_policy_uid_principal") + + @pulumi.output_type class GetRegionalParameterPolicyMemberResult(dict): def __init__(__self__, *, @@ -189,3 +234,168 @@ def iam_policy_uid_principal(self) -> str: return pulumi.get(self, "iam_policy_uid_principal") +@pulumi.output_type +class GetRegionalParametersParameterResult(dict): + def __init__(__self__, *, + create_time: str, + effective_labels: Mapping[str, str], + format: str, + labels: Mapping[str, str], + location: str, + name: str, + parameter_id: str, + policy_members: Sequence['outputs.GetRegionalParametersParameterPolicyMemberResult'], + project: str, + pulumi_labels: Mapping[str, str], + update_time: str): + """ + :param str create_time: The time at which the regional parameter was created. + :param str format: The format type of the regional parameter. + :param Mapping[str, str] labels: The labels assigned to the regional parameter. + :param str location: The location of regional parameter. + :param str name: The resource name of the regional parameter. Format: `projects/{{project}}/locations/{{location}}/parameters/{{parameter_id}}` + :param str parameter_id: The unique name of the resource. + :param Sequence['GetRegionalParametersParameterPolicyMemberArgs'] policy_members: An object containing a unique resource identity tied to the regional parameter. Structure is documented below. + :param str project: The ID of the project. + :param Mapping[str, str] pulumi_labels: The combination of labels configured directly on the resource + and default labels configured on the provider. + :param str update_time: The time at which the regional parameter was updated. + """ + pulumi.set(__self__, "create_time", create_time) + pulumi.set(__self__, "effective_labels", effective_labels) + pulumi.set(__self__, "format", format) + pulumi.set(__self__, "labels", labels) + pulumi.set(__self__, "location", location) + pulumi.set(__self__, "name", name) + pulumi.set(__self__, "parameter_id", parameter_id) + pulumi.set(__self__, "policy_members", policy_members) + pulumi.set(__self__, "project", project) + pulumi.set(__self__, "pulumi_labels", pulumi_labels) + pulumi.set(__self__, "update_time", update_time) + + @property + @pulumi.getter(name="createTime") + def create_time(self) -> str: + """ + The time at which the regional parameter was created. + """ + return pulumi.get(self, "create_time") + + @property + @pulumi.getter(name="effectiveLabels") + def effective_labels(self) -> Mapping[str, str]: + return pulumi.get(self, "effective_labels") + + @property + @pulumi.getter + def format(self) -> str: + """ + The format type of the regional parameter. + """ + return pulumi.get(self, "format") + + @property + @pulumi.getter + def labels(self) -> Mapping[str, str]: + """ + The labels assigned to the regional parameter. + """ + return pulumi.get(self, "labels") + + @property + @pulumi.getter + def location(self) -> str: + """ + The location of regional parameter. + """ + return pulumi.get(self, "location") + + @property + @pulumi.getter + def name(self) -> str: + """ + The resource name of the regional parameter. Format: `projects/{{project}}/locations/{{location}}/parameters/{{parameter_id}}` + """ + return pulumi.get(self, "name") + + @property + @pulumi.getter(name="parameterId") + def parameter_id(self) -> str: + """ + The unique name of the resource. + """ + return pulumi.get(self, "parameter_id") + + @property + @pulumi.getter(name="policyMembers") + def policy_members(self) -> Sequence['outputs.GetRegionalParametersParameterPolicyMemberResult']: + """ + An object containing a unique resource identity tied to the regional parameter. Structure is documented below. + """ + return pulumi.get(self, "policy_members") + + @property + @pulumi.getter + def project(self) -> str: + """ + The ID of the project. + """ + return pulumi.get(self, "project") + + @property + @pulumi.getter(name="pulumiLabels") + def pulumi_labels(self) -> Mapping[str, str]: + """ + The combination of labels configured directly on the resource + and default labels configured on the provider. + """ + return pulumi.get(self, "pulumi_labels") + + @property + @pulumi.getter(name="updateTime") + def update_time(self) -> str: + """ + The time at which the regional parameter was updated. + """ + return pulumi.get(self, "update_time") + + +@pulumi.output_type +class GetRegionalParametersParameterPolicyMemberResult(dict): + def __init__(__self__, *, + iam_policy_name_principal: str, + iam_policy_uid_principal: str): + """ + :param str iam_policy_name_principal: AM policy binding member referring to a Google Cloud resource by user-assigned name. If a resource is deleted and recreated with the same name, the binding will be applicable to the + new resource. Format: + `principal://parametermanager.googleapis.com/projects/{{project}}/name/locations/{{location}}/parameters/{{parameter_id}}` + :param str iam_policy_uid_principal: IAM policy binding member referring to a Google Cloud resource by system-assigned unique identifier. + If a resource is deleted and recreated with the same name, the binding will not be applicable to the + new resource. Format: + `principal://parametermanager.googleapis.com/projects/{{project}}/uid/locations/{{location}}/parameters/{{uid}}` + """ + pulumi.set(__self__, "iam_policy_name_principal", iam_policy_name_principal) + pulumi.set(__self__, "iam_policy_uid_principal", iam_policy_uid_principal) + + @property + @pulumi.getter(name="iamPolicyNamePrincipal") + def iam_policy_name_principal(self) -> str: + """ + AM policy binding member referring to a Google Cloud resource by user-assigned name. If a resource is deleted and recreated with the same name, the binding will be applicable to the + new resource. Format: + `principal://parametermanager.googleapis.com/projects/{{project}}/name/locations/{{location}}/parameters/{{parameter_id}}` + """ + return pulumi.get(self, "iam_policy_name_principal") + + @property + @pulumi.getter(name="iamPolicyUidPrincipal") + def iam_policy_uid_principal(self) -> str: + """ + IAM policy binding member referring to a Google Cloud resource by system-assigned unique identifier. + If a resource is deleted and recreated with the same name, the binding will not be applicable to the + new resource. Format: + `principal://parametermanager.googleapis.com/projects/{{project}}/uid/locations/{{location}}/parameters/{{uid}}` + """ + return pulumi.get(self, "iam_policy_uid_principal") + + diff --git a/sdk/python/pulumi_gcp/parametermanager/parameter_version.py b/sdk/python/pulumi_gcp/parametermanager/parameter_version.py new file mode 100644 index 0000000000..e47b778c85 --- /dev/null +++ b/sdk/python/pulumi_gcp/parametermanager/parameter_version.py @@ -0,0 +1,496 @@ +# coding=utf-8 +# *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +# *** Do not edit by hand unless you're certain you know what you are doing! *** + +import copy +import warnings +import sys +import pulumi +import pulumi.runtime +from typing import Any, Mapping, Optional, Sequence, Union, overload +if sys.version_info >= (3, 11): + from typing import NotRequired, TypedDict, TypeAlias +else: + from typing_extensions import NotRequired, TypedDict, TypeAlias +from .. import _utilities + +__all__ = ['ParameterVersionArgs', 'ParameterVersion'] + +@pulumi.input_type +class ParameterVersionArgs: + def __init__(__self__, *, + parameter: pulumi.Input[str], + parameter_data: pulumi.Input[str], + parameter_version_id: pulumi.Input[str], + disabled: Optional[pulumi.Input[bool]] = None): + """ + The set of arguments for constructing a ParameterVersion resource. + :param pulumi.Input[str] parameter: Parameter Manager Parameter resource. + :param pulumi.Input[str] parameter_data: The Parameter data. + **Note**: This property is sensitive and will not be displayed in the plan. + :param pulumi.Input[str] parameter_version_id: Version ID of the Parameter Version Resource. This must be unique within the Parameter. + + + - - - + :param pulumi.Input[bool] disabled: The current state of Parameter Version. This field is only applicable for updating Parameter Version. + """ + pulumi.set(__self__, "parameter", parameter) + pulumi.set(__self__, "parameter_data", parameter_data) + pulumi.set(__self__, "parameter_version_id", parameter_version_id) + if disabled is not None: + pulumi.set(__self__, "disabled", disabled) + + @property + @pulumi.getter + def parameter(self) -> pulumi.Input[str]: + """ + Parameter Manager Parameter resource. + """ + return pulumi.get(self, "parameter") + + @parameter.setter + def parameter(self, value: pulumi.Input[str]): + pulumi.set(self, "parameter", value) + + @property + @pulumi.getter(name="parameterData") + def parameter_data(self) -> pulumi.Input[str]: + """ + The Parameter data. + **Note**: This property is sensitive and will not be displayed in the plan. + """ + return pulumi.get(self, "parameter_data") + + @parameter_data.setter + def parameter_data(self, value: pulumi.Input[str]): + pulumi.set(self, "parameter_data", value) + + @property + @pulumi.getter(name="parameterVersionId") + def parameter_version_id(self) -> pulumi.Input[str]: + """ + Version ID of the Parameter Version Resource. This must be unique within the Parameter. + + + - - - + """ + return pulumi.get(self, "parameter_version_id") + + @parameter_version_id.setter + def parameter_version_id(self, value: pulumi.Input[str]): + pulumi.set(self, "parameter_version_id", value) + + @property + @pulumi.getter + def disabled(self) -> Optional[pulumi.Input[bool]]: + """ + The current state of Parameter Version. This field is only applicable for updating Parameter Version. + """ + return pulumi.get(self, "disabled") + + @disabled.setter + def disabled(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "disabled", value) + + +@pulumi.input_type +class _ParameterVersionState: + def __init__(__self__, *, + create_time: Optional[pulumi.Input[str]] = None, + disabled: Optional[pulumi.Input[bool]] = None, + name: Optional[pulumi.Input[str]] = None, + parameter: Optional[pulumi.Input[str]] = None, + parameter_data: Optional[pulumi.Input[str]] = None, + parameter_version_id: Optional[pulumi.Input[str]] = None, + update_time: Optional[pulumi.Input[str]] = None): + """ + Input properties used for looking up and filtering ParameterVersion resources. + :param pulumi.Input[str] create_time: The time at which the Parameter Version was created. + :param pulumi.Input[bool] disabled: The current state of Parameter Version. This field is only applicable for updating Parameter Version. + :param pulumi.Input[str] name: The resource name of the Parameter Version. Format: + `projects/{{project}}/locations/global/parameters/{{parameter_id}}/versions/{{parameter_version_id}}` + :param pulumi.Input[str] parameter: Parameter Manager Parameter resource. + :param pulumi.Input[str] parameter_data: The Parameter data. + **Note**: This property is sensitive and will not be displayed in the plan. + :param pulumi.Input[str] parameter_version_id: Version ID of the Parameter Version Resource. This must be unique within the Parameter. + + + - - - + :param pulumi.Input[str] update_time: The time at which the Parameter Version was updated. + """ + if create_time is not None: + pulumi.set(__self__, "create_time", create_time) + if disabled is not None: + pulumi.set(__self__, "disabled", disabled) + if name is not None: + pulumi.set(__self__, "name", name) + if parameter is not None: + pulumi.set(__self__, "parameter", parameter) + if parameter_data is not None: + pulumi.set(__self__, "parameter_data", parameter_data) + if parameter_version_id is not None: + pulumi.set(__self__, "parameter_version_id", parameter_version_id) + if update_time is not None: + pulumi.set(__self__, "update_time", update_time) + + @property + @pulumi.getter(name="createTime") + def create_time(self) -> Optional[pulumi.Input[str]]: + """ + The time at which the Parameter Version was created. + """ + return pulumi.get(self, "create_time") + + @create_time.setter + def create_time(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "create_time", value) + + @property + @pulumi.getter + def disabled(self) -> Optional[pulumi.Input[bool]]: + """ + The current state of Parameter Version. This field is only applicable for updating Parameter Version. + """ + return pulumi.get(self, "disabled") + + @disabled.setter + def disabled(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "disabled", value) + + @property + @pulumi.getter + def name(self) -> Optional[pulumi.Input[str]]: + """ + The resource name of the Parameter Version. Format: + `projects/{{project}}/locations/global/parameters/{{parameter_id}}/versions/{{parameter_version_id}}` + """ + return pulumi.get(self, "name") + + @name.setter + def name(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "name", value) + + @property + @pulumi.getter + def parameter(self) -> Optional[pulumi.Input[str]]: + """ + Parameter Manager Parameter resource. + """ + return pulumi.get(self, "parameter") + + @parameter.setter + def parameter(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "parameter", value) + + @property + @pulumi.getter(name="parameterData") + def parameter_data(self) -> Optional[pulumi.Input[str]]: + """ + The Parameter data. + **Note**: This property is sensitive and will not be displayed in the plan. + """ + return pulumi.get(self, "parameter_data") + + @parameter_data.setter + def parameter_data(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "parameter_data", value) + + @property + @pulumi.getter(name="parameterVersionId") + def parameter_version_id(self) -> Optional[pulumi.Input[str]]: + """ + Version ID of the Parameter Version Resource. This must be unique within the Parameter. + + + - - - + """ + return pulumi.get(self, "parameter_version_id") + + @parameter_version_id.setter + def parameter_version_id(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "parameter_version_id", value) + + @property + @pulumi.getter(name="updateTime") + def update_time(self) -> Optional[pulumi.Input[str]]: + """ + The time at which the Parameter Version was updated. + """ + return pulumi.get(self, "update_time") + + @update_time.setter + def update_time(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "update_time", value) + + +class ParameterVersion(pulumi.CustomResource): + @overload + def __init__(__self__, + resource_name: str, + opts: Optional[pulumi.ResourceOptions] = None, + disabled: Optional[pulumi.Input[bool]] = None, + parameter: Optional[pulumi.Input[str]] = None, + parameter_data: Optional[pulumi.Input[str]] = None, + parameter_version_id: Optional[pulumi.Input[str]] = None, + __props__=None): + """ + ## Example Usage + + ### Parameter Version Basic + + ```python + import pulumi + import pulumi_gcp as gcp + + parameter_basic = gcp.parametermanager.Parameter("parameter-basic", parameter_id="parameter") + parameter_version_basic = gcp.parametermanager.ParameterVersion("parameter-version-basic", + parameter=parameter_basic.id, + parameter_version_id="parameter_version", + parameter_data="app-parameter-version-data") + ``` + ### Parameter Version With Json Format + + ```python + import pulumi + import json + import pulumi_gcp as gcp + + parameter_basic = gcp.parametermanager.Parameter("parameter-basic", + parameter_id="parameter", + format="JSON") + parameter_version_with_json_format = gcp.parametermanager.ParameterVersion("parameter-version-with-json-format", + parameter=parameter_basic.id, + parameter_version_id="parameter_version", + parameter_data=json.dumps({ + "key1": "val1", + "key2": "val2", + })) + ``` + ## Import + + ParameterVersion can be imported using any of these accepted formats: + + * `projects/{{project}}/locations/global/parameters/{{parameter_id}}/versions/{{parameter_version_id}}` + + When using the `pulumi import` command, ParameterVersion can be imported using one of the formats above. For example: + + ```sh + $ pulumi import gcp:parametermanager/parameterVersion:ParameterVersion default projects/{{project}}/locations/global/parameters/{{parameter_id}}/versions/{{parameter_version_id}} + ``` + + :param str resource_name: The name of the resource. + :param pulumi.ResourceOptions opts: Options for the resource. + :param pulumi.Input[bool] disabled: The current state of Parameter Version. This field is only applicable for updating Parameter Version. + :param pulumi.Input[str] parameter: Parameter Manager Parameter resource. + :param pulumi.Input[str] parameter_data: The Parameter data. + **Note**: This property is sensitive and will not be displayed in the plan. + :param pulumi.Input[str] parameter_version_id: Version ID of the Parameter Version Resource. This must be unique within the Parameter. + + + - - - + """ + ... + @overload + def __init__(__self__, + resource_name: str, + args: ParameterVersionArgs, + opts: Optional[pulumi.ResourceOptions] = None): + """ + ## Example Usage + + ### Parameter Version Basic + + ```python + import pulumi + import pulumi_gcp as gcp + + parameter_basic = gcp.parametermanager.Parameter("parameter-basic", parameter_id="parameter") + parameter_version_basic = gcp.parametermanager.ParameterVersion("parameter-version-basic", + parameter=parameter_basic.id, + parameter_version_id="parameter_version", + parameter_data="app-parameter-version-data") + ``` + ### Parameter Version With Json Format + + ```python + import pulumi + import json + import pulumi_gcp as gcp + + parameter_basic = gcp.parametermanager.Parameter("parameter-basic", + parameter_id="parameter", + format="JSON") + parameter_version_with_json_format = gcp.parametermanager.ParameterVersion("parameter-version-with-json-format", + parameter=parameter_basic.id, + parameter_version_id="parameter_version", + parameter_data=json.dumps({ + "key1": "val1", + "key2": "val2", + })) + ``` + ## Import + + ParameterVersion can be imported using any of these accepted formats: + + * `projects/{{project}}/locations/global/parameters/{{parameter_id}}/versions/{{parameter_version_id}}` + + When using the `pulumi import` command, ParameterVersion can be imported using one of the formats above. For example: + + ```sh + $ pulumi import gcp:parametermanager/parameterVersion:ParameterVersion default projects/{{project}}/locations/global/parameters/{{parameter_id}}/versions/{{parameter_version_id}} + ``` + + :param str resource_name: The name of the resource. + :param ParameterVersionArgs args: The arguments to use to populate this resource's properties. + :param pulumi.ResourceOptions opts: Options for the resource. + """ + ... + def __init__(__self__, resource_name: str, *args, **kwargs): + resource_args, opts = _utilities.get_resource_args_opts(ParameterVersionArgs, pulumi.ResourceOptions, *args, **kwargs) + if resource_args is not None: + __self__._internal_init(resource_name, opts, **resource_args.__dict__) + else: + __self__._internal_init(resource_name, *args, **kwargs) + + def _internal_init(__self__, + resource_name: str, + opts: Optional[pulumi.ResourceOptions] = None, + disabled: Optional[pulumi.Input[bool]] = None, + parameter: Optional[pulumi.Input[str]] = None, + parameter_data: Optional[pulumi.Input[str]] = None, + parameter_version_id: Optional[pulumi.Input[str]] = None, + __props__=None): + opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts) + if not isinstance(opts, pulumi.ResourceOptions): + raise TypeError('Expected resource options to be a ResourceOptions instance') + if opts.id is None: + if __props__ is not None: + raise TypeError('__props__ is only valid when passed in combination with a valid opts.id to get an existing resource') + __props__ = ParameterVersionArgs.__new__(ParameterVersionArgs) + + __props__.__dict__["disabled"] = disabled + if parameter is None and not opts.urn: + raise TypeError("Missing required property 'parameter'") + __props__.__dict__["parameter"] = parameter + if parameter_data is None and not opts.urn: + raise TypeError("Missing required property 'parameter_data'") + __props__.__dict__["parameter_data"] = None if parameter_data is None else pulumi.Output.secret(parameter_data) + if parameter_version_id is None and not opts.urn: + raise TypeError("Missing required property 'parameter_version_id'") + __props__.__dict__["parameter_version_id"] = parameter_version_id + __props__.__dict__["create_time"] = None + __props__.__dict__["name"] = None + __props__.__dict__["update_time"] = None + secret_opts = pulumi.ResourceOptions(additional_secret_outputs=["parameterData"]) + opts = pulumi.ResourceOptions.merge(opts, secret_opts) + super(ParameterVersion, __self__).__init__( + 'gcp:parametermanager/parameterVersion:ParameterVersion', + resource_name, + __props__, + opts) + + @staticmethod + def get(resource_name: str, + id: pulumi.Input[str], + opts: Optional[pulumi.ResourceOptions] = None, + create_time: Optional[pulumi.Input[str]] = None, + disabled: Optional[pulumi.Input[bool]] = None, + name: Optional[pulumi.Input[str]] = None, + parameter: Optional[pulumi.Input[str]] = None, + parameter_data: Optional[pulumi.Input[str]] = None, + parameter_version_id: Optional[pulumi.Input[str]] = None, + update_time: Optional[pulumi.Input[str]] = None) -> 'ParameterVersion': + """ + Get an existing ParameterVersion resource's state with the given name, id, and optional extra + properties used to qualify the lookup. + + :param str resource_name: The unique name of the resulting resource. + :param pulumi.Input[str] id: The unique provider ID of the resource to lookup. + :param pulumi.ResourceOptions opts: Options for the resource. + :param pulumi.Input[str] create_time: The time at which the Parameter Version was created. + :param pulumi.Input[bool] disabled: The current state of Parameter Version. This field is only applicable for updating Parameter Version. + :param pulumi.Input[str] name: The resource name of the Parameter Version. Format: + `projects/{{project}}/locations/global/parameters/{{parameter_id}}/versions/{{parameter_version_id}}` + :param pulumi.Input[str] parameter: Parameter Manager Parameter resource. + :param pulumi.Input[str] parameter_data: The Parameter data. + **Note**: This property is sensitive and will not be displayed in the plan. + :param pulumi.Input[str] parameter_version_id: Version ID of the Parameter Version Resource. This must be unique within the Parameter. + + + - - - + :param pulumi.Input[str] update_time: The time at which the Parameter Version was updated. + """ + opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id)) + + __props__ = _ParameterVersionState.__new__(_ParameterVersionState) + + __props__.__dict__["create_time"] = create_time + __props__.__dict__["disabled"] = disabled + __props__.__dict__["name"] = name + __props__.__dict__["parameter"] = parameter + __props__.__dict__["parameter_data"] = parameter_data + __props__.__dict__["parameter_version_id"] = parameter_version_id + __props__.__dict__["update_time"] = update_time + return ParameterVersion(resource_name, opts=opts, __props__=__props__) + + @property + @pulumi.getter(name="createTime") + def create_time(self) -> pulumi.Output[str]: + """ + The time at which the Parameter Version was created. + """ + return pulumi.get(self, "create_time") + + @property + @pulumi.getter + def disabled(self) -> pulumi.Output[Optional[bool]]: + """ + The current state of Parameter Version. This field is only applicable for updating Parameter Version. + """ + return pulumi.get(self, "disabled") + + @property + @pulumi.getter + def name(self) -> pulumi.Output[str]: + """ + The resource name of the Parameter Version. Format: + `projects/{{project}}/locations/global/parameters/{{parameter_id}}/versions/{{parameter_version_id}}` + """ + return pulumi.get(self, "name") + + @property + @pulumi.getter + def parameter(self) -> pulumi.Output[str]: + """ + Parameter Manager Parameter resource. + """ + return pulumi.get(self, "parameter") + + @property + @pulumi.getter(name="parameterData") + def parameter_data(self) -> pulumi.Output[str]: + """ + The Parameter data. + **Note**: This property is sensitive and will not be displayed in the plan. + """ + return pulumi.get(self, "parameter_data") + + @property + @pulumi.getter(name="parameterVersionId") + def parameter_version_id(self) -> pulumi.Output[str]: + """ + Version ID of the Parameter Version Resource. This must be unique within the Parameter. + + + - - - + """ + return pulumi.get(self, "parameter_version_id") + + @property + @pulumi.getter(name="updateTime") + def update_time(self) -> pulumi.Output[str]: + """ + The time at which the Parameter Version was updated. + """ + return pulumi.get(self, "update_time") + diff --git a/sdk/python/pulumi_gcp/parametermanager/regional_parameter_version.py b/sdk/python/pulumi_gcp/parametermanager/regional_parameter_version.py index 9df45023cc..b9c89d8075 100644 --- a/sdk/python/pulumi_gcp/parametermanager/regional_parameter_version.py +++ b/sdk/python/pulumi_gcp/parametermanager/regional_parameter_version.py @@ -270,8 +270,8 @@ def __init__(__self__, ```python import pulumi + import json import pulumi_gcp as gcp - import pulumi_std as std regional_parameter_basic = gcp.parametermanager.RegionalParameter("regional-parameter-basic", parameter_id="regional_parameter", @@ -280,25 +280,11 @@ def __init__(__self__, regional_parameter_version_with_json_format = gcp.parametermanager.RegionalParameterVersion("regional-parameter-version-with-json-format", parameter=regional_parameter_basic.id, parameter_version_id="regional_parameter_version", - parameter_data=std.file(input="parameter_data_json_format.yaml").result) + parameter_data=json.dumps({ + "key1": "val1", + "key2": "val2", + })) ``` - ### Regional Parameter Version With Yaml Format - - ```python - import pulumi - import pulumi_gcp as gcp - import pulumi_std as std - - regional_parameter_basic = gcp.parametermanager.RegionalParameter("regional-parameter-basic", - parameter_id="regional_parameter", - format="YAML", - location="us-central1") - regional_parameter_version_with_yaml_format = gcp.parametermanager.RegionalParameterVersion("regional-parameter-version-with-yaml-format", - parameter=regional_parameter_basic.id, - parameter_version_id="regional_parameter_version", - parameter_data=std.file(input="parameter_data_yaml_format.yaml").result) - ``` - ## Import RegionalParameterVersion can be imported using any of these accepted formats: @@ -349,8 +335,8 @@ def __init__(__self__, ```python import pulumi + import json import pulumi_gcp as gcp - import pulumi_std as std regional_parameter_basic = gcp.parametermanager.RegionalParameter("regional-parameter-basic", parameter_id="regional_parameter", @@ -359,25 +345,11 @@ def __init__(__self__, regional_parameter_version_with_json_format = gcp.parametermanager.RegionalParameterVersion("regional-parameter-version-with-json-format", parameter=regional_parameter_basic.id, parameter_version_id="regional_parameter_version", - parameter_data=std.file(input="parameter_data_json_format.yaml").result) + parameter_data=json.dumps({ + "key1": "val1", + "key2": "val2", + })) ``` - ### Regional Parameter Version With Yaml Format - - ```python - import pulumi - import pulumi_gcp as gcp - import pulumi_std as std - - regional_parameter_basic = gcp.parametermanager.RegionalParameter("regional-parameter-basic", - parameter_id="regional_parameter", - format="YAML", - location="us-central1") - regional_parameter_version_with_yaml_format = gcp.parametermanager.RegionalParameterVersion("regional-parameter-version-with-yaml-format", - parameter=regional_parameter_basic.id, - parameter_version_id="regional_parameter_version", - parameter_data=std.file(input="parameter_data_yaml_format.yaml").result) - ``` - ## Import RegionalParameterVersion can be imported using any of these accepted formats: diff --git a/sdk/python/pulumi_gcp/provider.py b/sdk/python/pulumi_gcp/provider.py index c4825dc274..868ff38a53 100644 --- a/sdk/python/pulumi_gcp/provider.py +++ b/sdk/python/pulumi_gcp/provider.py @@ -28,6 +28,7 @@ def __init__(__self__, *, alloydb_custom_endpoint: Optional[pulumi.Input[str]] = None, api_gateway_custom_endpoint: Optional[pulumi.Input[str]] = None, apigee_custom_endpoint: Optional[pulumi.Input[str]] = None, + apihub_custom_endpoint: Optional[pulumi.Input[str]] = None, apikeys_custom_endpoint: Optional[pulumi.Input[str]] = None, app_engine_custom_endpoint: Optional[pulumi.Input[str]] = None, apphub_custom_endpoint: Optional[pulumi.Input[str]] = None, @@ -223,6 +224,8 @@ def __init__(__self__, *, pulumi.set(__self__, "api_gateway_custom_endpoint", api_gateway_custom_endpoint) if apigee_custom_endpoint is not None: pulumi.set(__self__, "apigee_custom_endpoint", apigee_custom_endpoint) + if apihub_custom_endpoint is not None: + pulumi.set(__self__, "apihub_custom_endpoint", apihub_custom_endpoint) if apikeys_custom_endpoint is not None: pulumi.set(__self__, "apikeys_custom_endpoint", apikeys_custom_endpoint) if app_engine_custom_endpoint is not None: @@ -654,6 +657,15 @@ def apigee_custom_endpoint(self) -> Optional[pulumi.Input[str]]: def apigee_custom_endpoint(self, value: Optional[pulumi.Input[str]]): pulumi.set(self, "apigee_custom_endpoint", value) + @property + @pulumi.getter(name="apihubCustomEndpoint") + def apihub_custom_endpoint(self) -> Optional[pulumi.Input[str]]: + return pulumi.get(self, "apihub_custom_endpoint") + + @apihub_custom_endpoint.setter + def apihub_custom_endpoint(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "apihub_custom_endpoint", value) + @property @pulumi.getter(name="apikeysCustomEndpoint") def apikeys_custom_endpoint(self) -> Optional[pulumi.Input[str]]: @@ -2252,6 +2264,7 @@ def __init__(__self__, alloydb_custom_endpoint: Optional[pulumi.Input[str]] = None, api_gateway_custom_endpoint: Optional[pulumi.Input[str]] = None, apigee_custom_endpoint: Optional[pulumi.Input[str]] = None, + apihub_custom_endpoint: Optional[pulumi.Input[str]] = None, apikeys_custom_endpoint: Optional[pulumi.Input[str]] = None, app_engine_custom_endpoint: Optional[pulumi.Input[str]] = None, apphub_custom_endpoint: Optional[pulumi.Input[str]] = None, @@ -2473,6 +2486,7 @@ def _internal_init(__self__, alloydb_custom_endpoint: Optional[pulumi.Input[str]] = None, api_gateway_custom_endpoint: Optional[pulumi.Input[str]] = None, apigee_custom_endpoint: Optional[pulumi.Input[str]] = None, + apihub_custom_endpoint: Optional[pulumi.Input[str]] = None, apikeys_custom_endpoint: Optional[pulumi.Input[str]] = None, app_engine_custom_endpoint: Optional[pulumi.Input[str]] = None, apphub_custom_endpoint: Optional[pulumi.Input[str]] = None, @@ -2666,6 +2680,7 @@ def _internal_init(__self__, __props__.__dict__["alloydb_custom_endpoint"] = alloydb_custom_endpoint __props__.__dict__["api_gateway_custom_endpoint"] = api_gateway_custom_endpoint __props__.__dict__["apigee_custom_endpoint"] = apigee_custom_endpoint + __props__.__dict__["apihub_custom_endpoint"] = apihub_custom_endpoint __props__.__dict__["apikeys_custom_endpoint"] = apikeys_custom_endpoint __props__.__dict__["app_engine_custom_endpoint"] = app_engine_custom_endpoint __props__.__dict__["apphub_custom_endpoint"] = apphub_custom_endpoint @@ -2891,6 +2906,11 @@ def api_gateway_custom_endpoint(self) -> pulumi.Output[Optional[str]]: def apigee_custom_endpoint(self) -> pulumi.Output[Optional[str]]: return pulumi.get(self, "apigee_custom_endpoint") + @property + @pulumi.getter(name="apihubCustomEndpoint") + def apihub_custom_endpoint(self) -> pulumi.Output[Optional[str]]: + return pulumi.get(self, "apihub_custom_endpoint") + @property @pulumi.getter(name="apikeysCustomEndpoint") def apikeys_custom_endpoint(self) -> pulumi.Output[Optional[str]]: diff --git a/sdk/python/pulumi_gcp/pubsub/_inputs.py b/sdk/python/pulumi_gcp/pubsub/_inputs.py index 6f83bf884e..26b430d4d6 100644 --- a/sdk/python/pulumi_gcp/pubsub/_inputs.py +++ b/sdk/python/pulumi_gcp/pubsub/_inputs.py @@ -59,6 +59,8 @@ 'TopicIngestionDataSourceSettingsArgsDict', 'TopicIngestionDataSourceSettingsAwsKinesisArgs', 'TopicIngestionDataSourceSettingsAwsKinesisArgsDict', + 'TopicIngestionDataSourceSettingsAzureEventHubsArgs', + 'TopicIngestionDataSourceSettingsAzureEventHubsArgsDict', 'TopicIngestionDataSourceSettingsCloudStorageArgs', 'TopicIngestionDataSourceSettingsCloudStorageArgsDict', 'TopicIngestionDataSourceSettingsCloudStorageAvroFormatArgs', @@ -1508,6 +1510,11 @@ class TopicIngestionDataSourceSettingsArgsDict(TypedDict): Settings for ingestion from Amazon Kinesis Data Streams. Structure is documented below. """ + azure_event_hubs: NotRequired[pulumi.Input['TopicIngestionDataSourceSettingsAzureEventHubsArgsDict']] + """ + Settings for ingestion from Azure Event Hubs. + Structure is documented below. + """ cloud_storage: NotRequired[pulumi.Input['TopicIngestionDataSourceSettingsCloudStorageArgsDict']] """ Settings for ingestion from Cloud Storage. @@ -1526,11 +1533,14 @@ class TopicIngestionDataSourceSettingsArgsDict(TypedDict): class TopicIngestionDataSourceSettingsArgs: def __init__(__self__, *, aws_kinesis: Optional[pulumi.Input['TopicIngestionDataSourceSettingsAwsKinesisArgs']] = None, + azure_event_hubs: Optional[pulumi.Input['TopicIngestionDataSourceSettingsAzureEventHubsArgs']] = None, cloud_storage: Optional[pulumi.Input['TopicIngestionDataSourceSettingsCloudStorageArgs']] = None, platform_logs_settings: Optional[pulumi.Input['TopicIngestionDataSourceSettingsPlatformLogsSettingsArgs']] = None): """ :param pulumi.Input['TopicIngestionDataSourceSettingsAwsKinesisArgs'] aws_kinesis: Settings for ingestion from Amazon Kinesis Data Streams. Structure is documented below. + :param pulumi.Input['TopicIngestionDataSourceSettingsAzureEventHubsArgs'] azure_event_hubs: Settings for ingestion from Azure Event Hubs. + Structure is documented below. :param pulumi.Input['TopicIngestionDataSourceSettingsCloudStorageArgs'] cloud_storage: Settings for ingestion from Cloud Storage. Structure is documented below. :param pulumi.Input['TopicIngestionDataSourceSettingsPlatformLogsSettingsArgs'] platform_logs_settings: Settings for Platform Logs regarding ingestion to Pub/Sub. If unset, @@ -1539,6 +1549,8 @@ def __init__(__self__, *, """ if aws_kinesis is not None: pulumi.set(__self__, "aws_kinesis", aws_kinesis) + if azure_event_hubs is not None: + pulumi.set(__self__, "azure_event_hubs", azure_event_hubs) if cloud_storage is not None: pulumi.set(__self__, "cloud_storage", cloud_storage) if platform_logs_settings is not None: @@ -1557,6 +1569,19 @@ def aws_kinesis(self) -> Optional[pulumi.Input['TopicIngestionDataSourceSettings def aws_kinesis(self, value: Optional[pulumi.Input['TopicIngestionDataSourceSettingsAwsKinesisArgs']]): pulumi.set(self, "aws_kinesis", value) + @property + @pulumi.getter(name="azureEventHubs") + def azure_event_hubs(self) -> Optional[pulumi.Input['TopicIngestionDataSourceSettingsAzureEventHubsArgs']]: + """ + Settings for ingestion from Azure Event Hubs. + Structure is documented below. + """ + return pulumi.get(self, "azure_event_hubs") + + @azure_event_hubs.setter + def azure_event_hubs(self, value: Optional[pulumi.Input['TopicIngestionDataSourceSettingsAzureEventHubsArgs']]): + pulumi.set(self, "azure_event_hubs", value) + @property @pulumi.getter(name="cloudStorage") def cloud_storage(self) -> Optional[pulumi.Input['TopicIngestionDataSourceSettingsCloudStorageArgs']]: @@ -1694,6 +1719,164 @@ def stream_arn(self, value: pulumi.Input[str]): pulumi.set(self, "stream_arn", value) +if not MYPY: + class TopicIngestionDataSourceSettingsAzureEventHubsArgsDict(TypedDict): + client_id: NotRequired[pulumi.Input[str]] + """ + The Azure event hub client ID to use for ingestion. + """ + event_hub: NotRequired[pulumi.Input[str]] + """ + The Azure event hub to ingest data from. + """ + gcp_service_account: NotRequired[pulumi.Input[str]] + """ + The GCP service account to be used for Federated Identity authentication + with Azure (via a `AssumeRoleWithWebIdentity` call for the provided + role). + """ + namespace: NotRequired[pulumi.Input[str]] + """ + The Azure event hub namespace to ingest data from. + """ + resource_group: NotRequired[pulumi.Input[str]] + """ + The name of the resource group within an Azure subscription. + """ + subscription_id: NotRequired[pulumi.Input[str]] + """ + The Azure event hub subscription ID to use for ingestion. + """ + tenant_id: NotRequired[pulumi.Input[str]] + """ + The Azure event hub tenant ID to use for ingestion. + """ +elif False: + TopicIngestionDataSourceSettingsAzureEventHubsArgsDict: TypeAlias = Mapping[str, Any] + +@pulumi.input_type +class TopicIngestionDataSourceSettingsAzureEventHubsArgs: + def __init__(__self__, *, + client_id: Optional[pulumi.Input[str]] = None, + event_hub: Optional[pulumi.Input[str]] = None, + gcp_service_account: Optional[pulumi.Input[str]] = None, + namespace: Optional[pulumi.Input[str]] = None, + resource_group: Optional[pulumi.Input[str]] = None, + subscription_id: Optional[pulumi.Input[str]] = None, + tenant_id: Optional[pulumi.Input[str]] = None): + """ + :param pulumi.Input[str] client_id: The Azure event hub client ID to use for ingestion. + :param pulumi.Input[str] event_hub: The Azure event hub to ingest data from. + :param pulumi.Input[str] gcp_service_account: The GCP service account to be used for Federated Identity authentication + with Azure (via a `AssumeRoleWithWebIdentity` call for the provided + role). + :param pulumi.Input[str] namespace: The Azure event hub namespace to ingest data from. + :param pulumi.Input[str] resource_group: The name of the resource group within an Azure subscription. + :param pulumi.Input[str] subscription_id: The Azure event hub subscription ID to use for ingestion. + :param pulumi.Input[str] tenant_id: The Azure event hub tenant ID to use for ingestion. + """ + if client_id is not None: + pulumi.set(__self__, "client_id", client_id) + if event_hub is not None: + pulumi.set(__self__, "event_hub", event_hub) + if gcp_service_account is not None: + pulumi.set(__self__, "gcp_service_account", gcp_service_account) + if namespace is not None: + pulumi.set(__self__, "namespace", namespace) + if resource_group is not None: + pulumi.set(__self__, "resource_group", resource_group) + if subscription_id is not None: + pulumi.set(__self__, "subscription_id", subscription_id) + if tenant_id is not None: + pulumi.set(__self__, "tenant_id", tenant_id) + + @property + @pulumi.getter(name="clientId") + def client_id(self) -> Optional[pulumi.Input[str]]: + """ + The Azure event hub client ID to use for ingestion. + """ + return pulumi.get(self, "client_id") + + @client_id.setter + def client_id(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "client_id", value) + + @property + @pulumi.getter(name="eventHub") + def event_hub(self) -> Optional[pulumi.Input[str]]: + """ + The Azure event hub to ingest data from. + """ + return pulumi.get(self, "event_hub") + + @event_hub.setter + def event_hub(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "event_hub", value) + + @property + @pulumi.getter(name="gcpServiceAccount") + def gcp_service_account(self) -> Optional[pulumi.Input[str]]: + """ + The GCP service account to be used for Federated Identity authentication + with Azure (via a `AssumeRoleWithWebIdentity` call for the provided + role). + """ + return pulumi.get(self, "gcp_service_account") + + @gcp_service_account.setter + def gcp_service_account(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "gcp_service_account", value) + + @property + @pulumi.getter + def namespace(self) -> Optional[pulumi.Input[str]]: + """ + The Azure event hub namespace to ingest data from. + """ + return pulumi.get(self, "namespace") + + @namespace.setter + def namespace(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "namespace", value) + + @property + @pulumi.getter(name="resourceGroup") + def resource_group(self) -> Optional[pulumi.Input[str]]: + """ + The name of the resource group within an Azure subscription. + """ + return pulumi.get(self, "resource_group") + + @resource_group.setter + def resource_group(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "resource_group", value) + + @property + @pulumi.getter(name="subscriptionId") + def subscription_id(self) -> Optional[pulumi.Input[str]]: + """ + The Azure event hub subscription ID to use for ingestion. + """ + return pulumi.get(self, "subscription_id") + + @subscription_id.setter + def subscription_id(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "subscription_id", value) + + @property + @pulumi.getter(name="tenantId") + def tenant_id(self) -> Optional[pulumi.Input[str]]: + """ + The Azure event hub tenant ID to use for ingestion. + """ + return pulumi.get(self, "tenant_id") + + @tenant_id.setter + def tenant_id(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "tenant_id", value) + + if not MYPY: class TopicIngestionDataSourceSettingsCloudStorageArgsDict(TypedDict): bucket: pulumi.Input[str] @@ -1978,13 +2161,21 @@ class TopicMessageStoragePolicyArgsDict(TypedDict): allowed regions. An empty list means that no regions are allowed, and is not a valid configuration. """ + enforce_in_transit: NotRequired[pulumi.Input[bool]] + """ + If true, `allowedPersistenceRegions` is also used to enforce in-transit + guarantees for messages. That is, Pub/Sub will fail topics.publish + operations on this topic and subscribe operations on any subscription + attached to this topic in any region that is not in `allowedPersistenceRegions`. + """ elif False: TopicMessageStoragePolicyArgsDict: TypeAlias = Mapping[str, Any] @pulumi.input_type class TopicMessageStoragePolicyArgs: def __init__(__self__, *, - allowed_persistence_regions: pulumi.Input[Sequence[pulumi.Input[str]]]): + allowed_persistence_regions: pulumi.Input[Sequence[pulumi.Input[str]]], + enforce_in_transit: Optional[pulumi.Input[bool]] = None): """ :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_persistence_regions: A list of IDs of GCP regions where messages that are published to the topic may be persisted in storage. Messages published by @@ -1992,8 +2183,14 @@ def __init__(__self__, *, of GCP altogether) will be routed for storage in one of the allowed regions. An empty list means that no regions are allowed, and is not a valid configuration. + :param pulumi.Input[bool] enforce_in_transit: If true, `allowedPersistenceRegions` is also used to enforce in-transit + guarantees for messages. That is, Pub/Sub will fail topics.publish + operations on this topic and subscribe operations on any subscription + attached to this topic in any region that is not in `allowedPersistenceRegions`. """ pulumi.set(__self__, "allowed_persistence_regions", allowed_persistence_regions) + if enforce_in_transit is not None: + pulumi.set(__self__, "enforce_in_transit", enforce_in_transit) @property @pulumi.getter(name="allowedPersistenceRegions") @@ -2012,6 +2209,21 @@ def allowed_persistence_regions(self) -> pulumi.Input[Sequence[pulumi.Input[str] def allowed_persistence_regions(self, value: pulumi.Input[Sequence[pulumi.Input[str]]]): pulumi.set(self, "allowed_persistence_regions", value) + @property + @pulumi.getter(name="enforceInTransit") + def enforce_in_transit(self) -> Optional[pulumi.Input[bool]]: + """ + If true, `allowedPersistenceRegions` is also used to enforce in-transit + guarantees for messages. That is, Pub/Sub will fail topics.publish + operations on this topic and subscribe operations on any subscription + attached to this topic in any region that is not in `allowedPersistenceRegions`. + """ + return pulumi.get(self, "enforce_in_transit") + + @enforce_in_transit.setter + def enforce_in_transit(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "enforce_in_transit", value) + if not MYPY: class TopicSchemaSettingsArgsDict(TypedDict): diff --git a/sdk/python/pulumi_gcp/pubsub/outputs.py b/sdk/python/pulumi_gcp/pubsub/outputs.py index 14a61dcb92..8f5a8f94cd 100644 --- a/sdk/python/pulumi_gcp/pubsub/outputs.py +++ b/sdk/python/pulumi_gcp/pubsub/outputs.py @@ -38,6 +38,7 @@ 'TopicIAMMemberCondition', 'TopicIngestionDataSourceSettings', 'TopicIngestionDataSourceSettingsAwsKinesis', + 'TopicIngestionDataSourceSettingsAzureEventHubs', 'TopicIngestionDataSourceSettingsCloudStorage', 'TopicIngestionDataSourceSettingsCloudStorageAvroFormat', 'TopicIngestionDataSourceSettingsCloudStoragePubsubAvroFormat', @@ -56,6 +57,7 @@ 'GetSubscriptionRetryPolicyResult', 'GetTopicIngestionDataSourceSettingResult', 'GetTopicIngestionDataSourceSettingAwsKineseResult', + 'GetTopicIngestionDataSourceSettingAzureEventHubResult', 'GetTopicIngestionDataSourceSettingCloudStorageResult', 'GetTopicIngestionDataSourceSettingCloudStorageAvroFormatResult', 'GetTopicIngestionDataSourceSettingCloudStoragePubsubAvroFormatResult', @@ -1165,6 +1167,8 @@ def __key_warning(key: str): suggest = None if key == "awsKinesis": suggest = "aws_kinesis" + elif key == "azureEventHubs": + suggest = "azure_event_hubs" elif key == "cloudStorage": suggest = "cloud_storage" elif key == "platformLogsSettings": @@ -1183,11 +1187,14 @@ def get(self, key: str, default = None) -> Any: def __init__(__self__, *, aws_kinesis: Optional['outputs.TopicIngestionDataSourceSettingsAwsKinesis'] = None, + azure_event_hubs: Optional['outputs.TopicIngestionDataSourceSettingsAzureEventHubs'] = None, cloud_storage: Optional['outputs.TopicIngestionDataSourceSettingsCloudStorage'] = None, platform_logs_settings: Optional['outputs.TopicIngestionDataSourceSettingsPlatformLogsSettings'] = None): """ :param 'TopicIngestionDataSourceSettingsAwsKinesisArgs' aws_kinesis: Settings for ingestion from Amazon Kinesis Data Streams. Structure is documented below. + :param 'TopicIngestionDataSourceSettingsAzureEventHubsArgs' azure_event_hubs: Settings for ingestion from Azure Event Hubs. + Structure is documented below. :param 'TopicIngestionDataSourceSettingsCloudStorageArgs' cloud_storage: Settings for ingestion from Cloud Storage. Structure is documented below. :param 'TopicIngestionDataSourceSettingsPlatformLogsSettingsArgs' platform_logs_settings: Settings for Platform Logs regarding ingestion to Pub/Sub. If unset, @@ -1196,6 +1203,8 @@ def __init__(__self__, *, """ if aws_kinesis is not None: pulumi.set(__self__, "aws_kinesis", aws_kinesis) + if azure_event_hubs is not None: + pulumi.set(__self__, "azure_event_hubs", azure_event_hubs) if cloud_storage is not None: pulumi.set(__self__, "cloud_storage", cloud_storage) if platform_logs_settings is not None: @@ -1210,6 +1219,15 @@ def aws_kinesis(self) -> Optional['outputs.TopicIngestionDataSourceSettingsAwsKi """ return pulumi.get(self, "aws_kinesis") + @property + @pulumi.getter(name="azureEventHubs") + def azure_event_hubs(self) -> Optional['outputs.TopicIngestionDataSourceSettingsAzureEventHubs']: + """ + Settings for ingestion from Azure Event Hubs. + Structure is documented below. + """ + return pulumi.get(self, "azure_event_hubs") + @property @pulumi.getter(name="cloudStorage") def cloud_storage(self) -> Optional['outputs.TopicIngestionDataSourceSettingsCloudStorage']: @@ -1318,6 +1336,128 @@ def stream_arn(self) -> str: return pulumi.get(self, "stream_arn") +@pulumi.output_type +class TopicIngestionDataSourceSettingsAzureEventHubs(dict): + @staticmethod + def __key_warning(key: str): + suggest = None + if key == "clientId": + suggest = "client_id" + elif key == "eventHub": + suggest = "event_hub" + elif key == "gcpServiceAccount": + suggest = "gcp_service_account" + elif key == "resourceGroup": + suggest = "resource_group" + elif key == "subscriptionId": + suggest = "subscription_id" + elif key == "tenantId": + suggest = "tenant_id" + + if suggest: + pulumi.log.warn(f"Key '{key}' not found in TopicIngestionDataSourceSettingsAzureEventHubs. Access the value via the '{suggest}' property getter instead.") + + def __getitem__(self, key: str) -> Any: + TopicIngestionDataSourceSettingsAzureEventHubs.__key_warning(key) + return super().__getitem__(key) + + def get(self, key: str, default = None) -> Any: + TopicIngestionDataSourceSettingsAzureEventHubs.__key_warning(key) + return super().get(key, default) + + def __init__(__self__, *, + client_id: Optional[str] = None, + event_hub: Optional[str] = None, + gcp_service_account: Optional[str] = None, + namespace: Optional[str] = None, + resource_group: Optional[str] = None, + subscription_id: Optional[str] = None, + tenant_id: Optional[str] = None): + """ + :param str client_id: The Azure event hub client ID to use for ingestion. + :param str event_hub: The Azure event hub to ingest data from. + :param str gcp_service_account: The GCP service account to be used for Federated Identity authentication + with Azure (via a `AssumeRoleWithWebIdentity` call for the provided + role). + :param str namespace: The Azure event hub namespace to ingest data from. + :param str resource_group: The name of the resource group within an Azure subscription. + :param str subscription_id: The Azure event hub subscription ID to use for ingestion. + :param str tenant_id: The Azure event hub tenant ID to use for ingestion. + """ + if client_id is not None: + pulumi.set(__self__, "client_id", client_id) + if event_hub is not None: + pulumi.set(__self__, "event_hub", event_hub) + if gcp_service_account is not None: + pulumi.set(__self__, "gcp_service_account", gcp_service_account) + if namespace is not None: + pulumi.set(__self__, "namespace", namespace) + if resource_group is not None: + pulumi.set(__self__, "resource_group", resource_group) + if subscription_id is not None: + pulumi.set(__self__, "subscription_id", subscription_id) + if tenant_id is not None: + pulumi.set(__self__, "tenant_id", tenant_id) + + @property + @pulumi.getter(name="clientId") + def client_id(self) -> Optional[str]: + """ + The Azure event hub client ID to use for ingestion. + """ + return pulumi.get(self, "client_id") + + @property + @pulumi.getter(name="eventHub") + def event_hub(self) -> Optional[str]: + """ + The Azure event hub to ingest data from. + """ + return pulumi.get(self, "event_hub") + + @property + @pulumi.getter(name="gcpServiceAccount") + def gcp_service_account(self) -> Optional[str]: + """ + The GCP service account to be used for Federated Identity authentication + with Azure (via a `AssumeRoleWithWebIdentity` call for the provided + role). + """ + return pulumi.get(self, "gcp_service_account") + + @property + @pulumi.getter + def namespace(self) -> Optional[str]: + """ + The Azure event hub namespace to ingest data from. + """ + return pulumi.get(self, "namespace") + + @property + @pulumi.getter(name="resourceGroup") + def resource_group(self) -> Optional[str]: + """ + The name of the resource group within an Azure subscription. + """ + return pulumi.get(self, "resource_group") + + @property + @pulumi.getter(name="subscriptionId") + def subscription_id(self) -> Optional[str]: + """ + The Azure event hub subscription ID to use for ingestion. + """ + return pulumi.get(self, "subscription_id") + + @property + @pulumi.getter(name="tenantId") + def tenant_id(self) -> Optional[str]: + """ + The Azure event hub tenant ID to use for ingestion. + """ + return pulumi.get(self, "tenant_id") + + @pulumi.output_type class TopicIngestionDataSourceSettingsCloudStorage(dict): @staticmethod @@ -1514,6 +1654,8 @@ def __key_warning(key: str): suggest = None if key == "allowedPersistenceRegions": suggest = "allowed_persistence_regions" + elif key == "enforceInTransit": + suggest = "enforce_in_transit" if suggest: pulumi.log.warn(f"Key '{key}' not found in TopicMessageStoragePolicy. Access the value via the '{suggest}' property getter instead.") @@ -1527,7 +1669,8 @@ def get(self, key: str, default = None) -> Any: return super().get(key, default) def __init__(__self__, *, - allowed_persistence_regions: Sequence[str]): + allowed_persistence_regions: Sequence[str], + enforce_in_transit: Optional[bool] = None): """ :param Sequence[str] allowed_persistence_regions: A list of IDs of GCP regions where messages that are published to the topic may be persisted in storage. Messages published by @@ -1535,8 +1678,14 @@ def __init__(__self__, *, of GCP altogether) will be routed for storage in one of the allowed regions. An empty list means that no regions are allowed, and is not a valid configuration. + :param bool enforce_in_transit: If true, `allowedPersistenceRegions` is also used to enforce in-transit + guarantees for messages. That is, Pub/Sub will fail topics.publish + operations on this topic and subscribe operations on any subscription + attached to this topic in any region that is not in `allowedPersistenceRegions`. """ pulumi.set(__self__, "allowed_persistence_regions", allowed_persistence_regions) + if enforce_in_transit is not None: + pulumi.set(__self__, "enforce_in_transit", enforce_in_transit) @property @pulumi.getter(name="allowedPersistenceRegions") @@ -1551,6 +1700,17 @@ def allowed_persistence_regions(self) -> Sequence[str]: """ return pulumi.get(self, "allowed_persistence_regions") + @property + @pulumi.getter(name="enforceInTransit") + def enforce_in_transit(self) -> Optional[bool]: + """ + If true, `allowedPersistenceRegions` is also used to enforce in-transit + guarantees for messages. That is, Pub/Sub will fail topics.publish + operations on this topic and subscribe operations on any subscription + attached to this topic in any region that is not in `allowedPersistenceRegions`. + """ + return pulumi.get(self, "enforce_in_transit") + @pulumi.output_type class TopicSchemaSettings(dict): @@ -2139,15 +2299,18 @@ def minimum_backoff(self) -> str: class GetTopicIngestionDataSourceSettingResult(dict): def __init__(__self__, *, aws_kineses: Sequence['outputs.GetTopicIngestionDataSourceSettingAwsKineseResult'], + azure_event_hubs: Sequence['outputs.GetTopicIngestionDataSourceSettingAzureEventHubResult'], cloud_storages: Sequence['outputs.GetTopicIngestionDataSourceSettingCloudStorageResult'], platform_logs_settings: Sequence['outputs.GetTopicIngestionDataSourceSettingPlatformLogsSettingResult']): """ :param Sequence['GetTopicIngestionDataSourceSettingAwsKineseArgs'] aws_kineses: Settings for ingestion from Amazon Kinesis Data Streams. + :param Sequence['GetTopicIngestionDataSourceSettingAzureEventHubArgs'] azure_event_hubs: Settings for ingestion from Azure Event Hubs. :param Sequence['GetTopicIngestionDataSourceSettingCloudStorageArgs'] cloud_storages: Settings for ingestion from Cloud Storage. :param Sequence['GetTopicIngestionDataSourceSettingPlatformLogsSettingArgs'] platform_logs_settings: Settings for Platform Logs regarding ingestion to Pub/Sub. If unset, no Platform Logs will be generated.' """ pulumi.set(__self__, "aws_kineses", aws_kineses) + pulumi.set(__self__, "azure_event_hubs", azure_event_hubs) pulumi.set(__self__, "cloud_storages", cloud_storages) pulumi.set(__self__, "platform_logs_settings", platform_logs_settings) @@ -2159,6 +2322,14 @@ def aws_kineses(self) -> Sequence['outputs.GetTopicIngestionDataSourceSettingAws """ return pulumi.get(self, "aws_kineses") + @property + @pulumi.getter(name="azureEventHubs") + def azure_event_hubs(self) -> Sequence['outputs.GetTopicIngestionDataSourceSettingAzureEventHubResult']: + """ + Settings for ingestion from Azure Event Hubs. + """ + return pulumi.get(self, "azure_event_hubs") + @property @pulumi.getter(name="cloudStorages") def cloud_storages(self) -> Sequence['outputs.GetTopicIngestionDataSourceSettingCloudStorageResult']: @@ -2242,6 +2413,94 @@ def stream_arn(self) -> str: return pulumi.get(self, "stream_arn") +@pulumi.output_type +class GetTopicIngestionDataSourceSettingAzureEventHubResult(dict): + def __init__(__self__, *, + client_id: str, + event_hub: str, + gcp_service_account: str, + namespace: str, + resource_group: str, + subscription_id: str, + tenant_id: str): + """ + :param str client_id: The Azure event hub client ID to use for ingestion. + :param str event_hub: The Azure event hub to ingest data from. + :param str gcp_service_account: The GCP service account to be used for Federated Identity authentication + with Azure (via a 'AssumeRoleWithWebIdentity' call for the provided + role). + :param str namespace: The Azure event hub namespace to ingest data from. + :param str resource_group: The name of the resource group within an Azure subscription. + :param str subscription_id: The Azure event hub subscription ID to use for ingestion. + :param str tenant_id: The Azure event hub tenant ID to use for ingestion. + """ + pulumi.set(__self__, "client_id", client_id) + pulumi.set(__self__, "event_hub", event_hub) + pulumi.set(__self__, "gcp_service_account", gcp_service_account) + pulumi.set(__self__, "namespace", namespace) + pulumi.set(__self__, "resource_group", resource_group) + pulumi.set(__self__, "subscription_id", subscription_id) + pulumi.set(__self__, "tenant_id", tenant_id) + + @property + @pulumi.getter(name="clientId") + def client_id(self) -> str: + """ + The Azure event hub client ID to use for ingestion. + """ + return pulumi.get(self, "client_id") + + @property + @pulumi.getter(name="eventHub") + def event_hub(self) -> str: + """ + The Azure event hub to ingest data from. + """ + return pulumi.get(self, "event_hub") + + @property + @pulumi.getter(name="gcpServiceAccount") + def gcp_service_account(self) -> str: + """ + The GCP service account to be used for Federated Identity authentication + with Azure (via a 'AssumeRoleWithWebIdentity' call for the provided + role). + """ + return pulumi.get(self, "gcp_service_account") + + @property + @pulumi.getter + def namespace(self) -> str: + """ + The Azure event hub namespace to ingest data from. + """ + return pulumi.get(self, "namespace") + + @property + @pulumi.getter(name="resourceGroup") + def resource_group(self) -> str: + """ + The name of the resource group within an Azure subscription. + """ + return pulumi.get(self, "resource_group") + + @property + @pulumi.getter(name="subscriptionId") + def subscription_id(self) -> str: + """ + The Azure event hub subscription ID to use for ingestion. + """ + return pulumi.get(self, "subscription_id") + + @property + @pulumi.getter(name="tenantId") + def tenant_id(self) -> str: + """ + The Azure event hub tenant ID to use for ingestion. + """ + return pulumi.get(self, "tenant_id") + + @pulumi.output_type class GetTopicIngestionDataSourceSettingCloudStorageResult(dict): def __init__(__self__, *, @@ -2396,7 +2655,8 @@ def severity(self) -> str: @pulumi.output_type class GetTopicMessageStoragePolicyResult(dict): def __init__(__self__, *, - allowed_persistence_regions: Sequence[str]): + allowed_persistence_regions: Sequence[str], + enforce_in_transit: bool): """ :param Sequence[str] allowed_persistence_regions: A list of IDs of GCP regions where messages that are published to the topic may be persisted in storage. Messages published by @@ -2404,8 +2664,13 @@ def __init__(__self__, *, of GCP altogether) will be routed for storage in one of the allowed regions. An empty list means that no regions are allowed, and is not a valid configuration. + :param bool enforce_in_transit: If true, 'allowedPersistenceRegions' is also used to enforce in-transit + guarantees for messages. That is, Pub/Sub will fail topics.publish + operations on this topic and subscribe operations on any subscription + attached to this topic in any region that is not in 'allowedPersistenceRegions'. """ pulumi.set(__self__, "allowed_persistence_regions", allowed_persistence_regions) + pulumi.set(__self__, "enforce_in_transit", enforce_in_transit) @property @pulumi.getter(name="allowedPersistenceRegions") @@ -2420,6 +2685,17 @@ def allowed_persistence_regions(self) -> Sequence[str]: """ return pulumi.get(self, "allowed_persistence_regions") + @property + @pulumi.getter(name="enforceInTransit") + def enforce_in_transit(self) -> bool: + """ + If true, 'allowedPersistenceRegions' is also used to enforce in-transit + guarantees for messages. That is, Pub/Sub will fail topics.publish + operations on this topic and subscribe operations on any subscription + attached to this topic in any region that is not in 'allowedPersistenceRegions'. + """ + return pulumi.get(self, "enforce_in_transit") + @pulumi.output_type class GetTopicSchemaSettingResult(dict): diff --git a/sdk/python/pulumi_gcp/pubsub/topic.py b/sdk/python/pulumi_gcp/pubsub/topic.py index 46692d0513..436f427363 100644 --- a/sdk/python/pulumi_gcp/pubsub/topic.py +++ b/sdk/python/pulumi_gcp/pubsub/topic.py @@ -483,6 +483,7 @@ def __init__(__self__, name="example-topic", message_storage_policy={ "allowed_persistence_regions": ["europe-west3"], + "enforce_in_transit": True, }) ``` ### Pubsub Topic Schema Settings @@ -556,6 +557,26 @@ def __init__(__self__, }, }) ``` + ### Pubsub Topic Ingestion Azure Event Hubs + + ```python + import pulumi + import pulumi_gcp as gcp + + example = gcp.pubsub.Topic("example", + name="example-topic", + ingestion_data_source_settings={ + "azure_event_hubs": { + "resource_group": "azure-ingestion-resource-group", + "namespace": "azure-ingestion-namespace", + "event_hub": "azure-ingestion-event-hub", + "client_id": "aZZZZZZZ-YYYY-HHHH-GGGG-abcdef569123", + "tenant_id": "0XXXXXXX-YYYY-HHHH-GGGG-123456789123", + "subscription_id": "bXXXXXXX-YYYY-HHHH-GGGG-123456789123", + "gcp_service_account": "fake-service-account@fake-gcp-project.iam.gserviceaccount.com", + }, + }) + ``` ## Import @@ -674,6 +695,7 @@ def __init__(__self__, name="example-topic", message_storage_policy={ "allowed_persistence_regions": ["europe-west3"], + "enforce_in_transit": True, }) ``` ### Pubsub Topic Schema Settings @@ -747,6 +769,26 @@ def __init__(__self__, }, }) ``` + ### Pubsub Topic Ingestion Azure Event Hubs + + ```python + import pulumi + import pulumi_gcp as gcp + + example = gcp.pubsub.Topic("example", + name="example-topic", + ingestion_data_source_settings={ + "azure_event_hubs": { + "resource_group": "azure-ingestion-resource-group", + "namespace": "azure-ingestion-namespace", + "event_hub": "azure-ingestion-event-hub", + "client_id": "aZZZZZZZ-YYYY-HHHH-GGGG-abcdef569123", + "tenant_id": "0XXXXXXX-YYYY-HHHH-GGGG-123456789123", + "subscription_id": "bXXXXXXX-YYYY-HHHH-GGGG-123456789123", + "gcp_service_account": "fake-service-account@fake-gcp-project.iam.gserviceaccount.com", + }, + }) + ``` ## Import diff --git a/sdk/python/pulumi_gcp/redis/__init__.py b/sdk/python/pulumi_gcp/redis/__init__.py index 12219e568e..13d0bfe369 100644 --- a/sdk/python/pulumi_gcp/redis/__init__.py +++ b/sdk/python/pulumi_gcp/redis/__init__.py @@ -6,6 +6,7 @@ import typing # Export this package's modules as members: from .cluster import * +from .cluster_user_created_connections import * from .get_instance import * from .instance import * from ._inputs import * diff --git a/sdk/python/pulumi_gcp/redis/_inputs.py b/sdk/python/pulumi_gcp/redis/_inputs.py index 0cf5f311db..95f3c58593 100644 --- a/sdk/python/pulumi_gcp/redis/_inputs.py +++ b/sdk/python/pulumi_gcp/redis/_inputs.py @@ -49,10 +49,18 @@ 'ClusterPscConfigArgsDict', 'ClusterPscConnectionArgs', 'ClusterPscConnectionArgsDict', + 'ClusterPscServiceAttachmentArgs', + 'ClusterPscServiceAttachmentArgsDict', 'ClusterStateInfoArgs', 'ClusterStateInfoArgsDict', 'ClusterStateInfoUpdateInfoArgs', 'ClusterStateInfoUpdateInfoArgsDict', + 'ClusterUserCreatedConnectionsClusterEndpointArgs', + 'ClusterUserCreatedConnectionsClusterEndpointArgsDict', + 'ClusterUserCreatedConnectionsClusterEndpointConnectionArgs', + 'ClusterUserCreatedConnectionsClusterEndpointConnectionArgsDict', + 'ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionArgs', + 'ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionArgsDict', 'ClusterZoneDistributionConfigArgs', 'ClusterZoneDistributionConfigArgsDict', 'InstanceMaintenancePolicyArgs', @@ -1228,8 +1236,6 @@ class ClusterPscConfigArgsDict(TypedDict): Required. The consumer network where the network address of the discovery endpoint will be reserved, in the form of projects/{network_project_id_or_number}/global/networks/{network_id}. - - - - - """ elif False: ClusterPscConfigArgsDict: TypeAlias = Mapping[str, Any] @@ -1242,8 +1248,6 @@ def __init__(__self__, *, :param pulumi.Input[str] network: Required. The consumer network where the network address of the discovery endpoint will be reserved, in the form of projects/{network_project_id_or_number}/global/networks/{network_id}. - - - - - """ pulumi.set(__self__, "network", network) @@ -1254,8 +1258,6 @@ def network(self) -> pulumi.Input[str]: Required. The consumer network where the network address of the discovery endpoint will be reserved, in the form of projects/{network_project_id_or_number}/global/networks/{network_id}. - - - - - """ return pulumi.get(self, "network") @@ -1376,6 +1378,64 @@ def psc_connection_id(self, value: Optional[pulumi.Input[str]]): pulumi.set(self, "psc_connection_id", value) +if not MYPY: + class ClusterPscServiceAttachmentArgsDict(TypedDict): + connection_type: NotRequired[pulumi.Input[str]] + """ + (Output) + Type of a PSC connection targeting this service attachment. + """ + service_attachment: NotRequired[pulumi.Input[str]] + """ + (Output) + Service attachment URI which your self-created PscConnection should use as + """ +elif False: + ClusterPscServiceAttachmentArgsDict: TypeAlias = Mapping[str, Any] + +@pulumi.input_type +class ClusterPscServiceAttachmentArgs: + def __init__(__self__, *, + connection_type: Optional[pulumi.Input[str]] = None, + service_attachment: Optional[pulumi.Input[str]] = None): + """ + :param pulumi.Input[str] connection_type: (Output) + Type of a PSC connection targeting this service attachment. + :param pulumi.Input[str] service_attachment: (Output) + Service attachment URI which your self-created PscConnection should use as + """ + if connection_type is not None: + pulumi.set(__self__, "connection_type", connection_type) + if service_attachment is not None: + pulumi.set(__self__, "service_attachment", service_attachment) + + @property + @pulumi.getter(name="connectionType") + def connection_type(self) -> Optional[pulumi.Input[str]]: + """ + (Output) + Type of a PSC connection targeting this service attachment. + """ + return pulumi.get(self, "connection_type") + + @connection_type.setter + def connection_type(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "connection_type", value) + + @property + @pulumi.getter(name="serviceAttachment") + def service_attachment(self) -> Optional[pulumi.Input[str]]: + """ + (Output) + Service attachment URI which your self-created PscConnection should use as + """ + return pulumi.get(self, "service_attachment") + + @service_attachment.setter + def service_attachment(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "service_attachment", value) + + if not MYPY: class ClusterStateInfoArgsDict(TypedDict): update_info: NotRequired[pulumi.Input['ClusterStateInfoUpdateInfoArgsDict']] @@ -1463,6 +1523,282 @@ def target_shard_count(self, value: Optional[pulumi.Input[int]]): pulumi.set(self, "target_shard_count", value) +if not MYPY: + class ClusterUserCreatedConnectionsClusterEndpointArgsDict(TypedDict): + connections: NotRequired[pulumi.Input[Sequence[pulumi.Input['ClusterUserCreatedConnectionsClusterEndpointConnectionArgsDict']]]] + """ + Structure is documented below. + """ +elif False: + ClusterUserCreatedConnectionsClusterEndpointArgsDict: TypeAlias = Mapping[str, Any] + +@pulumi.input_type +class ClusterUserCreatedConnectionsClusterEndpointArgs: + def __init__(__self__, *, + connections: Optional[pulumi.Input[Sequence[pulumi.Input['ClusterUserCreatedConnectionsClusterEndpointConnectionArgs']]]] = None): + """ + :param pulumi.Input[Sequence[pulumi.Input['ClusterUserCreatedConnectionsClusterEndpointConnectionArgs']]] connections: Structure is documented below. + """ + if connections is not None: + pulumi.set(__self__, "connections", connections) + + @property + @pulumi.getter + def connections(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['ClusterUserCreatedConnectionsClusterEndpointConnectionArgs']]]]: + """ + Structure is documented below. + """ + return pulumi.get(self, "connections") + + @connections.setter + def connections(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['ClusterUserCreatedConnectionsClusterEndpointConnectionArgs']]]]): + pulumi.set(self, "connections", value) + + +if not MYPY: + class ClusterUserCreatedConnectionsClusterEndpointConnectionArgsDict(TypedDict): + psc_connection: NotRequired[pulumi.Input['ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionArgsDict']] + """ + Detailed information of a PSC connection that is created by the customer + who owns the cluster. + Structure is documented below. + """ +elif False: + ClusterUserCreatedConnectionsClusterEndpointConnectionArgsDict: TypeAlias = Mapping[str, Any] + +@pulumi.input_type +class ClusterUserCreatedConnectionsClusterEndpointConnectionArgs: + def __init__(__self__, *, + psc_connection: Optional[pulumi.Input['ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionArgs']] = None): + """ + :param pulumi.Input['ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionArgs'] psc_connection: Detailed information of a PSC connection that is created by the customer + who owns the cluster. + Structure is documented below. + """ + if psc_connection is not None: + pulumi.set(__self__, "psc_connection", psc_connection) + + @property + @pulumi.getter(name="pscConnection") + def psc_connection(self) -> Optional[pulumi.Input['ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionArgs']]: + """ + Detailed information of a PSC connection that is created by the customer + who owns the cluster. + Structure is documented below. + """ + return pulumi.get(self, "psc_connection") + + @psc_connection.setter + def psc_connection(self, value: Optional[pulumi.Input['ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionArgs']]): + pulumi.set(self, "psc_connection", value) + + +if not MYPY: + class ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionArgsDict(TypedDict): + address: pulumi.Input[str] + """ + The IP allocated on the consumer network for the PSC forwarding rule. + """ + forwarding_rule: pulumi.Input[str] + """ + The URI of the consumer side forwarding rule. + Format: + projects/{project}/regions/{region}/forwardingRules/{forwarding_rule} + """ + network: pulumi.Input[str] + """ + The consumer network where the IP address resides, in the form of + projects/{project_id}/global/networks/{network_id}. + """ + psc_connection_id: pulumi.Input[str] + """ + The PSC connection id of the forwarding rule connected to the + service attachment. + """ + service_attachment: pulumi.Input[str] + """ + The service attachment which is the target of the PSC connection, in the form of projects/{project-id}/regions/{region}/serviceAttachments/{service-attachment-id}. + """ + connection_type: NotRequired[pulumi.Input[str]] + """ + (Output) + Output Only. Type of a PSC Connection. + Possible values: + CONNECTION_TYPE_DISCOVERY + CONNECTION_TYPE_PRIMARY + CONNECTION_TYPE_READER + """ + project_id: NotRequired[pulumi.Input[str]] + """ + The consumer project_id where the forwarding rule is created from. + """ + psc_connection_status: NotRequired[pulumi.Input[str]] + """ + (Output) + Output Only. The status of the PSC connection: whether a connection exists and ACTIVE or it no longer exists. + Possible values: + ACTIVE + NOT_FOUND + """ +elif False: + ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionArgsDict: TypeAlias = Mapping[str, Any] + +@pulumi.input_type +class ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionArgs: + def __init__(__self__, *, + address: pulumi.Input[str], + forwarding_rule: pulumi.Input[str], + network: pulumi.Input[str], + psc_connection_id: pulumi.Input[str], + service_attachment: pulumi.Input[str], + connection_type: Optional[pulumi.Input[str]] = None, + project_id: Optional[pulumi.Input[str]] = None, + psc_connection_status: Optional[pulumi.Input[str]] = None): + """ + :param pulumi.Input[str] address: The IP allocated on the consumer network for the PSC forwarding rule. + :param pulumi.Input[str] forwarding_rule: The URI of the consumer side forwarding rule. + Format: + projects/{project}/regions/{region}/forwardingRules/{forwarding_rule} + :param pulumi.Input[str] network: The consumer network where the IP address resides, in the form of + projects/{project_id}/global/networks/{network_id}. + :param pulumi.Input[str] psc_connection_id: The PSC connection id of the forwarding rule connected to the + service attachment. + :param pulumi.Input[str] service_attachment: The service attachment which is the target of the PSC connection, in the form of projects/{project-id}/regions/{region}/serviceAttachments/{service-attachment-id}. + :param pulumi.Input[str] connection_type: (Output) + Output Only. Type of a PSC Connection. + Possible values: + CONNECTION_TYPE_DISCOVERY + CONNECTION_TYPE_PRIMARY + CONNECTION_TYPE_READER + :param pulumi.Input[str] project_id: The consumer project_id where the forwarding rule is created from. + :param pulumi.Input[str] psc_connection_status: (Output) + Output Only. The status of the PSC connection: whether a connection exists and ACTIVE or it no longer exists. + Possible values: + ACTIVE + NOT_FOUND + """ + pulumi.set(__self__, "address", address) + pulumi.set(__self__, "forwarding_rule", forwarding_rule) + pulumi.set(__self__, "network", network) + pulumi.set(__self__, "psc_connection_id", psc_connection_id) + pulumi.set(__self__, "service_attachment", service_attachment) + if connection_type is not None: + pulumi.set(__self__, "connection_type", connection_type) + if project_id is not None: + pulumi.set(__self__, "project_id", project_id) + if psc_connection_status is not None: + pulumi.set(__self__, "psc_connection_status", psc_connection_status) + + @property + @pulumi.getter + def address(self) -> pulumi.Input[str]: + """ + The IP allocated on the consumer network for the PSC forwarding rule. + """ + return pulumi.get(self, "address") + + @address.setter + def address(self, value: pulumi.Input[str]): + pulumi.set(self, "address", value) + + @property + @pulumi.getter(name="forwardingRule") + def forwarding_rule(self) -> pulumi.Input[str]: + """ + The URI of the consumer side forwarding rule. + Format: + projects/{project}/regions/{region}/forwardingRules/{forwarding_rule} + """ + return pulumi.get(self, "forwarding_rule") + + @forwarding_rule.setter + def forwarding_rule(self, value: pulumi.Input[str]): + pulumi.set(self, "forwarding_rule", value) + + @property + @pulumi.getter + def network(self) -> pulumi.Input[str]: + """ + The consumer network where the IP address resides, in the form of + projects/{project_id}/global/networks/{network_id}. + """ + return pulumi.get(self, "network") + + @network.setter + def network(self, value: pulumi.Input[str]): + pulumi.set(self, "network", value) + + @property + @pulumi.getter(name="pscConnectionId") + def psc_connection_id(self) -> pulumi.Input[str]: + """ + The PSC connection id of the forwarding rule connected to the + service attachment. + """ + return pulumi.get(self, "psc_connection_id") + + @psc_connection_id.setter + def psc_connection_id(self, value: pulumi.Input[str]): + pulumi.set(self, "psc_connection_id", value) + + @property + @pulumi.getter(name="serviceAttachment") + def service_attachment(self) -> pulumi.Input[str]: + """ + The service attachment which is the target of the PSC connection, in the form of projects/{project-id}/regions/{region}/serviceAttachments/{service-attachment-id}. + """ + return pulumi.get(self, "service_attachment") + + @service_attachment.setter + def service_attachment(self, value: pulumi.Input[str]): + pulumi.set(self, "service_attachment", value) + + @property + @pulumi.getter(name="connectionType") + def connection_type(self) -> Optional[pulumi.Input[str]]: + """ + (Output) + Output Only. Type of a PSC Connection. + Possible values: + CONNECTION_TYPE_DISCOVERY + CONNECTION_TYPE_PRIMARY + CONNECTION_TYPE_READER + """ + return pulumi.get(self, "connection_type") + + @connection_type.setter + def connection_type(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "connection_type", value) + + @property + @pulumi.getter(name="projectId") + def project_id(self) -> Optional[pulumi.Input[str]]: + """ + The consumer project_id where the forwarding rule is created from. + """ + return pulumi.get(self, "project_id") + + @project_id.setter + def project_id(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "project_id", value) + + @property + @pulumi.getter(name="pscConnectionStatus") + def psc_connection_status(self) -> Optional[pulumi.Input[str]]: + """ + (Output) + Output Only. The status of the PSC connection: whether a connection exists and ACTIVE or it no longer exists. + Possible values: + ACTIVE + NOT_FOUND + """ + return pulumi.get(self, "psc_connection_status") + + @psc_connection_status.setter + def psc_connection_status(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "psc_connection_status", value) + + if not MYPY: class ClusterZoneDistributionConfigArgsDict(TypedDict): mode: NotRequired[pulumi.Input[str]] diff --git a/sdk/python/pulumi_gcp/redis/cluster.py b/sdk/python/pulumi_gcp/redis/cluster.py index 881e25e68c..27a7821ae3 100644 --- a/sdk/python/pulumi_gcp/redis/cluster.py +++ b/sdk/python/pulumi_gcp/redis/cluster.py @@ -21,7 +21,6 @@ @pulumi.input_type class ClusterArgs: def __init__(__self__, *, - psc_configs: pulumi.Input[Sequence[pulumi.Input['ClusterPscConfigArgs']]], shard_count: pulumi.Input[int], authorization_mode: Optional[pulumi.Input[str]] = None, cross_cluster_replication_config: Optional[pulumi.Input['ClusterCrossClusterReplicationConfigArgs']] = None, @@ -31,6 +30,7 @@ def __init__(__self__, *, node_type: Optional[pulumi.Input[str]] = None, persistence_config: Optional[pulumi.Input['ClusterPersistenceConfigArgs']] = None, project: Optional[pulumi.Input[str]] = None, + psc_configs: Optional[pulumi.Input[Sequence[pulumi.Input['ClusterPscConfigArgs']]]] = None, redis_configs: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None, region: Optional[pulumi.Input[str]] = None, replica_count: Optional[pulumi.Input[int]] = None, @@ -38,34 +38,45 @@ def __init__(__self__, *, zone_distribution_config: Optional[pulumi.Input['ClusterZoneDistributionConfigArgs']] = None): """ The set of arguments for constructing a Cluster resource. - :param pulumi.Input[Sequence[pulumi.Input['ClusterPscConfigArgs']]] psc_configs: Required. Each PscConfig configures the consumer network where two - network addresses will be designated to the cluster for client access. - Currently, only one PscConfig is supported. - Structure is documented below. :param pulumi.Input[int] shard_count: Required. Number of shards for the Redis cluster. :param pulumi.Input[str] authorization_mode: Optional. The authorization mode of the Redis cluster. If not provided, auth feature is disabled for the cluster. - Default value: "AUTH_MODE_DISABLED" Possible values: ["AUTH_MODE_UNSPECIFIED", "AUTH_MODE_IAM_AUTH", - "AUTH_MODE_DISABLED"] + Default value is `AUTH_MODE_DISABLED`. + Possible values are: `AUTH_MODE_UNSPECIFIED`, `AUTH_MODE_IAM_AUTH`, `AUTH_MODE_DISABLED`. :param pulumi.Input['ClusterCrossClusterReplicationConfigArgs'] cross_cluster_replication_config: Cross cluster replication config - :param pulumi.Input[bool] deletion_protection_enabled: Optional. Indicates if the cluster is deletion protected or not. If the value if set to true, any delete cluster - operation will fail. Default value is true. + Structure is documented below. + :param pulumi.Input[bool] deletion_protection_enabled: Optional. Indicates if the cluster is deletion protected or not. + If the value if set to true, any delete cluster operation will fail. + Default value is true. :param pulumi.Input['ClusterMaintenancePolicyArgs'] maintenance_policy: Maintenance policy for a cluster + Structure is documented below. :param pulumi.Input[str] name: Unique name of the resource in this scope including project and location using the form: projects/{projectId}/locations/{locationId}/clusters/{clusterId} - :param pulumi.Input[str] node_type: The nodeType for the Redis cluster. If not provided, REDIS_HIGHMEM_MEDIUM will be used as default Possible values: - ["REDIS_SHARED_CORE_NANO", "REDIS_HIGHMEM_MEDIUM", "REDIS_HIGHMEM_XLARGE", "REDIS_STANDARD_SMALL"] + + + - - - + :param pulumi.Input[str] node_type: The nodeType for the Redis cluster. + If not provided, REDIS_HIGHMEM_MEDIUM will be used as default + Possible values are: `REDIS_SHARED_CORE_NANO`, `REDIS_HIGHMEM_MEDIUM`, `REDIS_HIGHMEM_XLARGE`, `REDIS_STANDARD_SMALL`. :param pulumi.Input['ClusterPersistenceConfigArgs'] persistence_config: Persistence config (RDB, AOF) for the cluster. - :param pulumi.Input[Mapping[str, pulumi.Input[str]]] redis_configs: Configure Redis Cluster behavior using a subset of native Redis configuration parameters. Please check Memorystore - documentation for the list of supported parameters: + Structure is documented below. + :param pulumi.Input[str] project: The ID of the project in which the resource belongs. + If it is not provided, the provider project is used. + :param pulumi.Input[Sequence[pulumi.Input['ClusterPscConfigArgs']]] psc_configs: Required. Each PscConfig configures the consumer network where two + network addresses will be designated to the cluster for client access. + Currently, only one PscConfig is supported. + Structure is documented below. + :param pulumi.Input[Mapping[str, pulumi.Input[str]]] redis_configs: Configure Redis Cluster behavior using a subset of native Redis configuration parameters. + Please check Memorystore documentation for the list of supported parameters: https://cloud.google.com/memorystore/docs/cluster/supported-instance-configurations :param pulumi.Input[str] region: The name of the region of the Redis cluster. :param pulumi.Input[int] replica_count: Optional. The number of replica nodes per shard. - :param pulumi.Input[str] transit_encryption_mode: Optional. The in-transit encryption for the Redis cluster. If not provided, encryption is disabled for the cluster. - Default value: "TRANSIT_ENCRYPTION_MODE_DISABLED" Possible values: ["TRANSIT_ENCRYPTION_MODE_UNSPECIFIED", - "TRANSIT_ENCRYPTION_MODE_DISABLED", "TRANSIT_ENCRYPTION_MODE_SERVER_AUTHENTICATION"] + :param pulumi.Input[str] transit_encryption_mode: Optional. The in-transit encryption for the Redis cluster. + If not provided, encryption is disabled for the cluster. + Default value is `TRANSIT_ENCRYPTION_MODE_DISABLED`. + Possible values are: `TRANSIT_ENCRYPTION_MODE_UNSPECIFIED`, `TRANSIT_ENCRYPTION_MODE_DISABLED`, `TRANSIT_ENCRYPTION_MODE_SERVER_AUTHENTICATION`. :param pulumi.Input['ClusterZoneDistributionConfigArgs'] zone_distribution_config: Immutable. Zone distribution config for Memorystore Redis cluster. + Structure is documented below. """ - pulumi.set(__self__, "psc_configs", psc_configs) pulumi.set(__self__, "shard_count", shard_count) if authorization_mode is not None: pulumi.set(__self__, "authorization_mode", authorization_mode) @@ -83,6 +94,8 @@ def __init__(__self__, *, pulumi.set(__self__, "persistence_config", persistence_config) if project is not None: pulumi.set(__self__, "project", project) + if psc_configs is not None: + pulumi.set(__self__, "psc_configs", psc_configs) if redis_configs is not None: pulumi.set(__self__, "redis_configs", redis_configs) if region is not None: @@ -94,21 +107,6 @@ def __init__(__self__, *, if zone_distribution_config is not None: pulumi.set(__self__, "zone_distribution_config", zone_distribution_config) - @property - @pulumi.getter(name="pscConfigs") - def psc_configs(self) -> pulumi.Input[Sequence[pulumi.Input['ClusterPscConfigArgs']]]: - """ - Required. Each PscConfig configures the consumer network where two - network addresses will be designated to the cluster for client access. - Currently, only one PscConfig is supported. - Structure is documented below. - """ - return pulumi.get(self, "psc_configs") - - @psc_configs.setter - def psc_configs(self, value: pulumi.Input[Sequence[pulumi.Input['ClusterPscConfigArgs']]]): - pulumi.set(self, "psc_configs", value) - @property @pulumi.getter(name="shardCount") def shard_count(self) -> pulumi.Input[int]: @@ -126,8 +124,8 @@ def shard_count(self, value: pulumi.Input[int]): def authorization_mode(self) -> Optional[pulumi.Input[str]]: """ Optional. The authorization mode of the Redis cluster. If not provided, auth feature is disabled for the cluster. - Default value: "AUTH_MODE_DISABLED" Possible values: ["AUTH_MODE_UNSPECIFIED", "AUTH_MODE_IAM_AUTH", - "AUTH_MODE_DISABLED"] + Default value is `AUTH_MODE_DISABLED`. + Possible values are: `AUTH_MODE_UNSPECIFIED`, `AUTH_MODE_IAM_AUTH`, `AUTH_MODE_DISABLED`. """ return pulumi.get(self, "authorization_mode") @@ -140,6 +138,7 @@ def authorization_mode(self, value: Optional[pulumi.Input[str]]): def cross_cluster_replication_config(self) -> Optional[pulumi.Input['ClusterCrossClusterReplicationConfigArgs']]: """ Cross cluster replication config + Structure is documented below. """ return pulumi.get(self, "cross_cluster_replication_config") @@ -151,8 +150,9 @@ def cross_cluster_replication_config(self, value: Optional[pulumi.Input['Cluster @pulumi.getter(name="deletionProtectionEnabled") def deletion_protection_enabled(self) -> Optional[pulumi.Input[bool]]: """ - Optional. Indicates if the cluster is deletion protected or not. If the value if set to true, any delete cluster - operation will fail. Default value is true. + Optional. Indicates if the cluster is deletion protected or not. + If the value if set to true, any delete cluster operation will fail. + Default value is true. """ return pulumi.get(self, "deletion_protection_enabled") @@ -165,6 +165,7 @@ def deletion_protection_enabled(self, value: Optional[pulumi.Input[bool]]): def maintenance_policy(self) -> Optional[pulumi.Input['ClusterMaintenancePolicyArgs']]: """ Maintenance policy for a cluster + Structure is documented below. """ return pulumi.get(self, "maintenance_policy") @@ -178,6 +179,9 @@ def name(self) -> Optional[pulumi.Input[str]]: """ Unique name of the resource in this scope including project and location using the form: projects/{projectId}/locations/{locationId}/clusters/{clusterId} + + + - - - """ return pulumi.get(self, "name") @@ -189,8 +193,9 @@ def name(self, value: Optional[pulumi.Input[str]]): @pulumi.getter(name="nodeType") def node_type(self) -> Optional[pulumi.Input[str]]: """ - The nodeType for the Redis cluster. If not provided, REDIS_HIGHMEM_MEDIUM will be used as default Possible values: - ["REDIS_SHARED_CORE_NANO", "REDIS_HIGHMEM_MEDIUM", "REDIS_HIGHMEM_XLARGE", "REDIS_STANDARD_SMALL"] + The nodeType for the Redis cluster. + If not provided, REDIS_HIGHMEM_MEDIUM will be used as default + Possible values are: `REDIS_SHARED_CORE_NANO`, `REDIS_HIGHMEM_MEDIUM`, `REDIS_HIGHMEM_XLARGE`, `REDIS_STANDARD_SMALL`. """ return pulumi.get(self, "node_type") @@ -203,6 +208,7 @@ def node_type(self, value: Optional[pulumi.Input[str]]): def persistence_config(self) -> Optional[pulumi.Input['ClusterPersistenceConfigArgs']]: """ Persistence config (RDB, AOF) for the cluster. + Structure is documented below. """ return pulumi.get(self, "persistence_config") @@ -213,18 +219,37 @@ def persistence_config(self, value: Optional[pulumi.Input['ClusterPersistenceCon @property @pulumi.getter def project(self) -> Optional[pulumi.Input[str]]: + """ + The ID of the project in which the resource belongs. + If it is not provided, the provider project is used. + """ return pulumi.get(self, "project") @project.setter def project(self, value: Optional[pulumi.Input[str]]): pulumi.set(self, "project", value) + @property + @pulumi.getter(name="pscConfigs") + def psc_configs(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['ClusterPscConfigArgs']]]]: + """ + Required. Each PscConfig configures the consumer network where two + network addresses will be designated to the cluster for client access. + Currently, only one PscConfig is supported. + Structure is documented below. + """ + return pulumi.get(self, "psc_configs") + + @psc_configs.setter + def psc_configs(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['ClusterPscConfigArgs']]]]): + pulumi.set(self, "psc_configs", value) + @property @pulumi.getter(name="redisConfigs") def redis_configs(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]: """ - Configure Redis Cluster behavior using a subset of native Redis configuration parameters. Please check Memorystore - documentation for the list of supported parameters: + Configure Redis Cluster behavior using a subset of native Redis configuration parameters. + Please check Memorystore documentation for the list of supported parameters: https://cloud.google.com/memorystore/docs/cluster/supported-instance-configurations """ return pulumi.get(self, "redis_configs") @@ -261,9 +286,10 @@ def replica_count(self, value: Optional[pulumi.Input[int]]): @pulumi.getter(name="transitEncryptionMode") def transit_encryption_mode(self) -> Optional[pulumi.Input[str]]: """ - Optional. The in-transit encryption for the Redis cluster. If not provided, encryption is disabled for the cluster. - Default value: "TRANSIT_ENCRYPTION_MODE_DISABLED" Possible values: ["TRANSIT_ENCRYPTION_MODE_UNSPECIFIED", - "TRANSIT_ENCRYPTION_MODE_DISABLED", "TRANSIT_ENCRYPTION_MODE_SERVER_AUTHENTICATION"] + Optional. The in-transit encryption for the Redis cluster. + If not provided, encryption is disabled for the cluster. + Default value is `TRANSIT_ENCRYPTION_MODE_DISABLED`. + Possible values are: `TRANSIT_ENCRYPTION_MODE_UNSPECIFIED`, `TRANSIT_ENCRYPTION_MODE_DISABLED`, `TRANSIT_ENCRYPTION_MODE_SERVER_AUTHENTICATION`. """ return pulumi.get(self, "transit_encryption_mode") @@ -276,6 +302,7 @@ def transit_encryption_mode(self, value: Optional[pulumi.Input[str]]): def zone_distribution_config(self) -> Optional[pulumi.Input['ClusterZoneDistributionConfigArgs']]: """ Immutable. Zone distribution config for Memorystore Redis cluster. + Structure is documented below. """ return pulumi.get(self, "zone_distribution_config") @@ -301,6 +328,7 @@ def __init__(__self__, *, project: Optional[pulumi.Input[str]] = None, psc_configs: Optional[pulumi.Input[Sequence[pulumi.Input['ClusterPscConfigArgs']]]] = None, psc_connections: Optional[pulumi.Input[Sequence[pulumi.Input['ClusterPscConnectionArgs']]]] = None, + psc_service_attachments: Optional[pulumi.Input[Sequence[pulumi.Input['ClusterPscServiceAttachmentArgs']]]] = None, redis_configs: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None, region: Optional[pulumi.Input[str]] = None, replica_count: Optional[pulumi.Input[int]] = None, @@ -314,35 +342,47 @@ def __init__(__self__, *, """ Input properties used for looking up and filtering Cluster resources. :param pulumi.Input[str] authorization_mode: Optional. The authorization mode of the Redis cluster. If not provided, auth feature is disabled for the cluster. - Default value: "AUTH_MODE_DISABLED" Possible values: ["AUTH_MODE_UNSPECIFIED", "AUTH_MODE_IAM_AUTH", - "AUTH_MODE_DISABLED"] + Default value is `AUTH_MODE_DISABLED`. + Possible values are: `AUTH_MODE_UNSPECIFIED`, `AUTH_MODE_IAM_AUTH`, `AUTH_MODE_DISABLED`. :param pulumi.Input[str] create_time: The timestamp associated with the cluster creation request. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". :param pulumi.Input['ClusterCrossClusterReplicationConfigArgs'] cross_cluster_replication_config: Cross cluster replication config - :param pulumi.Input[bool] deletion_protection_enabled: Optional. Indicates if the cluster is deletion protected or not. If the value if set to true, any delete cluster - operation will fail. Default value is true. + Structure is documented below. + :param pulumi.Input[bool] deletion_protection_enabled: Optional. Indicates if the cluster is deletion protected or not. + If the value if set to true, any delete cluster operation will fail. + Default value is true. :param pulumi.Input[Sequence[pulumi.Input['ClusterDiscoveryEndpointArgs']]] discovery_endpoints: Output only. Endpoints created on each given network, for Redis clients to connect to the cluster. Currently only one endpoint is supported. Structure is documented below. :param pulumi.Input['ClusterMaintenancePolicyArgs'] maintenance_policy: Maintenance policy for a cluster + Structure is documented below. :param pulumi.Input[Sequence[pulumi.Input['ClusterMaintenanceScheduleArgs']]] maintenance_schedules: Upcoming maintenance schedule. Structure is documented below. :param pulumi.Input[str] name: Unique name of the resource in this scope including project and location using the form: projects/{projectId}/locations/{locationId}/clusters/{clusterId} - :param pulumi.Input[str] node_type: The nodeType for the Redis cluster. If not provided, REDIS_HIGHMEM_MEDIUM will be used as default Possible values: - ["REDIS_SHARED_CORE_NANO", "REDIS_HIGHMEM_MEDIUM", "REDIS_HIGHMEM_XLARGE", "REDIS_STANDARD_SMALL"] + + + - - - + :param pulumi.Input[str] node_type: The nodeType for the Redis cluster. + If not provided, REDIS_HIGHMEM_MEDIUM will be used as default + Possible values are: `REDIS_SHARED_CORE_NANO`, `REDIS_HIGHMEM_MEDIUM`, `REDIS_HIGHMEM_XLARGE`, `REDIS_STANDARD_SMALL`. :param pulumi.Input['ClusterPersistenceConfigArgs'] persistence_config: Persistence config (RDB, AOF) for the cluster. + Structure is documented below. :param pulumi.Input[float] precise_size_gb: Output only. Redis memory precise size in GB for the entire cluster. + :param pulumi.Input[str] project: The ID of the project in which the resource belongs. + If it is not provided, the provider project is used. :param pulumi.Input[Sequence[pulumi.Input['ClusterPscConfigArgs']]] psc_configs: Required. Each PscConfig configures the consumer network where two network addresses will be designated to the cluster for client access. Currently, only one PscConfig is supported. Structure is documented below. :param pulumi.Input[Sequence[pulumi.Input['ClusterPscConnectionArgs']]] psc_connections: Output only. PSC connections for discovery of the cluster topology and accessing the cluster. Structure is documented below. - :param pulumi.Input[Mapping[str, pulumi.Input[str]]] redis_configs: Configure Redis Cluster behavior using a subset of native Redis configuration parameters. Please check Memorystore - documentation for the list of supported parameters: + :param pulumi.Input[Sequence[pulumi.Input['ClusterPscServiceAttachmentArgs']]] psc_service_attachments: Service attachment details to configure Psc connections. + Structure is documented below. + :param pulumi.Input[Mapping[str, pulumi.Input[str]]] redis_configs: Configure Redis Cluster behavior using a subset of native Redis configuration parameters. + Please check Memorystore documentation for the list of supported parameters: https://cloud.google.com/memorystore/docs/cluster/supported-instance-configurations :param pulumi.Input[str] region: The name of the region of the Redis cluster. :param pulumi.Input[int] replica_count: Optional. The number of replica nodes per shard. @@ -351,11 +391,13 @@ def __init__(__self__, *, :param pulumi.Input[str] state: The current state of this cluster. Can be CREATING, READY, UPDATING, DELETING and SUSPENDED :param pulumi.Input[Sequence[pulumi.Input['ClusterStateInfoArgs']]] state_infos: Output only. Additional information about the current state of the cluster. Structure is documented below. - :param pulumi.Input[str] transit_encryption_mode: Optional. The in-transit encryption for the Redis cluster. If not provided, encryption is disabled for the cluster. - Default value: "TRANSIT_ENCRYPTION_MODE_DISABLED" Possible values: ["TRANSIT_ENCRYPTION_MODE_UNSPECIFIED", - "TRANSIT_ENCRYPTION_MODE_DISABLED", "TRANSIT_ENCRYPTION_MODE_SERVER_AUTHENTICATION"] + :param pulumi.Input[str] transit_encryption_mode: Optional. The in-transit encryption for the Redis cluster. + If not provided, encryption is disabled for the cluster. + Default value is `TRANSIT_ENCRYPTION_MODE_DISABLED`. + Possible values are: `TRANSIT_ENCRYPTION_MODE_UNSPECIFIED`, `TRANSIT_ENCRYPTION_MODE_DISABLED`, `TRANSIT_ENCRYPTION_MODE_SERVER_AUTHENTICATION`. :param pulumi.Input[str] uid: System assigned, unique identifier for the cluster. :param pulumi.Input['ClusterZoneDistributionConfigArgs'] zone_distribution_config: Immutable. Zone distribution config for Memorystore Redis cluster. + Structure is documented below. """ if authorization_mode is not None: pulumi.set(__self__, "authorization_mode", authorization_mode) @@ -385,6 +427,8 @@ def __init__(__self__, *, pulumi.set(__self__, "psc_configs", psc_configs) if psc_connections is not None: pulumi.set(__self__, "psc_connections", psc_connections) + if psc_service_attachments is not None: + pulumi.set(__self__, "psc_service_attachments", psc_service_attachments) if redis_configs is not None: pulumi.set(__self__, "redis_configs", redis_configs) if region is not None: @@ -411,8 +455,8 @@ def __init__(__self__, *, def authorization_mode(self) -> Optional[pulumi.Input[str]]: """ Optional. The authorization mode of the Redis cluster. If not provided, auth feature is disabled for the cluster. - Default value: "AUTH_MODE_DISABLED" Possible values: ["AUTH_MODE_UNSPECIFIED", "AUTH_MODE_IAM_AUTH", - "AUTH_MODE_DISABLED"] + Default value is `AUTH_MODE_DISABLED`. + Possible values are: `AUTH_MODE_UNSPECIFIED`, `AUTH_MODE_IAM_AUTH`, `AUTH_MODE_DISABLED`. """ return pulumi.get(self, "authorization_mode") @@ -439,6 +483,7 @@ def create_time(self, value: Optional[pulumi.Input[str]]): def cross_cluster_replication_config(self) -> Optional[pulumi.Input['ClusterCrossClusterReplicationConfigArgs']]: """ Cross cluster replication config + Structure is documented below. """ return pulumi.get(self, "cross_cluster_replication_config") @@ -450,8 +495,9 @@ def cross_cluster_replication_config(self, value: Optional[pulumi.Input['Cluster @pulumi.getter(name="deletionProtectionEnabled") def deletion_protection_enabled(self) -> Optional[pulumi.Input[bool]]: """ - Optional. Indicates if the cluster is deletion protected or not. If the value if set to true, any delete cluster - operation will fail. Default value is true. + Optional. Indicates if the cluster is deletion protected or not. + If the value if set to true, any delete cluster operation will fail. + Default value is true. """ return pulumi.get(self, "deletion_protection_enabled") @@ -479,6 +525,7 @@ def discovery_endpoints(self, value: Optional[pulumi.Input[Sequence[pulumi.Input def maintenance_policy(self) -> Optional[pulumi.Input['ClusterMaintenancePolicyArgs']]: """ Maintenance policy for a cluster + Structure is documented below. """ return pulumi.get(self, "maintenance_policy") @@ -505,6 +552,9 @@ def name(self) -> Optional[pulumi.Input[str]]: """ Unique name of the resource in this scope including project and location using the form: projects/{projectId}/locations/{locationId}/clusters/{clusterId} + + + - - - """ return pulumi.get(self, "name") @@ -516,8 +566,9 @@ def name(self, value: Optional[pulumi.Input[str]]): @pulumi.getter(name="nodeType") def node_type(self) -> Optional[pulumi.Input[str]]: """ - The nodeType for the Redis cluster. If not provided, REDIS_HIGHMEM_MEDIUM will be used as default Possible values: - ["REDIS_SHARED_CORE_NANO", "REDIS_HIGHMEM_MEDIUM", "REDIS_HIGHMEM_XLARGE", "REDIS_STANDARD_SMALL"] + The nodeType for the Redis cluster. + If not provided, REDIS_HIGHMEM_MEDIUM will be used as default + Possible values are: `REDIS_SHARED_CORE_NANO`, `REDIS_HIGHMEM_MEDIUM`, `REDIS_HIGHMEM_XLARGE`, `REDIS_STANDARD_SMALL`. """ return pulumi.get(self, "node_type") @@ -530,6 +581,7 @@ def node_type(self, value: Optional[pulumi.Input[str]]): def persistence_config(self) -> Optional[pulumi.Input['ClusterPersistenceConfigArgs']]: """ Persistence config (RDB, AOF) for the cluster. + Structure is documented below. """ return pulumi.get(self, "persistence_config") @@ -552,6 +604,10 @@ def precise_size_gb(self, value: Optional[pulumi.Input[float]]): @property @pulumi.getter def project(self) -> Optional[pulumi.Input[str]]: + """ + The ID of the project in which the resource belongs. + If it is not provided, the provider project is used. + """ return pulumi.get(self, "project") @project.setter @@ -586,12 +642,25 @@ def psc_connections(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['Cluste def psc_connections(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['ClusterPscConnectionArgs']]]]): pulumi.set(self, "psc_connections", value) + @property + @pulumi.getter(name="pscServiceAttachments") + def psc_service_attachments(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['ClusterPscServiceAttachmentArgs']]]]: + """ + Service attachment details to configure Psc connections. + Structure is documented below. + """ + return pulumi.get(self, "psc_service_attachments") + + @psc_service_attachments.setter + def psc_service_attachments(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['ClusterPscServiceAttachmentArgs']]]]): + pulumi.set(self, "psc_service_attachments", value) + @property @pulumi.getter(name="redisConfigs") def redis_configs(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]: """ - Configure Redis Cluster behavior using a subset of native Redis configuration parameters. Please check Memorystore - documentation for the list of supported parameters: + Configure Redis Cluster behavior using a subset of native Redis configuration parameters. + Please check Memorystore documentation for the list of supported parameters: https://cloud.google.com/memorystore/docs/cluster/supported-instance-configurations """ return pulumi.get(self, "redis_configs") @@ -677,9 +746,10 @@ def state_infos(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['Cluste @pulumi.getter(name="transitEncryptionMode") def transit_encryption_mode(self) -> Optional[pulumi.Input[str]]: """ - Optional. The in-transit encryption for the Redis cluster. If not provided, encryption is disabled for the cluster. - Default value: "TRANSIT_ENCRYPTION_MODE_DISABLED" Possible values: ["TRANSIT_ENCRYPTION_MODE_UNSPECIFIED", - "TRANSIT_ENCRYPTION_MODE_DISABLED", "TRANSIT_ENCRYPTION_MODE_SERVER_AUTHENTICATION"] + Optional. The in-transit encryption for the Redis cluster. + If not provided, encryption is disabled for the cluster. + Default value is `TRANSIT_ENCRYPTION_MODE_DISABLED`. + Possible values are: `TRANSIT_ENCRYPTION_MODE_UNSPECIFIED`, `TRANSIT_ENCRYPTION_MODE_DISABLED`, `TRANSIT_ENCRYPTION_MODE_SERVER_AUTHENTICATION`. """ return pulumi.get(self, "transit_encryption_mode") @@ -704,6 +774,7 @@ def uid(self, value: Optional[pulumi.Input[str]]): def zone_distribution_config(self) -> Optional[pulumi.Input['ClusterZoneDistributionConfigArgs']]: """ Immutable. Zone distribution config for Memorystore Redis cluster. + Structure is documented below. """ return pulumi.get(self, "zone_distribution_config") @@ -1113,31 +1184,43 @@ def __init__(__self__, :param str resource_name: The name of the resource. :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[str] authorization_mode: Optional. The authorization mode of the Redis cluster. If not provided, auth feature is disabled for the cluster. - Default value: "AUTH_MODE_DISABLED" Possible values: ["AUTH_MODE_UNSPECIFIED", "AUTH_MODE_IAM_AUTH", - "AUTH_MODE_DISABLED"] + Default value is `AUTH_MODE_DISABLED`. + Possible values are: `AUTH_MODE_UNSPECIFIED`, `AUTH_MODE_IAM_AUTH`, `AUTH_MODE_DISABLED`. :param pulumi.Input[Union['ClusterCrossClusterReplicationConfigArgs', 'ClusterCrossClusterReplicationConfigArgsDict']] cross_cluster_replication_config: Cross cluster replication config - :param pulumi.Input[bool] deletion_protection_enabled: Optional. Indicates if the cluster is deletion protected or not. If the value if set to true, any delete cluster - operation will fail. Default value is true. + Structure is documented below. + :param pulumi.Input[bool] deletion_protection_enabled: Optional. Indicates if the cluster is deletion protected or not. + If the value if set to true, any delete cluster operation will fail. + Default value is true. :param pulumi.Input[Union['ClusterMaintenancePolicyArgs', 'ClusterMaintenancePolicyArgsDict']] maintenance_policy: Maintenance policy for a cluster + Structure is documented below. :param pulumi.Input[str] name: Unique name of the resource in this scope including project and location using the form: projects/{projectId}/locations/{locationId}/clusters/{clusterId} - :param pulumi.Input[str] node_type: The nodeType for the Redis cluster. If not provided, REDIS_HIGHMEM_MEDIUM will be used as default Possible values: - ["REDIS_SHARED_CORE_NANO", "REDIS_HIGHMEM_MEDIUM", "REDIS_HIGHMEM_XLARGE", "REDIS_STANDARD_SMALL"] + + + - - - + :param pulumi.Input[str] node_type: The nodeType for the Redis cluster. + If not provided, REDIS_HIGHMEM_MEDIUM will be used as default + Possible values are: `REDIS_SHARED_CORE_NANO`, `REDIS_HIGHMEM_MEDIUM`, `REDIS_HIGHMEM_XLARGE`, `REDIS_STANDARD_SMALL`. :param pulumi.Input[Union['ClusterPersistenceConfigArgs', 'ClusterPersistenceConfigArgsDict']] persistence_config: Persistence config (RDB, AOF) for the cluster. + Structure is documented below. + :param pulumi.Input[str] project: The ID of the project in which the resource belongs. + If it is not provided, the provider project is used. :param pulumi.Input[Sequence[pulumi.Input[Union['ClusterPscConfigArgs', 'ClusterPscConfigArgsDict']]]] psc_configs: Required. Each PscConfig configures the consumer network where two network addresses will be designated to the cluster for client access. Currently, only one PscConfig is supported. Structure is documented below. - :param pulumi.Input[Mapping[str, pulumi.Input[str]]] redis_configs: Configure Redis Cluster behavior using a subset of native Redis configuration parameters. Please check Memorystore - documentation for the list of supported parameters: + :param pulumi.Input[Mapping[str, pulumi.Input[str]]] redis_configs: Configure Redis Cluster behavior using a subset of native Redis configuration parameters. + Please check Memorystore documentation for the list of supported parameters: https://cloud.google.com/memorystore/docs/cluster/supported-instance-configurations :param pulumi.Input[str] region: The name of the region of the Redis cluster. :param pulumi.Input[int] replica_count: Optional. The number of replica nodes per shard. :param pulumi.Input[int] shard_count: Required. Number of shards for the Redis cluster. - :param pulumi.Input[str] transit_encryption_mode: Optional. The in-transit encryption for the Redis cluster. If not provided, encryption is disabled for the cluster. - Default value: "TRANSIT_ENCRYPTION_MODE_DISABLED" Possible values: ["TRANSIT_ENCRYPTION_MODE_UNSPECIFIED", - "TRANSIT_ENCRYPTION_MODE_DISABLED", "TRANSIT_ENCRYPTION_MODE_SERVER_AUTHENTICATION"] + :param pulumi.Input[str] transit_encryption_mode: Optional. The in-transit encryption for the Redis cluster. + If not provided, encryption is disabled for the cluster. + Default value is `TRANSIT_ENCRYPTION_MODE_DISABLED`. + Possible values are: `TRANSIT_ENCRYPTION_MODE_UNSPECIFIED`, `TRANSIT_ENCRYPTION_MODE_DISABLED`, `TRANSIT_ENCRYPTION_MODE_SERVER_AUTHENTICATION`. :param pulumi.Input[Union['ClusterZoneDistributionConfigArgs', 'ClusterZoneDistributionConfigArgsDict']] zone_distribution_config: Immutable. Zone distribution config for Memorystore Redis cluster. + Structure is documented below. """ ... @overload @@ -1569,8 +1652,6 @@ def _internal_init(__self__, __props__.__dict__["node_type"] = node_type __props__.__dict__["persistence_config"] = persistence_config __props__.__dict__["project"] = project - if psc_configs is None and not opts.urn: - raise TypeError("Missing required property 'psc_configs'") __props__.__dict__["psc_configs"] = psc_configs __props__.__dict__["redis_configs"] = redis_configs __props__.__dict__["region"] = region @@ -1585,6 +1666,7 @@ def _internal_init(__self__, __props__.__dict__["maintenance_schedules"] = None __props__.__dict__["precise_size_gb"] = None __props__.__dict__["psc_connections"] = None + __props__.__dict__["psc_service_attachments"] = None __props__.__dict__["size_gb"] = None __props__.__dict__["state"] = None __props__.__dict__["state_infos"] = None @@ -1613,6 +1695,7 @@ def get(resource_name: str, project: Optional[pulumi.Input[str]] = None, psc_configs: Optional[pulumi.Input[Sequence[pulumi.Input[Union['ClusterPscConfigArgs', 'ClusterPscConfigArgsDict']]]]] = None, psc_connections: Optional[pulumi.Input[Sequence[pulumi.Input[Union['ClusterPscConnectionArgs', 'ClusterPscConnectionArgsDict']]]]] = None, + psc_service_attachments: Optional[pulumi.Input[Sequence[pulumi.Input[Union['ClusterPscServiceAttachmentArgs', 'ClusterPscServiceAttachmentArgsDict']]]]] = None, redis_configs: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None, region: Optional[pulumi.Input[str]] = None, replica_count: Optional[pulumi.Input[int]] = None, @@ -1631,35 +1714,47 @@ def get(resource_name: str, :param pulumi.Input[str] id: The unique provider ID of the resource to lookup. :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[str] authorization_mode: Optional. The authorization mode of the Redis cluster. If not provided, auth feature is disabled for the cluster. - Default value: "AUTH_MODE_DISABLED" Possible values: ["AUTH_MODE_UNSPECIFIED", "AUTH_MODE_IAM_AUTH", - "AUTH_MODE_DISABLED"] + Default value is `AUTH_MODE_DISABLED`. + Possible values are: `AUTH_MODE_UNSPECIFIED`, `AUTH_MODE_IAM_AUTH`, `AUTH_MODE_DISABLED`. :param pulumi.Input[str] create_time: The timestamp associated with the cluster creation request. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". :param pulumi.Input[Union['ClusterCrossClusterReplicationConfigArgs', 'ClusterCrossClusterReplicationConfigArgsDict']] cross_cluster_replication_config: Cross cluster replication config - :param pulumi.Input[bool] deletion_protection_enabled: Optional. Indicates if the cluster is deletion protected or not. If the value if set to true, any delete cluster - operation will fail. Default value is true. + Structure is documented below. + :param pulumi.Input[bool] deletion_protection_enabled: Optional. Indicates if the cluster is deletion protected or not. + If the value if set to true, any delete cluster operation will fail. + Default value is true. :param pulumi.Input[Sequence[pulumi.Input[Union['ClusterDiscoveryEndpointArgs', 'ClusterDiscoveryEndpointArgsDict']]]] discovery_endpoints: Output only. Endpoints created on each given network, for Redis clients to connect to the cluster. Currently only one endpoint is supported. Structure is documented below. :param pulumi.Input[Union['ClusterMaintenancePolicyArgs', 'ClusterMaintenancePolicyArgsDict']] maintenance_policy: Maintenance policy for a cluster + Structure is documented below. :param pulumi.Input[Sequence[pulumi.Input[Union['ClusterMaintenanceScheduleArgs', 'ClusterMaintenanceScheduleArgsDict']]]] maintenance_schedules: Upcoming maintenance schedule. Structure is documented below. :param pulumi.Input[str] name: Unique name of the resource in this scope including project and location using the form: projects/{projectId}/locations/{locationId}/clusters/{clusterId} - :param pulumi.Input[str] node_type: The nodeType for the Redis cluster. If not provided, REDIS_HIGHMEM_MEDIUM will be used as default Possible values: - ["REDIS_SHARED_CORE_NANO", "REDIS_HIGHMEM_MEDIUM", "REDIS_HIGHMEM_XLARGE", "REDIS_STANDARD_SMALL"] + + + - - - + :param pulumi.Input[str] node_type: The nodeType for the Redis cluster. + If not provided, REDIS_HIGHMEM_MEDIUM will be used as default + Possible values are: `REDIS_SHARED_CORE_NANO`, `REDIS_HIGHMEM_MEDIUM`, `REDIS_HIGHMEM_XLARGE`, `REDIS_STANDARD_SMALL`. :param pulumi.Input[Union['ClusterPersistenceConfigArgs', 'ClusterPersistenceConfigArgsDict']] persistence_config: Persistence config (RDB, AOF) for the cluster. + Structure is documented below. :param pulumi.Input[float] precise_size_gb: Output only. Redis memory precise size in GB for the entire cluster. + :param pulumi.Input[str] project: The ID of the project in which the resource belongs. + If it is not provided, the provider project is used. :param pulumi.Input[Sequence[pulumi.Input[Union['ClusterPscConfigArgs', 'ClusterPscConfigArgsDict']]]] psc_configs: Required. Each PscConfig configures the consumer network where two network addresses will be designated to the cluster for client access. Currently, only one PscConfig is supported. Structure is documented below. :param pulumi.Input[Sequence[pulumi.Input[Union['ClusterPscConnectionArgs', 'ClusterPscConnectionArgsDict']]]] psc_connections: Output only. PSC connections for discovery of the cluster topology and accessing the cluster. Structure is documented below. - :param pulumi.Input[Mapping[str, pulumi.Input[str]]] redis_configs: Configure Redis Cluster behavior using a subset of native Redis configuration parameters. Please check Memorystore - documentation for the list of supported parameters: + :param pulumi.Input[Sequence[pulumi.Input[Union['ClusterPscServiceAttachmentArgs', 'ClusterPscServiceAttachmentArgsDict']]]] psc_service_attachments: Service attachment details to configure Psc connections. + Structure is documented below. + :param pulumi.Input[Mapping[str, pulumi.Input[str]]] redis_configs: Configure Redis Cluster behavior using a subset of native Redis configuration parameters. + Please check Memorystore documentation for the list of supported parameters: https://cloud.google.com/memorystore/docs/cluster/supported-instance-configurations :param pulumi.Input[str] region: The name of the region of the Redis cluster. :param pulumi.Input[int] replica_count: Optional. The number of replica nodes per shard. @@ -1668,11 +1763,13 @@ def get(resource_name: str, :param pulumi.Input[str] state: The current state of this cluster. Can be CREATING, READY, UPDATING, DELETING and SUSPENDED :param pulumi.Input[Sequence[pulumi.Input[Union['ClusterStateInfoArgs', 'ClusterStateInfoArgsDict']]]] state_infos: Output only. Additional information about the current state of the cluster. Structure is documented below. - :param pulumi.Input[str] transit_encryption_mode: Optional. The in-transit encryption for the Redis cluster. If not provided, encryption is disabled for the cluster. - Default value: "TRANSIT_ENCRYPTION_MODE_DISABLED" Possible values: ["TRANSIT_ENCRYPTION_MODE_UNSPECIFIED", - "TRANSIT_ENCRYPTION_MODE_DISABLED", "TRANSIT_ENCRYPTION_MODE_SERVER_AUTHENTICATION"] + :param pulumi.Input[str] transit_encryption_mode: Optional. The in-transit encryption for the Redis cluster. + If not provided, encryption is disabled for the cluster. + Default value is `TRANSIT_ENCRYPTION_MODE_DISABLED`. + Possible values are: `TRANSIT_ENCRYPTION_MODE_UNSPECIFIED`, `TRANSIT_ENCRYPTION_MODE_DISABLED`, `TRANSIT_ENCRYPTION_MODE_SERVER_AUTHENTICATION`. :param pulumi.Input[str] uid: System assigned, unique identifier for the cluster. :param pulumi.Input[Union['ClusterZoneDistributionConfigArgs', 'ClusterZoneDistributionConfigArgsDict']] zone_distribution_config: Immutable. Zone distribution config for Memorystore Redis cluster. + Structure is documented below. """ opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id)) @@ -1692,6 +1789,7 @@ def get(resource_name: str, __props__.__dict__["project"] = project __props__.__dict__["psc_configs"] = psc_configs __props__.__dict__["psc_connections"] = psc_connections + __props__.__dict__["psc_service_attachments"] = psc_service_attachments __props__.__dict__["redis_configs"] = redis_configs __props__.__dict__["region"] = region __props__.__dict__["replica_count"] = replica_count @@ -1709,8 +1807,8 @@ def get(resource_name: str, def authorization_mode(self) -> pulumi.Output[Optional[str]]: """ Optional. The authorization mode of the Redis cluster. If not provided, auth feature is disabled for the cluster. - Default value: "AUTH_MODE_DISABLED" Possible values: ["AUTH_MODE_UNSPECIFIED", "AUTH_MODE_IAM_AUTH", - "AUTH_MODE_DISABLED"] + Default value is `AUTH_MODE_DISABLED`. + Possible values are: `AUTH_MODE_UNSPECIFIED`, `AUTH_MODE_IAM_AUTH`, `AUTH_MODE_DISABLED`. """ return pulumi.get(self, "authorization_mode") @@ -1729,6 +1827,7 @@ def create_time(self) -> pulumi.Output[str]: def cross_cluster_replication_config(self) -> pulumi.Output['outputs.ClusterCrossClusterReplicationConfig']: """ Cross cluster replication config + Structure is documented below. """ return pulumi.get(self, "cross_cluster_replication_config") @@ -1736,8 +1835,9 @@ def cross_cluster_replication_config(self) -> pulumi.Output['outputs.ClusterCros @pulumi.getter(name="deletionProtectionEnabled") def deletion_protection_enabled(self) -> pulumi.Output[Optional[bool]]: """ - Optional. Indicates if the cluster is deletion protected or not. If the value if set to true, any delete cluster - operation will fail. Default value is true. + Optional. Indicates if the cluster is deletion protected or not. + If the value if set to true, any delete cluster operation will fail. + Default value is true. """ return pulumi.get(self, "deletion_protection_enabled") @@ -1757,6 +1857,7 @@ def discovery_endpoints(self) -> pulumi.Output[Sequence['outputs.ClusterDiscover def maintenance_policy(self) -> pulumi.Output[Optional['outputs.ClusterMaintenancePolicy']]: """ Maintenance policy for a cluster + Structure is documented below. """ return pulumi.get(self, "maintenance_policy") @@ -1775,6 +1876,9 @@ def name(self) -> pulumi.Output[str]: """ Unique name of the resource in this scope including project and location using the form: projects/{projectId}/locations/{locationId}/clusters/{clusterId} + + + - - - """ return pulumi.get(self, "name") @@ -1782,8 +1886,9 @@ def name(self) -> pulumi.Output[str]: @pulumi.getter(name="nodeType") def node_type(self) -> pulumi.Output[str]: """ - The nodeType for the Redis cluster. If not provided, REDIS_HIGHMEM_MEDIUM will be used as default Possible values: - ["REDIS_SHARED_CORE_NANO", "REDIS_HIGHMEM_MEDIUM", "REDIS_HIGHMEM_XLARGE", "REDIS_STANDARD_SMALL"] + The nodeType for the Redis cluster. + If not provided, REDIS_HIGHMEM_MEDIUM will be used as default + Possible values are: `REDIS_SHARED_CORE_NANO`, `REDIS_HIGHMEM_MEDIUM`, `REDIS_HIGHMEM_XLARGE`, `REDIS_STANDARD_SMALL`. """ return pulumi.get(self, "node_type") @@ -1792,6 +1897,7 @@ def node_type(self) -> pulumi.Output[str]: def persistence_config(self) -> pulumi.Output['outputs.ClusterPersistenceConfig']: """ Persistence config (RDB, AOF) for the cluster. + Structure is documented below. """ return pulumi.get(self, "persistence_config") @@ -1806,11 +1912,15 @@ def precise_size_gb(self) -> pulumi.Output[float]: @property @pulumi.getter def project(self) -> pulumi.Output[str]: + """ + The ID of the project in which the resource belongs. + If it is not provided, the provider project is used. + """ return pulumi.get(self, "project") @property @pulumi.getter(name="pscConfigs") - def psc_configs(self) -> pulumi.Output[Sequence['outputs.ClusterPscConfig']]: + def psc_configs(self) -> pulumi.Output[Optional[Sequence['outputs.ClusterPscConfig']]]: """ Required. Each PscConfig configures the consumer network where two network addresses will be designated to the cluster for client access. @@ -1828,12 +1938,21 @@ def psc_connections(self) -> pulumi.Output[Sequence['outputs.ClusterPscConnectio """ return pulumi.get(self, "psc_connections") + @property + @pulumi.getter(name="pscServiceAttachments") + def psc_service_attachments(self) -> pulumi.Output[Sequence['outputs.ClusterPscServiceAttachment']]: + """ + Service attachment details to configure Psc connections. + Structure is documented below. + """ + return pulumi.get(self, "psc_service_attachments") + @property @pulumi.getter(name="redisConfigs") def redis_configs(self) -> pulumi.Output[Optional[Mapping[str, str]]]: """ - Configure Redis Cluster behavior using a subset of native Redis configuration parameters. Please check Memorystore - documentation for the list of supported parameters: + Configure Redis Cluster behavior using a subset of native Redis configuration parameters. + Please check Memorystore documentation for the list of supported parameters: https://cloud.google.com/memorystore/docs/cluster/supported-instance-configurations """ return pulumi.get(self, "redis_configs") @@ -1891,9 +2010,10 @@ def state_infos(self) -> pulumi.Output[Sequence['outputs.ClusterStateInfo']]: @pulumi.getter(name="transitEncryptionMode") def transit_encryption_mode(self) -> pulumi.Output[Optional[str]]: """ - Optional. The in-transit encryption for the Redis cluster. If not provided, encryption is disabled for the cluster. - Default value: "TRANSIT_ENCRYPTION_MODE_DISABLED" Possible values: ["TRANSIT_ENCRYPTION_MODE_UNSPECIFIED", - "TRANSIT_ENCRYPTION_MODE_DISABLED", "TRANSIT_ENCRYPTION_MODE_SERVER_AUTHENTICATION"] + Optional. The in-transit encryption for the Redis cluster. + If not provided, encryption is disabled for the cluster. + Default value is `TRANSIT_ENCRYPTION_MODE_DISABLED`. + Possible values are: `TRANSIT_ENCRYPTION_MODE_UNSPECIFIED`, `TRANSIT_ENCRYPTION_MODE_DISABLED`, `TRANSIT_ENCRYPTION_MODE_SERVER_AUTHENTICATION`. """ return pulumi.get(self, "transit_encryption_mode") @@ -1907,9 +2027,10 @@ def uid(self) -> pulumi.Output[str]: @property @pulumi.getter(name="zoneDistributionConfig") - def zone_distribution_config(self) -> pulumi.Output[Optional['outputs.ClusterZoneDistributionConfig']]: + def zone_distribution_config(self) -> pulumi.Output['outputs.ClusterZoneDistributionConfig']: """ Immutable. Zone distribution config for Memorystore Redis cluster. + Structure is documented below. """ return pulumi.get(self, "zone_distribution_config") diff --git a/sdk/python/pulumi_gcp/redis/cluster_user_created_connections.py b/sdk/python/pulumi_gcp/redis/cluster_user_created_connections.py new file mode 100644 index 0000000000..f5b2c5cbd7 --- /dev/null +++ b/sdk/python/pulumi_gcp/redis/cluster_user_created_connections.py @@ -0,0 +1,845 @@ +# coding=utf-8 +# *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +# *** Do not edit by hand unless you're certain you know what you are doing! *** + +import copy +import warnings +import sys +import pulumi +import pulumi.runtime +from typing import Any, Mapping, Optional, Sequence, Union, overload +if sys.version_info >= (3, 11): + from typing import NotRequired, TypedDict, TypeAlias +else: + from typing_extensions import NotRequired, TypedDict, TypeAlias +from .. import _utilities +from . import outputs +from ._inputs import * + +__all__ = ['ClusterUserCreatedConnectionsArgs', 'ClusterUserCreatedConnections'] + +@pulumi.input_type +class ClusterUserCreatedConnectionsArgs: + def __init__(__self__, *, + region: pulumi.Input[str], + cluster_endpoints: Optional[pulumi.Input[Sequence[pulumi.Input['ClusterUserCreatedConnectionsClusterEndpointArgs']]]] = None, + name: Optional[pulumi.Input[str]] = None, + project: Optional[pulumi.Input[str]] = None): + """ + The set of arguments for constructing a ClusterUserCreatedConnections resource. + :param pulumi.Input[str] region: The name of the region of the Redis cluster these endpoints should be added to. + + + - - - + :param pulumi.Input[Sequence[pulumi.Input['ClusterUserCreatedConnectionsClusterEndpointArgs']]] cluster_endpoints: A list of cluster endpoints + Structure is documented below. + :param pulumi.Input[str] name: The name of the Redis cluster these endpoints should be added to. + :param pulumi.Input[str] project: The ID of the project in which the resource belongs. + If it is not provided, the provider project is used. + """ + pulumi.set(__self__, "region", region) + if cluster_endpoints is not None: + pulumi.set(__self__, "cluster_endpoints", cluster_endpoints) + if name is not None: + pulumi.set(__self__, "name", name) + if project is not None: + pulumi.set(__self__, "project", project) + + @property + @pulumi.getter + def region(self) -> pulumi.Input[str]: + """ + The name of the region of the Redis cluster these endpoints should be added to. + + + - - - + """ + return pulumi.get(self, "region") + + @region.setter + def region(self, value: pulumi.Input[str]): + pulumi.set(self, "region", value) + + @property + @pulumi.getter(name="clusterEndpoints") + def cluster_endpoints(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['ClusterUserCreatedConnectionsClusterEndpointArgs']]]]: + """ + A list of cluster endpoints + Structure is documented below. + """ + return pulumi.get(self, "cluster_endpoints") + + @cluster_endpoints.setter + def cluster_endpoints(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['ClusterUserCreatedConnectionsClusterEndpointArgs']]]]): + pulumi.set(self, "cluster_endpoints", value) + + @property + @pulumi.getter + def name(self) -> Optional[pulumi.Input[str]]: + """ + The name of the Redis cluster these endpoints should be added to. + """ + return pulumi.get(self, "name") + + @name.setter + def name(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "name", value) + + @property + @pulumi.getter + def project(self) -> Optional[pulumi.Input[str]]: + """ + The ID of the project in which the resource belongs. + If it is not provided, the provider project is used. + """ + return pulumi.get(self, "project") + + @project.setter + def project(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "project", value) + + +@pulumi.input_type +class _ClusterUserCreatedConnectionsState: + def __init__(__self__, *, + cluster_endpoints: Optional[pulumi.Input[Sequence[pulumi.Input['ClusterUserCreatedConnectionsClusterEndpointArgs']]]] = None, + name: Optional[pulumi.Input[str]] = None, + project: Optional[pulumi.Input[str]] = None, + region: Optional[pulumi.Input[str]] = None): + """ + Input properties used for looking up and filtering ClusterUserCreatedConnections resources. + :param pulumi.Input[Sequence[pulumi.Input['ClusterUserCreatedConnectionsClusterEndpointArgs']]] cluster_endpoints: A list of cluster endpoints + Structure is documented below. + :param pulumi.Input[str] name: The name of the Redis cluster these endpoints should be added to. + :param pulumi.Input[str] project: The ID of the project in which the resource belongs. + If it is not provided, the provider project is used. + :param pulumi.Input[str] region: The name of the region of the Redis cluster these endpoints should be added to. + + + - - - + """ + if cluster_endpoints is not None: + pulumi.set(__self__, "cluster_endpoints", cluster_endpoints) + if name is not None: + pulumi.set(__self__, "name", name) + if project is not None: + pulumi.set(__self__, "project", project) + if region is not None: + pulumi.set(__self__, "region", region) + + @property + @pulumi.getter(name="clusterEndpoints") + def cluster_endpoints(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['ClusterUserCreatedConnectionsClusterEndpointArgs']]]]: + """ + A list of cluster endpoints + Structure is documented below. + """ + return pulumi.get(self, "cluster_endpoints") + + @cluster_endpoints.setter + def cluster_endpoints(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['ClusterUserCreatedConnectionsClusterEndpointArgs']]]]): + pulumi.set(self, "cluster_endpoints", value) + + @property + @pulumi.getter + def name(self) -> Optional[pulumi.Input[str]]: + """ + The name of the Redis cluster these endpoints should be added to. + """ + return pulumi.get(self, "name") + + @name.setter + def name(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "name", value) + + @property + @pulumi.getter + def project(self) -> Optional[pulumi.Input[str]]: + """ + The ID of the project in which the resource belongs. + If it is not provided, the provider project is used. + """ + return pulumi.get(self, "project") + + @project.setter + def project(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "project", value) + + @property + @pulumi.getter + def region(self) -> Optional[pulumi.Input[str]]: + """ + The name of the region of the Redis cluster these endpoints should be added to. + + + - - - + """ + return pulumi.get(self, "region") + + @region.setter + def region(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "region", value) + + +class ClusterUserCreatedConnections(pulumi.CustomResource): + @overload + def __init__(__self__, + resource_name: str, + opts: Optional[pulumi.ResourceOptions] = None, + cluster_endpoints: Optional[pulumi.Input[Sequence[pulumi.Input[Union['ClusterUserCreatedConnectionsClusterEndpointArgs', 'ClusterUserCreatedConnectionsClusterEndpointArgsDict']]]]] = None, + name: Optional[pulumi.Input[str]] = None, + project: Optional[pulumi.Input[str]] = None, + region: Optional[pulumi.Input[str]] = None, + __props__=None): + """ + ## Example Usage + + ### Redis Cluster User Created Connections + + ```python + import pulumi + import pulumi_gcp as gcp + + network1 = gcp.compute.Network("network1", + name="net1", + auto_create_subnetworks=False) + subnet_network1 = gcp.compute.Subnetwork("subnet_network1", + name="subnet-net1", + ip_cidr_range="10.0.0.248/29", + region="us-central1", + network=network1.id) + ip1_network1 = gcp.compute.Address("ip1_network1", + name="ip1-net1", + region="us-central1", + subnetwork=subnet_network1.id, + address_type="INTERNAL", + purpose="GCE_ENDPOINT") + # redis cluster without endpoint + cluster_user_conn_cluster = gcp.redis.Cluster("cluster-user-conn", + name="cluster-user-conn", + shard_count=3, + region="us-central1", + replica_count=0, + deletion_protection_enabled=False) + forwarding_rule1_network1 = gcp.compute.ForwardingRule("forwarding_rule1_network1", + name="fwd1-net1", + region="us-central1", + ip_address=ip1_network1.id, + load_balancing_scheme="", + network=network1.id, + target=cluster_user_conn_cluster.psc_service_attachments[0].service_attachment) + ip2_network1 = gcp.compute.Address("ip2_network1", + name="ip2-net1", + region="us-central1", + subnetwork=subnet_network1.id, + address_type="INTERNAL", + purpose="GCE_ENDPOINT") + forwarding_rule2_network1 = gcp.compute.ForwardingRule("forwarding_rule2_network1", + name="fwd2-net1", + region="us-central1", + ip_address=ip2_network1.id, + load_balancing_scheme="", + network=network1.id, + target=cluster_user_conn_cluster.psc_service_attachments[1].service_attachment) + network2 = gcp.compute.Network("network2", + name="network2", + auto_create_subnetworks=False) + subnet_network2 = gcp.compute.Subnetwork("subnet_network2", + name="subnet-net2", + ip_cidr_range="10.0.0.248/29", + region="us-central1", + network=network2.id) + ip1_network2 = gcp.compute.Address("ip1_network2", + name="ip1-net2", + region="us-central1", + subnetwork=subnet_network2.id, + address_type="INTERNAL", + purpose="GCE_ENDPOINT") + forwarding_rule1_network2 = gcp.compute.ForwardingRule("forwarding_rule1_network2", + name="fwd1-net2", + region="us-central1", + ip_address=ip1_network2.id, + load_balancing_scheme="", + network=network2.id, + target=cluster_user_conn_cluster.psc_service_attachments[0].service_attachment) + ip2_network2 = gcp.compute.Address("ip2_network2", + name="ip2-net2", + region="us-central1", + subnetwork=subnet_network2.id, + address_type="INTERNAL", + purpose="GCE_ENDPOINT") + forwarding_rule2_network2 = gcp.compute.ForwardingRule("forwarding_rule2_network2", + name="fwd2-net2", + region="us-central1", + ip_address=ip2_network2.id, + load_balancing_scheme="", + network=network2.id, + target=cluster_user_conn_cluster.psc_service_attachments[1].service_attachment) + project = gcp.organizations.get_project() + cluster_user_conn = gcp.redis.ClusterUserCreatedConnections("cluster-user-conn", + name="cluster-user-conn", + region="us-central1", + cluster_endpoints=[ + { + "connections": [ + { + "psc_connection": { + "psc_connection_id": forwarding_rule1_network1.psc_connection_id, + "address": ip1_network1.address, + "forwarding_rule": forwarding_rule1_network1.id, + "network": network1.id, + "project_id": project.project_id, + "service_attachment": cluster_user_conn_cluster.psc_service_attachments[0].service_attachment, + }, + }, + { + "psc_connection": { + "psc_connection_id": forwarding_rule2_network1.psc_connection_id, + "address": ip2_network1.address, + "forwarding_rule": forwarding_rule2_network1.id, + "network": network1.id, + "service_attachment": cluster_user_conn_cluster.psc_service_attachments[1].service_attachment, + }, + }, + ], + }, + { + "connections": [ + { + "psc_connection": { + "psc_connection_id": forwarding_rule1_network2.psc_connection_id, + "address": ip1_network2.address, + "forwarding_rule": forwarding_rule1_network2.id, + "network": network2.id, + "service_attachment": cluster_user_conn_cluster.psc_service_attachments[0].service_attachment, + }, + }, + { + "psc_connection": { + "psc_connection_id": forwarding_rule2_network2.psc_connection_id, + "address": ip2_network2.address, + "forwarding_rule": forwarding_rule2_network2.id, + "network": network2.id, + "service_attachment": cluster_user_conn_cluster.psc_service_attachments[1].service_attachment, + }, + }, + ], + }, + ]) + ``` + ### Redis Cluster User And Auto Created Connections + + ```python + import pulumi + import pulumi_gcp as gcp + + network2 = gcp.compute.Network("network2", + name="network2", + auto_create_subnetworks=False) + subnet_network2 = gcp.compute.Subnetwork("subnet_network2", + name="subnet-net2", + ip_cidr_range="10.0.0.248/29", + region="us-central1", + network=network2.id) + ip1_network2 = gcp.compute.Address("ip1_network2", + name="ip1-net2", + region="us-central1", + subnetwork=subnet_network2.id, + address_type="INTERNAL", + purpose="GCE_ENDPOINT") + network1 = gcp.compute.Network("network1", + name="net1", + auto_create_subnetworks=False) + subnet_network1 = gcp.compute.Subnetwork("subnet_network1", + name="subnet-net1", + ip_cidr_range="10.0.0.248/29", + region="us-central1", + network=network1.id) + default = gcp.networkconnectivity.ServiceConnectionPolicy("default", + name="scpolicy", + location="us-central1", + service_class="gcp-memorystore-redis", + description="my basic service connection policy", + network=network1.id, + psc_config={ + "subnetworks": [subnet_network1.id], + }) + # redis cluster without endpoint + cluster_user_auto_conn_cluster = gcp.redis.Cluster("cluster-user-auto-conn", + name="cluster-user-auto-conn", + shard_count=3, + region="us-central1", + replica_count=0, + deletion_protection_enabled=False, + psc_configs=[{ + "network": network1.id, + }], + opts = pulumi.ResourceOptions(depends_on=[default])) + forwarding_rule1_network2 = gcp.compute.ForwardingRule("forwarding_rule1_network2", + name="fwd1-net2", + region="us-central1", + ip_address=ip1_network2.id, + load_balancing_scheme="", + network=network2.id, + target=cluster_user_auto_conn_cluster.psc_service_attachments[0].service_attachment) + ip2_network2 = gcp.compute.Address("ip2_network2", + name="ip2-net2", + region="us-central1", + subnetwork=subnet_network2.id, + address_type="INTERNAL", + purpose="GCE_ENDPOINT") + forwarding_rule2_network2 = gcp.compute.ForwardingRule("forwarding_rule2_network2", + name="fwd2-net2", + region="us-central1", + ip_address=ip2_network2.id, + load_balancing_scheme="", + network=network2.id, + target=cluster_user_auto_conn_cluster.psc_service_attachments[1].service_attachment) + cluster_user_auto_conn = gcp.redis.ClusterUserCreatedConnections("cluster-user-auto-conn", + name="cluster-user-auto-conn", + region="us-central1", + cluster_endpoints=[{ + "connections": [ + { + "psc_connection": { + "psc_connection_id": forwarding_rule1_network2.psc_connection_id, + "address": ip1_network2.address, + "forwarding_rule": forwarding_rule1_network2.id, + "network": network2.id, + "service_attachment": cluster_user_auto_conn_cluster.psc_service_attachments[0].service_attachment, + }, + }, + { + "psc_connection": { + "psc_connection_id": forwarding_rule2_network2.psc_connection_id, + "address": ip2_network2.address, + "forwarding_rule": forwarding_rule2_network2.id, + "network": network2.id, + "service_attachment": cluster_user_auto_conn_cluster.psc_service_attachments[1].service_attachment, + }, + }, + ], + }]) + ``` + + ## Import + + ClusterUserCreatedConnections can be imported using any of these accepted formats: + + * `projects/{{project}}/locations/{{region}}/clusters/{{name}}` + + * `{{project}}/{{region}}/{{name}}` + + * `{{region}}/{{name}}` + + * `{{name}}` + + When using the `pulumi import` command, ClusterUserCreatedConnections can be imported using one of the formats above. For example: + + ```sh + $ pulumi import gcp:redis/clusterUserCreatedConnections:ClusterUserCreatedConnections default projects/{{project}}/locations/{{region}}/clusters/{{name}} + ``` + + ```sh + $ pulumi import gcp:redis/clusterUserCreatedConnections:ClusterUserCreatedConnections default {{project}}/{{region}}/{{name}} + ``` + + ```sh + $ pulumi import gcp:redis/clusterUserCreatedConnections:ClusterUserCreatedConnections default {{region}}/{{name}} + ``` + + ```sh + $ pulumi import gcp:redis/clusterUserCreatedConnections:ClusterUserCreatedConnections default {{name}} + ``` + + :param str resource_name: The name of the resource. + :param pulumi.ResourceOptions opts: Options for the resource. + :param pulumi.Input[Sequence[pulumi.Input[Union['ClusterUserCreatedConnectionsClusterEndpointArgs', 'ClusterUserCreatedConnectionsClusterEndpointArgsDict']]]] cluster_endpoints: A list of cluster endpoints + Structure is documented below. + :param pulumi.Input[str] name: The name of the Redis cluster these endpoints should be added to. + :param pulumi.Input[str] project: The ID of the project in which the resource belongs. + If it is not provided, the provider project is used. + :param pulumi.Input[str] region: The name of the region of the Redis cluster these endpoints should be added to. + + + - - - + """ + ... + @overload + def __init__(__self__, + resource_name: str, + args: ClusterUserCreatedConnectionsArgs, + opts: Optional[pulumi.ResourceOptions] = None): + """ + ## Example Usage + + ### Redis Cluster User Created Connections + + ```python + import pulumi + import pulumi_gcp as gcp + + network1 = gcp.compute.Network("network1", + name="net1", + auto_create_subnetworks=False) + subnet_network1 = gcp.compute.Subnetwork("subnet_network1", + name="subnet-net1", + ip_cidr_range="10.0.0.248/29", + region="us-central1", + network=network1.id) + ip1_network1 = gcp.compute.Address("ip1_network1", + name="ip1-net1", + region="us-central1", + subnetwork=subnet_network1.id, + address_type="INTERNAL", + purpose="GCE_ENDPOINT") + # redis cluster without endpoint + cluster_user_conn_cluster = gcp.redis.Cluster("cluster-user-conn", + name="cluster-user-conn", + shard_count=3, + region="us-central1", + replica_count=0, + deletion_protection_enabled=False) + forwarding_rule1_network1 = gcp.compute.ForwardingRule("forwarding_rule1_network1", + name="fwd1-net1", + region="us-central1", + ip_address=ip1_network1.id, + load_balancing_scheme="", + network=network1.id, + target=cluster_user_conn_cluster.psc_service_attachments[0].service_attachment) + ip2_network1 = gcp.compute.Address("ip2_network1", + name="ip2-net1", + region="us-central1", + subnetwork=subnet_network1.id, + address_type="INTERNAL", + purpose="GCE_ENDPOINT") + forwarding_rule2_network1 = gcp.compute.ForwardingRule("forwarding_rule2_network1", + name="fwd2-net1", + region="us-central1", + ip_address=ip2_network1.id, + load_balancing_scheme="", + network=network1.id, + target=cluster_user_conn_cluster.psc_service_attachments[1].service_attachment) + network2 = gcp.compute.Network("network2", + name="network2", + auto_create_subnetworks=False) + subnet_network2 = gcp.compute.Subnetwork("subnet_network2", + name="subnet-net2", + ip_cidr_range="10.0.0.248/29", + region="us-central1", + network=network2.id) + ip1_network2 = gcp.compute.Address("ip1_network2", + name="ip1-net2", + region="us-central1", + subnetwork=subnet_network2.id, + address_type="INTERNAL", + purpose="GCE_ENDPOINT") + forwarding_rule1_network2 = gcp.compute.ForwardingRule("forwarding_rule1_network2", + name="fwd1-net2", + region="us-central1", + ip_address=ip1_network2.id, + load_balancing_scheme="", + network=network2.id, + target=cluster_user_conn_cluster.psc_service_attachments[0].service_attachment) + ip2_network2 = gcp.compute.Address("ip2_network2", + name="ip2-net2", + region="us-central1", + subnetwork=subnet_network2.id, + address_type="INTERNAL", + purpose="GCE_ENDPOINT") + forwarding_rule2_network2 = gcp.compute.ForwardingRule("forwarding_rule2_network2", + name="fwd2-net2", + region="us-central1", + ip_address=ip2_network2.id, + load_balancing_scheme="", + network=network2.id, + target=cluster_user_conn_cluster.psc_service_attachments[1].service_attachment) + project = gcp.organizations.get_project() + cluster_user_conn = gcp.redis.ClusterUserCreatedConnections("cluster-user-conn", + name="cluster-user-conn", + region="us-central1", + cluster_endpoints=[ + { + "connections": [ + { + "psc_connection": { + "psc_connection_id": forwarding_rule1_network1.psc_connection_id, + "address": ip1_network1.address, + "forwarding_rule": forwarding_rule1_network1.id, + "network": network1.id, + "project_id": project.project_id, + "service_attachment": cluster_user_conn_cluster.psc_service_attachments[0].service_attachment, + }, + }, + { + "psc_connection": { + "psc_connection_id": forwarding_rule2_network1.psc_connection_id, + "address": ip2_network1.address, + "forwarding_rule": forwarding_rule2_network1.id, + "network": network1.id, + "service_attachment": cluster_user_conn_cluster.psc_service_attachments[1].service_attachment, + }, + }, + ], + }, + { + "connections": [ + { + "psc_connection": { + "psc_connection_id": forwarding_rule1_network2.psc_connection_id, + "address": ip1_network2.address, + "forwarding_rule": forwarding_rule1_network2.id, + "network": network2.id, + "service_attachment": cluster_user_conn_cluster.psc_service_attachments[0].service_attachment, + }, + }, + { + "psc_connection": { + "psc_connection_id": forwarding_rule2_network2.psc_connection_id, + "address": ip2_network2.address, + "forwarding_rule": forwarding_rule2_network2.id, + "network": network2.id, + "service_attachment": cluster_user_conn_cluster.psc_service_attachments[1].service_attachment, + }, + }, + ], + }, + ]) + ``` + ### Redis Cluster User And Auto Created Connections + + ```python + import pulumi + import pulumi_gcp as gcp + + network2 = gcp.compute.Network("network2", + name="network2", + auto_create_subnetworks=False) + subnet_network2 = gcp.compute.Subnetwork("subnet_network2", + name="subnet-net2", + ip_cidr_range="10.0.0.248/29", + region="us-central1", + network=network2.id) + ip1_network2 = gcp.compute.Address("ip1_network2", + name="ip1-net2", + region="us-central1", + subnetwork=subnet_network2.id, + address_type="INTERNAL", + purpose="GCE_ENDPOINT") + network1 = gcp.compute.Network("network1", + name="net1", + auto_create_subnetworks=False) + subnet_network1 = gcp.compute.Subnetwork("subnet_network1", + name="subnet-net1", + ip_cidr_range="10.0.0.248/29", + region="us-central1", + network=network1.id) + default = gcp.networkconnectivity.ServiceConnectionPolicy("default", + name="scpolicy", + location="us-central1", + service_class="gcp-memorystore-redis", + description="my basic service connection policy", + network=network1.id, + psc_config={ + "subnetworks": [subnet_network1.id], + }) + # redis cluster without endpoint + cluster_user_auto_conn_cluster = gcp.redis.Cluster("cluster-user-auto-conn", + name="cluster-user-auto-conn", + shard_count=3, + region="us-central1", + replica_count=0, + deletion_protection_enabled=False, + psc_configs=[{ + "network": network1.id, + }], + opts = pulumi.ResourceOptions(depends_on=[default])) + forwarding_rule1_network2 = gcp.compute.ForwardingRule("forwarding_rule1_network2", + name="fwd1-net2", + region="us-central1", + ip_address=ip1_network2.id, + load_balancing_scheme="", + network=network2.id, + target=cluster_user_auto_conn_cluster.psc_service_attachments[0].service_attachment) + ip2_network2 = gcp.compute.Address("ip2_network2", + name="ip2-net2", + region="us-central1", + subnetwork=subnet_network2.id, + address_type="INTERNAL", + purpose="GCE_ENDPOINT") + forwarding_rule2_network2 = gcp.compute.ForwardingRule("forwarding_rule2_network2", + name="fwd2-net2", + region="us-central1", + ip_address=ip2_network2.id, + load_balancing_scheme="", + network=network2.id, + target=cluster_user_auto_conn_cluster.psc_service_attachments[1].service_attachment) + cluster_user_auto_conn = gcp.redis.ClusterUserCreatedConnections("cluster-user-auto-conn", + name="cluster-user-auto-conn", + region="us-central1", + cluster_endpoints=[{ + "connections": [ + { + "psc_connection": { + "psc_connection_id": forwarding_rule1_network2.psc_connection_id, + "address": ip1_network2.address, + "forwarding_rule": forwarding_rule1_network2.id, + "network": network2.id, + "service_attachment": cluster_user_auto_conn_cluster.psc_service_attachments[0].service_attachment, + }, + }, + { + "psc_connection": { + "psc_connection_id": forwarding_rule2_network2.psc_connection_id, + "address": ip2_network2.address, + "forwarding_rule": forwarding_rule2_network2.id, + "network": network2.id, + "service_attachment": cluster_user_auto_conn_cluster.psc_service_attachments[1].service_attachment, + }, + }, + ], + }]) + ``` + + ## Import + + ClusterUserCreatedConnections can be imported using any of these accepted formats: + + * `projects/{{project}}/locations/{{region}}/clusters/{{name}}` + + * `{{project}}/{{region}}/{{name}}` + + * `{{region}}/{{name}}` + + * `{{name}}` + + When using the `pulumi import` command, ClusterUserCreatedConnections can be imported using one of the formats above. For example: + + ```sh + $ pulumi import gcp:redis/clusterUserCreatedConnections:ClusterUserCreatedConnections default projects/{{project}}/locations/{{region}}/clusters/{{name}} + ``` + + ```sh + $ pulumi import gcp:redis/clusterUserCreatedConnections:ClusterUserCreatedConnections default {{project}}/{{region}}/{{name}} + ``` + + ```sh + $ pulumi import gcp:redis/clusterUserCreatedConnections:ClusterUserCreatedConnections default {{region}}/{{name}} + ``` + + ```sh + $ pulumi import gcp:redis/clusterUserCreatedConnections:ClusterUserCreatedConnections default {{name}} + ``` + + :param str resource_name: The name of the resource. + :param ClusterUserCreatedConnectionsArgs args: The arguments to use to populate this resource's properties. + :param pulumi.ResourceOptions opts: Options for the resource. + """ + ... + def __init__(__self__, resource_name: str, *args, **kwargs): + resource_args, opts = _utilities.get_resource_args_opts(ClusterUserCreatedConnectionsArgs, pulumi.ResourceOptions, *args, **kwargs) + if resource_args is not None: + __self__._internal_init(resource_name, opts, **resource_args.__dict__) + else: + __self__._internal_init(resource_name, *args, **kwargs) + + def _internal_init(__self__, + resource_name: str, + opts: Optional[pulumi.ResourceOptions] = None, + cluster_endpoints: Optional[pulumi.Input[Sequence[pulumi.Input[Union['ClusterUserCreatedConnectionsClusterEndpointArgs', 'ClusterUserCreatedConnectionsClusterEndpointArgsDict']]]]] = None, + name: Optional[pulumi.Input[str]] = None, + project: Optional[pulumi.Input[str]] = None, + region: Optional[pulumi.Input[str]] = None, + __props__=None): + opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts) + if not isinstance(opts, pulumi.ResourceOptions): + raise TypeError('Expected resource options to be a ResourceOptions instance') + if opts.id is None: + if __props__ is not None: + raise TypeError('__props__ is only valid when passed in combination with a valid opts.id to get an existing resource') + __props__ = ClusterUserCreatedConnectionsArgs.__new__(ClusterUserCreatedConnectionsArgs) + + __props__.__dict__["cluster_endpoints"] = cluster_endpoints + __props__.__dict__["name"] = name + __props__.__dict__["project"] = project + if region is None and not opts.urn: + raise TypeError("Missing required property 'region'") + __props__.__dict__["region"] = region + super(ClusterUserCreatedConnections, __self__).__init__( + 'gcp:redis/clusterUserCreatedConnections:ClusterUserCreatedConnections', + resource_name, + __props__, + opts) + + @staticmethod + def get(resource_name: str, + id: pulumi.Input[str], + opts: Optional[pulumi.ResourceOptions] = None, + cluster_endpoints: Optional[pulumi.Input[Sequence[pulumi.Input[Union['ClusterUserCreatedConnectionsClusterEndpointArgs', 'ClusterUserCreatedConnectionsClusterEndpointArgsDict']]]]] = None, + name: Optional[pulumi.Input[str]] = None, + project: Optional[pulumi.Input[str]] = None, + region: Optional[pulumi.Input[str]] = None) -> 'ClusterUserCreatedConnections': + """ + Get an existing ClusterUserCreatedConnections resource's state with the given name, id, and optional extra + properties used to qualify the lookup. + + :param str resource_name: The unique name of the resulting resource. + :param pulumi.Input[str] id: The unique provider ID of the resource to lookup. + :param pulumi.ResourceOptions opts: Options for the resource. + :param pulumi.Input[Sequence[pulumi.Input[Union['ClusterUserCreatedConnectionsClusterEndpointArgs', 'ClusterUserCreatedConnectionsClusterEndpointArgsDict']]]] cluster_endpoints: A list of cluster endpoints + Structure is documented below. + :param pulumi.Input[str] name: The name of the Redis cluster these endpoints should be added to. + :param pulumi.Input[str] project: The ID of the project in which the resource belongs. + If it is not provided, the provider project is used. + :param pulumi.Input[str] region: The name of the region of the Redis cluster these endpoints should be added to. + + + - - - + """ + opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id)) + + __props__ = _ClusterUserCreatedConnectionsState.__new__(_ClusterUserCreatedConnectionsState) + + __props__.__dict__["cluster_endpoints"] = cluster_endpoints + __props__.__dict__["name"] = name + __props__.__dict__["project"] = project + __props__.__dict__["region"] = region + return ClusterUserCreatedConnections(resource_name, opts=opts, __props__=__props__) + + @property + @pulumi.getter(name="clusterEndpoints") + def cluster_endpoints(self) -> pulumi.Output[Optional[Sequence['outputs.ClusterUserCreatedConnectionsClusterEndpoint']]]: + """ + A list of cluster endpoints + Structure is documented below. + """ + return pulumi.get(self, "cluster_endpoints") + + @property + @pulumi.getter + def name(self) -> pulumi.Output[str]: + """ + The name of the Redis cluster these endpoints should be added to. + """ + return pulumi.get(self, "name") + + @property + @pulumi.getter + def project(self) -> pulumi.Output[str]: + """ + The ID of the project in which the resource belongs. + If it is not provided, the provider project is used. + """ + return pulumi.get(self, "project") + + @property + @pulumi.getter + def region(self) -> pulumi.Output[str]: + """ + The name of the region of the Redis cluster these endpoints should be added to. + + + - - - + """ + return pulumi.get(self, "region") + diff --git a/sdk/python/pulumi_gcp/redis/outputs.py b/sdk/python/pulumi_gcp/redis/outputs.py index 15b9e67efb..0203be5532 100644 --- a/sdk/python/pulumi_gcp/redis/outputs.py +++ b/sdk/python/pulumi_gcp/redis/outputs.py @@ -33,8 +33,12 @@ 'ClusterPersistenceConfigRdbConfig', 'ClusterPscConfig', 'ClusterPscConnection', + 'ClusterPscServiceAttachment', 'ClusterStateInfo', 'ClusterStateInfoUpdateInfo', + 'ClusterUserCreatedConnectionsClusterEndpoint', + 'ClusterUserCreatedConnectionsClusterEndpointConnection', + 'ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnection', 'ClusterZoneDistributionConfig', 'InstanceMaintenancePolicy', 'InstanceMaintenancePolicyWeeklyMaintenanceWindow', @@ -932,8 +936,6 @@ def __init__(__self__, *, :param str network: Required. The consumer network where the network address of the discovery endpoint will be reserved, in the form of projects/{network_project_id_or_number}/global/networks/{network_id}. - - - - - """ pulumi.set(__self__, "network", network) @@ -944,8 +946,6 @@ def network(self) -> str: Required. The consumer network where the network address of the discovery endpoint will be reserved, in the form of projects/{network_project_id_or_number}/global/networks/{network_id}. - - - - - """ return pulumi.get(self, "network") @@ -1038,6 +1038,60 @@ def psc_connection_id(self) -> Optional[str]: return pulumi.get(self, "psc_connection_id") +@pulumi.output_type +class ClusterPscServiceAttachment(dict): + @staticmethod + def __key_warning(key: str): + suggest = None + if key == "connectionType": + suggest = "connection_type" + elif key == "serviceAttachment": + suggest = "service_attachment" + + if suggest: + pulumi.log.warn(f"Key '{key}' not found in ClusterPscServiceAttachment. Access the value via the '{suggest}' property getter instead.") + + def __getitem__(self, key: str) -> Any: + ClusterPscServiceAttachment.__key_warning(key) + return super().__getitem__(key) + + def get(self, key: str, default = None) -> Any: + ClusterPscServiceAttachment.__key_warning(key) + return super().get(key, default) + + def __init__(__self__, *, + connection_type: Optional[str] = None, + service_attachment: Optional[str] = None): + """ + :param str connection_type: (Output) + Type of a PSC connection targeting this service attachment. + :param str service_attachment: (Output) + Service attachment URI which your self-created PscConnection should use as + """ + if connection_type is not None: + pulumi.set(__self__, "connection_type", connection_type) + if service_attachment is not None: + pulumi.set(__self__, "service_attachment", service_attachment) + + @property + @pulumi.getter(name="connectionType") + def connection_type(self) -> Optional[str]: + """ + (Output) + Type of a PSC connection targeting this service attachment. + """ + return pulumi.get(self, "connection_type") + + @property + @pulumi.getter(name="serviceAttachment") + def service_attachment(self) -> Optional[str]: + """ + (Output) + Service attachment URI which your self-created PscConnection should use as + """ + return pulumi.get(self, "service_attachment") + + @pulumi.output_type class ClusterStateInfo(dict): @staticmethod @@ -1126,6 +1180,216 @@ def target_shard_count(self) -> Optional[int]: return pulumi.get(self, "target_shard_count") +@pulumi.output_type +class ClusterUserCreatedConnectionsClusterEndpoint(dict): + def __init__(__self__, *, + connections: Optional[Sequence['outputs.ClusterUserCreatedConnectionsClusterEndpointConnection']] = None): + """ + :param Sequence['ClusterUserCreatedConnectionsClusterEndpointConnectionArgs'] connections: Structure is documented below. + """ + if connections is not None: + pulumi.set(__self__, "connections", connections) + + @property + @pulumi.getter + def connections(self) -> Optional[Sequence['outputs.ClusterUserCreatedConnectionsClusterEndpointConnection']]: + """ + Structure is documented below. + """ + return pulumi.get(self, "connections") + + +@pulumi.output_type +class ClusterUserCreatedConnectionsClusterEndpointConnection(dict): + @staticmethod + def __key_warning(key: str): + suggest = None + if key == "pscConnection": + suggest = "psc_connection" + + if suggest: + pulumi.log.warn(f"Key '{key}' not found in ClusterUserCreatedConnectionsClusterEndpointConnection. Access the value via the '{suggest}' property getter instead.") + + def __getitem__(self, key: str) -> Any: + ClusterUserCreatedConnectionsClusterEndpointConnection.__key_warning(key) + return super().__getitem__(key) + + def get(self, key: str, default = None) -> Any: + ClusterUserCreatedConnectionsClusterEndpointConnection.__key_warning(key) + return super().get(key, default) + + def __init__(__self__, *, + psc_connection: Optional['outputs.ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnection'] = None): + """ + :param 'ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnectionArgs' psc_connection: Detailed information of a PSC connection that is created by the customer + who owns the cluster. + Structure is documented below. + """ + if psc_connection is not None: + pulumi.set(__self__, "psc_connection", psc_connection) + + @property + @pulumi.getter(name="pscConnection") + def psc_connection(self) -> Optional['outputs.ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnection']: + """ + Detailed information of a PSC connection that is created by the customer + who owns the cluster. + Structure is documented below. + """ + return pulumi.get(self, "psc_connection") + + +@pulumi.output_type +class ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnection(dict): + @staticmethod + def __key_warning(key: str): + suggest = None + if key == "forwardingRule": + suggest = "forwarding_rule" + elif key == "pscConnectionId": + suggest = "psc_connection_id" + elif key == "serviceAttachment": + suggest = "service_attachment" + elif key == "connectionType": + suggest = "connection_type" + elif key == "projectId": + suggest = "project_id" + elif key == "pscConnectionStatus": + suggest = "psc_connection_status" + + if suggest: + pulumi.log.warn(f"Key '{key}' not found in ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnection. Access the value via the '{suggest}' property getter instead.") + + def __getitem__(self, key: str) -> Any: + ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnection.__key_warning(key) + return super().__getitem__(key) + + def get(self, key: str, default = None) -> Any: + ClusterUserCreatedConnectionsClusterEndpointConnectionPscConnection.__key_warning(key) + return super().get(key, default) + + def __init__(__self__, *, + address: str, + forwarding_rule: str, + network: str, + psc_connection_id: str, + service_attachment: str, + connection_type: Optional[str] = None, + project_id: Optional[str] = None, + psc_connection_status: Optional[str] = None): + """ + :param str address: The IP allocated on the consumer network for the PSC forwarding rule. + :param str forwarding_rule: The URI of the consumer side forwarding rule. + Format: + projects/{project}/regions/{region}/forwardingRules/{forwarding_rule} + :param str network: The consumer network where the IP address resides, in the form of + projects/{project_id}/global/networks/{network_id}. + :param str psc_connection_id: The PSC connection id of the forwarding rule connected to the + service attachment. + :param str service_attachment: The service attachment which is the target of the PSC connection, in the form of projects/{project-id}/regions/{region}/serviceAttachments/{service-attachment-id}. + :param str connection_type: (Output) + Output Only. Type of a PSC Connection. + Possible values: + CONNECTION_TYPE_DISCOVERY + CONNECTION_TYPE_PRIMARY + CONNECTION_TYPE_READER + :param str project_id: The consumer project_id where the forwarding rule is created from. + :param str psc_connection_status: (Output) + Output Only. The status of the PSC connection: whether a connection exists and ACTIVE or it no longer exists. + Possible values: + ACTIVE + NOT_FOUND + """ + pulumi.set(__self__, "address", address) + pulumi.set(__self__, "forwarding_rule", forwarding_rule) + pulumi.set(__self__, "network", network) + pulumi.set(__self__, "psc_connection_id", psc_connection_id) + pulumi.set(__self__, "service_attachment", service_attachment) + if connection_type is not None: + pulumi.set(__self__, "connection_type", connection_type) + if project_id is not None: + pulumi.set(__self__, "project_id", project_id) + if psc_connection_status is not None: + pulumi.set(__self__, "psc_connection_status", psc_connection_status) + + @property + @pulumi.getter + def address(self) -> str: + """ + The IP allocated on the consumer network for the PSC forwarding rule. + """ + return pulumi.get(self, "address") + + @property + @pulumi.getter(name="forwardingRule") + def forwarding_rule(self) -> str: + """ + The URI of the consumer side forwarding rule. + Format: + projects/{project}/regions/{region}/forwardingRules/{forwarding_rule} + """ + return pulumi.get(self, "forwarding_rule") + + @property + @pulumi.getter + def network(self) -> str: + """ + The consumer network where the IP address resides, in the form of + projects/{project_id}/global/networks/{network_id}. + """ + return pulumi.get(self, "network") + + @property + @pulumi.getter(name="pscConnectionId") + def psc_connection_id(self) -> str: + """ + The PSC connection id of the forwarding rule connected to the + service attachment. + """ + return pulumi.get(self, "psc_connection_id") + + @property + @pulumi.getter(name="serviceAttachment") + def service_attachment(self) -> str: + """ + The service attachment which is the target of the PSC connection, in the form of projects/{project-id}/regions/{region}/serviceAttachments/{service-attachment-id}. + """ + return pulumi.get(self, "service_attachment") + + @property + @pulumi.getter(name="connectionType") + def connection_type(self) -> Optional[str]: + """ + (Output) + Output Only. Type of a PSC Connection. + Possible values: + CONNECTION_TYPE_DISCOVERY + CONNECTION_TYPE_PRIMARY + CONNECTION_TYPE_READER + """ + return pulumi.get(self, "connection_type") + + @property + @pulumi.getter(name="projectId") + def project_id(self) -> Optional[str]: + """ + The consumer project_id where the forwarding rule is created from. + """ + return pulumi.get(self, "project_id") + + @property + @pulumi.getter(name="pscConnectionStatus") + def psc_connection_status(self) -> Optional[str]: + """ + (Output) + Output Only. The status of the PSC connection: whether a connection exists and ACTIVE or it no longer exists. + Possible values: + ACTIVE + NOT_FOUND + """ + return pulumi.get(self, "psc_connection_status") + + @pulumi.output_type class ClusterZoneDistributionConfig(dict): def __init__(__self__, *, From 5240fe76a31cd5708ab7ff46d8dad7b9fc34e4d4 Mon Sep 17 00:00:00 2001 From: Venelin Date: Fri, 31 Jan 2025 16:06:37 +0200 Subject: [PATCH 6/6] lint --- provider/resources.go | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/provider/resources.go b/provider/resources.go index d80e4673bf..d294d6a3f1 100644 --- a/provider/resources.go +++ b/provider/resources.go @@ -46,7 +46,8 @@ const ( gcpActiveDirectory = "ActiveDirectory" // Active Directory resources gcpAlloydb = "Alloydb" // Alloydb resources // nolint:revive - gcpApiGateway = "ApiGateway" // ApiGateway resources + gcpApiGateway = "ApiGateway" // ApiGateway resources + //nolint:revive gcpApiHub = "ApiHub" // ApiHub resources gcpApigee = "Apigee" // Apigee resources gcpAppEngine = "AppEngine" // AppEngine resources @@ -174,7 +175,7 @@ var moduleMapping = map[string]string{ "active_directory": gcpActiveDirectory, "alloydb": gcpAlloydb, "api_gateway": gcpApiGateway, - "apihub": gcpApiHub, + "apihub": gcpApiHub, "apigee": gcpApigee, "app_engine": gcpAppEngine, "apphub": "Apphub",